From 60b15b29484ff2d1023e24d7e15824fbf05a4b7425e27e0c59cadb087756067b Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Mon, 18 Dec 2006 23:18:10 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/util-linux?expand=0&rev=1 --- .gitattributes | 23 + .gitignore | 1 + README.largedisk | 12 + README.loop-AES-v2.2d | 1231 +++++ README.loop-AES-v2.2d.SuSE | 11 + README.raw | 54 + adjtimex-1.20-nosyscall.diff | 18 + adjtimex-1.20.tar.bz2 | 3 + cryptoloop.txt | 169 + etc.raw | 15 + freeramdisk.tar.bz2 | 3 + guessfstype.8 | 13 + guessfstype2.patch | 48 + klogconsole-quiet.patch | 11 + klogconsole.diff | 27 + klogconsole.tar.bz2 | 3 + loop-AES-v3.0a-util-linux-2.12p.diff | 4345 +++++++++++++++++ mkzimage_cmdline.8 | 20 + mkzimage_cmdline.c | 183 + mount-nfs-nonreserved | 61 + mount.8-acl.diff | 39 + nfsboot | 50 + nologin.8 | 63 + nologin.c | 58 + raw.init | 61 + ready | 0 renice.8 | 136 + schedutils-1.4.0.tar.bz2 | 3 + setctsid.8 | 25 + setctsid.c | 90 + sm-notify-20060111.tar.bz2 | 3 + stupid-programmer.diff | 38 + time-1.7.dif | 20 + time-1.7.tar.gz | 3 + util-linux-2.11q-fs_mac.diff | 250 + util-linux-2.11u-nfs-mount_acl.diff | 85 + util-linux-2.11z-hwclock_geteuid.diff | 11 + util-linux-2.12-enablereplaybuild.diff | 20 + util-linux-2.12-hostid.diff | 137 + util-linux-2.12-mount_guessfstype.diff | 183 + util-linux-2.12-mountfallback.patch | 34 + util-linux-2.12-multipleraw.diff | 65 + util-linux-2.12-nfs-tcp.diff | 61 + util-linux-2.12-suse-compatibility.diff | 149 + util-linux-2.12a-mountbylabel-dm.patch | 63 + util-linux-2.12a-mountpointwithcolon.diff | 21 + util-linux-2.12a-procswapscheck.diff | 24 + util-linux-2.12h-mtablock.diff | 86 + util-linux-2.12h-short-passwords.diff | 55 + util-linux-2.12i-x86_64intel.diff | 22 + util-linux-2.12q-ionice.diff | 249 + util-linux-2.12q-mount--move.diff | 29 + util-linux-2.12q-nfsv4.patch | 628 +++ util-linux-2.12q-null.diff | 14 + util-linux-2.12q-strict-aliasing.diff | 11 + util-linux-2.12q-umount2-not-static.patch | 11 + util-linux-2.12r-cal_formatting.patch | 26 + util-linux-2.12r-external-prog-on-guess.diff | 133 + util-linux-2.12r-fdisk_llseek.patch | 234 + util-linux-2.12r-fdiskcyl.patch | 32 + util-linux-2.12r-fdiskwrap.patch | 382 ++ util-linux-2.12r-losetup_password.patch | 231 + util-linux-2.12r-mkswap_fix.patch | 15 + util-linux-2.12r-mount-by-uuid.patch | 53 + ...-mount-doubleslashessourceprefix-cifs.diff | 58 + util-linux-2.12r-mount-mtab-update.patch | 29 + util-linux-2.12r-mount.8-xfs-update.patch | 15 + util-linux-2.12r-nfs_remount_options.patch | 18 + util-linux-2.12r-nonfsmountfallback.diff | 31 + util-linux-2.12r-pagesize.patch | 12 + util-linux-2.12r-partx.patch | 118 + util-linux-2.12r-rawfixes.patch | 19 + util-linux-2.12r-readprofile-mapfile.patch | 45 + util-linux-2.12r-rpcsec-gss.patch | 114 + util-linux-2.12r-sec-manpage.patch | 51 + util-linux-2.12r-umount_nosysfs.patch | 11 + util-linux-2.12r.diff | 86 + util-linux-2.12r.tar.bz2 | 3 + util-linux-libvolume_id-support.patch | 523 ++ util-linux-nfs-timeo.diff | 11 + util-linux-nfs.8.diff | 11 + util-linux-nodiratime.diff | 14 + util-linux-opt-hotplug.diff | 88 + util-linux-wall.dif | 11 + util-linux-warn-nfsudp.diff | 118 + util-linux.changes | 1912 ++++++++ util-linux.spec | 1553 ++++++ which-2.13.tar.gz | 3 + 88 files changed, 15008 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 README.largedisk create mode 100644 README.loop-AES-v2.2d create mode 100644 README.loop-AES-v2.2d.SuSE create mode 100644 README.raw create mode 100644 adjtimex-1.20-nosyscall.diff create mode 100644 adjtimex-1.20.tar.bz2 create mode 100644 cryptoloop.txt create mode 100644 etc.raw create mode 100644 freeramdisk.tar.bz2 create mode 100644 guessfstype.8 create mode 100644 guessfstype2.patch create mode 100644 klogconsole-quiet.patch create mode 100644 klogconsole.diff create mode 100644 klogconsole.tar.bz2 create mode 100644 loop-AES-v3.0a-util-linux-2.12p.diff create mode 100644 mkzimage_cmdline.8 create mode 100644 mkzimage_cmdline.c create mode 100644 mount-nfs-nonreserved create mode 100644 mount.8-acl.diff create mode 100644 nfsboot create mode 100644 nologin.8 create mode 100644 nologin.c create mode 100644 raw.init create mode 100644 ready create mode 100644 renice.8 create mode 100644 schedutils-1.4.0.tar.bz2 create mode 100644 setctsid.8 create mode 100644 setctsid.c create mode 100644 sm-notify-20060111.tar.bz2 create mode 100644 stupid-programmer.diff create mode 100644 time-1.7.dif create mode 100644 time-1.7.tar.gz create mode 100644 util-linux-2.11q-fs_mac.diff create mode 100644 util-linux-2.11u-nfs-mount_acl.diff create mode 100644 util-linux-2.11z-hwclock_geteuid.diff create mode 100644 util-linux-2.12-enablereplaybuild.diff create mode 100644 util-linux-2.12-hostid.diff create mode 100644 util-linux-2.12-mount_guessfstype.diff create mode 100644 util-linux-2.12-mountfallback.patch create mode 100644 util-linux-2.12-multipleraw.diff create mode 100644 util-linux-2.12-nfs-tcp.diff create mode 100644 util-linux-2.12-suse-compatibility.diff create mode 100644 util-linux-2.12a-mountbylabel-dm.patch create mode 100644 util-linux-2.12a-mountpointwithcolon.diff create mode 100644 util-linux-2.12a-procswapscheck.diff create mode 100644 util-linux-2.12h-mtablock.diff create mode 100644 util-linux-2.12h-short-passwords.diff create mode 100644 util-linux-2.12i-x86_64intel.diff create mode 100644 util-linux-2.12q-ionice.diff create mode 100644 util-linux-2.12q-mount--move.diff create mode 100644 util-linux-2.12q-nfsv4.patch create mode 100644 util-linux-2.12q-null.diff create mode 100644 util-linux-2.12q-strict-aliasing.diff create mode 100644 util-linux-2.12q-umount2-not-static.patch create mode 100644 util-linux-2.12r-cal_formatting.patch create mode 100644 util-linux-2.12r-external-prog-on-guess.diff create mode 100644 util-linux-2.12r-fdisk_llseek.patch create mode 100644 util-linux-2.12r-fdiskcyl.patch create mode 100644 util-linux-2.12r-fdiskwrap.patch create mode 100644 util-linux-2.12r-losetup_password.patch create mode 100644 util-linux-2.12r-mkswap_fix.patch create mode 100644 util-linux-2.12r-mount-by-uuid.patch create mode 100644 util-linux-2.12r-mount-doubleslashessourceprefix-cifs.diff create mode 100644 util-linux-2.12r-mount-mtab-update.patch create mode 100644 util-linux-2.12r-mount.8-xfs-update.patch create mode 100644 util-linux-2.12r-nfs_remount_options.patch create mode 100644 util-linux-2.12r-nonfsmountfallback.diff create mode 100644 util-linux-2.12r-pagesize.patch create mode 100644 util-linux-2.12r-partx.patch create mode 100644 util-linux-2.12r-rawfixes.patch create mode 100644 util-linux-2.12r-readprofile-mapfile.patch create mode 100644 util-linux-2.12r-rpcsec-gss.patch create mode 100644 util-linux-2.12r-sec-manpage.patch create mode 100644 util-linux-2.12r-umount_nosysfs.patch create mode 100644 util-linux-2.12r.diff create mode 100644 util-linux-2.12r.tar.bz2 create mode 100644 util-linux-libvolume_id-support.patch create mode 100644 util-linux-nfs-timeo.diff create mode 100644 util-linux-nfs.8.diff create mode 100644 util-linux-nodiratime.diff create mode 100644 util-linux-opt-hotplug.diff create mode 100644 util-linux-wall.dif create mode 100644 util-linux-warn-nfsudp.diff create mode 100644 util-linux.changes create mode 100644 util-linux.spec create mode 100644 which-2.13.tar.gz diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/README.largedisk b/README.largedisk new file mode 100644 index 0000000..854dd3d --- /dev/null +++ b/README.largedisk @@ -0,0 +1,12 @@ +Some hints on fdisk and large disks (> 2TB) +------------------------------------------- + +Note that fdisk only supports legacy partition tables. +Legacy partition tables (like DOS) use 32 bit LBA addressing, +which means that you can only address partitions with a starting +sector and a size with a maximum of 2**32 sectors = 2TB. +This means you can not create partitions that are greater than 2TB +with fdisk! +If you want to use partition sizes above this limit, you need to use +GUID Partition Tables (GPT) which use 64 bit LBA addressing. +They are supported by parted. diff --git a/README.loop-AES-v2.2d b/README.loop-AES-v2.2d new file mode 100644 index 0000000..c3903f9 --- /dev/null +++ b/README.loop-AES-v2.2d @@ -0,0 +1,1231 @@ +Written by Jari Ruusu , October 26 2004 + +Copyright 2001,2002,2003,2004 by Jari Ruusu. +Redistribution of this file is permitted under the GNU Public License. + + +Table of Contents +~~~~~~~~~~~~~~~~~ +1. Loop device primer +2. General information +2.1. Key setup and IV modes +2.2. Use of journaling file systems on loop device +2.3. Use of offsets and sizelimits +2.4. Use of software suspend +2.5. File system soft block sizes +2.6. Compatibility with earlier versions +3. Instructions for building loop.o driver +4. Instructions for building new mount, umount, losetup, swapon and swapoff +5. Instructions for building new gpg +6. Testing the loop.o driver and losetup program +7. Examples +7.1 Example 1 - Encrypting swap on 2.4 and newer kernels +7.2. Example 2 - Partition backed loop with gpg encrypted key file +7.3. Example 3 - Encrypted partition that multiple users can mount +7.4. Example 4 - Encrypting /tmp partition with random keys +7.5. Example 5 - Encrypting root partition +7.6. Example 6 - Boot from CD-ROM + encrypted root partition +8. Security levels +9. Performance tuning for 2.4 and newer kernels +10. Files +11. Credits + + +1. Loop device primer +~~~~~~~~~~~~~~~~~~~~~ +Loop devices are block devices that do not store any data directly but loop +all reads and writes to underlying block device or file, possibly encrypting +and decrypting data in the process. Normally you don't write to a loop +device directly, but set up a file system on it. The file system will then +read from and write to loop device. + +By default, 8 loop devices are available: /dev/loop0, /dev/loop1 ... +/dev/loop7 (on devfs /dev/loop/0 ... /dev/loop/7). All devices are +identical, and each can be tied to one real block device or one file on some +file system. You have to decide and allocate which loop to use for which +purpose. + +losetup(8) program is used to make and tear down the connection between a +loop device and underlying device or file. You don't have to specify type of +underlying device as loop driver detects that automatically. mount(8), +umount(8), swapon(8) and swapoff(8) programs can also set up and tear down +loop devices. + +File backed loops may deadlock under some kernel + file system combinations. +So, if you can choose between device backed and file backed, choose device +backed even if it means that you have to re-partition your disks. + + +2. General information +~~~~~~~~~~~~~~~~~~~~~~ +This package provides loadable Linux kernel module (loop.o or loop.ko on 2.6 +kernels) that has AES cipher built-in. The AES cipher can be used to encrypt +local file systems and disk partitions. + +Loop device encrypts data but does not authenticate ciphertext. In other +words, it delivers data privacy, but does not guarantee that data has not +been tampered with. Admins setting up encrypted file systems should ensure +that neither ciphertext, nor tools used to access ciphertext (kernel + +kernel modules, mount, losetup, and other utilities) can be trojaned or +tampered. + +This package does *not* modify your kernel in any way, so you are free to +use kernels of your choice, with or without cool patches. This package works +with 2.0.x, 2.2.x, 2.4.x (2.4.7 or later) and 2.6.x kernels. + +Latest version of this package can be found at: + + http://loop-aes.sourceforge.net/ + http://members.tiscali.fi/ce6c8edf/ (limited downloads) + +New versions are announced to linux-crypto mailing list: + + http://mail.nl.linux.org/linux-crypto/ + http://www.spinics.net/lists/crypto/ + +List-subscribe: + + +2.1. Key setup and IV modes +~~~~~~~~~~~~~~~~~~~~~~~~~~~ +The AES cipher is used in CBC (cipher block chaining) mode. Data is +encrypted and decrypted in 512 byte chains. Two key setup modes are +supported; single-key mode and multi-key mode. Single-key mode uses simple +sector IV and one AES key to encrypt and decrypt all sectors in the loop +device. Multi-key mode uses cryptographically more secure MD5 IV and 64 +different AES keys to encrypt and decrypt sectors in the loop device. In +multi-key mode first key is used for first sector, second key for second +sector, and so on. + +Password string has a minimum length of 20 characters. Optional password +seed (salt) and key iteration count can be used to slow down dictionary +attacks. Password seed is appended to user supplied password before password +is hashed using one way hash. If password iteration count is specified, +password hash output is encrypted N thousand times using AES-256. Unique +seed prevents an adversary from precomputing hashes of passwords in his +dictionary in advance, and thus making an optimized attack slower. Large +password iteration count makes dictionary attack painfully slow. + +If encryption type is specified as AES128 or AES, password string is hashed +with SHA-256, and 128 bit AES encryption is used. If encryption type is +specified as AES192, password string is hashed with SHA-384, and 192 bit AES +encryption is used. If encryption type is specified as AES256, password +string is hashed with SHA-512, and 256 bit AES encryption is used. + + +2.2. Use of journaling file systems on loop device +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Don't use a journaling file system on top of file backed loop device. Device +backed loop device can be used with journaling file systems as device backed +loops guarantee that writes reach disk platters in order required by +journaling file system (write caching must be disabled on the disk drive, of +course). With file backed loop devices, correct write ordering may extend +only to page cache (which resides in RAM) of underlying file system. VM can +write such pages to disk in any order it wishes, and thus break write order +expectation of journaling file system. + + +2.3. Use of offsets and sizelimits +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +losetup and mount programs support using offset to underlying device or +file. 2.4.x and later kernels also support use of sizelimit that limit size +of device to some subset of full underlying device or file size. Both offset +and sizelimit are specified in bytes. If no offset is specified, zero offset +is used. If no sizelimit is specified, full device/file size is used. If you +do use nonzero offsets, make sure offset is integer multiple of 512 bytes. +Nonzero offsets that are not integer multiple of 512 bytes are NOT supported +as they may be nonportable and/or nonworking. + + +2.4. Use of software suspend +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Encryption keys are kept in kernel RAM while loop is active. Key is +immediately erased when loop is deactivated. Use of suspend-to-disk while +there are active encrypted loops should be used with caution: it would be +really bad security wise because encryption keys are written to disk when +kernel RAM is saved to disk. Once key is written to disk it may be +recoverable from that disk pretty much forever. Security of data encrypted +with such recoverable key is void. + + +2.5. File system soft block sizes +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +If you intend to move encrypted file system to some other device (CD-ROM for +example), be sure to create file system with soft block size that is integer +multiple of device hard sector size. CD-ROMs have 2048 byte sectors. File +system with 1024 byte soft block size is not going to work with all CD-ROM +drives and/or drivers. + + +2.6. Compatibility with earlier versions +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +This version is compatible with on-disk formats of all previous relased +versions. This version is compatible with recommended mount, losetup and +swapon command line syntax and /etc/fstab option syntax since +loop-AES-v1.1b. + +Unhashed encryption type as created using ancient loop-AES-v1.0c, now needs +'mount -o phash=unhashed1' or 'losetup -H unhashed1' options. + +Mount and losetup programs from loop-AES-v2.0g and older accepted unlimited +long passphrase when passphrase was read from a file descriptor using '-p 0' +option. To prevent abuse of mlock()ed RAM by non-root users, mount and +losetup programs from loop-AES-v2.1a and newer limit max passphrase length +to 4094 bytes. + + +3. Instructions for building loop.o driver +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Before you attempt to build loop.o driver (loop.ko on 2.6 kernels), you +*must* configure, compile and install new kernel so that CONFIG_MODULES=y +and CONFIG_BLK_DEV_LOOP=n. Also, CONFIG_KMOD=y is recommended but not +required (kernel 2.0 doesn't have