Bug#772596: asking for pre-approval: unblock: cryptsetup/2:1.6.6-4

Mon, 08 Dec 2014 14:41:26 -0800 

Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock

Hello,

I just prepared cryptsetup packages targeted at jessie that do fix the
following bugs:

#767832: cryptsetup: does not decrypt a split /usr as required by
initramfs-tools >= 0.118
        (hope that the fix for #767832 works for #768314 as well)
#767921: files with the same name installed in / and /usr
#764564: openrc: fail to boot when encryption + lvm are present

I asked all bugreport submitters to test the prepared packages. Once I
got positive feedback, I'd like to upload the packages to unstable. But
before, I'd like to have your ok that the packages will be allowed into
jessie.

The full debdiff is attached, below follows the changelog (debian
revision and targeted distribution will be fixed in final upload):

cryptsetup (2:1.6.6-4~mejo1) mejo-unstable; urgency=medium

  [ Simon McVittie ]
  * debian/initramfs/cryptroot-script: decrypt /usr as well as / so that
    split-/usr will work with initramfs-tools (>= 0.118). (closes: #767832)

  [ Jonas Meurer ]
  * Move cryptdisks_{start,stop} symlink creation from debian/rules to
    postinst. Needed to support /usr-merging. Thanks to Marco d'Itri for
    the patch. (closes: #767921)
  * debian/cryptdisks.funcctions: check for cryptdisks-udev initscript
before
    actually invoking 'status' on it. It's only useful in ubuntu+upstart
    environment anyway. (closes: #764564)

 -- Jonas Meurer <[email protected]>  Mon, 08 Dec 2014 22:01:09 +0100

Cheers,
 jonas

diff -Nru cryptsetup-1.6.6/debian/changelog cryptsetup-1.6.6/debian/changelog
--- cryptsetup-1.6.6/debian/changelog   2014-10-22 19:28:59.000000000 +0200
+++ cryptsetup-1.6.6/debian/changelog   2014-12-08 22:59:47.000000000 +0100
@@ -1,3 +1,20 @@
+cryptsetup (2:1.6.6-4~mejo1) mejo-unstable; urgency=medium
+
+  [ Simon McVittie ]
+  * debian/initramfs/cryptroot-script: decrypt /usr as well as / so that
+    split-/usr will work with initramfs-tools (>= 0.118). (closes: #767832)
+
+  [ Jonas Meurer ]
+  * Move cryptdisks_{start,stop} symlink creation from debian/rules to
+    postinst. Needed to support /usr-merging. Thanks to Marco d'Itri for
+    the patch. (closes: #767921)
+  * debian/cryptdisks.funcctions: check for cryptdisks-udev initscript before
+    actually invoking 'status' on it. It's only useful in ubuntu+upstart
+    environment anyway. (closes: #764564)
+  * 
+
+ -- Jonas Meurer <[email protected]>  Mon, 08 Dec 2014 22:01:09 +0100
+
 cryptsetup (2:1.6.6-3) unstable; urgency=medium
 
   * debian/initramfs/cryptroot-script: fix environment variable $CRYPTTAB_TRIED
diff -Nru cryptsetup-1.6.6/debian/cryptdisks.functions 
cryptsetup-1.6.6/debian/cryptdisks.functions
--- cryptsetup-1.6.6/debian/cryptdisks.functions        2014-09-21 
15:09:03.000000000 +0200
+++ cryptsetup-1.6.6/debian/cryptdisks.functions        2014-12-08 
22:58:47.000000000 +0100
@@ -750,8 +750,7 @@
                # will just be a no-op, but we don't want to defer to the
                # other job entirely because this is the fallback for fixing
                # up any ordering-dependent decrypting.
-               while status cryptdisks-udev DEVNAME="$dev_match" 2>&1 | grep 
-q 'start'
-               do
+               invoke-rc.d --quiet cryptdisks-udev status && while status 
cryptdisks-udev DEVNAME="$dev_match" 2>&1 | grep -q 'start'; do
                        sleep 1
                done
                handle_crypttab_line_start "$dst" "$src" "$key" "$opts" <&3 || 
log_action_end_msg $?
diff -Nru cryptsetup-1.6.6/debian/cryptsetup.postinst 
cryptsetup-1.6.6/debian/cryptsetup.postinst
--- cryptsetup-1.6.6/debian/cryptsetup.postinst 2014-03-03 20:25:28.000000000 
+0100
+++ cryptsetup-1.6.6/debian/cryptsetup.postinst 2014-12-08 22:04:51.000000000 
+0100
@@ -16,6 +16,12 @@
 
 case "$1" in
     configure)
+       for file in cryptdisks_start cryptdisks_stop; do
+               if [ ! -e /usr/sbin/$file ]; then
+                       ln -s /sbin/$file /usr/sbin/$file
+               fi
+       done
+
        if [ -x /usr/sbin/update-initramfs ]; then
                update-initramfs -u
        fi
diff -Nru cryptsetup-1.6.6/debian/cryptsetup.postrm 
cryptsetup-1.6.6/debian/cryptsetup.postrm
--- cryptsetup-1.6.6/debian/cryptsetup.postrm   2011-09-19 12:46:19.000000000 
+0200
+++ cryptsetup-1.6.6/debian/cryptsetup.postrm   2014-12-08 22:04:51.000000000 
+0100
@@ -7,6 +7,12 @@
        if [ -x /usr/sbin/update-initramfs ]; then
                update-initramfs -u
        fi
+
+       for file in cryptdisks_start cryptdisks_stop; do
+               if [ -L /usr/sbin/$file ]; then
+                       rm /usr/sbin/$file
+               fi
+       done
     ;;
 esac
 
diff -Nru cryptsetup-1.6.6/debian/initramfs/cryptroot-hook 
cryptsetup-1.6.6/debian/initramfs/cryptroot-hook
--- cryptsetup-1.6.6/debian/initramfs/cryptroot-hook    2014-10-02 
13:20:55.000000000 +0200
+++ cryptsetup-1.6.6/debian/initramfs/cryptroot-hook    2014-12-08 
21:59:51.000000000 +0100
@@ -16,8 +16,9 @@
 
 . /usr/share/initramfs-tools/hook-functions
 
-get_root_devices() {
+get_fs_devices() {
        local device mount type options dump pass
+       local wantmount="$1"
 
        if [ ! -r /etc/fstab ]; then
                return 1
@@ -25,7 +26,7 @@
 
        grep -s '^[^#]' /etc/fstab | \
        while read device mount type options dump pass; do
-               if [ "$mount" = "/" ]; then
+               if [ "$mount" = "$wantmount" ]; then
                        local devices
                        if [ "$type" = "btrfs" ]; then
                                for dev in $(btrfs filesystem show 
$(canonical_device "$device" --no-simplify) 2>/dev/null | sed -r -e 's/.*devid 
.+ path (.+)/\1/;tx;d;:x') ; do
@@ -611,6 +612,7 @@
 
 setup="no"
 rootdevs=""
+usrdevs=""
 resumedevs=""
 
 # Include cryptsetup modules, regardless of _this_ machine
@@ -621,16 +623,17 @@
 
 # Find the root and resume device(s)
 if [ -r /etc/crypttab ]; then
-       rootdevs=$(get_root_devices)
+       rootdevs=$(get_fs_devices /)
        if [ -z "$rootdevs" ]; then
                echo "cryptsetup: WARNING: could not determine root device from 
/etc/fstab" >&2
        fi
+       usrdevs=$(get_fs_devices /usr)
        resumedevs=$(get_resume_devices)
        initramfsdevs=$(get_initramfs_devices)
 fi
 
 # Load the config opts and modules for each device
-for dev in $rootdevs $resumedevs $initramfsdevs; do
+for dev in $rootdevs $usrdevs $resumedevs $initramfsdevs; do
        if ! modules=$(add_device "$dev"); then
                echo "cryptsetup: FAILURE: could not determine configuration 
for $dev" >&2
                continue
diff -Nru cryptsetup-1.6.6/debian/rules cryptsetup-1.6.6/debian/rules
--- cryptsetup-1.6.6/debian/rules       2014-03-03 20:53:49.000000000 +0100
+++ cryptsetup-1.6.6/debian/rules       2014-12-08 22:04:51.000000000 +0100
@@ -115,8 +115,6 @@
        install -m 0755 debian/scripts/luksformat 
$(CURDIR)/debian/cryptsetup-bin/usr/sbin/
        install -m 0755 debian/scripts/cryptdisks_start 
$(CURDIR)/debian/cryptsetup/sbin/
        install -m 0755 debian/scripts/cryptdisks_stop 
$(CURDIR)/debian/cryptsetup/sbin/
-       dh_link -pcryptsetup sbin/cryptdisks_start usr/sbin/cryptdisks_start
-       dh_link -pcryptsetup sbin/cryptdisks_stop usr/sbin/cryptdisks_stop
        install -m 0755 debian/scripts/decrypt_* 
$(CURDIR)/debian/cryptsetup/lib/cryptsetup/scripts/
        install -m 0755 debian/scripts/passdev 
$(CURDIR)/debian/cryptsetup/lib/cryptsetup/scripts/
        install -m 0755 debian/askpass 
$(CURDIR)/debian/cryptsetup/lib/cryptsetup/

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to