Your message dated Thu, 04 Nov 2010 20:47:17 +0000
with message-id <[email protected]>
and subject line Bug#598237: fixed in cryptsetup 2:1.1.3-4
has caused the Debian Bug report #598237,
regarding document that cryptsetup key file must not have final newline
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
598237: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598237
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: cryptsetup
Version: 2:1.1.3-3
Tags: patch
The only real problem I had setting up my first cryptsetup disks was
that the pass-phrase file cannot end in a newline. I'm sure there's a
good technical reason for this bit of trickiness, but it needs to be
documented more thoroughly. Appended are diffs to address this.
This patch also provides more complete cross-references to the other
manual pages and some English grammar fixes.
< Stephen
--- debian/doc/cryptdisks_start.xml~ 2008-06-19 04:29:25 -0700
+++ debian/doc/cryptdisks_start.xml 2010-09-25 21:19:01 -0700
@@ -17,7 +17,7 @@
<refnamediv>
<refname>cryptdisks_start</refname>
- <refpurpose>wrapper around cryptsetup which parses
/etc/crypttab.</refpurpose>
+ <refpurpose>wrapper around cryptsetup that parses /etc/crypttab.</refpurpose>
</refnamediv>
<refsynopsisdiv>
@@ -31,16 +31,22 @@
<title>DESCRIPTION</title>
<simpara>
<emphasis role="strong">cryptdisks_start</emphasis> is a wrapper around
- <emphasis role="strong">cryptsetup</emphasis> which parses
+ <emphasis role="strong">cryptsetup</emphasis> that parses
<emphasis role="strong">/etc/crypttab</emphasis> just like the initscript
- /etc/init.d/cryptdisks does, and starts the dm-crypt mapping which
+ /etc/init.d/cryptdisks does and starts the dm-crypt mapping that
corresponds to <emphasis><name></emphasis>.
</simpara>
+ <simpara>
+ Note that this wrapper passes <option>--key-file=-</option> to
+ <command moreinfo="refentry">cryptsetup</command>, so the passphase
+ in any referenced key file must not be followed by a newline character.
+ </simpara>
</refsect1>
<refsect1 id="cryptdisks_start.see_also">
<title>SEE ALSO</title>
<simpara>
+ <emphasis>cryptdisks_stop</emphasis>(8),
<emphasis>cryptsetup</emphasis>(8), <emphasis>crypttab</emphasis>(5)
</simpara>
</refsect1>
--- debian/doc/cryptdisks_stop.xml~ 2008-06-19 04:29:40 -0700
+++ debian/doc/cryptdisks_stop.xml 2010-09-25 21:19:18 -0700
@@ -17,7 +17,7 @@
<refnamediv>
<refname>cryptdisks_stop</refname>
- <refpurpose>wrapper around cryptsetup which parses
/etc/crypttab.</refpurpose>
+ <refpurpose>wrapper around cryptsetup that parses /etc/crypttab.</refpurpose>
</refnamediv>
<refsynopsisdiv>
@@ -31,9 +31,9 @@
<title>DESCRIPTION</title>
<simpara>
<emphasis role="strong">cryptdisks_stop</emphasis> is a wrapper around
- <emphasis role="strong">cryptsetup</emphasis> which parses
+ <emphasis role="strong">cryptsetup</emphasis> that parses
<emphasis role="strong">/etc/crypttab</emphasis> just like the initscript
- /etc/init.d/cryptdisks does, and stops the dm-crypt mapping which
corresponds
+ /etc/init.d/cryptdisks does and stops the dm-crypt mapping that corresponds
to <emphasis><name></emphasis>.
</simpara>
</refsect1>
@@ -41,6 +41,7 @@
<refsect1 id="cryptdisks_stop.see_also">
<title>SEE ALSO</title>
<simpara>
+ <emphasis>cryptdisks_start</emphasis>(8),
<emphasis>cryptsetup</emphasis>(8), <emphasis>crypttab</emphasis>(5)
</simpara>
</refsect1>
--- debian/doc/crypttab.xml~ 2010-07-21 01:27:48 -0700
+++ debian/doc/crypttab.xml 2010-09-25 21:00:49 -0700
@@ -25,7 +25,10 @@
<simpara>
The file <filename>/etc/crypttab</filename> contains descriptive
information about encrypted filesystems. <filename>crypttab</filename>
- is only read by programs, and not written; it is the duty of the system
+ is only read by programs (e.g.,
+ <command moreinfo="refentry">cryptdisks_start</command> and
+ <command moreinfo="refentry">cryptdisks_stop</command>),
+ and not written; it is the duty of the system
administrator to properly create and maintain this file. Each filesystem is
described on a separate line; fields on each line are separated by tabs or
spaces. Lines starting with <quote>#</quote> are comments, empty lines are
@@ -49,7 +52,12 @@
<simpara>
The third field, <emphasis>key file</emphasis>, describes the file to use
as a key for decrypting the data of the <emphasis>source device</emphasis>.
- It can also be a device name (e.g.
+ Note that the <emphasis>entire</emphasis> key file will be used as the
+ passphase; the passphase must <emphasis>not</emphasis> be
+ followed by a newline character.
+ </simpara>
+ <simpara>
+ It can also be a device name (e.g.,
<filename class="devicefile">/dev/urandom</filename>), note however that
LUKS requires a persistent key and therefore does <emphasis>not</emphasis>
support random data keys.
@@ -62,7 +70,7 @@
<simpara>
The fourth field, <emphasis>options</emphasis>, describes the cryptsetup
options associated with the encryption process. At minimum, the field should
- contain the string <emphasis>luks</emphasis> or the
+ contain either the string <emphasis>luks</emphasis> or the
<emphasis>cipher</emphasis>, <emphasis>hash</emphasis> and
<emphasis>size</emphasis> options.
</simpara>
@@ -451,7 +459,8 @@
<title>SEE ALSO</title>
<simplelist type="inline">
<member><command moreinfo="refentry">cryptsetup</command>(8)</member>
- <member><filename>/etc/crypttab</filename></member>
+ <member><command moreinfo="refentry">cryptdisks_start</command>(8)</member>
+ <member><command moreinfo="refentry">cryptdisks_stop</command>(8)</member>
</simplelist>
</refsect1>
--- End Message ---
--- Begin Message ---
Source: cryptsetup
Source-Version: 2:1.1.3-4
We believe that the bug you reported is fixed in the latest version of
cryptsetup, which is due to be installed in the Debian FTP archive:
cryptsetup-udeb_1.1.3-4_amd64.udeb
to main/c/cryptsetup/cryptsetup-udeb_1.1.3-4_amd64.udeb
cryptsetup_1.1.3-4.debian.tar.gz
to main/c/cryptsetup/cryptsetup_1.1.3-4.debian.tar.gz
cryptsetup_1.1.3-4.dsc
to main/c/cryptsetup/cryptsetup_1.1.3-4.dsc
cryptsetup_1.1.3-4_amd64.deb
to main/c/cryptsetup/cryptsetup_1.1.3-4_amd64.deb
libcryptsetup-dev_1.1.3-4_amd64.deb
to main/c/cryptsetup/libcryptsetup-dev_1.1.3-4_amd64.deb
libcryptsetup1_1.1.3-4_amd64.deb
to main/c/cryptsetup/libcryptsetup1_1.1.3-4_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jonas Meurer <[email protected]> (supplier of updated cryptsetup package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 04 Nov 2010 20:36:45 +0100
Source: cryptsetup
Binary: cryptsetup cryptsetup-udeb libcryptsetup1 libcryptsetup-dev
Architecture: source amd64
Version: 2:1.1.3-4
Distribution: unstable
Urgency: high
Maintainer: Debian Cryptsetup Team
<[email protected]>
Changed-By: Jonas Meurer <[email protected]>
Description:
cryptsetup - configures encrypted block devices
cryptsetup-udeb - configures encrypted block devices (udeb)
libcryptsetup-dev - libcryptsetup development files
libcryptsetup1 - libcryptsetup shared library
Closes: 554506 563961 584174 589800 591626 594092 595331 597648 598237
Changes:
cryptsetup (2:1.1.3-4) unstable; urgency=high
.
* bump standards-version to 3.9.1, no changes required
* add patches/01_manpage_units: mention units (512b sectors) for -o option
in man page. (closes: #584174)
* move cryptdisks_st* scripts from /usr/sbin to /sbin, add symlinks for
compatibility reasons. thanks to Mario 'BitKoenig' Holbe. (closes: #589800)
* add decrypt_keyctl keyscript and initramfs hook from Michael Gebetsroither,
which supports to cache a passphrase for later use. (closes: #563961)
* invoke /sbin/lvm with full path in cryptroot initramfs script. thanks to
Bernd Zeimetz. (closes: #597648)
* print out a warning at initramfs cryptroot hook in case that detection of
canonical device failed. (closes: #594092)
* add manpage fixes, thanks to Stephen Gildea for patch. (closes: #598237)
* fix depreciated ext2 wrapper checkscript to succeed for ext2, ext3, ext4
and ext4dev filesystems. (closes: #595331)
* again remove duplicates from debian/NEWS.
* truncate trailing spaces for some variables at initramfs cryptroot hook.
* remove volume group -guessing magic from initramfs scripts and hooks,
instead activate all available lvm volume groups. thanks to Christoph
Anton Mitterer for the suggestion. (closes: #554506, #591626)
* remove /etc/bash_completion.d from debian/cryptsetup.dirs
* set urgency=high as this upload fixes two release-critical bugs.
