[Bug 659333] New: Encrypted home directory -- pam_mount error message upon console login
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c0 Summary: Encrypted home directory -- pam_mount error message upon console login Classification: openSUSE Product: openSUSE 11.4 Version: Factory Platform: x86 OS/Version: SuSE Other Status: NEW Severity: Normal Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: madworm_de.novell@spitzenpfeil.org QAContact: jsrain@novell.com Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.12) Gecko/20101026 SUSE/3.6.12-1.2 Firefox/3.6.12 This is for 11.4 factory. Installed using the net-boot image, applied all available upates, added a user with encrypted home directory on an otherwise non-encrypted partition using yast. Error message from pam_mount upon console login: --- snip --- pam_mount(mount.c:64): Errors from underlying mount program: pam_mount(mount.c:68): /usr/sbin/mount.crypt: dmcrypt cipher ignored from LUKS volumes --- snip --- Mounting/unmounting works as far as I can tell. This looks quite similar to https://bugzilla.novell.com/show_bug.cgi?id=644730 Reproducible: Always Steps to Reproduce: 1. Install a user with encrypted home directory on an unecrypted partition 2. Console login 3. Observe the error message -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c wei wang <wewang@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |wewang@novell.com AssignedTo|bnc-team-screening@forge.pr |aschnell@novell.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c1 Arvin Schnell <aschnell@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aschnell@novell.com, | |jsuchome@novell.com AssignedTo|aschnell@novell.com |mc@novell.com --- Comment #1 from Arvin Schnell <aschnell@novell.com> 2010-12-15 13:44:42 UTC --- Looks like a problem with pam_mount to me. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c2 Michael Calmer <mc@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mc@novell.com AssignedTo|mc@novell.com |jengelh@medozas.de --- Comment #2 from Michael Calmer <mc@novell.com> 2010-12-20 09:33:49 UTC --- Jan: Maybe you can have a look at it? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c3 --- Comment #3 from Jan Engelhardt <jengelh@medozas.de> 2010-12-20 13:43:30 UTC --- Looks like another yast impassé. (There is no point in specifying cipher= or hash=, because these values are already stored in the LUKS header and not meaningfully overridable.) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c Jan Engelhardt <jengelh@medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|jengelh@medozas.de |aschnell@novell.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c4 Arvin Schnell <aschnell@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|aschnell@novell.com |jsuchome@novell.com --- Comment #4 from Arvin Schnell <aschnell@novell.com> 2011-01-10 09:16:21 UTC --- AFAIS the configuration is written by yast2-users. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c5 Jiří Suchomel <jsuchome@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |jengelh@medozas.de --- Comment #5 from Jiří Suchomel <jsuchome@novell.com> 2011-01-10 09:23:32 UTC --- (In reply to comment #3)
Looks like another yast impassé. (There is no point in specifying cipher= or hash=, because these values are already stored in the LUKS header and not meaningfully overridable.)
What do you mean? Where do you see these items created by YaST? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c Jan Engelhardt <jengelh@medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jengelh@medozas.de InfoProvider|jengelh@medozas.de |madworm_de.novell@spitzenpf | |eil.org -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c6 Jiří Suchomel <jsuchome@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|madworm_de.novell@spitzenpf | |eil.org | AssignedTo|jsuchome@novell.com |jengelh@medozas.de --- Comment #6 from Jiří Suchomel <jsuchome@novell.com> 2011-03-01 07:30:31 UTC --- Jan, please elaborate why do you think YaST is doing anything wrong. yast2-users uses cryptconfig call to create the configuration file -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c7 --- Comment #7 from Jan Engelhardt <jengelh@medozas.de> 2011-03-01 11:46:24 UTC --- So then it's cryptconfig. More precisely, the "cipher" line from cryptconfig-0.3-new-pam_mount-options.dif that should not be there for LUKS volumes. Neither should the "loop" line be there. --- src/cryptconfig-lib.c +++ src/cryptconfig-lib.c 2009/02/18 10:20:32 @@ -1298,6 +1298,8 @@ xmlNewProp (node, (xmlChar *) "path", (xmlChar *) image); xmlNewProp (node, (xmlChar *) "fskeypath", (xmlChar *) key_file); xmlNewProp (node, (xmlChar *) "fskeycipher", (xmlChar *) "aes-256-cbc"); + xmlNewProp (node, (xmlChar *) "fskeyhash", (xmlChar *) "md5"); + xmlNewProp (node, (xmlChar *) "cipher", (xmlChar *) "aes-cbc-essiv:sha256"); xmlNewProp (node, (xmlChar *) "options", (xmlChar *) "loop"); xmlNewProp (node, (xmlChar *) "mountpoint", (xmlChar *) ent->pw_dir); xmlAddChild (root_node, node); -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c8 --- Comment #8 from Jan Engelhardt <jengelh@medozas.de> 2011-03-01 16:24:42 UTC --- *** Bug 644730 has been marked as a duplicate of this bug. *** http://bugzilla.novell.com/show_bug.cgi?id=644730 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c Jan Engelhardt <jengelh@medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Encrypted home directory -- |cryptconfig emits |pam_mount error message |old/unneeded pam_mount |upon console login |config options, yielding | |warnings upon console login -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c Jan Engelhardt <jengelh@medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|jengelh@medozas.de |meissner@novell.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c9 Marcus Meissner <meissner@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |meissner@novell.com AssignedTo|meissner@novell.com |lnussel@novell.com --- Comment #9 from Marcus Meissner <meissner@novell.com> 2011-03-21 07:31:42 UTC --- more for ludwig I guess -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c10 Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lnussel@novell.com AssignedTo|lnussel@novell.com |jmatejek@novell.com --- Comment #10 from Ludwig Nussel <lnussel@novell.com> 2011-03-21 09:14:46 CET --- cryptconfig != cryptsetup -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=659333 https://bugzilla.novell.com/show_bug.cgi?id=659333#c Jan Matejek <jmatejek@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com