Bug#468738: marked as done (partman-crypto: unsafe_swap: code completely broken)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Thu, 20 Mar 2008 21:32:08 +0000
with message-id <E1JcSMq-0007tQ-5X@ries.debian.org>
and subject line Bug#468738: fixed in partman-crypto 28
has caused the Debian Bug report #468738,
regarding partman-crypto: unsafe_swap: code completely broken
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
468738: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=468738
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian BTS Submit <submit@bugs.debian.org>
• Subject: partman-crypto: unsafe_swap: code completely broken
• From: Frans Pop <elendil@planet.nl>
• Date: Sat, 1 Mar 2008 02:47:38 +0100
• Message-id: <[🔎] 200803010247.48836.elendil@planet.nl>

Package: partman-crypto
Version: 12
Severity: important

The code below from partman-crypto/commit.d/unsafe_swap is completely
broken in at least three ways.

 0      # Ignore e.g. swap on lvm on crypto
 1       device=$(cat $dev/device)
 2       if $(echo $device | grep -q "^/dev/mapper/"); then
 3               found=1
 4               for majmin in $(dmsetup deps $device | cut -d ":" -f2 |\
 5                               tr -d " (" | tr ")" "\n"); do
 6                       maj=$(echo $majmin | sed 's/,.*//')
 7                       min=$(echo $majmin | sed 's/.*,//')
 8                       status=$(dmsetup status -j $maj -m $min 2> /dev/null |\
 9                               cut -d' ' -f3)
10                       if [ $? -ne 0 ] || [ $status != crypt ]; then
11                               found=0
12                       fi
13               done
14               [ $found ] && continue
15       fi

1) The code produces errors like this:
Mar  1 01:17:18 main-menu[857]: (process:10661): [ 
Mar  1 01:17:18 main-menu[857]: (process:10661):  != 
Mar  1 01:17:18 main-menu[857]: (process:10661):  crypt 
Mar  1 01:17:18 main-menu[857]: (process:10661):  ] 
Mar  1 01:17:18 main-menu[857]: (process:10661):  
Mar  1 01:17:18 main-menu[857]: (process:10661): [:  
Mar  1 01:17:18 main-menu[857]: (process:10661): crypt: unknown operand 

The reason for that is that $status in line 10 can apparently be empty and
should thus be quoted.

2) The exit code test in line 10 is broken because it tests the result of
'cut' and not of 'dmsetup', and thus basically always 0.

This error probably contributes to 1).

3) The code will _always_ jump out of the loop at line 14 because $found
is always non-empty (either "0" or "1").

I suppose line 11 should be 'found=' and the test in line 14 should be
'[ "$found" ]'.


I have decided not to fix this myself as any fix will cause a change in
behavior that really should be tested.

When this is fixed, please try to change the code such that a 'set -e'
could be added to the script without it failing. This means for example
that line 14 should not read:
	[ "$found" ] && continue
but rather:
	[ -z "$found" ] || continue


These issues were found after investigating the errors in the log from
Tiago: http://lists.debian.org/debian-boot/2008/02/msg00865.html
AFAICT they are totally unrelated to the XFS issue that was the cause
of partman eventually failing.

Cheers,
FJP

Attachment: signature.asc
Description: This is a digitally signed message part.

--- End Message ---

--- Begin Message ---

• To: 468738-close@bugs.debian.org
• Subject: Bug#468738: fixed in partman-crypto 28
• From: Max Vozeler <xam@debian.org>
• Date: Thu, 20 Mar 2008 21:32:08 +0000
• Message-id: <E1JcSMq-0007tQ-5X@ries.debian.org>

Source: partman-crypto
Source-Version: 28

We believe that the bug you reported is fixed in the latest version of
partman-crypto, which is due to be installed in the Debian FTP archive:

partman-crypto-dm_28_all.udeb
  to pool/main/p/partman-crypto/partman-crypto-dm_28_all.udeb
partman-crypto-loop_28_all.udeb
  to pool/main/p/partman-crypto/partman-crypto-loop_28_all.udeb
partman-crypto_28.dsc
  to pool/main/p/partman-crypto/partman-crypto_28.dsc
partman-crypto_28.tar.gz
  to pool/main/p/partman-crypto/partman-crypto_28.tar.gz
partman-crypto_28_i386.udeb
  to pool/main/p/partman-crypto/partman-crypto_28_i386.udeb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 468738@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Max Vozeler <xam@debian.org> (supplier of updated partman-crypto package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 08 Mar 2008 17:35:48 +0100
Source: partman-crypto
Binary: partman-crypto partman-crypto-dm partman-crypto-loop
Architecture: source all i386
Version: 28
Distribution: unstable
Urgency: low
Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
Changed-By: Max Vozeler <xam@debian.org>
Description: 
 partman-crypto - Add to partman support for block device encryption (udeb)
 partman-crypto-dm - Add to partman support for dm-crypt encryption (udeb)
 partman-crypto-loop - Add to partman support for loop-AES encryption (udeb)
Closes: 381895 468738 468739
Changes: 
 partman-crypto (28) unstable; urgency=low
 .
   [ Max Vozeler ]
   * Allow install onto loop-AES encrypted root. Closes: #381895
   * check.d/crypto_check_mountpoints: quote $mnt as it
     may be empty. Closes: #468739
   * commit.d/unsafe_swap: replace open-coded check for
     swap on dm-crypt with call to dm_is_safe(). Closes: #468738
   * Regenerate the initramfs for root on loop-AES.
   * Make veto_filesystems/crypto executable so that it
     actually gets used.
 .
   [ Updated translations ]
   * Bulgarian (bg.po) by Damyan Ivanov
   * Esperanto (eo.po) by Serge Leblanc
   * Basque (eu.po) by Piarres Beobide
   * French (fr.po) by Christian Perrier
   * Galician (gl.po) by Jacobo Tarrio
   * Japanese (ja.po) by Kenshi Muto
   * Korean (ko.po) by Changwoo Ryu
   * Portuguese (Brazil) (pt_BR.po) by Felipe Augusto van de Wiel (faw)
   * Portuguese (pt.po) by Miguel Figueiredo
   * Thai (th.po) by Theppitak Karoonboonyanan
Files: 
 765eaaea68a786ab986bb316888afffd 799 debian-installer optional partman-crypto_28.dsc
 11229a33e64a40c39ff602cac5c8cdf2 255228 debian-installer optional partman-crypto_28.tar.gz
 db8b030dffce499b789026e1092c1d92 1366 debian-installer optional partman-crypto-dm_28_all.udeb
 9fd65b64aa90ba131e20c09c9809f850 1240 debian-installer optional partman-crypto-loop_28_all.udeb
 f818ceefb19bc031e5fd4952fe2c2bcf 220840 debian-installer optional partman-crypto_28_i386.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR+LToKoJyPlcq6GYAQJo9gP+ITtenNdlRsg8h9B/3TcBNxFuSZi69asU
HdBFlZe/1NjD3oeRcRiRX9EDAyeLkNtABLxicMQnpwiVGFK/kyxwzLVSfqwAO2Fg
Ktc7XE3V5LA3CF27Kh/KbOd51RzUeIoP6Nm8pMOTU63UAN0L8pMSJznCC4Eo6woh
uH8csJMW3UM=
=uTUY
-----END PGP SIGNATURE-----

--- End Message ---