Package: clevis-udisks2
Severity: normal
Dear Maintainer,
[I'm running my tests on Ubuntu 18.04, but I'm pretty sure
it hits Debian too]
I'm playing with clevis and encrypted disks and tried to automatically
decrypt an USB stick - which did not work.
/usr/lib/x86_64-linux-gnu/clevis-luks-udisks2 will be started when
logging in according to /etc/xdg/autostart/clevis-luks-udisks2.desktop.
The program will be started with my user and fails:
$ /usr/lib/x86_64-linux-gnu/clevis-luks-udisks2
Root privileges required!
When looking at the source we have in clevis-luks-udisks2.c, line 314:
if (setgid(gid) != 0 || setegid(gid) != 0)
return EXIT_FAILURE;
if (setuid(uid) != 0 || seteuid(uid) != 0)
return EXIT_FAILURE;
After "hmod u+s /usr/lib/x86_64-linux-gnu/clevis-luks-udisks2" I can
at least start the program. Upstream has the following report
concerning Fedora for a similar problem:
https://github.com/latchset/clevis/issues/28
https://github.com/latchset/clevis/pull/45
I think we need to install clevis-luks-udisks2 setuid root on
Debian/Ubuntu too. Did I miss something else?
-- System Information:
Debian Release: 9.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-6-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