CONFIG_KMOD, set CONFIG_KERNELD=y +instead). Configuring your kernel so that loop driver is built-in +(CONFIG_BLK_DEV_LOOP=y) or module (CONFIG_BLK_DEV_LOOP=m) will *not* work. +After building and installing your new kernel, do not attempt to clean +kernel tree, or rename path to kernel sources. + +(Re)configuring and (re)compiling your kernel are required for following +reasons: (1) to disable loop driver in your kernel, (2) to get your kernel +sources to match your running kernel, (3) to get your kernel .config to +match your running kernel, (4) to set up configure time generated links +properly, (5) to generate compile time created header files properly to +match your kernel configuration. Failure to fulfill *all* above requirements +may cause loop.o driver compilation to fail or generate incorrectly +operating code. If you are just upgrading existing loop-AES with newer +version, there is no need to recompile kernel or reboot. Just unmount all +file systems using old loop driver, and remove loop driver from kernel with +rmmod command before compiling new loop driver. + +This is how loop.o is compiled and installed: + +2.2 and older kernels: Makefile copies your kernel's loop.c to this + directory. Then, Makefile patches that copy with a + kernel version specific patch. If patching a copy of + your kernel's loop.c fails, then a local copy of + known-to-work and patch-able loop.c-2.X.original is + used instead. + +2.4 and newer kernels: Makefile copies pre-patched loop.c-2.X.patched to + file called patched-loop.c. + +Resulting patched-loop.c along with other source files is then compiled and +linked to form a new loop.o driver that is (usually) installed in +/lib/modules/`uname -r`/block directory. AES cipher is permanently glued to +loop.o driver so that when loop.o is loaded it automagically has AES support +built in. There is no need to define any aliases in /etc/modules.conf file. + +To compile and install loop.o driver, as root, use commands: + + make clean + make + +Makefile tries to locate running kernel source directory, steal definitions +from kernel Makefile, and build a version that matches your running kernel. +Following directories are tried, in this order: + + /lib/modules/`uname -r`/source + /lib/modules/`uname -r`/build + /usr/src/linux + /usr/src/linux-`uname -r` + /usr/src/kernel-source-`uname -r` + +You can override automatic kernel source directory detection by specifying +LINUX_SOURCE like this: make LINUX_SOURCE=/usr/src/linux-2.4.22aa1 + +Both LINUX_SOURCE and KBUILD_OUTPUT must be specified when compiling for +2.6.x kernel with separate object directory. + +You can disable automatic module installation and creation of module +dependencies by specifying MODINST=n RUNDM=n on make command line. + +Automatic kernel source directory detection is not foolproof. For best +results, always specify LINUX_SOURCE, especially if loop.o module appears to +compile for wrong kernel. Observe last five lines of make output for clues. + +If you are upgrading your kernel and you need loop.o module during boot, you +probably need to build new version of loop.o module that matches your new +kernel *before* you boot the new kernel. To build loop.o module for other +kernel than running kernel, you *must* specify LINUX_SOURCE parameter to +make. + +You can override default installation root directory by specifying +INSTALL_MOD_PATH like this: make INSTALL_MOD_PATH=/path/to/destination/root + +Makefile detects processor type from kernel configuration. If selected +processor type is x86 processor or AMD64 processor, optimized assembler +implementations of AES and MD5 are used instead of C implementations. If you +want to unconditionally disable x86 assembler AES and MD5 implementations, +specify X86_ASM=n on make command line. If you want to unconditionally +disable AMD64 assembler AES and MD5 implementations, specify AMD64_ASM=n on +make command line. + +If you want to enable encryption key scrubbing, specify KEYSCRUB=y on make +command line. Loop encryption key scrubbing moves and inverts key bits in +kernel RAM so that the thin oxide which forms the storage capacitor +dielectric of DRAM cells is not permitted to develop detectable property. +For more info, see Peter Gutmann's paper: +http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html + +Note: If your patch program is very old, it may not understand the --dry-run +option, and may puke lengthy error messages. Even if that happens, the build +process should still produce a working loop driver. + + +4. Instructions for building new mount, umount, losetup, swapon and swapoff +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +In order to support AES and other ciphers, mount, umount, losetup, swapon +and swapoff need to be patched and recompiled. A patch is included. Mount, +umount, losetup, swapon and swapoff sources are in util-linux package which +you can get from: + + ftp://ftp.win.tue.nl/pub/linux-local/utils/util-linux/ + or + ftp://ftp.kernel.org/pub/linux/utils/util-linux/ + +Just in case if the tarball is not properly signed, the md5 sum of +util-linux-2.12h.tar.gz is f8f1b2096abbf52fadf86d470c5035dd + +Do *not* install all the utilities in the util-linux package without +thinking. You may ruin your system if you do that. Read the INSTALL file +provided with util-linux tarball. + +These commands, as root user, will recompile and install mount, umount, +losetup, swapon, swapoff and their man pages: + + zcat util-linux-2.12h.tar.gz | tar xvf - + cd util-linux-2.12h + patch -p1 <../util-linux-2.12h.diff + CFLAGS=-O2 ./configure + make SUBDIRS="lib mount" + cd mount + install -m 4755 -o root mount umount /bin + install -m 755 losetup swapon /sbin + rm -f /sbin/swapoff && ( cd /sbin && ln -s swapon swapoff ) + rm -f /usr/share/man/man8/{mount,umount,losetup,swapon,swapoff}.8.gz + install -m 644 mount.8 umount.8 losetup.8 /usr/share/man/man8 + install -m 644 swapon.8 swapoff.8 /usr/share/man/man8 + rm -f /usr/share/man/man5/fstab.5.gz + install -m 644 fstab.5 /usr/share/man/man5 + mandb + cd ../.. + +Debian users may want to put mount package on hold like this: + + echo mount hold | dpkg --set-selections + + +5. Instructions for building new gpg +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +When gpg encrypts data with symmetric cipher only or when gpg encrypts +secret keyring keys with secret passphrase, gpg uses seeded (salted) and +iterated key setup. However, default amount of iteration is tuned for slow +processors and can be increased for better resistance against dictionary +attacks. Larger key iteration makes key setup much slower, but also makes +dictionary attacks much slower too. + +Included optional gpg patch makes gpg password iteration 128 times slower. +gpg stores new iteration value along with seed bytes into symmetric cipher +encrypted output file or secret keyring, so unpatched gpg versions will read +and decrypt the data just fine. + +gpg sources are available from: + + ftp://ftp.gnupg.org/gcrypt/gnupg/ + +These commands, as root user, will recompile and install gpg and gpgv and +their man pages: + + zcat gnupg-1.2.6.tar.gz | tar xvf - + cd gnupg-1.2.6 + patch -p1 <../gnupg-1.2.6.diff + CFLAGS="-O2" LDFLAGS="-static -s" ./configure --prefix=/usr --enable-static-rnd=linux + make + rm -f /usr/share/man/man1/{gpg,gpgv}.1.gz + make install + chown root.root /usr/bin/gpg + chmod 4755 /usr/bin/gpg + +Note: Above instructions create statically linked version of gpg. Static +linking is necessary if you ever decide to encrypt your root partition. + +If /usr/bin directory is not on your root partition, then it is necessary to +move gpg to /bin directory on your root partition: + + cd /usr/bin + mv gpg ../../bin + ln -s ../../bin/gpg gpg + +Debian users may want to put gnupg package on hold like this: + + echo gnupg hold | dpkg --set-selections + + +6. Testing the loop.o driver and losetup program +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Run this command, as root, and Makefile will run series of tests. + + make tests + +Makefile will display "*** Test results ok ***" message if tests are +completed successfully. If tests fail, do not use the driver as it is +broken. + +If gpg isn't available, then tests that involve decrypting gpg encrypted key +files will fail. You can skip gpg key file tests by specifying +TEST_GPG_TYPES=n on make command line. + + +7. Examples +~~~~~~~~~~~ +Many of following examples depend on gpg encrypted key file. gpg appears to +prevent its own keys from being leaked to swap, but does not appear to +prevent data handled by it from being leaked to swap. In gpg encrypted key +file cases, the data handled by gpg are loop encryption keys, and they may +leak to swap. Therefore, use of gpg encrypted key file depends on encrypted +swap. + +When using gpg encrypted key file, the password that is used to encrypt the +key file is the password that losetup and mount programs want. losetup and +mount programs run gpg to decrypt the key file, and pipe the password to +gpg. gpg then decrypts the file and pipes the real loop keys back to losetup +or mount program. + +Many of following examples need uuencode program. Not all boxes have it +installed by default. If you need to install uuencode program, it is usually +part of sharutils package. + +Many of following examples attempt to use loop in multi-key mode and thus +*require* losetup/mount programs from loop-AES-v2.0b or later. Setting up +multi-key gpg key-file and using that key-file with old single-key only +aware losetup/mount programs is *dangerous*. In multi-key loop cases +"losetup -a" command run by root user should output "multi-key" indicating +that loop is really in multi-key mode. If no "multi-key" string shows up, +your loop setup is a time bomb. If you later upgrade your losetup/mount +programs to version that can understand multi-key mode, those new +losetup/mount programs will correctly setup loop in multi-key mode instead +of single-key mode, and you may not be able to access your data any more. +New losetup/mount programs are compatible with both single-key and multi-key +key-files. New losetup/mount programs will recognize single-key key-files +and set up loop in single-key mode in those cases. Old single-key only aware +losetup/mount programs need single-key examples. None of the following gpg +key-file examples are such. + + +7.1. Example 1 - Encrypting swap on 2.4 and newer kernels +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Device backed (partition backed) loop is capable of encrypting swap on 2.4 +and newer kernels. File backed loops can't be used for swap. + +First, run "swapoff -a" to turn off swap devices in your /etc/fstab file. +Second, add "loop=/dev/loop?" and "encryption=AES128" options to swap lines +in your /etc/fstab file. Example: + + /dev/hda666 none swap sw,loop=/dev/loop6,encryption=AES128 0 0 + ^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^ +Third, there may be old unencrypted data on your swap devices, in which case +you can try to overwrite that data with command like this: + + dd if=/dev/zero of=/dev/hda666 bs=64k conv=notrunc + mkswap /dev/hda666 + +Fourth, run "swapon -a" and "rm -rf /var/log/ksymoops" and you are done. + +Running "swapon -a" will set up loop devices using random keys, run mkswap +on them, and enable encrypted swap on specified loop devices. Usually your +distro's startup scripts will run the "swapon -a" command so you don't need +to change your startup scripts at all. As expected, "swapoff -a" will tear +down such loop devices. + +Removing /var/log/ksymoops directory is often required because some versions +of modprobe (part of modutils package) try to log loaded modules to +/var/log/ksymoops/*.log files. This is bad because swap is often enabled +(and loop.o modprobe'd to kernel) before any partitions are mounted +writable. Without /var/log/ksymoops directory on root partition, modprobe +will not try to log loaded modules, and you won't see annoying error +messages. + +Note: If you are using encrypted swap and you are upgrading your kernel, you +probably need to build new version of loop.o module that matches your new +kernel *before* you boot the new kernel. See "Instructions for building +loop.o driver" section for more details. + + +7.2. Example 2 - Partition backed loop with gpg encrypted key file +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +This example, originally from Michael H. Warfield, shows how to create an +ext2 file system on encrypted hard disk partition, and creates 64 random +encryption keys that are encrypted using gpg. Store the key file where ever +you like, on separate removable media, USB dongle, or on a smart card if you +like. You have to have both your passphrase and that key file in order to +mount that file system. + +This example uses a fictitious partition /dev/hda666 for storage and +fictitious directory /mnt666 as mount point. A removable USB dongle is +assumed to be (auto-)mounted at /a/usbdongle directory. + +Create 64 random encryption keys and encrypt those keys using gpg. Reading +from /dev/random may take indefinitely long if kernel's random entropy pool +is empty. If that happens, do some other work on some other console (use +keyboard, mouse and disks). Use of gpg encrypted key file depends on +encrypted swap. + + head -c 2880 /dev/random | uuencode -m - | head -n 65 | tail -n 64 \ + | gpg --symmetric -a >/a/usbdongle/keyfile.gpg + +Fill the partition with random looking data. "dd" command may take a while +to execute if partition is large. + + head -c 15 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 \ + | losetup -p 0 -e AES128 /dev/loop3 /dev/hda666 + dd if=/dev/zero of=/dev/loop3 bs=4k conv=notrunc 2>/dev/null + losetup -d /dev/loop3 + +Add this to your /etc/fstab file: + + /dev/hda666 /mnt666 ext2 defaults,noauto,loop=/dev/loop3,encryption=AES128,gpgkey=/a/usbdongle/keyfile.gpg 0 0 + +The "losetup -F" command asks for passphrase to unlock your key file. +Losetup -F option reads loop related options from /etc/fstab. Partition name +/dev/hda666, encryption=AES128 and gpgkey=/a/usbdongle/keyfile.gpg come from +/etc/fstab. + + losetup -F /dev/loop3 + mkfs -t ext2 /dev/loop3 + losetup -d /dev/loop3 + mkdir /mnt666 + +Now you should be able to mount the file system like this. The "mount" +command asks for passphrase to unlock your key file. + + mount /mnt666 + +Check that loop is really in multi-key mode. Losetup -a output should +include string "multi-key" indicating that loop is really in multi-key mode. +If no "multi-key" string shows up, you somehow managed to mess up gpg key +file generation part or you are trying to use old losetup/mount programs +that only understand single-key mode. + + losetup -a + +You can unmount partition like this: + + umount /mnt666 + +Unmounted filesystem can be fsck'ed like this. -F option reads loop related +options from /etc/fstab. Partition name /dev/hda666, encryption=AES128 and +gpgkey=/a/usbdongle/keyfile.gpg come from /etc/fstab. + + losetup -F /dev/loop3 + fsck -t ext2 -f -y /dev/loop3 + losetup -d /dev/loop3 + + +7.3. Example 3 - Encrypted partition that multiple users can mount +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +This example shows how to create encrypted partition that multiple non-root +users can mount, each with their own gpg key. Non-root users don't have +access to file system key that is actually used to encrypt data. Root can +add or remove user's permission to mount encrypted partition at any time. +This example uses a fictitious partition /dev/hda666 for storage and +fictitious directory /secret1 as mount point. + +Create 64 random file system keys and encrypt those keys using root's gpg +public key. Reading from /dev/random may take indefinitely long if kernel's +random entropy pool is empty. If that happens, do some other work on some +other console (use keyboard, mouse and disks). Use of gpg encrypted key file +depends on encrypted swap. + + umask 077 + head -c 2880 /dev/random | uuencode -m - | head -n 65 | tail -n 64 \ + | gpg -e -a -r "Superuser" > /root/masterkey-secret1.gpg + +Fill the partition with random looking data. "dd" command may take a while +to execute if partition is large. + + head -c 15 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 \ + | losetup -p 0 -e AES128 /dev/loop0 /dev/hda666 + dd if=/dev/zero of=/dev/loop0 bs=4k conv=notrunc 2>/dev/null + losetup -d /dev/loop0 + +Use file system keys to setup /dev/loop0 to partition /dev/hda666 and create +encrypted ext2 file system. The "losetup -e" command asks for root's gpg +passphrase to unlock root's secret gpg key. + + losetup -e AES128 -K /root/masterkey-secret1.gpg /dev/loop0 /dev/hda666 + mkfs -t ext2 /dev/loop0 + losetup -d /dev/loop0 + mkdir /secret1 + +Add mount information to /etc/fstab file. Something like this: + + /dev/hda666 /secret1 ext2 defaults,user,noauto,encryption=AES128,loop=/dev/loop0,gpgkey=/etc/userkey-secret1.gpg 0 0 + ^^^^ +You may want to check non-obvious side effects of above "user" mount option. +It's all explained in mount man page. + +Create root-only-readable /etc/userkey-secret1.gpg file which contains file +system key encrypted with each user's public key. List all users as +recipient who should be able to mount /secret1 encrypted partition. Repeat +this every time you want to add or remove users. + + umask 077 + gpg --decrypt < /root/masterkey-secret1.gpg | gpg -e -a --always-trust \ + -r "Superuser" -r "John Doe" -r "Tea Lipton" > /etc/userkey-secret1.gpg + +Users can mount encrypted partition like this. mount asks for gpg passphrase +to unlock user's secret gpg key. Each user can use their own gpg key. + + mount /secret1 + +Root user can check that loop is really in multi-key mode. Losetup -a output +should include string "multi-key" indicating that loop is really in +multi-key mode. If no "multi-key" string shows up, you somehow managed to +mess up gpg key file generation part or you are trying to use old +losetup/mount programs that only understand single-key mode. + + losetup -a + +You can unmount partition like this: + + umount /secret1 + +Root user can fsck unmounted filesystem like this. -F option reads loop +related options from /etc/fstab. Partition name /dev/hda666, +encryption=AES128 and gpgkey=/etc/userkey-secret1.gpg come from /etc/fstab. + + losetup -F /dev/loop0 + fsck -t ext2 -f -y /dev/loop0 + losetup -d /dev/loop0 + + +7.4. Example 4 - Encrypting /tmp partition with random keys +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +When mount passphrase hash function is specified as random, mount does not +ask for password but sets up 64 random keys and attempts to put loop to +multi-key mode and creates new file system on that encrypted loop device +before that file system is mounted. + +First, unmount your existing /tmp partition by running "umount /tmp". There +may be open files in there, so you may have to do this from single user +mode. + +Second, add loop= encryption= and phash=random mount options to /etc/fstab +file. The sixth /etc/fstab field (fs_passno) must be zero so that fcsk will +not attempt to check this partition. + + /dev/hda555 /tmp ext2 defaults,loop=/dev/loop2,encryption=AES128,phash=random/1777 0 0 + ^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^ ^ +Third, run "mount /tmp" command and you are done. + +Octal digits after phash=random/ mount option specify initial permissions of +file system root directory that gets created on the loop device. 1777 means +read+write+search permissions for all and sticky bit set. Type "man 2 stat" +for more info about what each bit stands for. + +Encryption keys and plaintext data on above type mount vanish on unmount or +power off. Using journaled file system in such case does not make much +sense, because file system is re-created with different encryption keys on +each mount, and file system jounal is never used. + +This example requires that mount program is derived from util-linux patch +found in loop-AES-v2.2d or later version. + + +7.5. Example 5 - Encrypting root partition +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Encrypting root partition requires a small unencrypted /boot partition. +Everything else (root, swap and other partitions) can be encrypted. Kernels +and tools required to boot kernels reside in the /boot partition. Included +build-initrd.sh script builds a small "initrd" ram-disk that works with 2.2 +2.4, and 2.6 kernels. build-initrd.sh script depends on having minix file +system support in the kernel and working mkfs.minix program binary. +Util-linux includes source for mkfs.minix if you don't have it and need to +build it yourself. You need to temporarily boot from rescue floppy/CD-ROM or +other partition to do the actual encrypting work. The rescue floppy/CD-ROM +or other partition kernel doesn't need to support loop crypto, so just about +anything that boots will work. + +1) build-initrd.sh script needs dietlibc. Dietlibc source is available + from: + + http://www.fefe.de/dietlibc/ + ftp://ftp.kernel.org/pub/linux/libs/dietlibc/ + + To compile and install dietlibc, follow instructions in the dietlibc + README file. For example, on a x86 box, do this: + + make + install bin-i386/diet /usr/local/bin + +2) You need to use aespipe program (v2.2a or later) with your rescue + floppy/CD-ROM or other partition. aespipe source is available from: + + http://loop-aes.sourceforge.net/ + http://members.tiscali.fi/ce6c8edf/ (limited downloads) + + Download latest version of aespipe-*.tar.bz2 + + Dynamically linked aespipe program may have library dependency problems + with rescue floppy/CD-ROM or other partition C library. To avoid such + trouble, aespipe program needs to be linked statically. Static linking + with glibc makes aespipe much bigger (hundreds of kilobytes), and may + also create link warning about 'getpwuid'. Big program size and link + warning can be ignored here. + + Compile aespipe program like this: + + CFLAGS="-O2" LDFLAGS="-static -s" ./configure + make + make tests + + Copy statically linked aespipe program to /boot partition. + + cp -p aespipe /boot + +3) If you followed advise about recompiling and statically linking gpg + program, you don't need to do that again. However, if you don't have + statically linked gpg, you need to do that now because later steps in + root partition encryption depend on it. + +4) Backup all important data before proceeding with root partition + encryption. + +5) Recompile your kernel. These are required: CONFIG_BLK_DEV_RAM=y + CONFIG_BLK_DEV_RAM_SIZE=4096 CONFIG_BLK_DEV_INITRD=y CONFIG_MINIX_FS=y + CONFIG_PROC_FS=y CONFIG_CRAMFS=n (or CONFIG_CRAMFS=m) + + CONFIG_BLK_DEV_{RAM,INITRD}=y are needed because kernel needs to support + initial ramdisk. CONFIG_MINIX_FS=y is needed because file system on + initrd is minix. CONFIG_CRAMFS=n is needed because cramfs code may + incorrectly detect initrd's compressed minix file system as cramfs file + system. If cramfs must be built-in, then build-initrd.sh must be + configured with USEPIVOT=1, and kernel parameter "rootfstype=minix" must + be added to bootloader configuration file. 2.2.x and older kernels have + neither CONFIG_CRAMFS nor cramfs, so that kernel configuration setting + can be ignored on those kernels. + + All kernel subsystems needed by root and /boot file systems must be + compiled directly into kernel (and not be modules). + + cd /usr/src/linux-2.4.22aa1 + cp .config ../somewhere/somename.config + make distclean + cp ../somewhere/somename.config .config + make config + make dep && make clean && make bzImage + make modules && make modules_install + cat arch/i386/boot/bzImage >/boot/vmlinuz + cp System.map /boot/System.map-2.4.22aa1 + +6) Compile loop-AES loop.o module for your kernel. + + cd ../loop-AES-* + make LINUX_SOURCE=/usr/src/linux-2.4.22aa1 + +7) Copy kernel version specific loop.o (2.4 and older kernels) or loop.ko + (2.6 kernels) to /boot/modules-KERNELRELEASE/ + + mkdir /boot/modules-2.4.22aa1 + ^^^^^^^^^ + cp -p /lib/modules/2.4.22aa1/block/loop.*o /boot/modules-2.4.22aa1/ + ^^^^^^^^^ ^^^^^^^^^ + Note: You need to have a kernel version specific loop.o or loop.ko + module in /boot/modules-KERNELRELEASE/ directory for every kernel you + intend to use. + +8) If your boot scripts automatically run "umount /initrd" and "blockdev + --flushbufs /dev/ram0" commands, you may want to disable those commands. + If you don't disable them, you may see annoying error messages when + booting to encrypted root partition. + + Root partition loop device node is inside initrd, and that device node + will remain busy forever. This means that encrypted root initrd can't be + unmounted and RAM used by initrd file system can't be freed. This + unable-to-unmount side effect is the reason why initrd is intentionally + made as small as possible. + +9) Create 64 random encryption keys and encrypt those keys using gpg. + Reading from /dev/random may take indefinitely long if kernel's random + entropy pool is empty. If that happens, do some other work on some other + console (use keyboard, mouse and disks). Use of gpg encrypted key file + depends on encrypted swap. + + umask 077 + head -c 2880 /dev/random | uuencode -m - | head -n 65 | tail -n 64 \ + | gpg --symmetric -a >/boot/rootkey.gpg + +10) Edit build-initrd.sh to match your setup. Set BOOTDEV, BOOTTYPE, + CRYPTROOT and ROOTTYPE variables to correct values. If you are using 2.2 + or older kernels, set USEPIVOT=0 because 2.2 and older kernels do not + have pivot_root functionality. You may also want to set + LOADNATIONALKEYB=1 and manually copy your uncompressed national keyboard + layout file (in "loadkeys" format) to /boot/default.kmap + + loadkeys configuration files for some popular distros: + + Debian: /etc/console/boottime.kmap.gz + Mandrake: /usr/lib/kbd/keymaps/i386/qwert[yz]/*.kmap.gz + Red Hat: /lib/kbd/keymaps/i386/qwert[yz]/*.kmap.gz + SuSE: /usr/lib/kbd/keymaps/i386/qwert[yz]/*.map.gz + Slackware: /usr/share/kbd/keymaps/i386/qwert[yz]/*.map.gz + + Or alternatively, you can create keyboard map using your current + keyboard layout. Like this: + + dumpkeys >/boot/default.kmap + + devfs enabled kernel users (CONFIG_DEVFS_FS=y and CONFIG_DEVFS_MOUNT=y + in kernel configuration) need to pay special attention to comments above + these build-initrd.sh options: USEDEVFS, BOOTDEV, CRYPTROOT and + EXTERNALGPGDEV. + +11) Edit /etc/lilo.conf (or whatever) and set root= initrd= and append= as + explained in comments at beginning of build-initrd.sh script. + +12) Build a new /boot/initrd.gz + + ./build-initrd.sh + + Note: /boot/initrd.gz is supposed to be small (2 KB to 3 KB). All other + utilities (loop.o module, insmod, losetup, loadkeys and possibly + libraries) are copied to /boot directory. Libraries are not copied if + programs are statically linked. + +13) Run lilo (or whatever) + + lilo + +14) Reboot your computer from rescue floppy/CD-ROM or other partition, so + that the partition you are about to encrypt is *not* mounted. + +15) Now you should be running a shell from rescue floppy/CD-ROM or other + partition. This example assumes that /dev/hda1 is your /boot partition + and /dev/hda2 is your root partition. Temporarily mount your root + partition under /mnt + + mount -t ext2 /dev/hda2 /mnt + +16) Edit root partition entry in /mnt/etc/fstab file. Replace old /dev/hda2 + with /dev/loop5 or whatever loop you are using for root partition. Loop + device number must match ROOTLOOPINDEX= in build-initrd.sh + configuration. The default in build-initrd.sh is 5, meaning /dev/loop5. + + Old /etc/fstab line: + /dev/hda2 / ext2 defaults 0 1 + New /etc/fstab line: + /dev/loop5 / ext2 defaults 0 1 + + devfs enabled kernel users (CONFIG_DEVFS_FS=y and CONFIG_DEVFS_MOUNT=y + in kernel configuration) need to substitute /dev/loop5 with /dev/loop/5 + +17) Unmount your root partition (and sync for extra safety). + + umount /mnt + sync + +18) Mount your normal /boot partition under /mnt so that you can use + previously built statically linked aespipe and gpg programs and read gpg + encrypted key file 'rootkey.gpg'. Statically linked gpg program was + copied there by build-initrd.sh script. + + mount -r -t ext2 /dev/hda1 /mnt + +19) Use dd program to read your root partition contents, pipe that data + through aespipe program, and finally write encrypted data back to same + partition with another dd program. This is going to take a while if + partition is large. + + dd if=/dev/hda2 bs=64k \ + | /mnt/aespipe -e AES128 -K /mnt/rootkey.gpg -G / \ + | dd of=/dev/hda2 bs=64k conv=notrunc + + aespipe program tries to run gpg from obvious locations on your rescue + floppy/CD-ROM file system, but if it can't find gpg from those obvious + locations, aespipe finally tries to run gpg from same directory that + aespipe was run from (/mnt/) and should find statically linked gpg + program there. + +20) Clean up and reboot your computer. + + umount /mnt + sync + reboot + +If you are upgrading kernel of a system where root partition is already +encrypted, only steps 5 to 7 and 13 are needed. /boot/initrd.gz is kernel +independent and there is no need to re-create it for each kernel. However, +if you are upgrading from 2.4 kernel to 2.6 kernel, new insmod may need to +be copied to /boot directory by running step 12 before running step 13. + +If you want to fsck and mount partitions automatically and are indeed +encrypting root partition, it may be easier to just losetup required +partitions early in init scripts (before partitions are fsck'ed and +mounted). Don't losetup root partition again, as root partition has already +been losetup'ed by /linuxrc program in the "initrd" ram-disk. + +Init scripts reside on root partition and encryption keys within such init +scripts are protected by root partition encryption. Of course, init scripts +containing sensitive keys must be readable only by root user: + + -rwx------ 1 root root 162 Nov 24 19:23 /etc/rcS.d/S07losetup.sh + +Here is an example of /etc/rcS.d/S07losetup.sh Debian init script. Other +distros may store such init scripts in different directory under different +name. On SuSE, /etc/init.d/boot.d/S01losetup.sh may be more appropriate. + +#!/bin/sh +echo "Pd1eXapMJk0XAJnNSIzE" | losetup -p 0 -e AES128 -K /etc/swapkey.gpg /dev/loop6 /dev/hda666 +echo "D0aZNSNnu6FdAph+zrHt" | losetup -p 0 -e AES128 -K /etc/homekey.gpg /dev/loop4 /dev/hdd666 + +Above partitions use gpg encrypted key files. Having encrypted files on +encrypted partition may seem little bit silly, but currently -K option is +the easiest way to activate multi-key mode with more secure MD5 IV +computation. + +Here are example lines of /etc/fstab file. It's not necessary to give +"loop=/dev/loop4,encryption=AES128" mount options as loop devices are +already losetup'ed and there is no need for mount program to do that again. + + /dev/loop5 / ext2 defaults 0 1 + /dev/loop6 none swap sw 0 0 + /dev/loop4 /home ext2 defaults 0 2 + +In above example, device /dev/hda666 is used as encrypted swap with fixed +key. If you set up swap with fixed key like in above example, don't forget +to initialize swap space by running "mkswap /dev/loop6" once. /dev/hdd666 is +used as encrypted /home partition. /dev/loop5 is encrypted root partition, +and it set up by /linuxrc program in "initrd" ram-disk. + + +7.6. Example 6 - Boot from CD-ROM + encrypted root partition +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Here is slight variation of above 'encrypting root partition' instructions. +Computer gets booted from read-only CD-ROM and there is no need for any +unencrypted partitions on the hard disk. + +1-6) Same as above 'encrypting root partition' steps 1-6. + +7) Copy kernel version specific loop.o or loop.ko module to CD-ROM source + directory + + rm -r -f /boot/iso/modules-* + mkdir -p /boot/iso/modules-2.4.22aa1 + ^^^^^^^^^ + cp -p /lib/modules/2.4.22aa1/block/loop.