Bug#642115: debian-installer: guided full disk encryption + LVM complains about insecure swap
On Tue, Sep 20, 2011 at 11:54:21AM +0100, Jon Dowland wrote:
> Thus the outer-if is passing. dm_is_safe looks fine to me, at least it
> invokes dm_dev_is_safe, I'll try to look at dm_dev_is_safe next.
I think this is where the problem is.
crypto-base.sh, dm_dev_is_safe:
dminfo=$(dmsetup table -j$mag -m$min 2> /dev/null | \
head -n1 | cut -d' ' -f3) || return 1
dm_dev_is_safe calls itself recursively for each dependency of the supplied
device (supplied as a major/minor number pair).
The swap partition has sda5 as a dependency (the first logical partition, used
as the crypt base).
dmsetup table -j$mag -m$min returns:
sda5_crypt: 0 16269312 crypt …
the above command results in $dminfo being 16269312. It is then checked against
'crypt':
if [ "$dminfo" = "crypt" ]; then
return 0
fi
This seems to be an off-by-one problem. field 4 would be 'crypt' and would
correctly return success. I hypothesise that the prefixed 'sda5_crypt:' is
new.
--
Jon Dowland
Reply to: