Hello community,
here is the log from the commit of package cryptsetup-mkinitrd.1681 for
openSUSE:12.3:Update checked in at 2013-05-27 17:10:17
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.3:Update/cryptsetup-mkinitrd.1681 (Old)
and /work/SRC/openSUSE:12.3:Update/.cryptsetup-mkinitrd.1681.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cryptsetup-mkinitrd.1681"
Changes:
--------
New Changes file:
--- /dev/null 2013-05-23 01:40:31.032032505 +0200
+++
/work/SRC/openSUSE:12.3:Update/.cryptsetup-mkinitrd.1681.new/cryptsetup-mkinitrd.changes
2013-05-27 17:10:18.000000000 +0200
@@ -0,0 +1,15 @@
+-------------------------------------------------------------------
+Tue May 14 13:33:03 UTC 2013 - [email protected]
+
+- reuse passhrase for multiple devices in initrd (bnc#813863)
+
+-------------------------------------------------------------------
+Mon Jan 7 09:15:59 UTC 2013 - [email protected]
+
+- auto install if cryptsetup and mkinitrd are installed (bnc#796167)
+
+-------------------------------------------------------------------
+Wed Dec 12 16:09:43 UTC 2012 - [email protected]
+
+- initial package split off from cryptsetup
+
New:
----
0001-let-boot-looks.sh-to-really-reuse-passhrase-for-multi.diff
boot.crypto-0_201206151440.tar.bz2
cryptsetup-mkinitrd.changes
cryptsetup-mkinitrd.spec
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cryptsetup-mkinitrd.spec ++++++
#
# spec file for package cryptsetup-mkinitrd
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: cryptsetup-mkinitrd
Url: http://gitorious.org/opensuse/boot_crypto
Version: 0_201206151440
Release: 0
Summary: mkinitrd plugin scripts for encrypted root file system
License: GPL-2.0+
Group: System/Base
# git://gitorious.org/opensuse/boot_crypto.git
Source: boot.crypto-%{version}.tar.bz2
Patch0: 0001-let-boot-looks.sh-to-really-reuse-passhrase-for-multi.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Provides: cryptsetup:/lib/mkinitrd/scripts/boot-luks.sh
Requires: cryptsetup
Supplements: packageand(mkinitrd:cryptsetup)
%description
plugin scripts for mkinitrd that unlock an encrypted root in
initrd
%prep
%setup -n boot.crypto-%version -q
%patch0 -p1
%build
%install
make install DESTDIR=$RPM_BUILD_ROOT
#
# no longer needed
rm -rf $RPM_BUILD_ROOT%_mandir/man5
rm -rf $RPM_BUILD_ROOT/lib/cryptsetup/checks/
rm -rf $RPM_BUILD_ROOT/etc/init.d
rm -f $RPM_BUILD_ROOT/etc/crypttab
rm -f $RPM_BUILD_ROOT/etc/cryptotab
%post
if [ -x /sbin/mkinitrd_setup ]; then
mkinitrd_setup
fi
%postun
if [ -x /sbin/mkinitrd_setup ]; then
mkinitrd_setup
fi
%files
%defattr(-,root,root)
%dir /lib/mkinitrd
%dir /lib/mkinitrd/scripts
/lib/mkinitrd/scripts/setup-luks.sh
/lib/mkinitrd/scripts/boot-luks.sh
/lib/mkinitrd/scripts/setup-luks2.sh
/lib/mkinitrd/scripts/setup-luks_final.sh
/usr/sbin/convert_cryptotab
/lib/cryptsetup
%changelog
++++++ 0001-let-boot-looks.sh-to-really-reuse-passhrase-for-multi.diff ++++++
>From daa29b42cfcde3b1d9326816325363570367e4e6 Mon Sep 17 00:00:00 2001
From: Andrey Borzenkov <[email protected]>
Date: Sat, 6 Apr 2013 08:23:17 +0400
Subject: [PATCH] let boot-looks.sh to really reuse passhrase for multiple
devices
do_luks tried to reuse passwords, but it called lulksopen that always
unconditionally requested passwords as well if plymouth was active.
Add additional argument to luksopen() to indicate whether it has to
request password or not.
Signed-off-by: Andrey Borzenkov <[email protected]>
---
mkinitrd/boot-luks.sh | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
mode change 100644 => 100755 mkinitrd/boot-luks.sh
diff --git a/mkinitrd/boot-luks.sh b/mkinitrd/boot-luks.sh
old mode 100644
new mode 100755
index 30f98a9..2ee2ec9
--- a/mkinitrd/boot-luks.sh
+++ b/mkinitrd/boot-luks.sh
@@ -66,12 +66,17 @@ luks_wait_device()
check_for_device "$dev"
}
+# $1 - crypto container name
+# $2 - do we need to ask password (yes|no)
luksopen()
{
local name="$1"
+ local ask_pass="$2"
eval local dev="\"\${luks_${name}}\""
eval local realname="\"\${luks_${name}_name}\""
- if luks_check_ply; then
+ if [ "$ask_pass" = no ]; then
+ /sbin/cryptsetup --tries=1 luksOpen "$dev" "$realname"
+ elif luks_check_ply; then
/usr/bin/plymouth ask-for-password --prompt="Unlocking
${realname} ($dev)" | /sbin/cryptsetup --tries=1 luksOpen "$dev" "$realname"
else
echo -e "${extd}Unlocking ${realname} ($dev)${norm}"
@@ -129,15 +134,15 @@ do_luks() {
fi
fi
- echo "$pass" | luksopen "$luks"
"$ask_pass" || {
- pass='xxxxxxxxxxxxxxxxxxxx';
unset pass; luksopen "$luks" "$ask_pass"; }
+ echo "$pass" | luksopen "$luks" no || {
+ pass='xxxxxxxxxxxxxxxxxxxx';
unset pass; luksopen "$luks" yes; }
check_retry $? || break;
else
- luksopen "$luks" "$ask_pass"
+ luksopen "$luks" yes
check_retry $? || break;
fi
else
- $keyscript "$keyfile" | luksopen "$luks"
"$ask_pass"
+ $keyscript "$keyfile" | luksopen "$luks" no
check_retry $? || break;
fi
done
--
1.8.1.4
--
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
