Bug#785732: marked as done (Allow crypto default parameters to be preseeded)

Subject: Bug#785732: marked as done (Allow crypto default parameters to be preseeded)

From: owner@bugs.debian.org (Debian Bug Tracking System)

Date: Fri, 10 Jul 2015 00:51:05 +0000

Message-id: <[🔎] handler.785732.D785732.143648933912023.ackdone@bugs.debian.org>

References: <E1ZDMUq-0002Ye-99@franck.debian.org> <CADKgbRobi1dcy2ELCht3eSPCoq=ZF1ryX4Bcd4-unm7Wf0LcvQ@mail.gmail.com>

Your message dated Fri, 10 Jul 2015 00:48:56 +0000 with message-id <E1ZDMUq-0002Ye-99@franck.debian.org> and subject line Bug#785732: fixed in partman-crypto 84 has caused the Debian Bug report #785732, regarding Allow crypto default parameters to be preseeded to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 785732: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785732 Debian Bug Tracking System Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: Allow crypto default parameters to be preseeded
From: Jérôme Vizcaino <jerome.vizcaino@gmail.com>
Date: Tue, 19 May 2015 19:38:48 +0200
Message-id: <CADKgbRobi1dcy2ELCht3eSPCoq=ZF1ryX4Bcd4-unm7Wf0LcvQ@mail.gmail.com>

Package: partman-crypto

Version: 81

Hi,

Recently, I tried to preseed an encrypted installation and found that, no matter what options I set using debconf, and according to the entries declared in the "debian/templates" file of partman-crypto, options would be silently discarded.

I've attached a simple patch that fixes this. This has been tested on an unattended (ie. preseeded) installation.

Jérôme

commit 88fdca33e0a21aa6809ffc6804e221dcc4b5d731
Author: Jérôme Vizcaino <jerome.vizcaino@gmail.com>
Date:   Tue May 12 15:56:36 2015 +0200

    Default crypto parameters can now be preseeded
    
    List of parameters:
    * cipher: aes, serpent, etc...
    * keysize: 256, 192, 128 (for aes)
    * ivalgorithm: xts-plain64, cbc-essiv:sha256, etc...
    * keytype: passphrase, random
    * keyhash: sha1, sha256, etc...

diff --git a/lib/crypto-base.sh b/lib/crypto-base.sh
index c919763..dbe958a 100644
--- a/lib/crypto-base.sh
+++ b/lib/crypto-base.sh
@@ -574,11 +574,16 @@ crypto_set_defaults () {
 
 	case $type in
 	    dm-crypt)
-		echo aes > $part/cipher
-		echo 256 > $part/keysize
-		echo xts-plain64 > $part/ivalgorithm
-		echo passphrase > $part/keytype
-		echo sha256 > $part/keyhash
+		db_get partman-crypto/cipher || RET=aes
+		echo $RET > $part/cipher
+		db_get partman-crypto/keysize || RET=256
+		echo $RET > $part/keysize
+		db_get partman-crypto/ivalgorithm || RET=xts-plain64
+		echo $RET > $part/ivalgorithm
+		db_get partman-crypto/keytype || RET=passphrase
+		echo $RET > $part/keytype
+		db_get partman-crypto/keyhash || RET=sha256
+		echo $RET > $part/keyhash
 		;;
 	esac
 	return 0

--- End Message ---

--- Begin Message ---

To: 785732-close@bugs.debian.org
Subject: Bug#785732: fixed in partman-crypto 84
From: Cyril Brulebois <kibi@debian.org>
Date: Fri, 10 Jul 2015 00:48:56 +0000
Message-id: <E1ZDMUq-0002Ye-99@franck.debian.org>

