2010-03-09 11:51:15 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Mar 9 10:50:00 UTC 2010 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* turn off splash only if needed to avoid flicker
|
|
|
|
|
|
2010-03-02 13:25:30 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Mar 2 12:02:50 UTC 2010 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* restore splash screen state after initrd prompt (bnc#559053)
|
|
|
|
|
* use highlighted prompt in initrd too
|
|
|
|
|
* fix adding volumes with initrd option (bnc#558891)
|
|
|
|
|
|
2010-02-02 13:22:30 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Feb 2 12:21:44 UTC 2010 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* document the stages of the boot process
|
|
|
|
|
* show status message in boot.cypto-early
|
|
|
|
|
* don't perform some checks if the device is skipped anyways
|
|
|
|
|
* seed random number generator (bnc#575139)
|
|
|
|
|
|
2010-01-18 14:07:23 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Jan 18 12:18:32 UTC 2010 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- cryptsetup 1.1.0:
|
|
|
|
|
|
|
|
|
|
* IMPORTANT: the default compiled-in cipher parameters changed
|
|
|
|
|
plain mode: aes-cbc-essiv:sha256 (default is backward incompatible!).
|
|
|
|
|
LUKS mode: aes-cbc-essiv:sha256 (only key size increased)
|
|
|
|
|
In both modes is now default key size 256bits.
|
|
|
|
|
|
|
|
|
|
* Default compiled-in parameters are now configurable through configure options:
|
|
|
|
|
--with-plain-* / --with-luks1-* (see configure --help)
|
|
|
|
|
|
|
|
|
|
* If you need backward compatible defaults for distribution use
|
|
|
|
|
configure --with-plain-mode=cbc-plain --with-luks1-keybits=128
|
|
|
|
|
|
|
|
|
|
Default compiled-in modes are printed in "cryptsetup --help" output.
|
|
|
|
|
|
|
|
|
|
* Change in iterations count (LUKS):
|
|
|
|
|
The slot and key digest iteration minimum count is now 1000.
|
|
|
|
|
The key digest iteration count is calculated from iteration time (approx 1/8 of req. time).
|
|
|
|
|
For more info about above items see discussion here: http://tinyurl.com/yaug97y
|
|
|
|
|
|
|
|
|
|
* New libcryptsetup API (documented in libcryptsetup.h).
|
|
|
|
|
|
|
|
|
|
The old API (using crypt_options struct) is still available but will remain
|
|
|
|
|
frozen and not used for new functions.
|
|
|
|
|
Soname of library changed to libcryptsetup.so.1.0.0.
|
|
|
|
|
(But only recompilation should be needed for old programs.)
|
|
|
|
|
|
|
|
|
|
The new API provides much more flexible operation over LUKS device for
|
|
|
|
|
applications, it is preferred that new applications will use libcryptsetup
|
|
|
|
|
and not wrapper around cryptsetup binary.
|
|
|
|
|
|
|
|
|
|
* New luksHeaderBackup and luksHeaderRestore commands.
|
|
|
|
|
|
|
|
|
|
These commands allows binary backup of LUKS header.
|
|
|
|
|
Please read man page about possible security issues with backup files.
|
|
|
|
|
|
|
|
|
|
* New luksSuspend (freeze device and wipe key) and luksResume (with provided passphrase).
|
|
|
|
|
|
|
|
|
|
luksSuspend wipe encryption key in kernel memory and set device to suspend
|
|
|
|
|
(blocking all IO) state. This option can be used for situations when you need
|
|
|
|
|
temporary wipe encryption key (like suspend to RAM etc.)
|
|
|
|
|
Please read man page for more information.
|
|
|
|
|
|
|
|
|
|
* New --master-key-file option for luksFormat and luksAddKey.
|
|
|
|
|
|
|
|
|
|
User can now specify pre-generated master key in file, which allows regenerating
|
|
|
|
|
LUKS header or add key with only master key knowledge.
|
|
|
|
|
|
|
|
|
|
* Uses libgcrypt and enables all gcrypt hash algorithms for LUKS through -h luksFormat option.
|
|
|
|
|
|
|
|
|
|
Please note that using different hash for LUKS header make device incompatible with
|
|
|
|
|
old cryptsetup releases.
|
|
|
|
|
|
|
|
|
|
* Introduces --debug parameter.
|
|
|
|
|
|
|
|
|
|
Use when reporting bugs (just run cryptsetup with --debug and attach output
|
|
|
|
|
to issue report.) Sensitive data are never printed to this log.
|
|
|
|
|
|
|
|
|
|
* Moves command successful messages to verbose level.
|
|
|
|
|
|
|
|
|
|
* Requires device-mapper library and libgcrypt to build.
|
|
|
|
|
|
|
|
|
|
* Uses dm-uuid for all crypt devices, contains device type and name now.
|
|
|
|
|
|
|
|
|
|
* Removes support for dangerous non-exclusive option
|
|
|
|
|
(it is ignored now, LUKS device must be always opened exclusive)
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* don't use dirty prompt override hack anymore
|
|
|
|
|
* wait for volume groups if resume volume is on lvm (bnc#556895)
|
|
|
|
|
* dynamically determine whether the cryptomgr module is neeeded
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Oct 19 14:33:57 UTC 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- add luks script in volumemanager stage too, this way some side
|
|
|
|
|
effects are avoided (bnc#547612)
|
|
|
|
|
|
2009-10-08 18:16:54 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Oct 7 12:37:24 UTC 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* /lib/udev/vol_id no longer exists, use blkid instead
|
|
|
|
|
* add space at end of password prompt in initrd
|
|
|
|
|
* fix autodetetection of root on LVM on LUKS (bnc#528474)
|
|
|
|
|
|
2009-10-08 01:36:05 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Oct 6 11:43:15 UTC 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto: more changes as agreed with the Debian maintainer:
|
|
|
|
|
* rename keyscript variable CRYPTTAB_DEVICE to CRYPTTAB_SOURCE
|
|
|
|
|
* export list of options in CRYPTTAB_OPTIONS
|
|
|
|
|
|
2009-10-03 00:43:04 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Sep 29 11:25:58 UTC 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- replace patch that quits on EOF with upstream version
|
|
|
|
|
|
2009-09-27 00:02:18 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Sep 25 12:42:23 UTC 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- actually hash=plain can be used to get raw keyscript output so
|
|
|
|
|
remove keyscript_raw again
|
|
|
|
|
|
2009-09-25 00:02:30 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Sep 24 13:36:52 UTC 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* don't use hashalot if keyfile is specified
|
|
|
|
|
* to comply with Debian, keyscripts must only output the password.
|
|
|
|
|
In order to allow keyscript to use different methods to retrieve
|
|
|
|
|
a key, add a keyscript_rawkey option.
|
|
|
|
|
- cryptsetup:
|
|
|
|
|
* When reading no single byte for the key abort.
|
|
|
|
|
|
2009-09-21 20:55:59 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Sep 21 08:51:40 UTC 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* fix test for keyfile (bnc#540363)
|
|
|
|
|
|
2009-09-16 23:38:50 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Sep 16 12:49:07 UTC 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* 2.6.31 requires the cryptomgr module in the initrd (bnc#535013)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Sep 15 13:20:59 UTC 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* uppercase variables exported to keyscript in anticipation of
|
|
|
|
|
Debian adopting the implementation
|
|
|
|
|
|
2009-09-05 01:58:18 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Sep 4 10:04:05 UTC 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* fix setting options without parameter
|
|
|
|
|
* infinite retries in initrd
|
|
|
|
|
* tries=0 means infinite tries
|
|
|
|
|
* implement retries in the script to make it work with keyscripts and non-luks volumes
|
|
|
|
|
* keyscript support (fate#302628)
|
|
|
|
|
* remove the option to fsck the fs as it actually never worked
|
|
|
|
|
* fix initrd option parsing
|
|
|
|
|
|
2009-08-28 20:33:22 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Aug 27 06:59:55 UTC 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- new cryptsetup version 1.0.7
|
|
|
|
|
* Allow removal of last slot in luksRemoveKey and luksKillSlot.
|
|
|
|
|
* Reject unsupported --offset and --skip options for luksFormat and update man page.
|
|
|
|
|
* Various man page fixes.
|
|
|
|
|
* Set UUID in device-mapper for LUKS devices.
|
|
|
|
|
* Retain readahead of underlying device.
|
|
|
|
|
* Display device name when asking for password.
|
|
|
|
|
* Check device size when loading LUKS header. Remove misleading error message later.
|
|
|
|
|
* Add error hint if dm-crypt mapping failed.
|
|
|
|
|
* Use better error messages if device doesn't exist or is already used by other mapping.
|
|
|
|
|
* Fix make distcheck.
|
|
|
|
|
* Check if all slots are full during luksAddKey.
|
|
|
|
|
* Fix segfault in set_error.
|
|
|
|
|
* Code cleanups, remove precompiled pot files, remove unnecessary files from po directory
|
|
|
|
|
* Fix uninitialized return value variable in setup.c.
|
|
|
|
|
* Code cleanups. (thanks to Ivan Stankovic)
|
|
|
|
|
* Fix wrong output for remaining key at key deletion.
|
|
|
|
|
* Allow deletion of key slot while other keys have the same key information.
|
|
|
|
|
* Add missing AM_PROG_CC_C_O to configure.in
|
|
|
|
|
* Remove duplicate sentence in man page.
|
|
|
|
|
* Wipe start of device (possible fs signature) before LUKS-formatting.
|
|
|
|
|
* Do not process configure.in in hidden directories.
|
|
|
|
|
* Return more descriptive error in case of IO or header format error.
|
|
|
|
|
* Use remapping to error target instead of calling udevsettle for temporary crypt device.
|
|
|
|
|
* Check device mapper communication and warn user if device-mapper support missing in kernel.
|
|
|
|
|
* Fix signal handler to properly close device.
|
|
|
|
|
* write_lseek_blockwise: declare innerCount outside the if block.
|
|
|
|
|
* add -Wall to the default CFLAGS. fix some signedness issues.
|
|
|
|
|
* Error handling improvement.
|
|
|
|
|
* Add non-exclusive override to interface definition.
|
|
|
|
|
* Refactor key slot selection into keyslot_from_option.
|
|
|
|
|
|
2009-08-21 16:50:58 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Aug 19 14:08:40 CEST 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* set infinite timeout during 2nd stage (bnc#456004)
|
|
|
|
|
|
2009-07-13 17:19:26 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Jul 13 08:56:56 UTC 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* wait for device before calling luksOpen (bnc#521446)
|
|
|
|
|
|
2009-06-12 17:58:59 +02:00
|
|
|
-------------------------------------------------------------------
|
2009-06-17 15:37:56 +02:00
|
|
|
Wed Jun 17 11:30:08 CEST 2009 - coolo@novell.com
|
|
|
|
|
|
|
|
|
|
- fix link order
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2009-06-12 17:58:59 +02:00
|
|
|
Thu Jun 11 21:36:28 CEST 2009 - coolo@novell.com
|
|
|
|
|
|
|
|
|
|
- fix compile with glibc 2.10
|
|
|
|
|
|
2009-04-07 12:46:11 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Apr 2 09:33:22 CEST 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* resolve symlinks when searching for loop devices (bnc#490170)
|
|
|
|
|
* add extra man page tags to avoid FIXME output of docbook
|
|
|
|
|
* don't pipe password if there's only one device to open
|
|
|
|
|
* update copyright information
|
|
|
|
|
* fix spelling and actually stop in pre_stop_hook
|
|
|
|
|
* introduce initrd option in crypttab (bnc#465711)
|
|
|
|
|
|
2009-03-09 00:18:36 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Mar 6 13:01:44 CET 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* print dm name instead of physdev (bnc#456664)
|
|
|
|
|
* make prompt work with infinite timeout (bnc#466405)
|
|
|
|
|
* implement pre-stop hook (bnc#481870)
|
|
|
|
|
* remove hardcoded loop device number limit (bnc#481872)
|
|
|
|
|
* Warn if using a non-absolute path for physdev in crypttab
|
|
|
|
|
- hashalot: compute hash of empty passphrase if not interactive
|
|
|
|
|
(bnc#475135)
|
|
|
|
|
|
2009-03-04 15:29:07 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Mar 3 16:27:23 CET 2009 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- fix boot.crypto doesn't care on tries flag in crypttab (bnc#480741)
|
|
|
|
|
- mkinitrd scripts now included in boot.crypto git
|
|
|
|
|
|
2009-02-26 16:43:32 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Feb 26 15:34:06 CET 2009 - mhopf@suse.de
|
|
|
|
|
|
|
|
|
|
- Fix segfault with oversized hashes (bnc #476290).
|
|
|
|
|
|
2009-02-26 12:48:36 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Feb 25 13:47:43 CET 2009 - jsmeix@suse.de
|
|
|
|
|
|
|
|
|
|
- Fixed initrd LUKS password annoyance in mkinitrd-boot.sh and
|
|
|
|
|
mkinitrd-setup.sh when the same password is used for all
|
|
|
|
|
partitions. In this case the password is now only asked
|
|
|
|
|
once (bnc#465711).
|
|
|
|
|
|
2008-12-15 12:23:47 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sun Dec 14 12:27:34 CET 2008 - bwalle@suse.de
|
|
|
|
|
|
2009-02-26 12:48:36 +01:00
|
|
|
- Fix LUKS root partition residing on a soft raid (bnc#358341)
|
2008-12-15 12:23:47 +01:00
|
|
|
|
2008-11-03 14:41:26 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Nov 3 14:03:33 CET 2008 - mkoenig@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto-early: explicitly start before boot.localfs
|
|
|
|
|
|
2008-09-15 16:32:21 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Sep 12 16:40:03 CEST 2008 - mkoenig@suse.de
|
|
|
|
|
|
|
|
|
|
- branch off shlib to subpackage libcryptsetup0
|
|
|
|
|
- rename cryptsetup-devel to libcryptsetup-devel
|
|
|
|
|
|
2008-09-05 22:19:55 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Sep 3 11:09:34 CEST 2008 - hare@suse.de
|
|
|
|
|
|
|
|
|
|
- Call mkinitrd_setup during %post and %postun (bnc#413709)
|
|
|
|
|
|
2008-08-21 22:35:25 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Aug 20 15:20:06 CEST 2008 - mkoenig@suse.de
|
|
|
|
|
|
2009-02-26 12:48:36 +01:00
|
|
|
- enable SELinux support (fate#303662)
|
2008-08-21 22:35:25 +02:00
|
|
|
|
2008-08-14 01:46:55 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Aug 13 11:21:14 CEST 2008 - mkoenig@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* Fix init script tags
|
|
|
|
|
|
2008-07-24 23:06:32 +02:00
|
|
|
-------------------------------------------------------------------
|
2008-08-08 17:19:08 +02:00
|
|
|
Fri Aug 8 11:42:10 CEST 2008 - mkoenig@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
2009-02-26 12:48:36 +01:00
|
|
|
* Provide some reasonable exit status (bnc#409502)
|
2008-08-08 17:19:08 +02:00
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2008-07-24 23:06:32 +02:00
|
|
|
Wed Jul 23 15:44:31 CEST 2008 - hare@suse.de
|
|
|
|
|
|
|
|
|
|
- Include mkinitrd scriptlets.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jul 23 13:05:20 CEST 2008 - mkoenig@suse.de
|
|
|
|
|
|
2009-02-26 12:48:36 +01:00
|
|
|
- use /sbin/udevadm settle instead of /sbin/udevsettle (bnc#404875)
|
2008-07-24 23:06:32 +02:00
|
|
|
|
2008-05-06 18:54:56 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue May 6 12:36:49 CEST 2008 - mkoenig@suse.de
|
|
|
|
|
|
|
|
|
|
- load loop module in boot.crypto-early as it might be needed.
|
|
|
|
|
It is previously initially loaded by boot.localfs.
|
|
|
|
|
|
2008-04-09 21:36:47 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Apr 9 15:59:09 CEST 2008 - mkoenig@suse.de
|
|
|
|
|
|
2009-02-26 12:48:36 +01:00
|
|
|
- add support for boot.crypto-early (bnc#355824)
|
2008-04-09 21:36:47 +02:00
|
|
|
needed to encrypt block devices for usage with LVM or MD
|
|
|
|
|
adds a new option 'noearly' for crypttab, which will skip
|
|
|
|
|
the device in boot.crypto-early.
|
|
|
|
|
|
2008-02-28 01:52:43 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Feb 27 12:10:32 CET 2008 - mkoenig@suse.de
|
|
|
|
|
|
|
|
|
|
- update to svn revision 46:
|
2009-02-26 12:48:36 +01:00
|
|
|
* fix out of bound for key index in delKey (bnc#360041)
|
2008-02-28 01:52:43 +01:00
|
|
|
* Add typo fixes to the cryptsetup.8 manpage
|
|
|
|
|
* Add key-slot patch
|
|
|
|
|
* Remove O_EXCL requirement for certain LUKS operations
|
|
|
|
|
* mention luksKillSlot in the manpage
|
|
|
|
|
|
2008-02-04 17:35:21 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Feb 4 16:22:42 CET 2008 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* check for columns of terminal (bnc#337614)
|
2009-02-26 12:48:36 +01:00
|
|
|
* enhance crypttab manpage (bnc#351061)
|
|
|
|
|
* check for fs_passno (bnc#345339)
|
2008-02-04 17:35:21 +01:00
|
|
|
|
2008-01-09 21:57:24 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jan 9 12:07:14 CET 2008 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- upgrade to svn revision 42 which includes previous patches
|
|
|
|
|
- boot.crypto:
|
2009-02-26 12:48:36 +01:00
|
|
|
* don't mount read-only as safety check (bnc#345338)
|
2008-01-09 21:57:24 +01:00
|
|
|
* implement precheck scripts
|
2009-02-26 12:48:36 +01:00
|
|
|
* allow restarting of single volumes (bnc#345605)
|
|
|
|
|
* status query of individual devices (bnc#345605)
|
2008-01-09 21:57:24 +01:00
|
|
|
* add vol_id check script
|
|
|
|
|
* maintain boot.crypto stuff in revision control and use tarball
|
|
|
|
|
snapshots of it
|
|
|
|
|
|
2007-11-29 18:20:01 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Nov 29 13:47:24 CET 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- upgrade to svn revision 38
|
|
|
|
|
|
2007-11-09 22:12:45 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Nov 7 12:40:02 CET 2007 - mkoenig@suse.de
|
|
|
|
|
|
|
|
|
|
- add %fillup_prereq and %insserv_prereq to PreReq
|
|
|
|
|
|
2007-10-16 17:49:45 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Oct 16 10:38:35 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- upgrade to svn revision 31
|
|
|
|
|
* Rename luksDelKey into luksKillSlot
|
|
|
|
|
* Add luksRemoveKey that queries a given key before removal
|
|
|
|
|
* Fix segfault in luksOpen.
|
|
|
|
|
* Add LUKS_device_ready check for most LUKS calls, so that
|
|
|
|
|
cryptsetup dies before password querying in case a blockdev is
|
|
|
|
|
unavailable
|
|
|
|
|
* For LUKS key material access require exclusive access to the
|
|
|
|
|
underlying device. This will prevent multiple mappings onto a
|
|
|
|
|
single LUKS device. dm*crypt doesn't feature any syncing
|
|
|
|
|
capabilities, hence there is no real application for this as it
|
|
|
|
|
will likely lead to disk corruption.
|
|
|
|
|
* Add signal handler to keyencryption to free the temporary
|
|
|
|
|
mapping in case the user hits ctrl-c.
|
|
|
|
|
|
2007-08-27 17:34:37 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Aug 27 16:25:54 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- remove /var/run/keymap from previous boot to make /etc/init.d/kbd
|
|
|
|
|
work (#296409)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Aug 27 10:42:32 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- run fsck with progressbar (#304750)
|
|
|
|
|
|
2007-06-21 19:51:59 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Jun 21 16:06:53 CEST 2007 - mkoenig@suse.de
|
|
|
|
|
|
|
|
|
|
- run udevsettle to avoid problems with busy temporary
|
|
|
|
|
device mapper devices [#285478]
|
|
|
|
|
|
2007-06-11 12:57:44 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Jun 11 09:23:24 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- rephrase error message (#279169)
|
|
|
|
|
|
2007-06-05 04:29:16 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Jun 1 10:07:14 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- rename util-linux-crypto to cryptsetup
|
|
|
|
|
- remove dmconvert
|
|
|
|
|
- replace svn snapshot with official 1.0.5 release
|
|
|
|
|
- don't enable boot.crypto by default
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue May 29 15:58:44 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- fix segfault when trying to open a non existing device
|
|
|
|
|
- fix gcc warnings
|
|
|
|
|
- add Short-Description to boot.crypto
|
|
|
|
|
- use %find_lang
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed May 9 14:52:00 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto: implement 'status'
|
|
|
|
|
- boot.crypto: accept argument to start/stop single devices
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed May 9 10:40:28 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- hashalot: add timeout option
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed May 9 09:40:42 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- fix build
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue May 8 15:16:41 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto: switch off splash screen only when needed
|
|
|
|
|
- boot.crypto: report status for individual volumes instead of using one global
|
|
|
|
|
exit status
|
|
|
|
|
- hashalot: exit unsucessfully on empty passphrase
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue May 8 10:43:24 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- boot.crypto: sleep a bit longer before overwriting the prompt
|
|
|
|
|
- boot.crypto: add support for pseed and itercountk options
|
|
|
|
|
- boot.crypto: skip entries with unsupported/unknown options
|
|
|
|
|
- hashalot: add support for itercountk
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri May 4 16:38:11 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- upgrade cryptsetup to current svn revision 30 which includes
|
|
|
|
|
previous patches.
|
|
|
|
|
- fix background prompt process not getting killed on ctrl-d in
|
|
|
|
|
boot.crypto
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Apr 27 15:46:05 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- upgrade cryptsetup to current svn revision 26. Does no longer hang
|
|
|
|
|
when a file is specified instead of a device.
|
|
|
|
|
- remove obsolete cryptsetup.sh script
|
|
|
|
|
- boot.crypto:
|
|
|
|
|
* drop support for cryptoloop, use cryptsetup also for cryptotab
|
|
|
|
|
* refactor code and create reusable components for use in cryptotab
|
|
|
|
|
and crypttab code path
|
|
|
|
|
* run sulogin only during boot if fsck failed
|
|
|
|
|
* support crypttab's 'tries' option
|
|
|
|
|
- add crypttab manpage based on Debian one
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Apr 24 17:38:40 CEST 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- add boot.crypto (#257884)
|
|
|
|
|
- add crypttab and cryptotab as %ghost to filelist
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Mar 27 10:22:48 CEST 2007 - mkoenig@suse.de
|
|
|
|
|
|
|
|
|
|
- move devel .so link to %{libdir}
|
|
|
|
|
- run ldconfig, since we have now a shared lib installed
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Mar 23 16:18:12 CET 2007 - dmueller@suse.de
|
|
|
|
|
|
|
|
|
|
- cryptsetup can now link shared since libpopt is
|
|
|
|
|
no longer under /usr
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Mar 9 12:06:53 CET 2007 - lnussel@suse.de
|
|
|
|
|
|
|
|
|
|
- add patch to support old loop_fish2 key hash method
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Dec 7 18:33:01 CET 2006 - mkoenig@suse.de
|
|
|
|
|
|
|
|
|
|
- update cryptsetup to version 1.0.4:
|
|
|
|
|
* added terminal timeout rewrite
|
|
|
|
|
* allow user selection of key slot
|
|
|
|
|
* reading binary keys from stdin using the "-" as key file
|
|
|
|
|
* fix 64 bit compiler warning issues.
|
|
|
|
|
* fix getline problem for 64-bit archs.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Oct 13 11:30:19 CEST 2006 - mkoenig@suse.de
|
|
|
|
|
|
|
|
|
|
- fix build failure due to missing pthreads
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Sep 13 12:39:27 CEST 2006 - hvogel@suse.de
|
|
|
|
|
|
|
|
|
|
- use the LUKS version of cryptsetup
|
|
|
|
|
- split -devel subpackage for libcryptsetup
|
|
|
|
|
- remove patches because they are in the new cryptsetup
|
|
|
|
|
* cryptsetup-0.1-static.patch
|
|
|
|
|
* cryptsetup-0.1-retval.patch
|
|
|
|
|
* cryptsetup-0.1-dmi.exists.patch
|
|
|
|
|
* cryptsetup-0.1-timeout.patch
|
|
|
|
|
- use man page from the new cryptsetup
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue May 16 11:03:08 CEST 2006 - hvogel@suse.de
|
|
|
|
|
|
|
|
|
|
- Fix cryptsetup to work when the device does not exist yet
|
|
|
|
|
[#175931]
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jan 25 21:42:28 CET 2006 - mls@suse.de
|
|
|
|
|
|
|
|
|
|
- converted neededforbuild to BuildRequires
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Dec 19 14:46:30 CET 2005 - mmj@suse.de
|
|
|
|
|
|
|
|
|
|
- Remove symlinks to hashalot we don't want
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Oct 13 15:04:29 CEST 2005 - hvogel@suse.de
|
|
|
|
|
|
|
|
|
|
- Fix uninitialized var in dmconvert. Add
|
|
|
|
|
* dmconvert-0.2-uninitialized.patch
|
|
|
|
|
- Fix return value in cryptsetup. Add
|
|
|
|
|
* cryptsetup-0.1-retval.patch
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jun 29 14:28:32 CEST 2005 - hvogel@suse.de
|
|
|
|
|
|
|
|
|
|
- Link cryptsetup static so it can be in /sbin and you can get
|
|
|
|
|
/usr over nfs or even crypted
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon May 9 17:23:39 CEST 2005 - hvogel@suse.de
|
|
|
|
|
|
|
|
|
|
- New package, Version 2.12q
|
|
|
|
|
|
