[pkg-cryptsetup-devel] Bug#1074496: cryptsetup waits for stdin after decrypting volume

ov2k.github ov2k.github at gmail.com
Sat Jun 29 22:02:25 BST 2024 

Package: cryptsetup
Version: 2:2.7.2-2
Severity: normal
X-Debbugs-Cc: ov2k.github at gmail.com

Dear Maintainer,

I'm able to decrypt my volume normally using cryptsetup and
libcryptsetup-token-systemd-tpm2.so. However, cryptsetup-initramfs basically
calls askpass | cryptsetup, and this hangs. Adding --debug demonstrates that
cryptsetup has decrypted the volume and done everything it normally reports
doing. However, cryptsetup won't exit until something is entered into askpass.
It seems like it's blocking on stdin, even though it doesn't need stdin for
anything anymore. I think this also only occurs when stdin is not a tty.

I'm not sure if this is a bug report or an enhancement request, but can
cryptsetup not block on stdin if it doesn't need it anymore? Is there a reason
to do so? This makes it difficult to decrypt the volume without user
interaction. Resolving this should be an easy way to add support for automated
decryption with password fallback, at least for keys with LUKS tokens that have
corresponding token libraries.

On a separate note, at least part of askpass seems to duplicate functionality
that's built into cryptsetup itself.  Could this problem be avoided if askpass
did less?



-- Package-specific info:

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.9.7-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages cryptsetup depends on:
ii  cryptsetup-bin         2:2.7.2-2
ii  debconf [debconf-2.0]  1.5.86
ii  dmsetup                2:1.02.196-1+b1
ii  libc6                  2.38-13

cryptsetup recommends no packages.

Versions of packages cryptsetup suggests:
ii  cryptsetup-initramfs    2:2.7.2-2
pn  dosfstools              <none>
pn  keyutils                <none>
ii  liblocale-gettext-perl  1.07-7

-- debconf information excluded

More information about the pkg-cryptsetup-devel mailing list