*o /boot/iso/modules-2.4.22aa1/ + ^^^^^^^^^ ^^^^^^^^^ +8-9) Same as above 'encrypting root partition' steps 8-9, with exception + that in step 9 you must write rootkey.gpg to /boot/iso directory instead + of /boot directory. + +10a) Contents of /boot/initrd.conf configuration file are below. + + BOOTDEV=/dev/hdc # CD-ROM device + BOOTTYPE=iso9660 + CRYPTROOT=/dev/hda2 + ROOTTYPE=ext2 + CIPHERTYPE=AES128 + DESTINATIONPREFIX=/boot/iso + INITRDGZNAME=../initrd.gz + LOADNATIONALKEYB=1 + + devfs enabled kernel users (CONFIG_DEVFS_FS=y and CONFIG_DEVFS_MOUNT=y + in kernel configuration) need to pay special attention to comments above + these build-initrd.sh options: USEDEVFS, BOOTDEV, CRYPTROOT and + EXTERNALGPGDEV. + +10b) Copy your national keyboard layout to CD-ROM source directory in + uncompressed form. + + dumpkeys >/boot/iso/default.kmap + +11) Contents of /etc/lilo.conf configuration file are below. Two copies of + '/dev/loop7' on first two lines refer to temporary file backed loop + mount that is mounted on /mnt later in step 13a. + + boot=/dev/loop7 + disk=/dev/loop7 + bios=0x00 + sectors=36 + heads=2 + cylinders=80 + geometric + compact + read-only + prompt + timeout=30 + vga=normal + backup=/dev/null + install=text + map=/mnt/map + image=/mnt/vmlinuz + label=Linux + append="init=/linuxrc rootfstype=minix" + initrd=/mnt/initrd.gz + root=/dev/ram0 + +12) Build new /boot/initrd.gz + + ./build-initrd.sh /boot/initrd.conf + +13a) Build and mount minix file system on floppy image + + dd if=/dev/zero of=/boot/iso/fdimage.bin bs=1024 count=2880 + mkfs -t minix -i 32 /boot/iso/fdimage.bin 2880 + mount -t minix /boot/iso/fdimage.bin /mnt -o loop=/dev/loop7 + +13b) Copy kernel and initrd.gz to floppy image + + cp -p /boot/vmlinuz /mnt/vmlinuz + cp -p /boot/initrd.gz /mnt/initrd.gz + +13c) Run lilo and unmount floppy image + + lilo + umount /mnt + sync + +13d) Create boot CD-ROM image + + mkisofs -r -b fdimage.bin /boot/iso >/boot/bootcdimage.iso + +13e) Burn /boot/bootcdimage.iso to CD-R. Resulting CD-ROM is your boot + CD-ROM that you use to boot to encrypted root, not the rescue CD-ROM + referred to in above 'encrypting root partition' step 14. + + You may want to burn two copies or at least archive bootcdimage.iso to + some unencrypted partition so that you can burn new copy if original + CD-ROM gets damaged. + +13f) Temporarily disable swap partitions and put a "temporary file system on + swap" into one of swap partitions. This example assumes that /dev/hda3 + is such swap partition. The 'dd' command clears first 64KB of that + partition so that dangerously buggy rescue floppies/CD-ROMs don't enable + swap on it. + + swapoff -a + dd if=/dev/zero of=/dev/hda3 bs=64k count=1 conv=notrunc + mkfs -t ext2 /dev/hda3 + mount -t ext2 /dev/hda3 /mnt + +13g) Copy statically linked aespipe and gpg programs and rootkey.gpg file to + "temporary file system on swap" partition. + + cp -p /boot/aespipe /boot/iso/rootkey.gpg /usr/bin/gpg /mnt + umount /mnt + +14-19) Same as above 'encrypting root partition' steps 14-19, with exception + that in step 18 you must rw mount (no -r option to mount) "temporary + file system on swap" /dev/hda3 instead of /boot partition. + +20) Clean up and reboot your computer. The 'dd' command attempts to + overwrite gpg encrypted root partition key file and 'mkswap' command + restores "temporary file system on swap" /dev/hda3 back to swap usage. + + dd if=/dev/zero of=/mnt/rootkey.gpg bs=64k count=1 conv=notrunc + umount /mnt + sync + mkswap /dev/hda3 + sync + reboot + +If you are upgrading kernel of a system where root partition is already +encrypted, only steps 5 to 7 and 13a to 13e are needed. However, if you are +upgrading from 2.4 kernel to 2.6 kernel, new insmod may need to be copied to +/boot/iso directory by running step 12 before running step 13a. + + +8. Security levels +~~~~~~~~~~~~~~~~~~ +Loop encryption key can be set up in different ways. Just in case it isn't +obvious how these different ways rank security wise, here is a list of +security levels from 1 (highest security) to 4 (lowest security). + +1) gpg encrypted 'multi-key' key file and/or gpg public+private keys are + stored on separate removable USB dongle that is not available to + attacker. If USB dongle and its key files are available to attacker, + security level is equivalent to level 2. (Example 2) + +2) gpg encrypted 'multi-key' key file and gpg public+private keys are + stored on disk that is available to attacker. This assumes that included + gpg patch is applied to gpg and symmetric cipher encrypted key file or + private keyring password was created/changed with patched version. + (Example 3) + +3) Loop is used in single-key mode. Random password seed and iteration + count are used to slow down optimized dictionary attacks. This level is + vulnerable to watermark attacks. Watermarked files contain special bit + patterns that can be detected without decryption. + +4) Loop is used in single-key mode. Neither password seed nor gpg encrypted + key file are used. This level is vulnerable to optimized dictionary + attacks as well as watermark attacks. (mainline linux cryptoloop is + example of this type of backdoored crypto) + + +9. Performance tuning for 2.4 and newer kernels +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Loop-AES driver for 2.4 and newer kernels understand two additional options: +lo_prealloc and lo_nice. First number of 'lo_prealloc' is the default number +of RAM pages to pre-allocate for each device backed (partition backed) loop. +Every configured device backed loop pre-allocates this amount of RAM pages +unless later 'lo_prealloc' numbers provide an override. 'lo_prealloc' +overrides are defined in pairs: loop_index,number_of_pages. If 'lo_prealloc' +is undefined, all pre-allocations default to 125 pages. A maximum of four +overrides (four number pairs) can be used. + +This example line added to your /etc/modules.conf file means that each +device backed loop device pre-allocates 100 pages of RAM at losetup/mount +time, except that /dev/loop6 allocates 200 pages, and /dev/loop5 allocates +250 pages. + + options loop lo_prealloc=100,6,200,5,250 + +On x86 systems page size is 4 Kbytes, some other architectures have 8 Kbyte +page size. + +lo_nice option sets scheduler nice for loop helper threads. Values between 0 +(low priority) to -20 (high priority) can be used. If loop transfers are +disk transfer rate limited, lowering loop thread priority may improve +performance. If loop transfers are CPU processing power limited, increasing +loop thread priority may improve performance. renice(8) command can be used +to alter nice values of loop helper threads while loop is being used. +Example /etc/modules.conf line: + + options loop lo_nice=-4 + +If lo_nice is not set, default nice value for kernels with old scheduler is +-20. For kernels with O(1) scheduler, default nice value is -1. + +2.6 kernels include anticipatory (the default) and deadline I/O schedulers. +Deadline I/O scheduler may improve performance of device backed loop +devices. Please read kernel's Documentation/as-iosched.txt file for more +information. + + +10. Files +~~~~~~~~~ +ChangeLog History of changes and public releases. + +Makefile Makefile to build and install loop.o module. + +README This README file. + +aes-GPL.diff A patch for aes-amd64.S and aes-x86.S files that + updates licenses to be fully GPL compatible. + aes-amd64.S and aes-x86.S files are derived from + Brian Gladman's December 2001 published version + that had no mention of GPL, but both Brian + Gladman and Jari Ruusu permit this license + change. + +aes-amd64.S Optimized assembler implementation of AES cipher + for AMD64 and compatible processors. + +aes-x86.S Optimized assembler implementation of AES cipher + for x86 processors. + +aes.[ch] AES encryption functions, portable and usable in + kernel and in user space, as well as in other + operating systems. + +build-initrd.sh Bash shell script to build a small initrd + ram-disk that can be used when root partition is + encrypted. + +dkms.conf Configuration file for Dynamic Kernel Module + Support. http://linux.dell.com/dkms/dkms.html + for more info. This dkms.conf can't be used to + compile loop module with partial kernel sources + that some distros provide. Build procedure + depends on presence of full kernel sources, and + using partial kernel source to build loop module + will guarantee miscompiled loop module. + +glue.c Glue logic between loop driver and encryption + functions in aes.c / aes-*.S and md5.c / md5-*.S + +gnupg-*.diff Optional patch for gpg that increases password + iteration and thus slows down dictionary attacks + against gpg encrypted key files. + +gpgkey[12].asc gpg encrypted key files that are used by + Makefile when "make tests" command is run. These + key files are encrypted with symmetric cipher + using 12345678901234567890 password. + +kernel-2.[46].*.diff Kernel patch for those people who prefer not to + use modules. Before this patch can be applied to + your kernel, drivers/block/loop.c and + include/linux/loop.h source files must be + removed using 'rm' command. Obviously applying + this patch changes your kernel sources, so this + is not entirely hassle free. This patch is + against recent mainline kernel. If this patch + doesn't apply cleanly to your kernel, I don't + want to know about it. Note: you only need to + build loop.o module or apply this patch but not + both. + +loop.c-2.[02].diff Kernel version specific patches that fix bugs + and preregisters AES cipher transfer to latest + loop.c source. + +loop.c-2.[02].original Unmodified loop.c sources that are used as + secondary source if patch does not apply cleanly + to primary source. Primary source is the loop.c + of your kernel. + +loop.c-2.[46].patched Pre-patched loop.c sources for kernels where + changes are so extensive that distributing + *.original plus *.diff does not make sense. + +md5-amd64.S Optimized assembler implementation of MD5 + transform function for AMD64 and compatible + processors. + +md5-x86.S Optimized assembler implementation of MD5 + transform function for x86 processors. + +md5.[ch] MD5 transform function implementation that is + used to compute IVs. This source code was copied + from Linux kernel CryptoAPI implementation. + +util-linux-2.12*.diff Util-linux patch that adds support for AES and + other ciphers. + + +11. Credits +~~~~~~~~~~~ +This package uses AES cipher sources that were originally written by +Dr Brian Gladman: + +// Copyright (c) 2001, Dr Brian Gladman , Worcester, UK. +// All rights reserved. +// +// TERMS +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted subject to the following conditions: +// +// 1. Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright +// notice, this list of conditions and the following disclaimer in the +// documentation and/or other materials provided with the distribution. +// +// 3. The copyright holder's name must not be used to endorse or promote +// any products derived from this software without his specific prior +// written permission. +// +// This software is provided 'as is' with no express or implied warranties +// of correctness or fitness for purpose. + +Util-linux patch has few lines of documentation copied from international +crypto patch: -p option documentation in losetup and mount man pages were +written by Marc Mutz. + +Util-linux patch includes rmd160.[ch] files that were copied from +international crypto patch: they were originally written by GnuPG team and +modified by Marc Mutz. diff --git a/README.loop-AES-v2.2d.SuSE b/README.loop-AES-v2.2d.SuSE new file mode 100644 index 0000000..9ba6775 --- /dev/null +++ b/README.loop-AES-v2.2d.SuSE @@ -0,0 +1,11 @@ +loop-AES patch in util-linux +============================ + +To enhance the feature of mount, umount, losetup, swapon and swapoff we have +included the patch to util-linux from Jari Ruusu's loop-AES package +(http://loop-aes.sourceforge.net/). More details about this patch can be found +in /usr/share/doc/packages/util-linux/README.loop-AES-* +Please note, that we have only used the patch to util-linux and not the ones +for gpg or the new kernel loop driver. + +Your SuSE team diff --git a/README.raw b/README.raw new file mode 100644 index 0000000..6696ec8 --- /dev/null +++ b/README.raw @@ -0,0 +1,54 @@ +Raw device driver support on SLS 9 + +On SLS 9, you will notice that by default, raw devices (nodes) (/dev/rawctl +and /dev/raw/rawN (1-15)) no longer exist whereas in SLES 8, the raw nodes were +created when the system was initially installed. SLS 9, by default, uses +the new dynamic userspace implementation "sysfs" together with "udev" which +replaces the previous static "dev" system. + +Raw devices are moving towards eventual obsolescence with block+O_DIRECT +support intended as a replacement. The primary application users of raw +character devices have been databases so the database you are using will have +to support the O_DIRECT functionality before moving away from raw character +devices. + +Using RAW with kernel 2.6 (SLS 9) +--------------------------------- +Raw device usage in kernel 2.6 together with udev and sysfs was intended to be +quite seamless. Basically, all that is required is to load the raw module after +each reboot using the commands "modprobe raw" or "rcraw start". Then use the +"raw" command to create the bindings to the block character devices. The raw +device nodes are no longer required to exist before the bindings are assigned +and used. + +Using a single script, you can you load the raw module and bind the raw nodes +to block devices. + +#!/usr/bin +# load the raw module +modprobe raw # can also use "rcraw start" +# create the raw bindings +raw /dev/raw/raw1 /dev/sdb1 +raw /dev/raw/raw2 /dev/sbc1 + +You can see if the raw driver is available by issuing "rcraw status". If the +raw driver is loaded, the command should return a status of "running". A status +of "dead" will usually indicate that the driver was not loaded or +the /dev/rawctl file does not exist. The /dev/rawctl file is automatically +created when the module is loaded. This file and the /dev/raw/rawN nodes can +also be viewed under the /sys/class/raw directory. + +Raw node permissions +---------------------------------- +When the raw devices are assigned, permission settings are determined from the +/etc/udev/udev.permission file. This file can be modified to assign different +owner, group and/or access permissions to the raw nodes. For example, by +default, the permission settings for raw nodes are as follows: + +raw/raw*:root:disk:660 + +Here, root:disk is the default owner:group with read write access for owner and +group. As an example, to create the raw nodes with an owner:group of +user1:group1 and read write access for all, change the assignment as follows: + +raw/raw*:user1:group1:666 diff --git a/adjtimex-1.20-nosyscall.diff b/adjtimex-1.20-nosyscall.diff new file mode 100644 index 0000000..3a288c9 --- /dev/null +++ b/adjtimex-1.20-nosyscall.diff @@ -0,0 +1,18 @@ +--- adjtimex-1.20/adjtimex.c ++++ adjtimex-1.20/adjtimex.c +@@ -35,15 +35,6 @@ + #include + #include + +-#ifdef __alpha__ +-extern int adjtimex(struct timex *); +-#else +-#ifdef __ia64__ +-extern int adjtimex(struct timex *); +-#else +-_syscall1(int, adjtimex, struct timex *, txcp) +-#endif +-#endif + int F_print = 0; + + #ifndef LOG_PATH diff --git a/adjtimex-1.20.tar.bz2 b/adjtimex-1.20.tar.bz2 new file mode 100644 index 0000000..72479ce --- /dev/null +++ b/adjtimex-1.20.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ad3619a6f4f04d278ac3d3e0261649465a9748dc84220aa5f4060aadaea839ba +size 50096 diff --git a/cryptoloop.txt b/cryptoloop.txt new file mode 100644 index 0000000..b20a53e --- /dev/null +++ b/cryptoloop.txt @@ -0,0 +1,169 @@ +cryptoloop - a generic cryptographic loop device filter +======================================================= + +To enable cryptoloop, you must fetch the cryptoloop-version.tar.gz source from +your kernel.org mirror or directly from the non-US . + +Quickstart +~~~~~~~~~~ + +(if you have old encrypted volumes, please read the section about +conversion below) + +you need a kernel compiled with + *) loop device driver + *) cryptographic support + *) generic crypto loop filter + *) one or more ciphers you want to use for encryption either as module or + statically (if you build them as module, don't forget to insmod them!) + +Download the cryptoloop latest version tarball from the Internet and enter +the untarred directory. The following commands will patch your kernel and +copy the cryptoloop source in. + + $ make patch-kernel KDIR=/your/kernel/source LOOP=[iv or jari] + +Which will patch your kernel, and enable you to select cryptoloop in the +Cryptography section of the kernel configuration. Note, you have to manually +enable both CryptoAPI and cryptoloop in your kernel configuration. + +If you would rather build modules you can use the following commands. + + $ make modules KDIR=/your/kernel/source CDIR=/cryptoapi/source \ + LOOP=[iv or jari] + $ make modules_install KDIR=/your/kernel/source + +You also need a util-linux patched package (see + for some recent +patches) + +Read on at + + +How Loopback Encryption Works +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + Here is a small overview of how the loopback filesystem encryption works. +For all the of the data to be encrypted on a drive we need to interrupt the +disk write/read *after* the filesystem meta data is attached. Instead of hi- +jacking the system call we pipe the the filesystem commands through a loopback +device. + One advantage of this is that you can either encrypt a device(hard drive) or +a file already on a drive and mount it as a file system. This allows you to +have encrypted folders on an unencrypted drive, useful if you don't want to +encrypt everything. + + The loopback device fits in like this: + + device-->loop-->mountpoint + + The loop stage is actually divided into a couple stages, which is why the +cryptoloop module is included. It splits the input and output from the +loopback into pieces for the ciphers. Since they operate on a specific +blocksize(i.e. 64-bits, 128-bits) the data must be chopped up for them. + + device-->cryptoloop-->loop-->mountpoint + + The cryptoloop module is also where the actual encryption and decryption of +the data takes place. + +Some words about IV Calculation +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +There are some problems with the IV calculation up to recent 2.4.x +linux kernels. It's been calculated more or less by + +IV = rel_sector / (blocksize >> 