Bug#529343: debian-installer: physical volume for encryption: doesnt care if already encrypted and kills data

To: Christian Perrier <bubulle@debian.org>
Cc: Tobias Winter <tobias@linuxdingsda.de>, 529343@bugs.debian.org
Subject: Bug#529343: debian-installer: physical volume for encryption: doesnt care if already encrypted and kills data
From: Colin Watson <cjwatson@ubuntu.com>
Date: Wed, 7 Sep 2011 15:59:16 +0100
Message-id: <[🔎] 20110907145915.GA12049@riva.dynamic.greenend.org.uk>
Reply-to: Colin Watson <cjwatson@ubuntu.com>, 529343@bugs.debian.org
In-reply-to: <20090519050242.GK4134@mykerinos.kheops.frmug.org>
References: <20090518191726.3029.67053.reportbug@wintix-desktop> <20090519050242.GK4134@mykerinos.kheops.frmug.org>

On Tue, May 19, 2009 at 07:02:42AM +0200, Christian Perrier wrote:
> Quoting Tobias Winter (tobias@linuxdingsda.de):
> > When having to reinstall a system with an encrypted root-partition, the installer gives no means to
> > reuse a physical colume for encryption which has already been set up in a previous install.
> 
> Already reported as #451535. given the current lack of manpower
> working on partman-crypto, I doubt this is fixed unless someone comes
> up with a patch.

Here's a first pass at this.  What do people think?

The one thing I don't think I've got right yet is writing out
/etc/crypttab at the end of installation.  This needs a bit more work to
write out the correct files in the partman device directory without
causing partman to reinitialise the encrypted volume.

  * Add an "Activate existing encrypted volumes" option to the
    partman-crypto main menu.  If selected, this searches for existing
    volumes, and for each one prompts for its passphrase and attempts to
    open it; it then returns directly to the partitioning menu
    (closes: #529343, LP: #420080).

=== modified file 'choose_partition/crypto/do_option'
--- choose_partition/crypto/do_option	2009-11-10 14:20:25 +0000
+++ choose_partition/crypto/do_option	2011-09-07 14:18:17 +0000
@@ -12,6 +12,113 @@
 
 . /lib/partman/lib/crypto-base.sh
 
+find_encrypted_partitions () {
+	local ret dev num id size type fs path name
+
+	ret=1
+	for dev in $DEVICES/*; do
+		[ -d "$dev" ] || continue
+		cd "$dev"
+
+		open_dialog PARTITIONS
+		while { read_line num id size type fs path name; [ "$id" ]; }; do
+			[ "$ret" = 1 ] || continue
+			[ "$fs" != free ] || continue
+			if cryptsetup isLuks "$path" 2>/dev/null; then
+				ret=0
+			fi
+		done
+		close_dialog
+
+		if [ "$ret" = 0 ]; then
+			return 0
+		fi
+	done
+
+	return 1
+}
+
+get_passphrase () {
+	db_set partman-crypto/passphrase-existing ""
+	db_fset partman-crypto/passphrase-existing seen false
+	db_subst partman-crypto/passphrase-existing DEVICE "$1"
+	db_input critical partman-crypto/passphrase-existing
+
+	db_go || return 1
+
+	db_get partman-crypto/passphrase-existing || RET=''
+	echo -n "$RET"
+}
+
+do_cryptsetup () {
+	local id path cryptdev pass
+
+	id="$1"
+	path="$2"
+	cipher="$(cryptsetup luksDump "$path" |
+		  sed -n '/^Cipher name:/s/.*[[:space:]]//p')"
+	if [ "$cipher" ]; then
+		crypto_load_modules dm-crypt "$cipher"
+	fi
+
+	cryptdev="${path##*/}_crypt"
+	if ! cryptsetup status "$cryptdev" >/dev/null 2>&1; then
+		while :; do
+			pass="$(get_passphrase "$path")" || return 1
+			if [ -z "$pass" ]; then
+				return 1
+			fi
+			echo -n "$pass" | log-output -t partman-crypto \
+				cryptsetup -d - luksOpen "$path" "$cryptdev" \
+				&& break
+		done
+
+		echo "$cryptdev" >"$id/crypt_active"
+		db_subst partman-crypto/text/in_use DEV "${cryptdev##*/}"
+		db_metaget partman-crypto/text/in_use description
+		partman_lock_unit "$(mapdevfs "$path")" "$RET"
+	fi
+}
+
+do_activate () {
+	local dev partitions num id size type fs path name part
+
+	for dev in $DEVICES/*; do
+		[ -d "$dev" ] || continue
+		cd "$dev"
+
+		partitions=
+		open_dialog PARTITIONS
+		while { read_line num id size type fs path name; [ "$id" ]; }; do
+			[ "$fs" != free ] || continue
+			partitions="$partitions $id,$path"
+		done
+		close_dialog
+
+		for part in $partitions; do
+			id="${part%%,*}"
+			path="${part#*,}"
+
+			if cryptsetup isLuks "$path" 2>/dev/null; then
+				do_cryptsetup "$id" "$path" || continue
+			fi
+		done
+	done
+
+	# Encrypted devices as configured by d-i usually contain LVM PVs
+	export LVM_SUPPRESS_FD_WARNINGS=1
+	log-output -t partman-crypto pvscan
+	log-output -t partman-crypto vgscan
+	log-output -t partman-crypto vgchange -a y
+
+	# Tell partman to detect filesystems again.
+	rm -f /var/lib/partman/filesystems_detected
+
+	stop_parted_server
+	restart_partman
+	exit 0
+}
+
 do_create () {
 	local parts line pv output vg pathmap
 	parts=""
@@ -89,10 +196,25 @@ confirm_changes partman-crypto || exit 0
 commit_changes partman-crypto/commit_failed || exit $?
 
 while :; do
+	CHOICES=
+	DESCRIPTIONS=
+	add_choice () {
+		CHOICES="${CHOICES:+$CHOICES, }$1"
+		db_metaget "partman-crypto/mainmenu/$1" description
+		DESCRIPTIONS="${DESCRIPTIONS:+$DESCRIPTIONS, }$RET"
+	}
+	if find_encrypted_partitions; then
+		add_choice activate
+	fi
+	add_choice create
+	add_choice finish
+	db_subst partman-crypto/mainmenu CHOICES "$CHOICES"
+	db_subst partman-crypto/mainmenu DESCRIPTIONS "$DESCRIPTIONS"
 	db_input critical partman-crypto/mainmenu
 	db_go || exit 10
 	db_get partman-crypto/mainmenu
 	case $RET in
+	    activate)	do_activate ;; # does not return
 	    create)	do_create ;;
 	    finish)	break ;;
 	    *)

=== modified file 'debian/partman-crypto.templates'
--- debian/partman-crypto.templates	2009-12-05 22:29:36 +0000
+++ debian/partman-crypto.templates	2011-09-06 23:21:59 +0000
@@ -364,6 +364,14 @@ _Description: Use weak passphrase?
  You entered a passphrase that consists of less than ${MINIMUM} characters,
  which is considered too weak. You should choose a stronger passphrase.
 
+Template: partman-crypto/passphrase-existing
+Type: password
+# :sl3:
+_Description: Passphrase for ${DEVICE}:
+ Please enter the passphrase for the encrypted volume ${DEVICE}.
+ .
+ If you don't enter anything, the volume will not be activated.
+
 Template: partman-crypto/entropy
 Type: entropy
 # :sl3:
@@ -430,15 +438,35 @@ _Description: Proceed to install crypto
 
 Template: partman-crypto/mainmenu
 Type: select
-Choices-C: create, finish
+Choices-C: ${CHOICES}
+Choices: ${DESCRIPTIONS}
+# :sl3:
+_Description: Encryption configuration actions
+ This menu allows you to configure encrypted volumes.
+
+Template: partman-crypto/mainmenu/activate
+Type: text
 # Note to translators : Please keep your translations of the choices
 # below a 65 columns limit (which means 65 characters
 # in single-byte languages)
 # :sl3:
-__Choices: Create encrypted volumes, Finish
+_Description: Activate existing encrypted volumes
+
+Template: partman-crypto/mainmenu/create
+Type: text
+# Note to translators : Please keep your translations of the choices
+# below a 65 columns limit (which means 65 characters
+# in single-byte languages)
 # :sl3:
-_Description: Encryption configuration actions
- This menu allows you to configure encrypted volumes.
+_Description: Create encrypted volumes
+
+Template: partman-crypto/mainmenu/finish
+Type: text
+# Note to translators : Please keep your translations of the choices
+# below a 65 columns limit (which means 65 characters
+# in single-byte languages)
+# :sl3:
+_Description: Finish
 
 Template: partman-crypto/create/partitions
 Type: multiselect

-- 
Colin Watson                                       [cjwatson@ubuntu.com]

Reply to:

Follow-Ups:
- Bug#451535: Bug#529343: debian-installer: physical volume for encryption: doesnt care if already encrypted and kills data
  - From: Colin Watson <cjwatson@ubuntu.com>

Prev by Date: Bug#640677: (forw) Re: Bug#640677: installation-reports: Default user "not in the sudoerfs file" after standard install
Next by Date: Bug#549373: Netinstall from USB-stick fails due to kernel mismatch
Previous by thread: Imprimerie SENPQ - Vous avez des projets d'impression de documents
Next by thread: Bug#451535: Bug#529343: debian-installer: physical volume for encryption: doesnt care if already encrypted and kills data
Index(es):
- Date
- Thread