Checksums-Sha1:
449bf067bad4b0673b2bb5c02a0010ec665896be 2190 cryptsetup_1.1.3-4.dsc
d716f44c238cda49fb6f44ea172e9eb0ccc4a20e 78420 cryptsetup_1.1.3-4.debian.tar.gz
99bbcaf00167a4c63023a2b1824c92b57e8e4d9c 416796 cryptsetup_1.1.3-4_amd64.deb
78b6704eeb9312ed885398abd3965480510f31b7 298236
cryptsetup-udeb_1.1.3-4_amd64.udeb
47c10d5114a9687910d467dd10003cd653db84a0 77676 libcryptsetup1_1.1.3-4_amd64.deb
de5b2230a0bad6fa292527b6c06a4b8d283678c1 41676
libcryptsetup-dev_1.1.3-4_amd64.deb
Checksums-Sha256:
9f6a3468f9a2c81201cc1aafe33fa8f6b2dff99cc31630f23ff9d9fe5653b25f 2190
cryptsetup_1.1.3-4.dsc
180549d5b5f70437bde63239e857db95ff4fdce26a2cc46eaf40b21315addbc2 78420
cryptsetup_1.1.3-4.debian.tar.gz
a9bf47297e15c3cd5f93a0794636c0b9a829daf31aeb17e0984ba83d373d2f8a 416796
cryptsetup_1.1.3-4_amd64.deb
305b082e58b96bc505693db589b26311e52b2fcb3cfdf835d609427ea699a1e7 298236
cryptsetup-udeb_1.1.3-4_amd64.udeb
5873ab2ce8fe5fa43c9eb29ab427e1dfa96d4f1161333e1ebc75f0c18ff31cb3 77676
libcryptsetup1_1.1.3-4_amd64.deb
96df9f50acbc9ae2715acbda1eccf183eb0b8c1e86f2152b8c3c3f87c21ac1fc 41676
libcryptsetup-dev_1.1.3-4_amd64.deb
Files:
0050f2b41e08e6fe404d4c485a6e2908 2190 admin optional cryptsetup_1.1.3-4.dsc
cb5083564beba927e00081556f28c0b2 78420 admin optional
cryptsetup_1.1.3-4.debian.tar.gz
bf6ffae66ffec77197e656b2c813cd4a 416796 admin optional
cryptsetup_1.1.3-4_amd64.deb
b38271d4e7bb925bb03fa3d9982520cc 298236 debian-installer optional
cryptsetup-udeb_1.1.3-4_amd64.udeb
472a87e03da233d9d8083a93da2b5211 77676 libs optional
libcryptsetup1_1.1.3-4_amd64.deb
c21a17131814852fd735899c39351106 41676 libdevel optional
libcryptsetup-dev_1.1.3-4_amd64.deb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCAAGBQJM0wwIAAoJEFJi5/9JEEn+fUoP/2vZuwiyC2H/Wej29tKJJMaT
1aeHgIO2H4e65PBsy/KLA93/CfZ1yiF9FTWJS/U0/WgsM8VnZ6cQ+mzVeKLPMBDO
/Reiv9naVSXa/wJRjKs63tnOP+MGYzTGu+P6WFgfxINko9ipWOIzvr/2/CzRvkV/
jCxywMkfDbK9HYP1K2TmGsC1nYOTM4z7lz5N5O/j0AX9vs7gx67ywETfqqD7mCGZ
/Mo6O3NbpQ59fi1kxhGDKZzs6d82WALoCk/2K7gxp3ESRgBxWVSTn9tSiEHpcWpe
kR+/lhtACzKLXe/R8pdQhBOLVi19/SEgjOISveP/BzzWB8ESNXsS7254TWwXAQ4j
H6Hnmt3mIpFTP1UDYBJqdllDUEYrfnln3eQBjYvLo+qtbLBWaKcPXf8P4RHBeW2R
6ffzcy4HRjnftnE5YX3HynjNsJ2lpkots/78kb3heToM3UdX/1Z/7L86bJYkPFiK
mvw88rocWPbRVV3QeBwvWfZCaYt+AgD2gbUsmkmUD3o/0Fy2XSHG+3RNlv6slV6o
AO7HOhCvQ9cvTFeCxrts3xzyY+jEp15Et8WsB5awzVa2QlyPf8Jk0oW3ZJXU7TZM
L6jQtv62f4jjzZhAPPyNJKhKvZxc/QH0gRW3vkldAdjwaJ3a6E4kIawtfVibP0DH
aLPIt25WPZtDmoA4VDb4
=B3N1
-----END PGP SIGNATURE-----
--- End Message ---
