--- Begin Message ---
Package: cryptsetup
Version: 2:1.1.2-1
Severity: minor
Tags: patch
Hi Jonas.
Attached are several patches (agains svn), that would all fix typos (IMO).
Seems that you're using British English, so I've change two or three AmEng
words, too.
Cheers,
Chris.
Index: NEWS
===================================================================
--- NEWS (revision 792)
+++ NEWS (working copy)
@@ -1,6 +1,6 @@
cryptsetup (2:1.1.2-2) unstable; urgency=low
- Cryptdisks init scripts changed their behaviour for failures at starting and
+ cryptdisks init scripts changed their behaviour for failures at starting and
stopping encrypted devices. cryptdisks init script now raises a warning for
failures at starting encrypted devices, and cryptdisks-early warns about
failures at stopping encrypted devices.
@@ -110,7 +110,7 @@
cryptsetup (2:1.0.4+svn16-1) unstable; urgency=high
The --key-file=- argument has changed. If a --hash parameter is passed, it
- will now be honored. This means that the decrypt_derived keyscript will in
+ will now be honoured. This means that the decrypt_derived keyscript will in
some situations create a different key than previously meaning that any swap
partitions that rely on the script will have to be recreated. To emulate the
old behaviour, make sure that you pass "--hash=plain" to cryptsetup.
@@ -140,7 +140,7 @@
cryptsetup (2:1.0.3-4) unstable; urgency=low
Up to now, the us keymap was loaded at the passphrase prompt in the boot
- process and ascii characters were always used. With this upload this is
+ process and ASCII characters were always used. With this upload this is
fixed, meaning that the correct keymap is loaded and the keyboard is
(optionally) set to UTF8 mode before the passphrase prompt.
@@ -149,7 +149,7 @@
correct keymap loaded.
Additionally, all four fields are now mandatory in /etc/crypttab. An entry
- which does not contain all fields will be ignored. It is recommented to
+ which does not contain all fields will be ignored. It is recommended to
set cipher, size and hash anyway, as defaults may change in the future.
If you didn't set any of these settings yet, then you should add
@@ -160,7 +160,7 @@
cryptsetup (2:1.0.2+1.0.3-rc2-2) unstable; urgency=low
- The crypttab 'retry' has been renamed to 'tries' to reflect upstreams
+ The crypttab 'retry' has been renamed to 'tries' to reflect upstream's
functionality. Default is 3 tries now, even if the option is not given.
See the crypttab.5 manpage for more information.
Index: README.initramfs
===================================================================
--- README.initramfs (revision 792)
+++ README.initramfs (working copy)
@@ -16,7 +16,7 @@
The installation will then take care of all the details and perform the
necessary configuration for you, meaning that you should not have to
read the rest of this document to get a machine with an encrypted
-root fs up and running.
+rootfs up and running.
However, if you are not planning to perform a new installation from scratch,
the following information might be useful to you.
@@ -24,7 +24,7 @@
3. Requirements
---------------
-In order to boot from an encrypted root fs, you need an initramfs-image
+In order to boot from an encrypted rootfs, you need an initramfs-image
which includes the necessary kernel modules and scripts to setup
the root device after the kernel has been initialized, but before the rest
of the operating system is booted.
@@ -70,7 +70,7 @@
NOTE: the initramfs scripts default to using the sha256 hash function while
the plain cryptsetup binary defaults to using the ripemd160 hash function.
-In order to ensure that the crypto setup works in a consistant manner, you
+In order to ensure that the crypto setup works in a consistent manner, you
should make sure that the hash function is specified in the /etc/crypttab file
if you are using regular dm-crypt (with LUKS the hash function to use is stored
in the LUKS header).
Index: README.openct
===================================================================
--- README.openct (revision 792)
+++ README.openct (working copy)
@@ -18,7 +18,7 @@
smartcard devices by openct.
First of all, you should plug in your crypto token into USB or whatever
-interface it uses and initalize the reader with the following command (as root):
+interface it uses and initialise the reader with the following command (as root):
# openct-control init
@@ -33,8 +33,8 @@
If you do not see any reader listed, you have a problem and should read again
about the supported hardware on <http://www.opensc-project.org/openct/> and make
sure you have the required support (e.g. USB) compiled into your kernel needed
-to connect to your token. If you use a precompiled kernel from Debian,
-everything is already built kernelwise and you probably only need to load the
+to connect to your token. If you use a pre-compiled kernel from Debian,
+everything is already built kernel-wise and you probably only need to load the
module.
