commit cryptsetup-mkinitrd.2039 for openSUSE:12.3:Update

Hello community, here is the log from the commit of package cryptsetup-mkinitrd.2039 for openSUSE:12.3:Update checked in at 2013-10-09 15:58:52 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3:Update/cryptsetup-mkinitrd.2039 (Old) and /work/SRC/openSUSE:12.3:Update/.cryptsetup-mkinitrd.2039.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "cryptsetup-mkinitrd.2039" Changes: -------- New Changes file: --- /dev/null 2013-09-21 22:50:09.852032506 +0200 +++ /work/SRC/openSUSE:12.3:Update/.cryptsetup-mkinitrd.2039.new/cryptsetup-mkinitrd.changes 2013-10-09 15:58:55.000000000 +0200 @@ -0,0 +1,21 @@ +------------------------------------------------------------------- +Fri Sep 27 14:44:16 UTC 2013 - lnussel@suse.de + +- fix handling of wrong passphrase in initrd (bnc#795913) + (0001-pass-return-value-correctly.diff) + +------------------------------------------------------------------- +Tue May 14 13:33:03 UTC 2013 - lnussel@suse.de + +- reuse passhrase for multiple devices in initrd (bnc#813863) + +------------------------------------------------------------------- +Mon Jan 7 09:15:59 UTC 2013 - lnussel@suse.de + +- auto install if cryptsetup and mkinitrd are installed (bnc#796167) + +------------------------------------------------------------------- +Wed Dec 12 16:09:43 UTC 2012 - lnussel@suse.de + +- initial package split off from cryptsetup + New: ---- 0001-let-boot-looks.sh-to-really-reuse-passhrase-for-multi.diff 0001-pass-return-value-correctly.diff boot.crypto-0_201206151440.tar.bz2 cryptsetup-mkinitrd.changes cryptsetup-mkinitrd.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cryptsetup-mkinitrd.spec ++++++ # # spec file for package cryptsetup-mkinitrd # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: cryptsetup-mkinitrd Url: http://gitorious.org/opensuse/boot_crypto Version: 0_201206151440 Release: 0 Summary: mkinitrd plugin scripts for encrypted root file system License: GPL-2.0+ Group: System/Base # git://gitorious.org/opensuse/boot_crypto.git Source: boot.crypto-%{version}.tar.bz2 Patch0: 0001-let-boot-looks.sh-to-really-reuse-passhrase-for-multi.diff Patch1: 0001-pass-return-value-correctly.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build Provides: cryptsetup:/lib/mkinitrd/scripts/boot-luks.sh Requires: cryptsetup Supplements: packageand(mkinitrd:cryptsetup) %description plugin scripts for mkinitrd that unlock an encrypted root in initrd %prep %setup -n boot.crypto-%version -q %patch0 -p1 %patch1 -p1 %build %install make install DESTDIR=$RPM_BUILD_ROOT # # no longer needed rm -rf $RPM_BUILD_ROOT%_mandir/man5 rm -rf $RPM_BUILD_ROOT/lib/cryptsetup/checks/ rm -rf $RPM_BUILD_ROOT/etc/init.d rm -f $RPM_BUILD_ROOT/etc/crypttab rm -f $RPM_BUILD_ROOT/etc/cryptotab %post if [ -x /sbin/mkinitrd_setup ]; then mkinitrd_setup fi %postun if [ -x /sbin/mkinitrd_setup ]; then mkinitrd_setup fi %files %defattr(-,root,root) %dir /lib/mkinitrd %dir /lib/mkinitrd/scripts /lib/mkinitrd/scripts/setup-luks.sh /lib/mkinitrd/scripts/boot-luks.sh /lib/mkinitrd/scripts/setup-luks2.sh /lib/mkinitrd/scripts/setup-luks_final.sh /usr/sbin/convert_cryptotab /lib/cryptsetup %changelog ++++++ 0001-let-boot-looks.sh-to-really-reuse-passhrase-for-multi.diff ++++++