Source: partman-crypto
Source-Version: 84

We believe that the bug you reported is fixed in the latest version of
partman-crypto, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 785732@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Cyril Brulebois <kibi@debian.org> (supplier of updated partman-crypto package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 10 Jul 2015 02:31:45 +0200
Source: partman-crypto
Binary: partman-crypto partman-crypto-dm
Architecture: source all amd64
Version: 84
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
Changed-By: Cyril Brulebois <kibi@debian.org>
Description:
 partman-crypto - Add to partman support for block device encryption (udeb)
 partman-crypto-dm - Add to partman support for dm-crypt encryption (udeb)
Closes: 785732 785733
Changes:
 partman-crypto (84) unstable; urgency=medium
 .
   * Make default crypto parameters preseedable (Closes: #785732). Thanks
     to Jérôme Vizcaino for the report and the patch!
   * Honor specified keyhash algorithm for LUKS (Closes: #785733). Thanks
     to Jérôme Vizcaino for the report and the patch! (bis)
Checksums-Sha1:
 517d339cfce1606ab2b0870251cfaeff39dfd0b2 1787 partman-crypto_84.dsc
 8d86256ab90098dace40449aaa43bf84e160406d 262820 partman-crypto_84.tar.xz
 3cfd70652aea62966828b0f58e11500ab7a5efce 1316 partman-crypto-dm_84_all.udeb
 0c4283ff1b641cc3eae0a6c85681f98ab5c565c6 313494 partman-crypto_84_amd64.udeb
Checksums-Sha256:
 4533f2a7d60e23537ce57f0ecf9ece9cb0eacc799f2d12465930abd22efd686c 1787 partman-crypto_84.dsc
 2188053a0db0db16c1381389e2f03d823735b67d9c4ed75393e9656256c4766a 262820 partman-crypto_84.tar.xz
 8b963072d968c521d728e1bab30358a06ed3c83244bb3684f818aa22052a8468 1316 partman-crypto-dm_84_all.udeb
 0c51c5f43ae5bbcfd54c4da124a7dfb114232f6585cb58bc3fc3aa717311ee77 313494 partman-crypto_84_amd64.udeb
Files:
 2a21db44bd49068766b14d8c5160a110 1787 debian-installer optional partman-crypto_84.dsc
 149cc261c1acf79e2eb4270bc14e8e17 262820 debian-installer optional partman-crypto_84.tar.xz
 07916a8f7764025aa94228d59fe76312 1316 debian-installer optional partman-crypto-dm_84_all.udeb
 4ca14a5a58172095856b471ba5e3a89f 313494 debian-installer optional partman-crypto_84_amd64.udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVnxLGAAoJEP+RSvDCs1Ugc/sP/joW3pMoVBQsA8K8spuSN/6e
M4d3MgxTTkElfDKPfCi9inp/+qAJtB4/BJHLfqIsi0zTNk5Mule6+iVLb09/mCo8
QgcVZ6PBfKUahlCXXOVSkXhs1ES8JabRxIaTt3YTSbAuaZJSn9iWwg4AX7hL2VZE
V0rwg9fhMdN77bqZINcPwzeHcrt39kWTo0YQmbnxXhsRL9GJ5ZXITS1dmWdUAMNv
M0b7n2lj1a/kE1PKjavS6u0O49IF11xCAdqdfhiLo3U8omRAm7PWjfzajNplYxGF
vac9FzKt0IFESpczxUgyYR2yEEGynovqA5ZBjU+cgoEWfd5KqTtphFBt6HWulFpi
jWVnX5VBeJ+f0adiR0ygo27xqwASI4tM/WGUSjsRmGJfcbB5L5WTi+awmJnaOUPV
yhbmuL4WbFsAepeNirZNZ6ZsdfrAGUyj7XlU1qU0agrW+rtQfpjPbIsmlCPYxF00
SxbfXvk44fbgIwFW8D9mDcHDztkjH/ZyRpnMyJ7w2j0Lo+/qn3Wzf3mp6MbtYF7i
zJrWsbvRgnAkcGX0XCK/zD01dJSq+QHCpdG/LpmXR8mRVdfVlS1w2T5ynow6knog
B+gbkek7FMVLAq9Z6QeicC39seHvBYn5ut7l1byvESuEMTauhkGVMyHPclIa0BoR
xscznhfRUjcgotyQNmhP
=MqwO
-----END PGP SIGNATURE-----

--- End Message ---

Reply to: