Bug#247054: marked as done (initrd-tools: Support for initrd booting encrypted root filesystems)

To: Martin Michlmayr <tbm@cyrius.com>
Cc: Debian kernel team <debian-kernel@lists.debian.org>
Subject: Bug#247054: marked as done (initrd-tools: Support for initrd booting encrypted root filesystems)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Thu, 30 Dec 2004 10:03:49 -0800
Message-id: <[🔎] handler.247054.D247054.1104428965399.ackdone@bugs.debian.org>
In-reply-to: <E1Ck4O9-0000Ps-00@newraff.debian.org>
References: <E1Ck4O9-0000Ps-00@newraff.debian.org> <E1BKSfT-0003bW-00@master.debian.org>
Your message dated Thu, 30 Dec 2004 12:47:05 -0500
with message-id <E1Ck4O9-0000Ps-00@newraff.debian.org>
and subject line Bug#247054: fixed in initrd-tools 0.1.76
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 3 May 2004 01:54:53 +0000
>From terpstra@debian.org Sun May 02 18:54:53 2004
Return-path: <terpstra@debian.org>
Received: from master.debian.org [146.82.138.7] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1BKSfV-0003zc-00; Sun, 02 May 2004 18:54:53 -0700
Received: from d7-248.dsl.easysurfnet.de ([127.0.0.1]) [83.121.7.248] 
	by master.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1BKSfT-0003bW-00; Sun, 02 May 2004 20:54:51 -0500
Content-Type: multipart/mixed; boundary="===============2125184206=="
MIME-Version: 1.0
From: "Wesley W. Terpstra" <terpstra@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: initrd-tools: Support for initrd booting encrypted root filesystems
Bcc: "Wesley W. Terpstra" <terpstra@debian.org>
X-Mailer: reportbug 2.56
Date: Mon, 03 May 2004 03:54:55 +0200
Message-Id: <E1BKSfT-0003bW-00@master.debian.org>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
	OUR_MTA_MSGID autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 
X-CrossAssassin-Score: 1

This is a multi-part MIME message sent by reportbug.

--===============2125184206==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Package: initrd-tools
Version: 0.1.67
Severity: normal
Tags: patch

I have been working on integrating encrypted root filesystem support for
debian. Here is a patch which works for me (TM). :-)

The keyscripts directory is used to setup things like usb-stick crypto keys
and so on. The cryptsetup command is not in debian yet... Someone else has
ITP'd it. I am looking into this at the moment.

Comments?

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.5-1-686
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8

Versions of packages initrd-tools depends on:
ii  coreutils [fileutils]         5.0.91-2   The GNU core utilities
ii  cpio                          2.5-1.1    GNU cpio -- a program to manage ar
ii  cramfsprogs                   1.1-5      Tools for CramFs (Compressed ROM F
ii  dash                          0.4.25     The Debian Almquist Shell
ii  util-linux                    2.12-6     Miscellaneous system utilities

-- no debconf information

--===============2125184206==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="mkinitrd.patch"

--- mkinitrd.orig	2004-04-28 13:59:59.000000000 +0200
+++ mkinitrd	2004-05-03 03:50:35.000000000 +0200
@@ -318,8 +318,71 @@
 	fi
 }
 
+dmcrypt() {
+	local cipher_mode submajor subminor
+	
+	if ! command -v cryptsetup > /dev/null 2>&1; then
+		echo Root is on a DM crypt device, but cryptsetup not installed >&2
+	fi
+	
+	cipher_mode=$(dmsetup table $dmname | cut -d" " -f4)
+	
+	echo dm-crypt
+	echo $cipher_mode | cut -d- -f1
+	
+	submajor=$(dmsetup deps $dmname | sed 's/^.*(\([0-9]*\), \([0-9]*\))$/\1/')
+	subminor=$(dmsetup deps $dmname | sed 's/^.*(\([0-9]*\), \([0-9]*\))$/\2/')
+	getroot $submajor $subminor
+	
+	cat <<EOF >&5
+mount -nt ramfs ramfs dev2
+rootdev=$(($submajor*256+$subminor))
+get_device
+export device
+export dmname="$dmname"
+export cipher_mode="$cipher_mode"
+for i in /keyscripts/*; do
+	[ -f "\$i" ] || continue
+	case "\$i" in
+	*.sh)
+		(. \$i)
+		;;
+	*)
+		\$i
+		;;
+	esac
+done
+[ -b /dev/mapper/\$dmname ] || \\
+	/sbin/cryptsetup -c \$cipher_mode create \$dmname \$device
+umount -n dev2
+ROOT="/dev/mapper/$dmname"
+EOF
+	{
+		echo /sbin/cryptsetup
+		echo /lib/libdevmapper.so.1.00
+		echo /lib/libpopt.so.0
+	} >&6
+}
+
 dm() {
-	if command -v lvmiopversion > /dev/null 2>&1; then
+	local dmname
+	
+	if ! command -v dmsetup > /dev/null 2>&1; then
+		echo Root is on a DM device, but dmsetup not installed >&2
+		exit 1
+	fi
+	
+	dmdev=$(printf "(%d, %d)" $major $minor)
+	
+	if ! dmsetup ls | grep -q "$dmdev\$"; then
+		echo Unknown DM device $major:$minor >&2
+		exit 1
+	fi
+	
+	dmname=$(dmsetup ls | grep "$dmdev\$" | sed 's/^\([^[:space:]]*\).*$/\1/')
+	if dmsetup table $dmname | grep -q crypt; then
+		dmcrypt
+	elif command -v lvmiopversion > /dev/null 2>&1; then
 		lvm
 	elif [ ! -x /etc/mkinitrd/scripts/evms ]; then
 		echo Unknown DM device $major:$minor >&2
@@ -1065,7 +1128,7 @@
 	mv script initrd
 
 	cd initrd
-	mkdir -p dev2 devfs etc mnt proc scripts sys tmp var
+	mkdir -p dev2 devfs etc keyscripts mnt proc scripts sys tmp var
 
 	> etc/mtab
 

--===============2125184206==--

---------------------------------------
Received: (at 247054-close) by bugs.debian.org; 30 Dec 2004 17:49:25 +0000
>From katie@ftp-master.debian.org Thu Dec 30 09:49:24 2004
Return-path: <katie@ftp-master.debian.org>
Received: from newraff.debian.org [208.185.25.31] (mail)
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1Ck4QO-00005b-00; Thu, 30 Dec 2004 09:49:24 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
	id 1Ck4O9-0000Ps-00; Thu, 30 Dec 2004 12:47:05 -0500
From: Martin Michlmayr <tbm@cyrius.com>
To: 247054-close@bugs.debian.org
X-Katie: $Revision: 1.54 $
Subject: Bug#247054: fixed in initrd-tools 0.1.76
Message-Id: <E1Ck4O9-0000Ps-00@newraff.debian.org>
Sender: Archive Administrator <katie@ftp-master.debian.org>
Date: Thu, 30 Dec 2004 12:47:05 -0500
Delivered-To: 247054-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

Source: initrd-tools
Source-Version: 0.1.76

We believe that the bug you reported is fixed in the latest version of
initrd-tools, which is due to be installed in the Debian FTP archive:

initrd-tools_0.1.76.dsc
  to pool/main/i/initrd-tools/initrd-tools_0.1.76.dsc
initrd-tools_0.1.76.tar.gz
  to pool/main/i/initrd-tools/initrd-tools_0.1.76.tar.gz
initrd-tools_0.1.76_all.deb
  to pool/main/i/initrd-tools/initrd-tools_0.1.76_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 247054@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Martin Michlmayr <tbm@cyrius.com> (supplier of updated initrd-tools package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 30 Dec 2004 17:29:20 +0000
Source: initrd-tools
Binary: initrd-tools
Architecture: source all
Version: 0.1.76
Distribution: unstable
Urgency: low
Maintainer: Debian kernel team <debian-kernel@lists.debian.org>
Changed-By: Martin Michlmayr <tbm@cyrius.com>
Description: 
 initrd-tools - tools to create initrd image for prepackaged Linux kernel
Closes: 247054 285301
Changes: 
 initrd-tools (0.1.76) unstable; urgency=low
 .
   * Joshua Kwan
     - Fix typo in Harald's workaround for drivers not listing SCSI
       modules in /proc/scsi. (Closes: #285301)
     - Also fix in that same workaround a possible problem with module names
       with hyphens that get flattened to underscores in 2.6.
   * Martin Michlmayr
     - Add support for encrypted root filesystems using dm-crypt and
       cryptsetup.  Patch provided by Wesley W. Terpstra, with modifications
       and testing by Loic Minier and me (Closes: #247054).
Files: 
 72d54d1c3fb1cfa346c5c63109859b52 609 utils optional initrd-tools_0.1.76.dsc
 34e9890133e3cea2564b65aee4bded40 25011 utils optional initrd-tools_0.1.76.tar.gz
 f46793dd38165d0ee6a5242c4b06057b 28232 utils optional initrd-tools_0.1.76_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFB1DtCKb5dImj9VJ8RAmHMAJ9o4ewrrI1736AYBsY7Ze/UeT4OLQCfQrit
f9Rr+06sCKOYvd8XzIdiaAE=
=BH+G
-----END PGP SIGNATURE-----
Reply to:
Prev by Date: initrd-tools_0.1.76_i386.changes ACCEPTED
Next by Date: Bug#285301: marked as done (initrd-tools: typo in mkinitrd)
Previous by thread: initrd-tools_0.1.76_i386.changes ACCEPTED
Next by thread: Bug#283619: Should be retitled to request build against kernel-source-2.6.8 -11?
Index(es):
- Date
- Thread