From daa29b42cfcde3b1d9326816325363570367e4e6 Mon Sep 17 00:00:00 2001 From: Andrey Borzenkov Date: Sat, 6 Apr 2013 08:23:17 +0400 Subject: [PATCH] let boot-looks.sh to really reuse passhrase for multiple devices

do_luks tried to reuse passwords, but it called lulksopen that always unconditionally requested passwords as well if plymouth was active. Add additional argument to luksopen() to indicate whether it has to request password or not. Signed-off-by: Andrey Borzenkov --- mkinitrd/boot-luks.sh | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) mode change 100644 => 100755 mkinitrd/boot-luks.sh diff --git a/mkinitrd/boot-luks.sh b/mkinitrd/boot-luks.sh old mode 100644 new mode 100755 index 30f98a9..2ee2ec9 --- a/mkinitrd/boot-luks.sh +++ b/mkinitrd/boot-luks.sh @@ -66,12 +66,17 @@ luks_wait_device() check_for_device "$dev" } +# $1 - crypto container name +# $2 - do we need to ask password (yes|no) luksopen() { local name="$1" + local ask_pass="$2" eval local dev="\"\${luks_${name}}\"" eval local realname="\"\${luks_${name}_name}\"" - if luks_check_ply; then + if [ "$ask_pass" = no ]; then + /sbin/cryptsetup --tries=1 luksOpen "$dev" "$realname" + elif luks_check_ply; then /usr/bin/plymouth ask-for-password --prompt="Unlocking ${realname} ($dev)" | /sbin/cryptsetup --tries=1 luksOpen "$dev" "$realname" else echo -e "${extd}Unlocking ${realname} ($dev)${norm}" @@ -129,15 +134,15 @@ do_luks() { fi fi - echo "$pass" | luksopen "$luks" "$ask_pass" || { - pass='xxxxxxxxxxxxxxxxxxxx'; unset pass; luksopen "$luks" "$ask_pass"; } + echo "$pass" | luksopen "$luks" no || { + pass='xxxxxxxxxxxxxxxxxxxx'; unset pass; luksopen "$luks" yes; } check_retry $? || break; else - luksopen "$luks" "$ask_pass" + luksopen "$luks" yes check_retry $? || break; fi else - $keyscript "$keyfile" | luksopen "$luks" "$ask_pass" + $keyscript "$keyfile" | luksopen "$luks" no check_retry $? || break; fi done -- 1.8.1.4 ++++++ 0001-pass-return-value-correctly.diff ++++++

From f97054ae08ad172dfad2670a9b1a281a51b78fd8 Mon Sep 17 00:00:00 2001 From: Ludwig Nussel Date: Mon, 1 Jul 2013 10:35:05 +0200 Subject: [PATCH] pass return value correctly

--- mkinitrd/boot-luks.sh | 4 ++++ 1 file changed, 4 insertions(+) Index: boot.crypto-0_201206151440/mkinitrd/boot-luks.sh =================================================================== --- boot.crypto-0_201206151440.orig/mkinitrd/boot-luks.sh +++ boot.crypto-0_201206151440/mkinitrd/boot-luks.sh @@ -76,13 +76,17 @@ luksopen() eval local realname="\"\${luks_${name}_name}\"" if [ "$ask_pass" = no ]; then /sbin/cryptsetup --tries=1 luksOpen "$dev" "$realname" + ret="$?" elif luks_check_ply; then /usr/bin/plymouth ask-for-password --prompt="Unlocking ${realname} ($dev)" | /sbin/cryptsetup --tries=1 luksOpen "$dev" "$realname" + ret="$?" else echo -e "${extd}Unlocking ${realname} ($dev)${norm}" splash_off /sbin/cryptsetup --tries=1 luksOpen "$dev" "$realname" + ret="$?" fi + return "$ret" } check_retry() -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org