In case you want to erase your previously used smartcard, you can do that by
@@ -46,7 +46,7 @@
# pkcs15-init --create-pkcs15
-Caution: You are beeing asked about the 'Security Officer PIN' and the 'User
+Caution: You are being asked about the 'Security Officer PIN' and the 'User
unblocking PIN'. Although both of these pins are optional and can be left empty,
you should never do this: In case the personal user pin is typed wrong for a
given number (mostly three times), the smartcard is locked and can only be
@@ -55,7 +55,7 @@
only be unlocked with the security officer pin, which is the most superior pin
in this hierarchy. With an unset (empty) security officer pin or user unblocking
pin, depending on the smartcard, an attacker can have unlimited tries to crack
-your personal user pin, or, an attacker can simply make the smarcard unusable as
+your personal user pin, or, an attacker can simply make the smartcard unusable as
it cannot be unlocked anymore at all.
To create a new identity on the smartcard, do the following:
@@ -77,7 +77,7 @@
# pkcs15-init --store-data data.txt --auth-id 01
As of the time of writing, openct version 0.6.12 is available and does not
-support labeling different data objects. Once this gets fixed in openct
+support labelling different data objects. Once this gets fixed in openct
upstream, you can store multiple data objects to the smartcard (create them by
appending '--label foo' to the above command and replace foo with the label you
want to use).
@@ -99,12 +99,12 @@
sda5_crypt /dev/sda5 none luks,keyscript=/lib/cryptsetup/scripts/decrypt_openct
At the moment all data objects have the same label 'pkcs15-init'. Once openct
-supports labeling data objects, you can pass the respective label to openct with
+supports labelling data objects, you can pass the respective label to openct with
the key parameter in /etc/crypttab like this:
sda5_crypt /dev/sda5 none luks,keyscript=/lib/cryptsetup/scripts/decrypt_openct,key=foo
-For the time beeing, 'pkcs15-init' is passed to openct when no key is specified.
+For the time being, 'pkcs15-init' is passed to openct when no key is specified.
Don't forget to backup key.txt to a save place and remove the temporary files
afterwards:
@@ -112,10 +112,10 @@
# shred -uz key.txt data.txt
Caution: cryptsetup as of version 1.0.5-1 does not support fallback to passphrase
-if smartcard authentification fails (bee it three times wrong pin or not
+if smartcard authentication fails (bee it three times wrong pin or not
compatible/not detected smartcard reader). That means, that for testing
purposes, it is recommended to keep an initrd image in /boot available which
-does *not* use openct or opensc for authentification, so that you can change
+does *not* use openct or opensc for authentication, so that you can change
your bootloader configuration on the fly if something does not work out as
expected. Therefore, copy your current initrd (the .bak backups from
initramfs-tools can maybe get overwritten by update-initramfs during the setup
@@ -123,7 +123,7 @@
# cp /boot/initrd.img-`uname -r` /boot/initrd.img-`uname -r`.temp
-If you have completed all the steps upto now, you can update your initramfs
+If you have completed all the steps up to now, you can update your initramfs
image with:
# update-initramfs -u -k `uname -r`
Index: README.opensc
===================================================================
--- README.opensc (revision 792)
+++ README.opensc (working copy)
@@ -116,7 +116,7 @@
exit 0
fi
-If you have completed all the steps upto now, you can update your
+If you have completed all the steps up to now, you can update your
initramfs image with:
# update-initramfs -u -k `uname -r`
Index: README.remote
===================================================================
--- README.remote (revision 792)
+++ README.remote (working copy)
@@ -16,7 +16,7 @@
the default when the busybox package is installed) to have busybox installed
into the initramfs, and should not contain DROPBEAR=n, which would disable
installation of dropbear to initramfs. If set to DROPBEAR=y, dropbear will
-beinstalled in any case; if DROPBEAR isn't set at all, then dropbear will only
+be installed in any case; if DROPBEAR isn't set at all, then dropbear will only
be installed in case of an existing cryptroot setup.
The host keys used for the initramfs are dropbear_dss_host_key and
@@ -88,7 +88,7 @@
"echo -ne \"secret\" >/lib/cryptsetup/passfifo"
This example assumes that you have an extra known_hosts file
-"~/.ssh/known_hosts.initramfs" which hold's the cryptroot system's host-key,
+"~/.ssh/known_hosts.initramfs" which holds the cryptroot system's host-key,
that you have a file "~/id_rsa.initramfs" which holds the authorized-key for
the cryptroot system, that the cryptroot system's name is
"initramfshost.example.com", and that the cryptroot passphrase is "secret"
--- End Message ---
--- Begin Message ---
Source: cryptsetup
Source-Version: 2:1.1.3-1
We believe that the bug you reported is fixed in the latest version of
cryptsetup, which is due to be installed in the Debian FTP archive:
cryptsetup-udeb_1.1.3-1_amd64.udeb
to main/c/cryptsetup/cryptsetup-udeb_1.1.3-1_amd64.udeb
cryptsetup_1.1.3-1.debian.tar.gz
to main/c/cryptsetup/cryptsetup_1.1.3-1.debian.tar.gz
cryptsetup_1.1.3-1.dsc
to main/c/cryptsetup/cryptsetup_1.1.3-1.dsc
cryptsetup_1.1.3-1_amd64.deb
to main/c/cryptsetup/cryptsetup_1.1.3-1_amd64.deb
cryptsetup_1.1.3.orig.tar.bz2
to main/c/cryptsetup/cryptsetup_1.1.3.orig.tar.bz2
libcryptsetup-dev_1.1.3-1_amd64.deb
to main/c/cryptsetup/libcryptsetup-dev_1.1.3-1_amd64.deb
libcryptsetup1_1.1.3-1_amd64.deb
to main/c/cryptsetup/libcryptsetup1_1.1.3-1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jonas Meurer <[email protected]> (supplier of updated cryptsetup package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 10 Jul 2010 14:32:40 +0200
Source: cryptsetup
Binary: cryptsetup cryptsetup-udeb libcryptsetup1 libcryptsetup-dev
Architecture: source amd64
Version: 2:1.1.3-1
Distribution: unstable
Urgency: low
Maintainer: Debian Cryptsetup Team
<[email protected]>
Changed-By: Jonas Meurer <[email protected]>
Description:
cryptsetup - configures encrypted block devices
cryptsetup-udeb - configures encrypted block devices (udeb)
libcryptsetup-dev - libcryptsetup development files
libcryptsetup1 - libcryptsetup shared library
Closes: 554506 575024 575652 576646 581712 585099 585418 585496 585664 585787
586019 586122 586162 586299 587220 587222 587224 588068
Changes:
cryptsetup (2:1.1.3-1) unstable; urgency=low
.
* new upstream release:
- fix device alignment ioctl calls parameters for archs like ppc64.
- fix activate_by_* API calls to handle NULL device name as documented
- fix udev support for old libdevmapper with not compatible definition
* fix rm_lo_setup() in cryptdisks.functions for failed device setup. thanks
to Roger Pettersson. (closes: #581712)
* add X-Stop-After headers to cryptdisks(-early) initscripts. this fixes
shutdown process for system without encrypted rootfs at least. thanks to
Alfredo Finelli. (closes: #575652)
* more merges from ubuntu, thanks to and Steve Langasek (closes: #575024):
- debian/cryptdisk.functions: initially create the device under a temporary
name and rename it only at the end using 'dmsetup rename', to ensure that
upstart/mountall doesn't see our device before it's ready to go.
LP: #475936.
- cryptdisks.functions: do_tmp should mount under /var/run/cryptsetup for
changing the permissions of the filesystem root, not directly on /tmp,
since mounting on /tmp a) is racy, b) confuses mountall something fierce.
LP: #475936.
* fix manpage checkscripts documentation. clarify that both cryptdisks and
cryptroot invoke checkscripts. thanks Christoph Anton Mitterer.
* remove quotes from $KEYSCRIPT invokation, thanks Alexandre Rossi.
(closes: #585099)
* fix support for commandline options to mkfs in luksformat. thanks to Eduard
Bloch again for bugreport and patch. (closes: #585787)
* remove duplicates from debian/NEWS, thanks Steve Langasek (closes: 586019)
* improve documentation on environment variables in cryptdisks.default and
crypttab manpage. thanks Christoph Anton Mitterer. (closes: #585664)
* several improvements to (pre)check scripts, inspired by scripts from
Christoph Anton Mitterer (closes: #585418, #585496)
- checkscripts exit with error 1 if executables aren't available.
- ext2, swap and xfs scripts are depreciated and invoke blkid script.
- drop filtering of minix filesystem in blkid, util-linux 2.17.2 in debian
- remove *vol_id check scripts, vol_id isn't available in debian any longer
- don't use sed in *blkid check scripts any longer
* fix initramfs/cryptroot-hook to canonicalize $device in get_resume_devices
function. this should really weed out all duplicates. (closes: #586122),
and catch all udev/device-mapper symlink setups as well (closes: #554506)
* bash-completion file now in pck bash-completion (closes: #586299, #586162)
* add a paragraph about the boot order of init scripts to README.Debian,
describing the current catch-22 situation. (closes: #576646)
* initscripts and cryptdisks_st* no longer silently quit in case that include
file /lib/cryptsetup/cryptdisks.functions is missing. (closes: #587220)
* fix cryptdisks-early LSB headers to restore legacy boot sequence order.
mdadm-raid was started before cryptdisks-early. (closes: #587224)
* cryptdisks initscript now raises a warning for failed started devices, and
cryptdisks-early initscript raises a warning for failed stopped devices.
this makes the initscript actions far more transparent to users. same holds
for cryptdisks_st*. thanks to Christoph Anton Mitterer. (closes: #587222)
* remove lintian overrides init.d-script-should-depend-on-virtual-facility
as lintian lintian 2.4.2 has fixed #580082.
