https://bugzilla.novell.com/show_bug.cgi?id=463161 User jnelson-suse@jamponi.net added comment https://bugzilla.novell.com/show_bug.cgi?id=463161#c1 --- Comment #1 from Jon Nelson 2009-01-05 08:57:59 MST --- Hey - this is a fairly major issue. Is anybody going to look at it? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=463161 User mc@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=463161#c3 Michael Calmer changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |jnelson-suse@jamponi.net Priority|P5 - None |P4 - Low --- Comment #3 from Michael Calmer 2009-01-10 08:51:59 MST --- "su" is not configured to call pam_mount in our default configuration. Did you add this yourself? But even if I add this to my pam configuration, it works correct. (counting the mounts and mount only one time and umount after the last session is closed) Please send: * /etc/cryptconfig.conf * /etc/pam.d/su * /etc/pam.d/su-l Please enable debugging in /etc/security/pam_mount.conf.xml <debug enable="1"/> ,reproduce the problem and attach /var/log/messages here. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=463161 User mc@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=463161#c5 --- Comment #5 from Michael Calmer 2009-01-26 03:37:12 MST --- any news, or can we close this bug as invalid? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=463161 User mc@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=463161#c7 Michael Calmer changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |RESOLVED Info Provider|jnelson-suse@jamponi.net | Resolution| |INVALID --- Comment #7 from Michael Calmer 2009-01-26 06:38:42 MST --- Ok, let's do it this way. I close this bug as invalid now. If you have time, please try to reproduce it. If you are able to reproduce it, please re-open this bug and attach a description how to reproduce it. Then I will have a look at this. Thanks for testing. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=463161 User mc@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=463161#c9 Michael Calmer changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |NEEDINFO Info Provider| |jnelson-suse@jamponi.net --- Comment #9 from Michael Calmer 2009-02-16 05:58:35 MST --- I cannot reproduce this. If I follow your description the image is mounted only once. "mount" say: /dev/mapper/_home_user.img .... /home/user The mount.crypt command is called: command: [mount.crypt] [-o] [loop] [/home/user.img] [/home/user] This mean, that $DEVICE and $DMDEVICE is set to /home/user.img $DEVICE changes to /dev/loop0, but $DMDEVICE is still /home/user.img So the extra code you posted is obsolete, the result is the same. Please attache /etc/security/pam_mount.conf.xml . Maybe there is a difference in our configurations. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=463161 User tilman.vogel@web.de added comment https://bugzilla.novell.com/show_bug.cgi?id=463161#c11 Tilman Vogel changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |REOPENED Info Provider|tilman.vogel@web.de | --- Comment #11 from Tilman Vogel 2009-02-16 06:24:27 MST --- (In reply to comment #9)

I cannot reproduce this. If I follow your description the image is mounted only once.

"mount" say:

/dev/mapper/_home_user.img .... /home/user

Ok, then the reason must lie somewhere different. For me, it shows /dev/mapper/_dev_loop0 .... /home/user and /dev/mapper/_dev_loop1 .... /home/user respectively. My pam_mount log says command: [/bin/mount] [-t] [crypt] [-oloop] [/home/test.img] [/home/test] is this the key difference? Maybe mount sets up the loop already? My /etc/security/pam_mount.conf.xml says: <cryptmount>/bin/mount -t crypt "%(before=\"-o\" OPTIONS)" %(VOLUME) %(MNTPT)</cryptmount> In my case, the argument passed to mount.crypt was /dev/loopX, not /home/user.img. If this is the problem, then it could be related to the migration logic from /etc/security/pam_mount.conf to /etc/security/pam_mount.conf.xml I just upgraded from openSUSE 10.3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=463161 User mc@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=463161#c13 Michael Calmer changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |NEEDINFO Info Provider| |tilman.vogel@web.de --- Comment #13 from Michael Calmer 2009-02-16 06:51:17 MST --- Hmm, maybe the migration has some side effects. If you made an upgrade, the original (new) version of pam_mount.conf.xml was copied to /usr/share/doc/packages/pam_mount/examples/ If you added only some <volume> statements to your config, and did no other changes, please try to copy the volume statements to the new config and use this. Or you can compare statement by statement and find out all the differences. I am interrested in the result:-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=463161 User tilman.vogel@web.de added comment https://bugzilla.novell.com/show_bug.cgi?id=463161#c14 Tilman Vogel changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|NORESPONSE | --- Comment #14 from Tilman Vogel 2009-02-25 07:16:49 MST --- In openSUSE 10.3, the format was still non-XML and contained: cryptmount /bin/mount -t crypt "%(before=\"-o\" OPTIONS)" %(VOLUME) %(MNTPT) which got migrated to <cryptmount>/bin/mount -t crypt "%(before=\"-o\" OPTIONS)" %(VOLUME) %(MNTPT)</cryptmount> This result is different from the new vanilla cryptmount command: <cryptmount>mount.crypt "%(ifnempty=\"-o\" OPTIONS)" %(OPTIONS) %(VOLUME) %(MNTPT)</cryptmount> I didn't change the cryptmount command in openSUSE 10.3. So in principle, it would be good to update the cryptmount command when migrating from pre-XML to XML. Otherwise corruption will occur. If this transition cannot be done automatically, I personally would even prefer no automatic migration, but a message, that old encrypted volumes must be activated by hand. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=463161 User tilman.vogel@web.de added comment https://bugzilla.novell.com/show_bug.cgi?id=463161#c16 Tilman Vogel changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|WONTFIX | --- Comment #16 from Tilman Vogel 2009-02-25 08:07:49 MST --- Hm, I understand that this cannot be fixed for 10.3 -> 11.1 but for future releases, the migration from existing 10.3 installations will still produce this problem. The main flaw of "trying to migrate" is that it produces a configuration that is definitely defective and which will produce corrupted home directories. (Too bad, I didn't save the fsck output from fixing mine. It didn't look nice! And data was lost.) I propose to resolve this bug by either (a) changing the migration logic to: - take the new vanilla config file and only migrate the volume definitions - inform the user that advanced configuration options were not migrated and where to find the old config file (rpmsave) Of course, this is not failsafe either, because volume definitions from advanced configs may not work or work incorrectly when plugged into the vanilla config file. But at least it is not obviously wrong. (b) fixing the mount.crypt script such that an invocation via mount does not result in defective behaviour, see my original comment #8. This would render the migrated config file well-behaving. I prefer this option. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=463161 User mc@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=463161#c18 Michael Calmer changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |WONTFIX --- Comment #18 from Michael Calmer 2009-02-25 08:29:05 MST --- (In reply to comment #16)

Hm, I understand that this cannot be fixed for 10.3 -> 11.1 but for future releases, the migration from existing 10.3 installations will still produce this problem.

This is why I asked you to test update to 11.2 if the times come:-) This migration should not have these problems. I have something ready for this. So this should be "fixed". I think we should use a new bug, if we find errors there. In the current version of pam_mount (1.X) all these default options are gone, so the next migration will remove all these values and only debug, mntoptions, luserconf and volume will stay in the config. Please use a new bug for 11.2 if there is something wrong. We will not do an update for 11.1. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.