[Bug 490170] New: /etc/init.d/boot.crypto forgets to remove a loop device on some circumstances.
https://bugzilla.novell.com/show_bug.cgi?id=490170 Summary: /etc/init.d/boot.crypto forgets to remove a loop device on some circumstances. Classification: openSUSE Product: openSUSE 11.0 Version: Final Platform: i686 OS/Version: openSUSE 11.0 Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: robin.listas@telefonica.net QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.7) Gecko/2009022800 SUSE/3.0.7-1.1 Firefox/3.0.7 Setup: /etc/crypttab: cr_mm_dvd.l /dev/dvd.l none noauto,loop cr_mm_dvd /dev/dvd none noauto,loop \ cipher=twofish-cbc-plain,size=256,hash=sha512 fstab: /dev/mapper/cr_mm_dvd.l /mnt/dvd.crypta.l auto \ ro,noauto,user,noatime,nodiratime 0 0 nimrodel:~ # l /dev/dvd.l lrwxrwxrwx 1 root root 8 Mar 25 04:30 /dev/dvd.l -> /dev/dvd The dev/dvd.l has to be a symlink because: /dev/dvd.l for LUKS encrypted dvds. /dev/dvd for old style encrypted dvds (previous to LUKS in SuSE) /dev/dvd is used in fstab for normal dvds What happens? When I put a LUKS encrypted DVD, after a while the gnome desktops asks for a password, which I refuse. Then I mount it manually: :~ # rccrypto start cr_mm_dvd.l and checking with "losetup -a" gives the expected output: /dev/loop2: [000f]:5034 (/dev/hdc) But after I umount the dvd: :~ # rccrypto stop cr_mm_dvd.l the loop device is not freed: /dev/loop2: [000f]:5034 (/dev/hdc) If I mount the dvd again (:~ # rccrypto start cr_mm_dvd.l) I get two loop devices: /dev/loop2: [000f]:5034 (/dev/hdc) /dev/loop5: [000f]:5034 (/dev/hdc) and three if I repeat the process: /dev/loop2: [000f]:5034 (/dev/hdc) /dev/loop5: [000f]:5034 (/dev/hdc) /dev/loop6: [000f]:5034 (/dev/hdc) Till a moment when the system is out of loop devices. They have to be removed manually. This problem does not occur with the other entries in crypttab, but this is the only one with symlinks to devices. Reproducible: Always Clasified as "security" as encryption is a security feature, but perhaps it should be "basesystem". I'm unsure. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=490170 Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|security-team@suse.de |lnussel@novell.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=490170 User lnussel@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=490170#c1 --- Comment #1 from Ludwig Nussel <lnussel@novell.com> 2009-03-31 03:26:23 MDT --- Thanks! fixed on git.opensuse.org queued for Factory doesn't justify an update for 11.0 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=490170 User lnussel@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=490170#c2 Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #2 from Ludwig Nussel <lnussel@novell.com> 2009-03-31 03:26:35 MDT --- . -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com