* bump standards-version to 3.9.0, remove version information from replaces/
provides/conflicts against cryptsetup-luks, change conflicts against
hashalot (<= 0.3-1) to breaks hashalot (<< 0.3-1) and add replaces.
* fix loads of typos, thanks to Christoph Anton Mitterer. (closes: #588068)
* update copyright years and list Milan Broz in debian/copyright
Checksums-Sha1:
f423776f6297d4c1779fa79e3a1179d7e1a3711f 1844 cryptsetup_1.1.3-1.dsc
6f8a4c9a80a0d25f8492dfce6db6abed221598f6 499276 cryptsetup_1.1.3.orig.tar.bz2
87499331d74cc6672eab9d730929753e283e18f2 73036 cryptsetup_1.1.3-1.debian.tar.gz
d3bbc36144059e8711ebccaa88de190cd035d4f7 412762 cryptsetup_1.1.3-1_amd64.deb
c9fb3b0ce7a28147a79097a411a711194805ef6a 297470
cryptsetup-udeb_1.1.3-1_amd64.udeb
588ddce1f21b5f61db3f3d084e2b10db8ecb7f2d 77078 libcryptsetup1_1.1.3-1_amd64.deb
91036332b4dde0a3e7e83f7fc5003943433cc6e2 41072
libcryptsetup-dev_1.1.3-1_amd64.deb
Checksums-Sha256:
3fa939def9bc5d6d55fdf4294c97427cd44df3b0edc90de0c7e0387514828fb6 1844
cryptsetup_1.1.3-1.dsc
9c8e68a272f6d9cfb6cd65cc0743f4c44a2096c61f74e0602bf40208b5e69c0a 499276
cryptsetup_1.1.3.orig.tar.bz2
192bb74e169255be98f5aed7105c80d9da681728b632b81957b1943f7ad39bdd 73036
cryptsetup_1.1.3-1.debian.tar.gz
0a6d759643b073fb52723d27e216922b2e1905ea54840faa90d40297210ebe3b 412762
cryptsetup_1.1.3-1_amd64.deb
2379a71e6cbb10be65c5051b7b20b839f39a8d3231026db21468c6de37656a05 297470
cryptsetup-udeb_1.1.3-1_amd64.udeb
ac4a84e4703c7c944ac7782c5cd7c169bac32ab8d521ca53d7aeb1c76d9dfc39 77078
libcryptsetup1_1.1.3-1_amd64.deb
9e2e6d9eb81358c00863d45d037167cbf9b73a483ce63a85b0e3d27ee453886e 41072
libcryptsetup-dev_1.1.3-1_amd64.deb
Files:
e3a4e032b01ded88dc376262c982b422 1844 admin optional cryptsetup_1.1.3-1.dsc
318a64470861ea5b92a52f2014f1e7c1 499276 admin optional
cryptsetup_1.1.3.orig.tar.bz2
001520ca62db51930cd1d1ca883fc249 73036 admin optional
cryptsetup_1.1.3-1.debian.tar.gz
de3a714955cb77d730553aac29638e36 412762 admin optional
cryptsetup_1.1.3-1_amd64.deb
b819572d6ba96c40c8d2e79ab83653d5 297470 debian-installer optional
cryptsetup-udeb_1.1.3-1_amd64.udeb
0ed309cfeb9b16cca4ef7984928bef48 77078 libs optional
libcryptsetup1_1.1.3-1_amd64.deb
35cdd38f1ec3550409e814d8eed55240 41072 libdevel optional
libcryptsetup-dev_1.1.3-1_amd64.deb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBCAAGBQJMOGnEAAoJEHUY1PcOVR4zmeEH/3O81UW7w//flCuswQkvA23L
rWqa0z8g1p/H4aUutfcdFmILj4aci5KuM5pvYcdeZmJImXZbka7/CnuNtzaZuM/7
2IxhrYA49KbocAF8Zu6wAvHD/5qRpujabVJcrSA3GQtHga2YO41wjOCS9RRSHl89
XMQ7vslHozH/JQGFxV6GuvgnjQNu/E9l0rmuxeWGJijwbpdVe6vVUQEF3tievs5M
Rdv1Ol0b/JtmWo+m6Erp5yXk5MXtxUi3IqmsFSPuNv3MiuM6etgL1rzMHN4g9pGZ
V16AwY2LnyoJuMWDUBGT4xvhP7ZVCCYAiFXQoKs5cOCitrPU7Y+kX2Rm4gHnfjQ=
=lXmi
-----END PGP SIGNATURE-----
--- End Message ---
