Package: partman-crypto
Version: 56
Hi,
I think that using udev persistent device naming in /etc/crypttab
would be useful to prevent some dangerous situation, like the
following one.
I have a 3 disks setup with the first two in raid mode and the third as
archive. The swap partitions are encrypted with dm-crypt and out of the
raid. After the install /etc/crypttab contains:
sda1_crypt /dev/sda1 /dev/urandom cipher=aes-xts-plain64,size=256,swap
sdb1_crypt /dev/sdb1 /dev/urandom cipher=aes-xts-plain64,size=256,swap
When the first or the second disk fails or begin removed, sdc is renamed
sdb and the first partition (that unlucky was not a swap partition) is
overwritten. The recover of the filesystem was not automatic and
required to rewrite with zeros all the sectors overwritten by encrypted
data, as explained by that mail message:
https://www.redhat.com/archives/ext3-users/2011-January/msg00010.html
As dm-crypt without luks do not supports UUIDs, udev persistent naming
should prevent this situation in a safe manner, mapping the device and
doing mkswap or mkfs only if the partition is exactly on the disk
selected by the installer. In other cases it fails, that is safer than
doing mkswap on random partitions.
I have attached an untested patch to partman-crypto that should address
this issue. As this is my first look of debian installer sources, this
patch is not intended to be applied as is, but as a detailed
explanation of the fix. The /etc/crypttab would be:
sda1_crypt /dev/disk/by-id/scsi-NAME-SERIAL-part1 /dev/urandom ...
This bug affects both squeeze and wheezy.
Ciao
--- partman-crypto-56/finish.d/crypto_config 2011-01-19 05:58:49.000000000 +0100
+++ partman-crypto-56-udevid/finish.d/crypto_config 2013-01-11 08:35:13.408173693 +0100
@@ -124,6 +124,9 @@
if cryptsetup isLuks "$source"; then
local uuid=$(cryptsetup luksUUID "$source")
source="UUID=$uuid"
+ else
+ # Use udev persistent device naming
+ source=$(find /dev/disk/by-id -lname "*/$(basename $source)" | tail -1)
fi
# Add entry to crypttab
