Hi,
Adrian Kretz <adriankretz@gmail.com> (2015-07-25):
> Package: partman-crypto
> Version: 84
> Severity: important
> Tags: patch
>
> Hi,
>
> commit 3d537db63a0d9101211dbe381e391232d1933949 introduced a bug which
> causes a fully encrypted install to fail when no options are set using
> debconf. The following patch should fix this.
This is unfortunate, the "|| RET=foo" looked idiomatic enough at first
glance, but a quick grep across all packages we maintain seems to point
it's only use to reset RET to an empty value…
Thanks for the patch, but the "should" part means one needs to make sure
both non-preseeded and preseeded use cases work fine…
> *** partman-crypto.patch
> diff --git a/lib/crypto-base.sh b/lib/crypto-base.sh
> index e4316d3..22f6b0f 100644
> --- a/lib/crypto-base.sh
> +++ b/lib/crypto-base.sh
> @@ -575,16 +575,16 @@ crypto_set_defaults () {
>
> case $type in
> dm-crypt)
> - db_get partman-crypto/cipher || RET=aes
> - echo $RET > $part/cipher
> - db_get partman-crypto/keysize || RET=256
> - echo $RET > $part/keysize
> - db_get partman-crypto/ivalgorithm || RET=xts-plain64
> - echo $RET > $part/ivalgorithm
> - db_get partman-crypto/keytype || RET=passphrase
> - echo $RET > $part/keytype
> - db_get partman-crypto/keyhash || RET=sha256
> - echo $RET > $part/keyhash
> + db_get partman-crypto/cipher
> + echo ${RET:-aes} > $part/cipher
> + db_get partman-crypto/keysize
> + echo ${RET:-256} > $part/keysize
> + db_get partman-crypto/ivalgorithm
> + echo ${RET:-xts-plain64} > $part/ivalgorithm
> + db_get partman-crypto/keytype
> + echo ${RET:-passphrase} > $part/keytype
> + db_get partman-crypto/keyhash
> + echo ${RET:-sha256} > $part/keyhash
> ;;
> esac
> return 0
Mraw,
KiBi.
Attachment:
signature.asc
Description: Digital signature