9) + (lo_offset / blocksize) + +The first problem which arises, is that data transfers are not always +guaranteed to have a size of an integral multiple of the blocksize; +This is a problem, because of CBC mode's property of needing the +complete ciphertext block, i.e. you can't cipher or decipher only the +2nd half of a block if you don't know the first half of it! + +Another problem which may be experienced is, when the soft blocksize +changes, i.e. due to different medias, as CDROM block devices and +alike, or when the filesystem layer sets the blocksize to some other +size. + +But there's hope, as all transfer sizes are usually (except for the +last block on file backed loop devices sometimes...) an integral +multiple of 512 byte units (which is linux' atomic sector size); + +So the solution is to stick to a portable, uniform 512 byte based IV +metric! Alas this can't be accomplished without modifying the loop +driver, as the more granular IV metric can't be calculated from the +current dynamic IV metric. + +This change also renders most previously used encrypted volumes +unreadable, which need to be converted to the new IV metric. + +Converting from Older IV Metrics +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The recommended procedure is as follow, in case you don't want to +backup your old data in a conventional manner, and then restore it to +a freshly created encrypted volume with the new IV-metric. + +The more valuable your data is, the more important it is, that you try +the following procedure with some dummy data, before risking your real +data! Cause if something goes wrong you'll have to keep both pieces... + +1) decrypt from within your old kernel version + + 1.1) setup your encrypted loop device, and mount it (this is also + important for making sure, the filesystem layer sets the soft block + size accordingly!) + + 1.2) unmount the filesystem (but leave the loop device setted up) + + 1.3) dd if=/dev/loop0 of=/dev/ make sure + the process does not get interrupted, otherwise you will have a hard + time, reconstructing your data, since you are decrypting the data + back to the same area where the ciphertext was. + +3) make sure the block/file contains the properly deciphered content!! + +2) boot the new kernel featuring the 512byte based IV + follow the instructions for 'encrypting unencrypted volumes' below + + +Encrypting Unencrypted Volumes +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +just as simple as that (please test this before trying on important data) + + 1) set up a new encrypted loop device over the still unencrypted data + 2) dd if=/dev/ of=/dev/loop0 + + +Migrating from loop-AES to CryptoAPI +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + If you want to move from using the loop-AES filesystem encryption to +CryptoAPI it only requires a small tweak. After loading cryptoapi and loading +the cipher-aes module use the following line when setting up your loopback +device: + + $ losetup -e aes -k 256 -P sha512 /dev/loop0 /dev/ + +Then proceed to mount your loop device as you normall would. Here is the +table for mapping loop-AES to cryptoapi losetup flags: + +loop-AES cryptoapi +============================================================ +-e aes128 -H rmd160 -e aes -k 128 +-e aes128 -H sha256 -e aes -k 128 -P sha256 +-e aes128 -H sha384 -e aes -k 128 -P sha384 +-e aes128 -H sha512 -e aes -k 128 -P sha512 + +-e aes256 -H rmd160 -e aes -k 256 +-e aes256 -H sha256 -e aes -k 256 -P sha256 +-e aes256 -H sha384 -e aes -k 256 -P sha384 +-e aes256 -H sha512 -e aes -k 256 -P sha512 + +-e aes128 -e aes -k 128 -P sha256 +-e aes192 -e aes -k 192 -P sha384 +-e aes256 -e aes -k 256 -P sha512 + +-- +$Id: cryptoloop.txt,v 1.3 2002/08/03 19:29:58 kyle Exp $ diff --git a/etc.raw b/etc.raw new file mode 100644 index 0000000..6d98cdd --- /dev/null +++ b/etc.raw @@ -0,0 +1,15 @@ +# /etc/raw +# +# sample configuration to bind raw devices +# to block devices +# +# The format of this file is: +# raw: +# +# example: +# --------- +# raw1:hdb1 +# +# this means: bind /dev/raw/raw1 to /dev/hdb1 +# +# ... diff --git a/freeramdisk.tar.bz2 b/freeramdisk.tar.bz2 new file mode 100644 index 0000000..9d2d4b7 --- /dev/null +++ b/freeramdisk.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:de3d43efba1e5968f4ef748b7a02674929404a80c24bae287ed3490f8c1acf2e +size 2453 diff --git a/guessfstype.8 b/guessfstype.8 new file mode 100644 index 0000000..35bf2fd --- /dev/null +++ b/guessfstype.8 @@ -0,0 +1,13 @@ +.\" Michal Svec +.TH GUESSFSTYPE 8 "25 January 2002" "Linux 2.4" "Linux Programmer's Manual" +.SH NAME +guessfstype \- guess the device file system type +.SH SYNOPSIS +.BI guessfstype " device" +.SH DESCRIPTION +.B guessfstype +guess the device file system type from the device super block +.SH "SEE ALSO" +.BR mount (8) +.SH AUTHOR +Michal Svec diff --git a/guessfstype2.patch b/guessfstype2.patch new file mode 100644 index 0000000..24c4593 --- /dev/null +++ b/guessfstype2.patch @@ -0,0 +1,48 @@ +--- util-linux-2.12q/mount/guessfstype.c ++++ util-linux-2.12q/mount/guessfstype.c +@@ -0,0 +1,22 @@ ++#include ++#include "mount_guess_fstype.h" ++ ++int verbose = 0; ++int mount_quiet=0; ++int sloppy = 0; ++ ++char *progname; ++ ++int main(int argc, char *argv[]) { ++ char *device, *type; ++ ++ if(argc != 2) return 1; ++ ++ progname = argv[0]; ++ device = argv[1]; ++ ++ type = do_guess_fstype(device); ++ printf("%s *appears* to be: %s\n", device, type); ++ ++ return 0; ++} +--- util-linux-2.12q/mount/Makefile ++++ util-linux-2.12q/mount/Makefile +@@ -11,7 +11,7 @@ + LINK = $(CC) $(LDFLAGS) + + SUID_PROGS = mount umount +-NOSUID_PROGS = swapon losetup ++NOSUID_PROGS = swapon losetup guessfstype + MAN5 = fstab.5 nfs.5 + MAN8 = mount.8 swapoff.8 swapon.8 umount.8 losetup.8 + +@@ -57,6 +57,11 @@ + version.o $(LIB)/env.o loumount.o + $(LINK) $^ -o $@ $(BLKID_LIB) + ++guessfstype: guessfstype.o mount_guess_fstype.o sundries.o realpath.o \ ++ fstab.o mntent.o get_label_uuid.o mount_blkid.o mount_by_label.o \ ++ xmalloc.o ++ $(LINK) $^ -o $@ ++ + swapon: swapon.o version.o xmalloc.o \ + get_label_uuid.o mount_by_label.o mount_blkid.o loop.o sha512.o $(LIB)/xstrncpy.o + $(LINK) $^ -o $@ $(BLKID_LIB) diff --git a/klogconsole-quiet.patch b/klogconsole-quiet.patch new file mode 100644 index 0000000..4e62e88 --- /dev/null +++ b/klogconsole-quiet.patch @@ -0,0 +1,11 @@ +--- klogconsole/klogconsole.c ++++ klogconsole/klogconsole.c +@@ -59,7 +59,7 @@ + exit(1); + } + if( ioctl( vt, TIOCLINUX, &newvt ) ) { +- perror("ioctl(TIOCLINUX)"); ++ /* shut up perror("ioctl(TIOCLINUX)"); */ + exit(1); + } + close(vt); diff --git a/klogconsole.diff b/klogconsole.diff new file mode 100644 index 0000000..392dff8 --- /dev/null +++ b/klogconsole.diff @@ -0,0 +1,27 @@ +--- klogconsole/Makefile ++++ klogconsole/Makefile +@@ -15,11 +15,11 @@ + all: klogconsole + + klogconsole: klogconsole.c +- $(CC) $(CFLAGS) -s -o $@ $< ++ $(CC) $(CFLAGS) -o $@ $< + + clean: + $(RM) klogconsole + + install: klogconsole klogconsole.man +- $(INSTALL) -s -m 0700 klogconsole $(DEST)/usr/sbin/ ++ $(INSTALL) -m 0700 klogconsole $(DEST)/usr/sbin/ + $(INSTALL) -c -m 0444 klogconsole.man $(DEST)/usr/share/man/man8/klogconsole.8 +--- klogconsole/klogconsole.c ++++ klogconsole/klogconsole.c +@@ -46,7 +46,7 @@ + char newvt[2]; + int vt; + +- if ((new_console < 1) || (new_console > MAX_CONSOLE)) { ++ if ((new_console < 0) || (new_console > MAX_CONSOLE)) { + fprintf(stderr,"wrong console number\n"); + exit(1); + } diff --git a/klogconsole.tar.bz2 b/klogconsole.tar.bz2 new file mode 100644 index 0000000..7d6e606 --- /dev/null +++ b/klogconsole.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a1efa9f001c8a92fb91a544d62a3f43356f31955dd5125364300827c239ee611 +size 1942 diff --git a/loop-AES-v3.0a-util-linux-2.12p.diff b/loop-AES-v3.0a-util-linux-2.12p.diff new file mode 100644 index 0000000..6301224 --- /dev/null +++ b/loop-AES-v3.0a-util-linux-2.12p.diff @@ -0,0 +1,4345 @@ +If this patch does not apply cleanly to newer version of util-linux, try +replacing original lomount.c lomount.h loop.h losetup.8 files in mount +subdirectory with versions from util-linux that the patch is for. And then +apply this patch. + +================================================================================ +--- util-linux-2.12q/mount/aes.c ++++ util-linux-2.12q/mount/aes.c +@@ -0,0 +1,299 @@ ++// I retain copyright in this code but I encourage its free use provided ++// that I don't carry any responsibility for the results. I am especially ++// happy to see it used in free and open source software. If you do use ++// it I would appreciate an acknowledgement of its origin in the code or ++// the product that results and I would also appreciate knowing a little ++// about the use to which it is being put. I am grateful to Frank Yellin ++// for some ideas that are used in this implementation. ++// ++// Dr B. R. Gladman 6th April 2001. ++// ++// This is an implementation of the AES encryption algorithm (Rijndael) ++// designed by Joan Daemen and Vincent Rijmen. This version is designed ++// to provide both fixed and dynamic block and key lengths and can also ++// run with either big or little endian internal byte order (see aes.h). ++// It inputs block and key lengths in bytes with the legal values being ++// 16, 24 and 32. ++ ++/* ++ * Modified by Jari Ruusu, May 1 2001 ++ * - Fixed some compile warnings, code was ok but gcc warned anyway. ++ * - Changed basic types: byte -> unsigned char, word -> u_int32_t ++ * - Major name space cleanup: Names visible to outside now begin ++ * with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c ++ * - Removed C++ and DLL support as part of name space cleanup. ++ * - Eliminated unnecessary recomputation of tables. (actual bug fix) ++ * - Merged precomputed constant tables to aes.c file. ++ * - Removed data alignment restrictions for portability reasons. ++ * - Made block and key lengths accept bit count (128/192/256) ++ * as well byte count (16/24/32). ++ * - Removed all error checks. This change also eliminated the need ++ * to preinitialize the context struct to zero. ++ * - Removed some totally unused constants. ++ */ ++ ++/* ++ * Modified by Jari Ruusu, June 9 2003 ++ * - Removed all code not necessary for small size ++ * optimized encryption using 256 bit keys. ++ */ ++ ++#include "aes.h" ++ ++#if AES_BLOCK_SIZE != 16 ++#error an illegal block size has been specified ++#endif ++ ++// upr(x,n): rotates bytes within words by n positions, moving bytes ++// to higher index positions with wrap around into low positions ++// bval(x,n): extracts a byte from a word ++ ++#define upr(x,n) (((x) << 8 * (n)) | ((x) >> (32 - 8 * (n)))) ++#define bval(x,n) ((unsigned char)((x) >> 8 * (n))) ++#define bytes2word(b0, b1, b2, b3) \ ++ ((u_int32_t)(b3) << 24 | (u_int32_t)(b2) << 16 | (u_int32_t)(b1) << 8 | (b0)) ++ ++#if defined(i386) || defined(_I386) || defined(__i386__) || defined(__i386) ++/* little endian processor without data alignment restrictions */ ++#define word_in(x) *(u_int32_t*)(x) ++#define word_out(x,v) *(u_int32_t*)(x) = (v) ++#else ++/* slower but generic big endian or with data alignment restrictions */ ++#define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24)) ++#define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24) ++#endif ++ ++// the finite field modular polynomial and elements ++ ++#define ff_poly 0x011b ++#define ff_hi 0x80 ++ ++static int tab_gen = 0; ++static unsigned char s_box[256]; // the S box ++static u_int32_t rcon_tab[AES_RC_LENGTH]; // table of round constants ++static u_int32_t ft_tab[4][256]; ++static u_int32_t fl_tab[4][256]; ++ ++// Generate the tables for the dynamic table option ++ ++// It will generally be sensible to use tables to compute finite ++// field multiplies and inverses but where memory is scarse this ++// code might sometimes be better. ++ ++// return 2 ^ (n - 1) where n is the bit number of the highest bit ++// set in x with x in the range 1 < x < 0x00000200. This form is ++// used so that locals within FFinv can be bytes rather than words ++ ++static unsigned char hibit(const u_int32_t x) ++{ unsigned char r = (unsigned char)((x >> 1) | (x >> 2)); ++ ++ r |= (r >> 2); ++ r |= (r >> 4); ++ return (r + 1) >> 1; ++} ++ ++// return the inverse of the finite field element x ++ ++static unsigned char FFinv(const unsigned char x) ++{ unsigned char p1 = x, p2 = 0x1b, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0; ++ ++ if(x < 2) return x; ++ ++ for(;;) ++ { ++ if(!n1) return v1; ++ ++ while(n2 >= n1) ++ { ++ n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2); ++ } ++ ++ if(!n2) return v2; ++ ++ while(n1 >= n2) ++ { ++ n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1); ++ } ++ } ++} ++ ++// define the finite field multiplies required for Rijndael ++ ++#define FFmul02(x) ((((x) & 0x7f) << 1) ^ ((x) & 0x80 ? 0x1b : 0)) ++#define FFmul03(x) ((x) ^ FFmul02(x)) ++ ++// The forward and inverse affine transformations used in the S-box ++ ++#define fwd_affine(x) \ ++ (w = (u_int32_t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(unsigned char)(w^(w>>8))) ++ ++static void gen_tabs(void) ++{ u_int32_t i, w; ++ ++ for(i = 0, w = 1; i < AES_RC_LENGTH; ++i) ++ { ++ rcon_tab[i] = bytes2word(w, 0, 0, 0); ++ w = (w << 1) ^ (w & ff_hi ? ff_poly : 0); ++ } ++ ++ for(i = 0; i < 256; ++i) ++ { unsigned char b; ++ ++ s_box[i] = b = fwd_affine(FFinv((unsigned char)i)); ++ ++ w = bytes2word(b, 0, 0, 0); ++ fl_tab[0][i] = w; ++ fl_tab[1][i] = upr(w,1); ++ fl_tab[2][i] = upr(w,2); ++ fl_tab[3][i] = upr(w,3); ++ w = bytes2word(FFmul02(b), b, b, FFmul03(b)); ++ ft_tab[0][i] = w; ++ ft_tab[1][i] = upr(w,1); ++ ft_tab[2][i] = upr(w,2); ++ ft_tab[3][i] = upr(w,3); ++ } ++} ++ ++#define four_tables(x,tab,vf,rf,c) \ ++ ( tab[0][bval(vf(x,0,c),rf(0,c))] \ ++ ^ tab[1][bval(vf(x,1,c),rf(1,c))] \ ++ ^ tab[2][bval(vf(x,2,c),rf(2,c))] \ ++ ^ tab[3][bval(vf(x,3,c),rf(3,c))]) ++ ++#define vf1(x,r,c) (x) ++#define rf1(r,c) (r) ++#define rf2(r,c) ((r-c)&3) ++ ++#define ls_box(x,c) four_tables(x,fl_tab,vf1,rf2,c) ++ ++#define nc (AES_BLOCK_SIZE / 4) ++ ++// Initialise the key schedule from the user supplied key. ++// The key length is now specified in bytes, 32. ++// This corresponds to bit length of 256 bits, and ++// to Nk value of 8 respectively. ++ ++void aes_set_key(aes_context *cx, const unsigned char in_key[], int n_bytes, const int f) ++{ u_int32_t *kf, *kt, rci; ++ ++ if(!tab_gen) { gen_tabs(); tab_gen = 1; } ++ ++ cx->aes_Nkey = 8; ++ cx->aes_Nrnd = (cx->aes_Nkey > nc ? cx->aes_Nkey : nc) + 6; ++ ++ cx->aes_e_key[0] = word_in(in_key ); ++ cx->aes_e_key[1] = word_in(in_key + 4); ++ cx->aes_e_key[2] = word_in(in_key + 8); ++ cx->aes_e_key[3] = word_in(in_key + 12); ++ ++ kf = cx->aes_e_key; ++ kt = kf + nc * (cx->aes_Nrnd + 1) - cx->aes_Nkey; ++ rci = 0; ++ ++ switch(cx->aes_Nkey) ++ { ++ case 8: cx->aes_e_key[4] = word_in(in_key + 16); ++ cx->aes_e_key[5] = word_in(in_key + 20); ++ cx->aes_e_key[6] = word_in(in_key + 24); ++ cx->aes_e_key[7] = word_in(in_key + 28); ++ do ++ { kf[ 8] = kf[0] ^ ls_box(kf[7],3) ^ rcon_tab[rci++]; ++ kf[ 9] = kf[1] ^ kf[ 8]; ++ kf[10] = kf[2] ^ kf[ 9]; ++ kf[11] = kf[3] ^ kf[10]; ++ kf[12] = kf[4] ^ ls_box(kf[11],0); ++ kf[13] = kf[5] ^ kf[12]; ++ kf[14] = kf[6] ^ kf[13]; ++ kf[15] = kf[7] ^ kf[14]; ++ kf += 8; ++ } ++ while (kf < kt); ++ break; ++ } ++} ++ ++// y = output word, x = input word, r = row, c = column ++// for r = 0, 1, 2 and 3 = column accessed for row r ++ ++#define s(x,c) x[c] ++ ++// I am grateful to Frank Yellin for the following constructions ++// which, given the column (c) of the output state variable that ++// is being computed, return the input state variables which are ++// needed for each row (r) of the state ++ ++// For the fixed block size options, compilers reduce these two ++// expressions to fixed variable references. For variable block ++// size code conditional clauses will sometimes be returned ++ ++#define fwd_var(x,r,c) \ ++ ( r==0 ? \ ++ ( c==0 ? s(x,0) \ ++ : c==1 ? s(x,1) \ ++ : c==2 ? s(x,2) \ ++ : c==3 ? s(x,3) \ ++ : c==4 ? s(x,4) \ ++ : c==5 ? s(x,5) \ ++ : c==6 ? s(x,6) \ ++ : s(x,7)) \ ++ : r==1 ? \ ++ ( c==0 ? s(x,1) \ ++ : c==1 ? s(x,2) \ ++ : c==2 ? s(x,3) \ ++ : c==3 ? nc==4 ? s(x,0) : s(x,4) \ ++ : c==4 ? s(x,5) \ ++ : c==5 ? nc==8 ? s(x,6) : s(x,0) \ ++ : c==6 ? s(x,7) \ ++ : s(x,0)) \ ++ : r==2 ? \ ++ ( c==0 ? nc==8 ? s(x,3) : s(x,2) \ ++ : c==1 ? nc==8 ? s(x,4) : s(x,3) \ ++ : c==2 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \ ++ : c==3 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \ ++ : c==4 ? nc==8 ? s(x,7) : s(x,0) \ ++ : c==5 ? nc==8 ? s(x,0) : s(x,1) \ ++ : c==6 ? s(x,1) \ ++ : s(x,2)) \ ++ : \ ++ ( c==0 ? nc==8 ? s(x,4) : s(x,3) \ ++ : c==1 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \ ++ : c==2 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \ ++ : c==3 ? nc==4 ? s(x,2) : nc==8 ? s(x,7) : s(x,0) \ ++ : c==4 ? nc==8 ? s(x,0) : s(x,1) \ ++ : c==5 ? nc==8 ? s(x,1) : s(x,2) \ ++ : c==6 ? s(x,2) \ ++ : s(x,3))) ++ ++#define si(y,x,k,c) s(y,c) = word_in(x + 4 * c) ^ k[c] ++#define so(y,x,c) word_out(y + 4 * c, s(x,c)) ++ ++#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,ft_tab,fwd_var,rf1,c) ++#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,fl_tab,fwd_var,rf1,c) ++ ++#define locals(y,x) x[4],y[4] ++ ++#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ ++ s(y,2) = s(x,2); s(y,3) = s(x,3); ++#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3) ++#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3) ++#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3) ++ ++void aes_encrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[]) ++{ u_int32_t locals(b0, b1); ++ const u_int32_t *kp = cx->aes_e_key; ++ ++ state_in(b0, in_blk, kp); kp += nc; ++ ++ { u_int32_t rnd; ++ ++ for(rnd = 0; rnd < cx->aes_Nrnd - 1; ++rnd) ++ { ++ round(fwd_rnd, b1, b0, kp); ++ l_copy(b0, b1); kp += nc; ++ } ++ ++ round(fwd_lrnd, b0, b1, kp); ++ } ++ ++ state_out(out_blk, b0); ++} +--- util-linux-2.12q/mount/aes.h ++++ util-linux-2.12q/mount/aes.h +@@ -0,0 +1,97 @@ ++// I retain copyright in this code but I encourage its free use provided ++// that I don't carry any responsibility for the results. I am especially ++// happy to see it used in free and open source software. If you do use ++// it I would appreciate an acknowledgement of its origin in the code or ++// the product that results and I would also appreciate knowing a little ++// about the use to which it is being put. I am grateful to Frank Yellin ++// for some ideas that are used in this implementation. ++// ++// Dr B. R. Gladman 6th April 2001. ++// ++// This is an implementation of the AES encryption algorithm (Rijndael) ++// designed by Joan Daemen and Vincent Rijmen. This version is designed ++// to provide both fixed and dynamic block and key lengths and can also ++// run with either big or little endian internal byte order (see aes.h). ++// It inputs block and key lengths in bytes with the legal values being ++// 16, 24 and 32. ++ ++/* ++ * Modified by Jari Ruusu, May 1 2001 ++ * - Fixed some compile warnings, code was ok but gcc warned anyway. ++ * - Changed basic types: byte -> unsigned char, word -> u_int32_t ++ * - Major name space cleanup: Names visible to outside now begin ++ * with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c ++ * - Removed C++ and DLL support as part of name space cleanup. ++ * - Eliminated unnecessary recomputation of tables. (actual bug fix) ++ * - Merged precomputed constant tables to aes.c file. ++ * - Removed data alignment restrictions for portability reasons. ++ * - Made block and key lengths accept bit count (128/192/256) ++ * as well byte count (16/24/32). ++ * - Removed all error checks. This change also eliminated the need ++ * to preinitialize the context struct to zero. ++ * - Removed some totally unused constants. ++ */ ++ ++#ifndef _AES_H ++#define _AES_H ++ ++#if defined(__linux__) && defined(__KERNEL__) ++# include ++#else ++# include ++#endif ++ ++// CONFIGURATION OPTIONS (see also aes.c) ++// ++// Define AES_BLOCK_SIZE to set the cipher block size (16, 24 or 32) or ++// leave this undefined for dynamically variable block size (this will ++// result in much slower code). ++// IMPORTANT NOTE: AES_BLOCK_SIZE is in BYTES (16, 24, 32 or undefined). If ++// left undefined a slower version providing variable block length is compiled ++ ++#define AES_BLOCK_SIZE 16 ++ ++// The number of key schedule words for different block and key lengths ++// allowing for method of computation which requires the length to be a ++// multiple of the key length ++// ++// Nk = 4 6 8 ++// ------------- ++// Nb = 4 | 60 60 64 ++// 6 | 96 90 96 ++// 8 | 120 120 120 ++ ++#if !defined(AES_BLOCK_SIZE) || (AES_BLOCK_SIZE == 32) ++#define AES_KS_LENGTH 120 ++#define AES_RC_LENGTH 29 ++#else ++#define AES_KS_LENGTH 4 * AES_BLOCK_SIZE ++#define AES_RC_LENGTH (9 * AES_BLOCK_SIZE) / 8 - 8 ++#endif ++ ++typedef struct ++{ ++ u_int32_t aes_Nkey; // the number of words in the key input block ++ u_int32_t aes_Nrnd; // the number of cipher rounds ++ u_int32_t aes_e_key[AES_KS_LENGTH]; // the encryption key schedule ++ u_int32_t aes_d_key[AES_KS_LENGTH]; // the decryption key schedule ++#if !defined(AES_BLOCK_SIZE) ++ u_int32_t aes_Ncol; // the number of columns in the cipher state ++#endif ++} aes_context; ++ ++// THE CIPHER INTERFACE ++ ++#if !defined(AES_BLOCK_SIZE) ++extern void aes_set_blk(aes_context *, const int); ++#endif ++extern void aes_set_key(aes_context *, const unsigned char [], const int, const int); ++extern void aes_encrypt(const aes_context *, const unsigned char [], unsigned char []); ++extern void aes_decrypt(const aes_context *, const unsigned char [], unsigned char []); ++ ++// The block length inputs to aes_set_block and aes_set_key are in numbers ++// of bytes or bits. The calls to subroutines must be made in the above ++// order but multiple calls can be made without repeating earlier calls ++// if their parameters have not changed. ++ ++#endif // _AES_H +--- util-linux-2.12q/mount/lomount.c ++++ util-linux-2.12q/mount/lomount.c +@@ -1,4 +1,15 @@ +-/* Originally from Ted's losetup.c */ ++/* Taken from Ted's losetup.c - Mitch */ ++/* Added vfs mount options - aeb - 960223 */ ++/* Removed lomount - aeb - 960224 */ ++ ++/* ++ * 1999-02-22 Arkadiusz Miķkiewicz ++ * - added Native Language Support ++ * 1999-03-21 Arnaldo Carvalho de Melo ++ * - fixed strerr(errno) in gettext calls ++ * 2001-04-11 Jari Ruusu ++ * - added AES support ++ */ + + #define LOOPMAJOR 7 + +@@ -13,60 +24,74 @@ + #include + #include + #include ++#include ++#include + #include + #include + #include + #include ++#include ++#include ++#include ++#include ++#include ++#include ++#include + + #include "loop.h" + #include "lomount.h" + #include "xstrncpy.h" + #include "nls.h" ++#include "sha512.h" ++#include "rmd160.h" ++#include "aes.h" + + extern int verbose; +-extern char *progname; + extern char *xstrdup (const char *s); /* not: #include "sundries.h" */ + extern void error (const char *fmt, ...); /* idem */ ++extern void show_all_loops(void); ++extern int read_options_from_fstab(char *, char **); + +-#ifdef LOOP_SET_FD +- +-static int +-loop_info64_to_old(const struct loop_info64 *info64, struct loop_info *info) +-{ +- memset(info, 0, sizeof(*info)); +- info->lo_number = info64->lo_number; +- info->lo_device = info64->lo_device; +- info->lo_inode = info64->lo_inode; +- info->lo_rdevice = info64->lo_rdevice; +- info->lo_offset = info64->lo_offset; +- info->lo_encrypt_type = info64->lo_encrypt_type; +- info->lo_encrypt_key_size = info64->lo_encrypt_key_size; +- info->lo_flags = info64->lo_flags; +- info->lo_init[0] = info64->lo_init[0]; +- info->lo_init[1] = info64->lo_init[1]; +- if (info->lo_encrypt_type == LO_CRYPT_CRYPTOAPI) +- memcpy(info->lo_name, info64->lo_crypt_name, LO_NAME_SIZE); +- else +- memcpy(info->lo_name, info64->lo_file_name, LO_NAME_SIZE); +- memcpy(info->lo_encrypt_key, info64->lo_encrypt_key, LO_KEY_SIZE); +- +- /* error in case values were truncated */ +- if (info->lo_device != info64->lo_device || +- info->lo_rdevice != info64->lo_rdevice || +- info->lo_inode != info64->lo_inode || +- info->lo_offset != info64->lo_offset) +- return -EOVERFLOW; ++#if !defined(LOOP_PASSWORD_MIN_LENGTH) ++# define LOOP_PASSWORD_MIN_LENGTH 20 ++#endif + +- return 0; +-} ++char *passFDnumber = (char *)0; ++char *passAskTwice = (char *)0; ++char *passSeedString = (char *)0; ++char *passHashFuncName = (char *)0; ++char *passIterThousands = (char *)0; ++char *loInitValue = (char *)0; ++char *gpgKeyFile = (char *)0; ++char *gpgHomeDir = (char *)0; ++char *loopOffsetBytes = (char *)0; ++char *loopSizeBytes = (char *)0; ++char *loopEncryptionType = (char *)0; ++ ++static int multiKeyMode = 0; /* 0=single-key 64=multi-key-v2 65=multi-key-v3 1000=any */ ++static char *multiKeyPass[65]; ++static char *loopFileName; + + #ifdef MAIN ++static char * ++crypt_name (int id, int *flags) { ++ int i; ++ ++ for (i = 0; loop_crypt_type_tbl[i].id != -1; i++) ++ if(id == loop_crypt_type_tbl[i].id) { ++ *flags = loop_crypt_type_tbl[i].flags; ++ return loop_crypt_type_tbl[i].name; ++ } ++ *flags = 0; ++ if(id == 18) ++ return "CryptoAPI"; ++ return "undefined"; ++} + + static int + show_loop(char *device) { +- struct loop_info loopinfo; +- struct loop_info64 loopinfo64; +- int fd, errsv; ++ struct loop_info64 loopinfo; ++ int fd; + + if ((fd = open(device, O_RDONLY)) < 0) { + int errsv = errno; +@@ -74,70 +99,60 @@ + device, strerror (errsv)); + return 2; + } +- +- if (ioctl(fd, LOOP_GET_STATUS64, &loopinfo64) == 0) { +- +- loopinfo64.lo_file_name[LO_NAME_SIZE-2] = '*'; +- loopinfo64.lo_file_name[LO_NAME_SIZE-1] = 0; +- loopinfo64.lo_crypt_name[LO_NAME_SIZE-1] = 0; +- +- printf("%s: [%04llx]:%llu (%s)", +- device, loopinfo64.lo_device, loopinfo64.lo_inode, +- loopinfo64.lo_file_name); +- +- if (loopinfo64.lo_offset) +- printf(_(", offset %lld"), loopinfo64.lo_offset); +- +- if (loopinfo64.lo_sizelimit) +- printf(_(", sizelimit %lld"), loopinfo64.lo_sizelimit); +- +- if (loopinfo64.lo_encrypt_type || +- loopinfo64.lo_crypt_name[0]) { +- char *e = loopinfo64.lo_crypt_name; +- +- if (*e == 0 && loopinfo64.lo_encrypt_type == 1) +- e = "XOR"; +- printf(_(", encryption %s (type %d)"), +- e, loopinfo64.lo_encrypt_type); +- } +- printf("\n"); ++ if (loop_get_status64_ioctl(fd, &loopinfo) < 0) { ++ int errsv = errno; ++ fprintf(stderr, _("loop: can't get info on device %s: %s\n"), ++ device, strerror (errsv)); + close (fd); +- return 0; ++ return 1; + } +- +- if (ioctl(fd, LOOP_GET_STATUS, &loopinfo) == 0) { +- printf ("%s: [%04x]:%ld (%s)", +- device, loopinfo.lo_device, loopinfo.lo_inode, +- loopinfo.lo_name); +- +- if (loopinfo.lo_offset) +- printf(_(", offset %d"), loopinfo.lo_offset); +- +- if (loopinfo.lo_encrypt_type) +- printf(_(", encryption type %d\n"), +- loopinfo.lo_encrypt_type); +- +- printf("\n"); +- close (fd); +- return 0; ++ loopinfo.lo_file_name[LO_NAME_SIZE-1] = 0; ++ loopinfo.lo_crypt_name[LO_NAME_SIZE-1] = 0; ++ printf("%s: [%04llx]:%llu (%s)", device, (unsigned long long)loopinfo.lo_device, ++ (unsigned long long)loopinfo.lo_inode, loopinfo.lo_file_name); ++ if (loopinfo.lo_offset) { ++ if ((long long)loopinfo.lo_offset < 0) { ++ printf(_(" offset=@%llu"), -((unsigned long long)loopinfo.lo_offset)); ++ } else { ++ printf(_(" offset=%llu"), (unsigned long long)loopinfo.lo_offset); ++ } + } +- +- errsv = errno; +- fprintf(stderr, _("loop: can't get info on device %s: %s\n"), +- device, strerror (errsv)); ++ if (loopinfo.lo_sizelimit) ++ printf(_(" sizelimit=%llu"), (unsigned long long)loopinfo.lo_sizelimit); ++ if (loopinfo.lo_encrypt_type) { ++ int flags; ++ unsigned char *s = crypt_name (loopinfo.lo_encrypt_type, &flags); ++ ++ printf(_(" encryption=%s"), s); ++ /* type 18 == LO_CRYPT_CRYPTOAPI */ ++ if (loopinfo.lo_encrypt_type == 18) { ++ printf("/%s", loopinfo.lo_crypt_name); ++ } else { ++ if(flags & 2) ++ printf("-"); ++ if(flags & 1) ++ printf("%u", (unsigned int)loopinfo.lo_encrypt_key_size << 3); ++ } ++ } ++ switch(loopinfo.lo_flags & 0x180000) { ++ case 0x180000: ++ printf(_(" multi-key-v3")); ++ break; ++ case 0x100000: ++ printf(_(" multi-key-v2")); ++ break; ++ } ++ /* type 2 == LO_CRYPT_DES */ ++ if (loopinfo.lo_init[0] && (loopinfo.lo_encrypt_type != 2)) ++ printf(_(" loinit=%llu"), (unsigned long long)loopinfo.lo_init[0]); ++ if (loopinfo.lo_flags & 0x200000) ++ printf(_(" read-only")); ++ printf("\n"); + close (fd); +- return 1; +-} +-#endif +- +-int +-is_loop_device (const char *device) { +- struct stat statbuf; + +- return (stat(device, &statbuf) == 0 && +- S_ISBLK(statbuf.st_mode) && +- major(statbuf.st_rdev) == LOOPMAJOR); ++ return 0; + } ++#endif + + #define SIZE(a) (sizeof(a)/sizeof(a[0])) + +@@ -148,9 +163,8 @@ + So, we just try /dev/loop[0-7]. */ + char dev[20]; + char *loop_formats[] = { "/dev/loop%d", "/dev/loop/%d" }; +- int i, j, fd, somedev = 0, someloop = 0, permission = 0; ++ int i, j, fd, somedev = 0, someloop = 0; + struct stat statbuf; +- struct loop_info loopinfo; + + for (j = 0; j < SIZE(loop_formats); j++) { + for(i = 0; i < 256; i++) { +@@ -159,16 +173,14 @@ + somedev++; + fd = open (dev, O_RDONLY); + if (fd >= 0) { +- if(ioctl (fd, LOOP_GET_STATUS, &loopinfo) == 0) ++ if (is_unused_loop_device(fd) == 0) + someloop++; /* in use */ + else if (errno == ENXIO) { + close (fd); + return xstrdup(dev);/* probably free */ + } + close (fd); +- } else if (errno == EACCES) +- permission++; +- ++ } + continue;/* continue trying as long as devices exist */ + } + break; +@@ -176,75 +188,563 @@ + } + + if (!somedev) +- error(_("%s: could not find any device /dev/loop#"), progname); +- else if (!someloop && permission) +- error(_("%s: no permission to look at /dev/loop#"), progname); ++ error(_("mount: could not find any device /dev/loop#")); + else if (!someloop) +- error(_( +- "%s: Could not find any loop device. Maybe this kernel " +- "does not know\n" +- " about the loop device? (If so, recompile or " +- "`modprobe loop'.)"), progname); ++ error(_("mount: Could not find any loop device. Maybe this kernel does not know\n" ++ " about the loop device? (If so, recompile or `modprobe loop'.)")); + else +- error(_("%s: could not find any free loop device"), progname); ++ error(_("mount: could not find any free loop device")); + return 0; + } + +-/* +- * A function to read the passphrase either from the terminal or from +- * an open file descriptor. +- */ +-static char * +-xgetpass(int pfd, const char *prompt) { +- char *pass; +- int buflen, i; +- +- if (pfd < 0) /* terminal */ +- return getpass(prompt); +- +- pass = NULL; +- buflen = 0; +- for (i=0; ; i++) { +- if (i >= buflen-1) { +- /* we're running out of space in the buffer. +- * Make it bigger: */ +- char *tmppass = pass; +- buflen += 128; +- pass = realloc(tmppass, buflen); +- if (pass == NULL) { +- /* realloc failed. Stop reading. */ +- error("Out of memory while reading passphrase"); +- pass = tmppass; /* the old buffer hasn't changed */ +- break; +- } +- } +- if (read(pfd, pass+i, 1) != 1 || +- pass[i] == '\n' || pass[i] == 0) ++static int rd_wr_retry(int fd, char *buf, int cnt, int w) ++{ ++ int x, y, z; ++ ++ x = 0; ++ while(x < cnt) { ++ y = cnt - x; ++ if(w) { ++ z = write(fd, buf + x, y); ++ } else { ++ z = read(fd, buf + x, y); ++ if (!z) return x; ++ } ++ if(z < 0) { ++ if ((errno == EAGAIN) || (errno == ENOMEM) || (errno == ERESTART) || (errno == EINTR)) { ++ continue; ++ } ++ return x; ++ } ++ x += z; ++ } ++ return x; ++} ++ ++static char *get_FD_pass(int fd) ++{ ++ char *p = NULL, *n; ++ int x = 0, y = 0; ++ ++ do { ++ if(y >= (x - 1)) { ++ x += 128; ++ /* Must enforce some max limit here -- this code */ ++ /* runs as part of mount, and mount is setuid root */ ++ /* and has used mlockall(MCL_CURRENT | MCL_FUTURE) */ ++ if(x > (4*1024)) return(NULL); ++ n = malloc(x); ++ if(!n) return(NULL); ++ if(p) { ++ memcpy(n, p, y); ++ memset(p, 0, y); ++ free(p); ++ } ++ p = n; ++ } ++ if(rd_wr_retry(fd, p + y, 1, 0) != 1) break; ++ if((p[y] == '\n') || !p[y]) break; ++ y++; ++ } while(1); ++ if(p) p[y] = 0; ++ return p; ++} ++ ++static unsigned long long mystrtoull(char *s, int acceptAT) ++{ ++ unsigned long long v = 0; ++ int negative = 0; ++ ++ while ((*s == ' ') || (*s == '\t')) ++ s++; ++ if (acceptAT && (*s == '@')) { ++ s++; ++ negative = 1; ++ } ++ if (*s == '0') { ++ s++; ++ if ((*s == 'x') || (*s == 'X')) { ++ s++; ++ sscanf(s, "%llx", &v); ++ } else { ++ sscanf(s, "%llo", &v); ++ } ++ } else { ++ sscanf(s, "%llu", &v); ++ } ++ return negative ? -v : v; ++} ++ ++static char *do_GPG_pipe(char *pass) ++{ ++ int x, pfdi[2], pfdo[2]; ++ char str[10], *a[16], *e[2], *h; ++ pid_t gpid; ++ struct passwd *p; ++ ++ if((getuid() == 0) && gpgHomeDir && gpgHomeDir[0]) { ++ h = gpgHomeDir; ++ } else { ++ if(!(p = getpwuid(getuid()))) { ++ fprintf(stderr, _("Error: Unable to detect home directory for uid %d\n"), (int)getuid()); ++ return NULL; ++ } ++ h = p->pw_dir; ++ } ++ if(!(e[0] = malloc(strlen(h) + 6))) { ++ nomem1: ++ fprintf(stderr, _("Error: Unable to allocate memory\n")); ++ return NULL; ++ } ++ sprintf(e[0], "HOME=%s", h); ++ e[1] = 0; ++ ++ if(pipe(&pfdi[0])) { ++ nomem2: ++ free(e[0]); ++ goto nomem1; ++ } ++ if(pipe(&pfdo[0])) { ++ close(pfdi[0]); ++ close(pfdi[1]); ++ goto nomem2; ++ } ++ ++ /* ++ * When this code is run as part of losetup, normal read permissions ++ * affect the open() below because losetup is not setuid-root. ++ * ++ * When this code is run as part of mount, only root can set ++ * 'gpgKeyFile' and as such, only root can decide what file is opened ++ * below. However, since mount is usually setuid-root all non-root ++ * users can also open() the file too, but that file's contents are ++ * only piped to gpg. This readable-for-all is intended behaviour, ++ * and is very useful in situations where non-root users mount loop ++ * devices with their own gpg private key, and yet don't have access ++ * to the actual key used to encrypt loop device. ++ */ ++ if((x = open(gpgKeyFile, O_RDONLY)) == -1) { ++ fprintf(stderr, _("Error: unable to open %s for reading\n"), gpgKeyFile); ++ nomem3: ++ free(e[0]); ++ close(pfdo[0]); ++ close(pfdo[1]); ++ close(pfdi[0]); ++ close(pfdi[1]); ++ return NULL; ++ } ++ ++ /* ++ * If someone puts a gpg key file at beginning of device and ++ * puts the real file system at some offset into the device, ++ * this code extracts that gpg key file into a temp file so gpg ++ * won't end up reading whole device when decrypting the key file. ++ * ++ * Example of encrypted cdrom mount with 8192 bytes reserved for gpg key file: ++ * mount -t iso9660 /dev/cdrom /cdrom -o loop=/dev/loop0,encryption=AES128,gpgkey=/dev/cdrom,offset=8192 ++ * ^^^^^^^^^^ ^^^^^^^^^^ ^^^^ ++ */ ++ if(loopOffsetBytes && !strcmp(loopFileName, gpgKeyFile)) { ++ FILE *f; ++ char b[1024]; ++ long long cnt; ++ int cnt2, cnt3; ++ ++ cnt = mystrtoull(loopOffsetBytes, 1); ++ if(cnt < 0) cnt = -cnt; ++ if(cnt > (1024 * 1024)) cnt = 1024 * 1024; /* sanity check */ ++ f = tmpfile(); ++ if(!f) { ++ fprintf(stderr, _("Error: unable to create temp file\n")); ++ close(x); ++ goto nomem3; ++ } ++ while(cnt > 0) { ++ cnt2 = sizeof(b); ++ if(cnt < cnt2) cnt2 = cnt; ++ cnt3 = rd_wr_retry(x, b, cnt2, 0); ++ if(cnt3 && (fwrite(b, cnt3, 1, f) != 1)) { ++ tmpWrErr: ++ fprintf(stderr, _("Error: unable to write to temp file\n")); ++ fclose(f); ++ close(x); ++ goto nomem3; ++ } ++ if(cnt2 != cnt3) break; ++ cnt -= cnt3; ++ } ++ if(fflush(f)) goto tmpWrErr; ++ close(x); ++ x = dup(fileno(f)); ++ fclose(f); ++ lseek(x, 0L, SEEK_SET); ++ } ++ ++ sprintf(str, "%d", pfdi[0]); ++ if(!(gpid = fork())) { ++ dup2(x, 0); ++ dup2(pfdo[1], 1); ++ close(x); ++ close(pfdi[1]); ++ close(pfdo[0]); ++ close(pfdo[1]); ++ if((x = open("/dev/null", O_WRONLY)) >= 0) { ++ dup2(x, 2); ++ close(x); ++ } ++ x = 0; ++ a[x++] = "gpg"; ++ if(gpgHomeDir && gpgHomeDir[0]) { ++ a[x++] = "--homedir"; ++ a[x++] = gpgHomeDir; ++ } ++ a[x++] = "--options"; ++ a[x++] = "/dev/null"; ++ a[x++] = "--quiet"; ++ a[x++] = "--batch"; ++ a[x++] = "--no-tty"; ++ a[x++] = "--passphrase-fd"; ++ a[x++] = str; ++ a[x++] = "--decrypt"; ++ a[x] = 0; ++ setgid(getgid()); ++ setuid(getuid()); ++ for(x = 3; x < 1024; x++) { ++ if(x == pfdi[0]) continue; ++ close(x); ++ } ++ execve("/bin/gpg", &a[0], &e[0]); ++ execve("/usr/bin/gpg", &a[0], &e[0]); ++ execve("/usr/local/bin/gpg", &a[0], &e[0]); ++ exit(1); ++ } ++ free(e[0]); ++ close(x); ++ close(pfdi[0]); ++ close(pfdo[1]); ++ if(gpid == -1) { ++ close(pfdi[1]); ++ close(pfdo[0]); ++ goto nomem1; ++ } ++ ++ x = strlen(pass); ++ rd_wr_retry(pfdi[1], pass, x, 1); ++ rd_wr_retry(pfdi[1], "\n", 1, 1); ++ close(pfdi[1]); ++ memset(pass, 0, x); ++ x = 0; ++ while(x < 65) { ++ multiKeyPass[x] = get_FD_pass(pfdo[0]); ++ if(!multiKeyPass[x]) { ++ /* mem alloc failed - abort */ ++ multiKeyPass[0] = 0; + break; ++ } ++ if(strlen(multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break; ++ x++; ++ } ++ if(x == 65) ++ multiKeyMode = 65; ++ if(x == 64) ++ multiKeyMode = 64; ++ close(pfdo[0]); ++ waitpid(gpid, &x, 0); ++ if(!multiKeyPass[0]) goto nomem1; ++ return multiKeyPass[0]; ++} ++ ++static char *sGetPass(int minLen, int warnLen) ++{ ++ char *p, *s, *seed; ++ int i, ask2; ++ ++ if(!passFDnumber) { ++ p = getpass(_("Password: ")); ++ ask2 = passAskTwice ? 1 : 0; ++ } else { ++ i = atoi(passFDnumber); ++ if(gpgKeyFile && gpgKeyFile[0]) { ++ p = get_FD_pass(i); ++ } else { ++ int x = 0; ++ while(x < 65) { ++ multiKeyPass[x] = get_FD_pass(i); ++ if(!multiKeyPass[x]) goto nomem; ++ if(strlen(multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break; ++ x++; ++ } ++ if(x == 65) { ++ multiKeyMode = 65; ++ return multiKeyPass[0]; ++ } ++ if(x == 64) { ++ multiKeyMode = 64; ++ return multiKeyPass[0]; ++ } ++ p = multiKeyPass[0]; ++ } ++ ask2 = 0; ++ } ++ if(!p) goto nomem; ++ if(gpgKeyFile && gpgKeyFile[0]) { ++ if(ask2) { ++ i = strlen(p); ++ s = malloc(i + 1); ++ if(!s) goto nomem; ++ strcpy(s, p); ++ p = getpass(_("Retype password: ")); ++ if(!p) goto nomem; ++ if(strcmp(s, p)) goto compareErr; ++ memset(s, 0, i); ++ free(s); ++ ask2 = 0; ++ } ++ p = do_GPG_pipe(p); ++ if(!p) return(NULL); ++ if(!p[0]) { ++ fprintf(stderr, _("Error: gpg key file decryption failed\n")); ++ return(NULL); ++ } ++ if(multiKeyMode) return(p); ++ } ++ i = strlen(p); ++ if(i < minLen) { ++ fprintf(stderr, _("Error: Password must be at least %d characters.\n"), minLen); ++ return(NULL); ++ } ++ seed = passSeedString; ++ if(!seed) seed = ""; ++ s = malloc(i + strlen(seed) + 1); ++ if(!s) { ++ nomem: ++ fprintf(stderr, _("Error: Unable to allocate memory\n")); ++ return(NULL); ++ } ++ strcpy(s, p); ++ memset(p, 0, i); ++ if(ask2) { ++ p = getpass(_("Retype password: ")); ++ if(!p) goto nomem; ++ if(strcmp(s, p)) { ++ compareErr: ++ fprintf(stderr, _("Error: Passwords are not identical\n")); ++ return(NULL); ++ } ++ memset(p, 0, i); + } ++ if(i < warnLen) { ++ fprintf(stderr, _("WARNING - Please use longer password (%d or more characters)\n"), LOOP_PASSWORD_MIN_LENGTH); ++ } ++ strcat(s, seed); ++ return(s); ++} + +- if (pass == NULL) +- return ""; ++/* this is for compatibility with historic loop-AES version */ ++static void unhashed1_key_setup(unsigned char *keyStr, int ile, unsigned char *keyBuf, int bufSize) ++{ ++ register int x, y, z, cnt = ile; ++ unsigned char *kp; + +- pass[i] = 0; +- return pass; ++ memset(keyBuf, 0, bufSize); ++ kp = keyStr; ++ for(x = 0; x < (bufSize * 8); x += 6) { ++ y = *kp++; ++ if(--cnt <= 0) { ++ kp = keyStr; ++ cnt = ile; ++ } ++ if((y >= '0') && (y <= '9')) y -= '0'; ++ else if((y >= 'A') && (y <= 'Z')) y -= ('A' - 10); ++ else if((y >= 'a') && (y <= 'z')) y -= ('a' - 36); ++ else if((y == '.') || (y == '/')) y += (62 - '.'); ++ else y &= 63; ++ z = x >> 3; ++ if(z < bufSize) { ++ keyBuf[z] |= y << (x & 7); ++ } ++ z++; ++ if(z < bufSize) { ++ keyBuf[z] |= y >> (8 - (x & 7)); ++ } ++ } + } + +-static int +-digits_only(const char *s) { +- while (*s) +- if (!isdigit(*s++)) +- return 0; +- return 1; ++/* this is for compatibility with mainline mount */ ++static void unhashed2_key_setup(unsigned char *keyStr, int ile, unsigned char *keyBuf, int bufSize) ++{ ++ memset(keyBuf, 0, bufSize); ++ strncpy(keyBuf, keyStr, bufSize - 1); ++ keyBuf[bufSize - 1] = 0; ++} ++ ++static void rmd160HashTwiceWithA(unsigned char *ib, int ile, unsigned char *ob, int ole) ++{ ++ char tmpBuf[20 + 20]; ++ char pwdCopy[130]; ++ ++ if(ole < 1) return; ++ memset(ob, 0, ole); ++ if(ole > 40) ole = 40; ++ rmd160_hash_buffer(&tmpBuf[0], ib, ile); ++ pwdCopy[0] = 'A'; ++ if(ile > sizeof(pwdCopy) - 1) ile = sizeof(pwdCopy) - 1; ++ memcpy(pwdCopy + 1, ib, ile); ++ rmd160_hash_buffer(&tmpBuf[20], pwdCopy, ile + 1); ++ memcpy(ob, tmpBuf, ole); ++ memset(tmpBuf, 0, sizeof(tmpBuf)); ++ memset(pwdCopy, 0, sizeof(pwdCopy)); ++} ++ ++static int loop_create_random_keys(char *partition, int loopro, unsigned char *k) ++{ ++ int x, y; ++ sha512_context s; ++ unsigned char b[4096]; ++ FILE *f; ++ ++ if(loopro) { ++ fprintf(stderr, _("Error: read-only device %s\n"), partition); ++ return 1; ++ } ++ ++ /* ++ * Compute SHA-512 over first 40 KB of old fs data. SHA-512 hash ++ * output is then used as entropy for new fs encryption key. ++ */ ++ if(!(f = fopen(partition, "r+"))) { ++ fprintf(stderr, _("Error: unable to open device %s\n"), partition); ++ return 1; ++ } ++ fseek(f, (long)0, SEEK_SET); ++ sha512_init(&s); ++ for(x = 0; x < 10; x++) { ++ if(fread(&b[0], sizeof(b), 1, f) != 1) break; ++ sha512_write(&s, &b[0], sizeof(b)); ++ } ++ sha512_final(&s); ++ ++ /* ++ * Overwrite 40 KB of old fs data 20 times so that recovering ++ * SHA-512 output beyond this point is difficult and expensive. ++ */ ++ for(y = 0; y < 20; y++) { ++ int z; ++ struct { ++ struct timeval tv; ++ unsigned char h[64]; ++ int x,y,z; ++ } j; ++ if(fseek(f, (long)0, SEEK_SET)) break; ++ memcpy(&j.h[0], &s.sha_out[0], 64); ++ gettimeofday(&j.tv, NULL); ++ j.y = y; ++ for(x = 0; x < 10; x++) { ++ j.x = x; ++ for(z = 0; z < sizeof(b); z += 64) { ++ j.z = z; ++ sha512_hash_buffer((unsigned char *)&j, sizeof(j), &b[z], 64); ++ } ++ if(fwrite(&b[0], sizeof(b), 1, f) != 1) break; ++ } ++ memset(&j, 0, sizeof(j)); ++ if(fflush(f)) break; ++ if(fsync(fileno(f))) break; ++ } ++ fclose(f); ++ ++ /* ++ * Use all 512 bits of hash output ++ */ ++ memcpy(&b[0], &s.sha_out[0], 64); ++ memset(&s, 0, sizeof(s)); ++ ++ /* ++ * Read 32 bytes of random entropy from kernel's random ++ * number generator. This code may be executed early on startup ++ * scripts and amount of random entropy may be non-existent. ++ * SHA-512 of old fs data is used as workaround for missing ++ * entropy in kernel's random number generator. ++ */ ++ if(!(f = fopen("/dev/urandom", "r"))) { ++ fprintf(stderr, _("Error: unable to open /dev/urandom\n")); ++ return 1; ++ } ++ fread(&b[64], 32, 1, f); ++ ++ /* generate multi-key hashes */ ++ x = 0; ++ while(x < 65) { ++ fread(&b[64+32], 16, 1, f); ++ sha512_hash_buffer(&b[0], 64+32+16, k, 32); ++ k += 32; ++ x++; ++ } ++ ++ fclose(f); ++ memset(&b[0], 0, sizeof(b)); ++ return 0; ++} ++ ++#if !defined(MAIN) ++static int loop_fork_mkfs_command(char *device, char *fstype) ++{ ++ int x, y = 0; ++ char *a[10], *e[1]; ++ ++ sync(); ++ if(!(x = fork())) { ++ if((x = open("/dev/null", O_WRONLY)) >= 0) { ++ dup2(x, 0); ++ dup2(x, 1); ++ dup2(x, 2); ++ close(x); ++ } ++ x = 0; ++ a[x++] = "mkfs"; ++ a[x++] = "-t"; ++ a[x++] = fstype; ++ /* mkfs.reiserfs and mkfs.xfs need -f option */ ++ if(!strcmp(fstype, "reiserfs") || !strcmp(fstype, "xfs")) { ++ a[x++] = "-f"; ++ } ++ a[x++] = device; ++ a[x] = 0; ++ e[0] = 0; ++ setgid(getgid()); ++ setuid(getuid()); ++ for(x = 3; x < 1024; x++) { ++ close(x); ++ } ++ execve("/sbin/mkfs", &a[0], &e[0]); ++ exit(1); ++ } ++ if(x == -1) { ++ fprintf(stderr, _("Error: fork failed\n")); ++ return 1; ++ } ++ waitpid(x, &y, 0); ++ sync(); ++ if(!WIFEXITED(y) || (WEXITSTATUS(y) != 0)) { ++ fprintf(stderr, _("Error: encrypted file system mkfs failed\n")); ++ return 1; ++ } ++ return 0; + } ++#endif + + int +-set_loop(const char *device, const char *file, unsigned long long offset, +- const char *encryption, int pfd, int *loopro) { +- struct loop_info64 loopinfo64; ++set_loop(const char *device, const char *file, int *loopro, const char **fstype, unsigned int *AutoChmodPtr) { ++ struct loop_info64 loopinfo; + int fd, ffd, mode, i; +- char *pass; ++ char *pass, *apiName = NULL; ++ void (*hashFunc)(unsigned char *, int, unsigned char *, int); ++ unsigned char multiKeyBits[65][32]; ++ int minPassLen = LOOP_PASSWORD_MIN_LENGTH; ++ int run_mkfs_command = 0; + ++ loopFileName = (char *)file; ++ multiKeyMode = 0; + mode = (*loopro ? O_RDONLY : O_RDWR); + if ((ffd = open(file, mode)) < 0) { + if (!*loopro && errno == EROFS) +@@ -256,32 +756,25 @@ + } + if ((fd = open(device, mode)) < 0) { + perror (device); +- return 1; ++ goto close_ffd_return1; + } + *loopro = (mode == O_RDONLY); + +- memset(&loopinfo64, 0, sizeof(loopinfo64)); +- +- xstrncpy(loopinfo64.lo_file_name, file, LO_NAME_SIZE); ++ memset (&loopinfo, 0, sizeof (loopinfo)); ++ xstrncpy (loopinfo.lo_file_name, file, LO_NAME_SIZE); ++ if (loopEncryptionType) ++ loopinfo.lo_encrypt_type = loop_crypt_type (loopEncryptionType, &loopinfo.lo_encrypt_key_size, &apiName); ++ if (loopOffsetBytes) ++ loopinfo.lo_offset = mystrtoull(loopOffsetBytes, 1); ++ if (loopSizeBytes) ++ loopinfo.lo_sizelimit = mystrtoull(loopSizeBytes, 0); + +- if (encryption && *encryption) { +- if (digits_only(encryption)) { +- loopinfo64.lo_encrypt_type = atoi(encryption); +- } else { +- loopinfo64.lo_encrypt_type = LO_CRYPT_CRYPTOAPI; +- snprintf(loopinfo64.lo_crypt_name, LO_NAME_SIZE, +- "%s", encryption); +- } +- } +- +- loopinfo64.lo_offset = offset; +- +-#ifdef MCL_FUTURE ++#ifdef MCL_FUTURE + /* + * Oh-oh, sensitive data coming up. Better lock into memory to prevent + * passwd etc being swapped out and left somewhere on disk. + */ +- ++ + if(mlockall(MCL_CURRENT | MCL_FUTURE)) { + perror("memlock"); + fprintf(stderr, _("Couldn't lock into memory, exiting.\n")); +@@ -289,126 +782,222 @@ + } + #endif + +- switch (loopinfo64.lo_encrypt_type) { ++ switch (loopinfo.lo_encrypt_type) { + case LO_CRYPT_NONE: +- loopinfo64.lo_encrypt_key_size = 0; ++ loopinfo.lo_encrypt_key_size = 0; + break; + case LO_CRYPT_XOR: +- pass = getpass(_("Password: ")); +- goto gotpass; ++ pass = sGetPass (1, 0); ++ if(!pass) goto close_fd_ffd_return1; ++ xstrncpy (loopinfo.lo_encrypt_key, pass, LO_KEY_SIZE); ++ loopinfo.lo_encrypt_key_size = strlen(loopinfo.lo_encrypt_key); ++ break; ++ case 3: /* LO_CRYPT_FISH2 */ ++ case 4: /* LO_CRYPT_BLOW */ ++ case 7: /* LO_CRYPT_SERPENT */ ++ case 8: /* LO_CRYPT_MARS */ ++ case 11: /* LO_CRYPT_RC6 */ ++ case 12: /* LO_CRYPT_DES_EDE3 */ ++ case 16: /* LO_CRYPT_AES */ ++ case 18: /* LO_CRYPT_CRYPTOAPI */ ++ /* set default hash function */ ++ hashFunc = sha256_hash_buffer; ++ if(loopinfo.lo_encrypt_key_size == 24) hashFunc = sha384_hash_buffer; ++ if(loopinfo.lo_encrypt_key_size == 32) hashFunc = sha512_hash_buffer; ++ /* possibly override default hash function */ ++ if(passHashFuncName) { ++ if(!strcasecmp(passHashFuncName, "sha256")) { ++ hashFunc = sha256_hash_buffer; ++ } else if(!strcasecmp(passHashFuncName, "sha384")) { ++ hashFunc = sha384_hash_buffer; ++ } else if(!strcasecmp(passHashFuncName, "sha512")) { ++ hashFunc = sha512_hash_buffer; ++ } else if(!strcasecmp(passHashFuncName, "rmd160")) { ++ hashFunc = rmd160HashTwiceWithA; ++ minPassLen = 1; ++ } else if(!strcasecmp(passHashFuncName, "unhashed1")) { ++ hashFunc = unhashed1_key_setup; ++ } else if(!strcasecmp(passHashFuncName, "unhashed2")) { ++ hashFunc = unhashed2_key_setup; ++ minPassLen = 1; ++ } else if(!strcasecmp(passHashFuncName, "unhashed3") && passFDnumber && !gpgKeyFile) { ++ /* unhashed3 hash type reads binary key from file descriptor. */ ++ /* This is not compatible with gpgkey= mount option */ ++ if(rd_wr_retry(atoi(passFDnumber), (char *)&loopinfo.lo_encrypt_key[0], LO_KEY_SIZE, 0) < 1) { ++ fprintf(stderr, _("Error: couldn't read binary key\n")); ++ goto close_fd_ffd_return1; ++ } ++ break; /* out of switch(loopinfo.lo_encrypt_type) */ ++ } else if(!strncasecmp(passHashFuncName, "random", 6) && ((passHashFuncName[6] == 0) || (passHashFuncName[6] == '/'))) { ++ /* random hash type sets up 65 random keys */ ++ /* WARNING! DO NOT USE RANDOM HASH TYPE ON PARTITION WITH EXISTING */ ++ /* IMPORTANT DATA ON IT. RANDOM HASH TYPE WILL DESTROY YOUR DATA. */ ++ if(loop_create_random_keys((char*)file, *loopro, &multiKeyBits[0][0])) { ++ goto close_fd_ffd_return1; ++ } ++ memcpy(&loopinfo.lo_encrypt_key[0], &multiKeyBits[0][0], sizeof(loopinfo.lo_encrypt_key)); ++ run_mkfs_command = multiKeyMode = 1000; ++ break; /* out of switch(loopinfo.lo_encrypt_type) */ ++ } ++ } ++ pass = sGetPass (minPassLen, LOOP_PASSWORD_MIN_LENGTH); ++ if(!pass) goto close_fd_ffd_return1; ++ i = strlen(pass); ++ if(hashFunc == unhashed1_key_setup) { ++ /* this is for compatibility with historic loop-AES version */ ++ loopinfo.lo_encrypt_key_size = 16; /* 128 bits */ ++ if(i >= 32) loopinfo.lo_encrypt_key_size = 24; /* 192 bits */ ++ if(i >= 43) loopinfo.lo_encrypt_key_size = 32; /* 256 bits */ ++ } ++ (*hashFunc)(pass, i, &loopinfo.lo_encrypt_key[0], sizeof(loopinfo.lo_encrypt_key)); ++ if(multiKeyMode) { ++ int r = 0, t; ++ while(r < multiKeyMode) { ++ t = strlen(multiKeyPass[r]); ++ (*hashFunc)(multiKeyPass[r], t, &multiKeyBits[r][0], 32); ++ memset(multiKeyPass[r], 0, t); ++ /* ++ * MultiKeyMode uses md5 IV. One key mode uses sector IV. Sector IV ++ * and md5 IV v2 and v3 are all computed differently. This first key ++ * byte XOR with 0x55/0xF4 is needed to cause complete decrypt failure ++ * in cases where data is encrypted with one type of IV and decrypted ++ * with another type IV. If identical key was used but only IV was ++ * computed differently, only first plaintext block of 512 byte CBC ++ * chain would decrypt incorrectly and rest would decrypt correctly. ++ * Partially correct decryption is dangerous. Decrypting all blocks ++ * incorrectly is safer because file system mount will simply fail. ++ */ ++ if(multiKeyMode == 65) { ++ multiKeyBits[r][0] ^= 0xF4; /* version 3 */ ++ } else { ++ multiKeyBits[r][0] ^= 0x55; /* version 2 */ ++ } ++ r++; ++ } ++ } else if(passIterThousands) { ++ aes_context ctx; ++ unsigned long iter = 0; ++ unsigned char tempkey[32]; ++ /* ++ * Set up AES-256 encryption key using same password and hash function ++ * as before but with password bit 0 flipped before hashing. That key ++ * is then used to encrypt actual loop key 'itercountk' thousand times. ++ */ ++ pass[0] ^= 1; ++ (*hashFunc)(pass, i, &tempkey[0], 32); ++ aes_set_key(&ctx, &tempkey[0], 32, 0); ++ sscanf(passIterThousands, "%lu", &iter); ++ iter *= 1000; ++ while(iter > 0) { ++ /* encrypt both 128bit blocks with AES-256 */ ++ aes_encrypt(&ctx, &loopinfo.lo_encrypt_key[ 0], &loopinfo.lo_encrypt_key[ 0]); ++ aes_encrypt(&ctx, &loopinfo.lo_encrypt_key[16], &loopinfo.lo_encrypt_key[16]); ++ /* exchange upper half of first block with lower half of second block */ ++ memcpy(&tempkey[0], &loopinfo.lo_encrypt_key[8], 8); ++ memcpy(&loopinfo.lo_encrypt_key[8], &loopinfo.lo_encrypt_key[16], 8); ++ memcpy(&loopinfo.lo_encrypt_key[16], &tempkey[0], 8); ++ iter--; ++ } ++ memset(&ctx, 0, sizeof(ctx)); ++ memset(&tempkey[0], 0, sizeof(tempkey)); ++ } ++ memset(pass, 0, i); /* erase original password */ ++ break; + default: +- pass = xgetpass(pfd, _("Password: ")); +- gotpass: +- memset(loopinfo64.lo_encrypt_key, 0, LO_KEY_SIZE); +- xstrncpy(loopinfo64.lo_encrypt_key, pass, LO_KEY_SIZE); +- memset(pass, 0, strlen(pass)); +- loopinfo64.lo_encrypt_key_size = LO_KEY_SIZE; ++ fprintf (stderr, _("Error: don't know how to get key for encryption system %d\n"), loopinfo.lo_encrypt_type); ++ goto close_fd_ffd_return1; ++ } ++ ++ if(loInitValue) { ++ /* cipher modules are free to do whatever they want with this value */ ++ i = 0; ++ sscanf(loInitValue, "%d", &i); ++ loopinfo.lo_init[0] = i; + } + + if (ioctl(fd, LOOP_SET_FD, ffd) < 0) { + perror("ioctl: LOOP_SET_FD"); ++keyclean_close_fd_ffd_return1: ++ memset(loopinfo.lo_encrypt_key, 0, sizeof(loopinfo.lo_encrypt_key)); ++ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); ++close_fd_ffd_return1: ++ close (fd); ++close_ffd_return1: ++ close (ffd); + return 1; + } +- close (ffd); + +- i = ioctl(fd, LOOP_SET_STATUS64, &loopinfo64); +- if (i) { +- struct loop_info loopinfo; +- int errsv = errno; +- +- i = loop_info64_to_old(&loopinfo64, &loopinfo); +- if (i) { +- errno = errsv; +- perror("ioctl: LOOP_SET_STATUS64"); +- } else { +- i = ioctl(fd, LOOP_SET_STATUS, &loopinfo); +- if (i) +- perror("ioctl: LOOP_SET_STATUS"); ++ /* type 18 == LO_CRYPT_CRYPTOAPI */ ++ if ((loopinfo.lo_encrypt_type == 18) || (loop_set_status64_ioctl(fd, &loopinfo) < 0)) { ++ /* direct cipher interface failed - try CryptoAPI interface now */ ++ if(!apiName || (try_cryptoapi_loop_interface(fd, &loopinfo, apiName) < 0)) { ++ fprintf(stderr, _("ioctl: LOOP_SET_STATUS: %s, requested cipher or key length (%d bits) not supported by kernel\n"), strerror(errno), loopinfo.lo_encrypt_key_size << 3); ++ loop_clr_fd_out: ++ (void) ioctl (fd, LOOP_CLR_FD, 0); ++ goto keyclean_close_fd_ffd_return1; + } +- memset(&loopinfo, 0, sizeof(loopinfo)); + } +- memset(&loopinfo64, 0, sizeof(loopinfo64)); +- +- if (i) { +- ioctl (fd, LOOP_CLR_FD, 0); +- close (fd); +- return 1; ++ if(multiKeyMode >= 65) { ++ if(ioctl(fd, LOOP_MULTI_KEY_SETUP_V3, &multiKeyBits[0][0]) < 0) { ++ if(multiKeyMode == 1000) goto try_v2_setup; ++ perror("ioctl: LOOP_MULTI_KEY_SETUP_V3"); ++ goto loop_clr_fd_out; ++ } ++ } else if(multiKeyMode == 64) { ++ try_v2_setup: ++ if((ioctl(fd, LOOP_MULTI_KEY_SETUP, &multiKeyBits[0][0]) < 0) && (multiKeyMode != 1000)) { ++ perror("ioctl: LOOP_MULTI_KEY_SETUP"); ++ goto loop_clr_fd_out; ++ } + } +- close (fd); + +- if (verbose > 1) +- printf(_("set_loop(%s,%s,%llu): success\n"), +- device, file, offset); +- return 0; +-} +- +-int +-del_loop (const char *device) { +- int fd; +- +- if ((fd = open (device, O_RDONLY)) < 0) { +- int errsv = errno; +- fprintf(stderr, _("loop: can't delete device %s: %s\n"), +- device, strerror (errsv)); +- return 1; +- } +- if (ioctl (fd, LOOP_CLR_FD, 0) < 0) { +- perror ("ioctl: LOOP_CLR_FD"); +- return 1; +- } ++ memset(loopinfo.lo_encrypt_key, 0, sizeof(loopinfo.lo_encrypt_key)); ++ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); + close (fd); +- if (verbose > 1) +- printf(_("del_loop(%s): success\n"), device); +- return 0; +-} +- +-#else /* no LOOP_SET_FD defined */ +-static void +-mutter(void) { +- fprintf(stderr, +- _("This mount was compiled without loop support. " +- "Please recompile.\n")); +-} +- +-int +-set_loop (const char *device, const char *file, unsigned long long offset, +- const char *encryption, int *loopro) { +- mutter(); +- return 1; +-} ++ close (ffd); + +-int +-del_loop (const char *device) { +- mutter(); +- return 1; +-} ++#if !defined(MAIN) ++ if(run_mkfs_command && fstype && *fstype && **fstype && (getuid() == 0)) { ++ if(!loop_fork_mkfs_command((char *)device, (char *)(*fstype))) { ++ /* !strncasecmp(passHashFuncName, "random", 6) test matched */ ++ /* This reads octal mode for newly created file system root */ ++ /* directory node from '-o phash=random/1777' mount option. */ ++ /* octal mode--^^^^ */ ++ sscanf(passHashFuncName + 6, "/%o", AutoChmodPtr); ++ } else { ++ if((fd = open(device, mode)) >= 0) { ++ ioctl(fd, LOOP_CLR_FD, 0); ++ close(fd); ++ return 1; ++ } ++ } ++ } ++#endif + +-char * +-find_unused_loop_device (void) { +- mutter(); ++ if (verbose > 1) ++ printf(_("set_loop(%s,%s): success\n"), device, file); + return 0; + } + +-#endif +- + #ifdef MAIN + +-#ifdef LOOP_SET_FD +- + #include + #include + + int verbose = 0; +-char *progname; ++static char *progname; + + static void + usage(void) { + fprintf(stderr, _("usage:\n\ +- %s loop_device # give info\n\ +- %s -d loop_device # delete\n\ +- %s -f # find unused\n\ +- %s [-e encryption] [-o offset] {-f|loop_device} file # setup\n"), +- progname, progname, progname, progname); ++ %s [-e encryption] [options] loop_device file # setup\n\ ++ %s -F [options] loop_device [file] # setup, read /etc/fstab\n\ ++ %s loop_device # give info\n\ ++ %s -a # give info of all loops\n\ ++ %s -d loop_device # delete\n\ ++options: -o offset -s sizelimit -p passwdfd -S pseed -H phash\n\ ++ -I loinit -T -K gpgkey -G gpghome -C itercountk -v -r\n"), ++ progname, progname, progname, progname, progname); + exit(1); + } + +@@ -439,107 +1028,191 @@ + fprintf (stderr, "\n"); + } + ++void ++show_all_loops(void) ++{ ++ char dev[20]; ++ char *lfmt[] = { "/dev/loop%d", "/dev/loop/%d" }; ++ int i, j, fd, x; ++ struct stat statbuf; ++ ++ for(i = 0; i < 256; i++) { ++ for(j = (sizeof(lfmt) / sizeof(lfmt[0])) - 1; j >= 0; j--) { ++ sprintf(dev, lfmt[j], i); ++ if(stat(dev, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) { ++ fd = open(dev, O_RDONLY); ++ if(fd >= 0) { ++ x = is_unused_loop_device(fd); ++ close(fd); ++ if(x == 0) { ++ show_loop(dev); ++ j = 0; ++ } ++ } ++ } ++ } ++ } ++} ++ ++int ++read_options_from_fstab(char *loopToFind, char **partitionPtr) ++{ ++ FILE *f; ++ struct mntent *m; ++ int y, foundMatch = 0; ++ char *opt, *fr1, *fr2; ++ struct options { ++ char *name; /* name of /etc/fstab option */ ++ char **dest; /* destination where it is written to */ ++ char *line; /* temp */ ++ }; ++ struct options tbl[] = { ++ { "device/file name ", partitionPtr }, /* must be index 0 */ ++ { "loop=", &loopToFind }, /* must be index 1 */ ++ { "offset=", &loopOffsetBytes }, ++ { "sizelimit=", &loopSizeBytes }, ++ { "encryption=", &loopEncryptionType }, ++ { "pseed=", &passSeedString }, ++ { "phash=", &passHashFuncName }, ++ { "loinit=", &loInitValue }, ++ { "gpgkey=", &gpgKeyFile }, ++ { "gpghome=", &gpgHomeDir }, ++ { "itercountk=", &passIterThousands }, ++ }; ++ struct options *p; ++ ++ if (!(f = setmntent("/etc/fstab", "r"))) { ++ fprintf(stderr, _("Error: unable to open /etc/fstab for reading\n")); ++ return 0; ++ } ++ while ((m = getmntent(f)) != NULL) { ++ tbl[0].line = fr1 = xstrdup(m->mnt_fsname); ++ p = &tbl[1]; ++ do { ++ p->line = NULL; ++ } while (++p < &tbl[sizeof(tbl) / sizeof(struct options)]); ++ opt = fr2 = xstrdup(m->mnt_opts); ++ for (opt = strtok(opt, ","); opt != NULL; opt = strtok(NULL, ",")) { ++ p = &tbl[1]; ++ do { ++ y = strlen(p->name); ++ if (!strncmp(opt, p->name, y)) ++ p->line = opt + y; ++ } while (++p < &tbl[sizeof(tbl) / sizeof(struct options)]); ++ } ++ if (tbl[1].line && !strcmp(loopToFind, tbl[1].line)) { ++ if (++foundMatch > 1) { ++ fprintf(stderr, _("Error: multiple loop=%s options found in /etc/fstab\n"), loopToFind); ++ endmntent(f); ++ return 0; ++ } ++ p = &tbl[0]; ++ do { ++ if (!*p->dest && p->line) { ++ *p->dest = p->line; ++ if (verbose) ++ printf(_("using %s%s from /etc/fstab\n"), p->name, p->line); ++ } ++ } while (++p < &tbl[sizeof(tbl) / sizeof(struct options)]); ++ fr1 = fr2 = NULL; ++ } ++ if(fr1) free(fr1); ++ if(fr2) free(fr2); ++ } ++ endmntent(f); ++ if (foundMatch == 0) { ++ fprintf(stderr, _("Error: loop=%s option not found in /etc/fstab\n"), loopToFind); ++ } ++ return foundMatch; ++} ++ + int + main(int argc, char **argv) { +- char *p, *offset, *encryption, *passfd, *device, *file; +- int delete, find, c; ++ char *partitionName = NULL; ++ int delete,c,option_a=0,option_F=0; + int res = 0; + int ro = 0; +- int pfd = -1; +- unsigned long long off; + + setlocale(LC_ALL, ""); + bindtextdomain(PACKAGE, LOCALEDIR); + textdomain(PACKAGE); + +- delete = find = 0; +- off = 0; +- offset = encryption = passfd = NULL; +- ++ delete = 0; + progname = argv[0]; +- if ((p = strrchr(progname, '/')) != NULL) +- progname = p+1; +- +- while ((c = getopt(argc, argv, "de:E:fo:p:v")) != -1) { ++ while ((c = getopt(argc,argv,"aC:de:FG:H:I:K:o:p:rs:S:Tv")) != -1) { + switch (c) { ++ case 'a': /* show status of all loops */ ++ option_a = 1; ++ break; ++ case 'C': ++ passIterThousands = optarg; ++ break; + case 'd': + delete = 1; + break; +- case 'E': + case 'e': +- encryption = optarg; ++ loopEncryptionType = optarg; + break; +- case 'f': +- find = 1; ++ case 'F': /* read loop related options from /etc/fstab */ ++ option_F = 1; ++ break; ++ case 'G': /* GnuPG home dir */ ++ gpgHomeDir = optarg; ++ break; ++ case 'H': /* passphrase hash function name */ ++ passHashFuncName = optarg; ++ break; ++ case 'I': /* lo_init[0] value (in string form) */ ++ loInitValue = optarg; ++ break; ++ case 'K': /* GnuPG key file name */ ++ gpgKeyFile = optarg; + break; + case 'o': +- offset = optarg; ++ loopOffsetBytes = optarg; ++ break; ++ case 'p': /* read passphrase from given fd */ ++ passFDnumber = optarg; + break; +- case 'p': +- passfd = optarg; ++ case 'r': /* read-only */ ++ ro = 1; ++ break; ++ case 's': ++ loopSizeBytes = optarg; ++ break; ++ case 'S': /* optional seed for passphrase */ ++ passSeedString = optarg; ++ break; ++ case 'T': /* ask passphrase _twice_ */ ++ passAskTwice = "T"; + break; + case 'v': +- verbose = 1; ++ verbose++; + break; + default: + usage(); + } + } +- +- if (argc == 1) { +- usage(); +- } else if (delete) { +- if (argc != optind+1 || encryption || offset || find) +- usage(); +- } else if (find) { +- if (argc < optind || argc > optind+1) +- usage(); +- } else { +- if (argc < optind+1 || argc > optind+2) +- usage(); ++ if (argc == 1) usage(); ++ if (option_a) { ++ if (delete || (argc != optind)) usage(); ++ show_all_loops(); ++ exit(0); + } +- +- if (find) { +- device = find_unused_loop_device(); +- if (device == NULL) +- return -1; +- if (verbose) +- printf("Loop device is %s\n", device); +- if (argc == optind) { +- printf("%s\n", device); +- return 0; +- } +- file = argv[optind]; ++ if ((delete && (argc != optind+1 || loopEncryptionType || loopOffsetBytes || loopSizeBytes || option_F)) || ++ (!delete && (argc < optind+1 || argc > optind+2))) ++ usage(); ++ if (argc > optind+1) ++ partitionName = argv[optind+1]; ++ if (option_F && (read_options_from_fstab(argv[optind], &partitionName) != 1)) ++ exit(1); ++ if (delete) { ++ res = del_loop(argv[optind]); ++ } else if ((argc == optind+1) && !option_F) { ++ res = show_loop(argv[optind]); + } else { +- device = argv[optind]; +- if (argc == optind+1) +- file = NULL; +- else +- file = argv[optind+1]; +- } +- +- if (delete) +- res = del_loop(device); +- else if (file == NULL) +- res = show_loop(device); +- else { +- if (offset && sscanf(offset, "%llu", &off) != 1) +- usage(); +- if (passfd && sscanf(passfd, "%d", &pfd) != 1) +- usage(); +- res = set_loop(device, file, off, encryption, pfd, &ro); ++ res = set_loop(argv[optind],partitionName,&ro,(const char**)0,(unsigned int *)0); + } + return res; + } +- +-#else /* LOOP_SET_FD not defined */ +- +-int +-main(int argc, char **argv) { +- fprintf(stderr, +- _("No loop support was available at compile time. " +- "Please recompile.\n")); +- return -1; +-} +-#endif + #endif +--- util-linux-2.12q/mount/lomount.h ++++ util-linux-2.12q/mount/lomount.h +@@ -1,6 +1,17 @@ + extern int verbose; +-extern int set_loop(const char *, const char *, unsigned long long, +- const char *, int, int *); ++extern int set_loop(const char *, const char *, int *, const char **, unsigned int *); + extern int del_loop(const char *); + extern int is_loop_device(const char *); + extern char * find_unused_loop_device(void); ++ ++extern char *passFDnumber; ++extern char *passAskTwice; ++extern char *passSeedString; ++extern char *passHashFuncName; ++extern char *passIterThousands; ++extern char *loInitValue; ++extern char *gpgKeyFile; ++extern char *gpgHomeDir; ++extern char *loopOffsetBytes; ++extern char *loopSizeBytes; ++extern char *loopEncryptionType; +--- util-linux-2.12q/mount/loop.c ++++ util-linux-2.12q/mount/loop.c +@@ -0,0 +1,221 @@ ++/* ++ * loop.c ++ * ++ * Copyright 2003 by Jari Ruusu. ++ * Redistribution of this file is permitted under the GNU GPL ++ */ ++ ++/* collection of loop helper functions used by losetup, mount and swapon */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include "loop.h" ++ ++static void convert_info_to_info64(struct loop_info *info, struct loop_info64 *info64) ++{ ++ memset(info64, 0, sizeof(*info64)); ++ info64->lo_number = info->lo_number; ++ info64->lo_device = info->lo_device; ++ info64->lo_inode = info->lo_inode; ++ info64->lo_rdevice = info->lo_rdevice; ++ info64->lo_offset = info->lo_offset; ++ info64->lo_encrypt_type = info->lo_encrypt_type; ++ info64->lo_encrypt_key_size = info->lo_encrypt_key_size; ++ info64->lo_flags = info->lo_flags; ++ info64->lo_init[0] = info->lo_init[0]; ++ info64->lo_init[1] = info->lo_init[1]; ++ info64->lo_sizelimit = 0; ++ if (info->lo_encrypt_type == 18) /* LO_CRYPT_CRYPTOAPI */ ++ memcpy(info64->lo_crypt_name, info->lo_name, sizeof(info64->lo_crypt_name)); ++ else ++ memcpy(info64->lo_file_name, info->lo_name, sizeof(info64->lo_file_name)); ++ memcpy(info64->lo_encrypt_key, info->lo_encrypt_key, sizeof(info64->lo_encrypt_key)); ++} ++ ++static int convert_info64_to_info(struct loop_info64 *info64, struct loop_info *info) ++{ ++ memset(info, 0, sizeof(*info)); ++ info->lo_number = info64->lo_number; ++ info->lo_device = info64->lo_device; ++ info->lo_inode = info64->lo_inode; ++ info->lo_rdevice = info64->lo_rdevice; ++ info->lo_offset = info64->lo_offset; ++ info->lo_encrypt_type = info64->lo_encrypt_type; ++ info->lo_encrypt_key_size = info64->lo_encrypt_key_size; ++ info->lo_flags = info64->lo_flags; ++ info->lo_init[0] = info64->lo_init[0]; ++ info->lo_init[1] = info64->lo_init[1]; ++ if (info->lo_encrypt_type == 18) /* LO_CRYPT_CRYPTOAPI */ ++ memcpy(info->lo_name, info64->lo_crypt_name, sizeof(info->lo_name)); ++ else ++ memcpy(info->lo_name, info64->lo_file_name, sizeof(info->lo_name)); ++ memcpy(info->lo_encrypt_key, info64->lo_encrypt_key, sizeof(info->lo_encrypt_key)); ++ ++ /* error in case values were truncated */ ++ if (info->lo_device != info64->lo_device || ++ info->lo_rdevice != info64->lo_rdevice || ++ info->lo_inode != info64->lo_inode || ++ info->lo_offset != info64->lo_offset || ++ info64->lo_sizelimit) { ++ errno = EOVERFLOW; ++ return -1; ++ } ++ return 0; ++} ++ ++int loop_set_status64_ioctl(int fd, struct loop_info64 *info64) ++{ ++ struct loop_info info; ++ struct loop_info64 tmp; ++ int r; ++ ++ /* ++ * This ugly work around is needed because some ++ * Red Hat kernels are using same ioctl code: ++ * #define LOOP_CHANGE_FD 0x4C04 ++ * vs. ++ * #define LOOP_SET_STATUS64 0x4C04 ++ * that is used by modern loop driver. ++ * ++ * Attempt to detect presense of LOOP_GET_STATUS64 ++ * ioctl before issuing LOOP_SET_STATUS64 ioctl. ++ * Red Hat kernels with above LOOP_CHANGE_FD damage ++ * should return -1 and set errno to EINVAL. ++ */ ++ r = ioctl(fd, LOOP_GET_STATUS64, &tmp); ++ memset(&tmp, 0, sizeof(tmp)); ++ if ((r == 0) || (errno != EINVAL)) { ++ r = ioctl(fd, LOOP_SET_STATUS64, info64); ++ if (!r) ++ return 0; ++ } ++ r = convert_info64_to_info(info64, &info); ++ if (!r) ++ r = ioctl(fd, LOOP_SET_STATUS, &info); ++ ++ /* don't leave copies of encryption key on stack */ ++ memset(&info, 0, sizeof(info)); ++ return r; ++} ++ ++int loop_get_status64_ioctl(int fd, struct loop_info64 *info64) ++{ ++ struct loop_info info; ++ int r; ++ ++ memset(info64, 0, sizeof(*info64)); ++ r = ioctl(fd, LOOP_GET_STATUS64, info64); ++ if (!r) ++ return 0; ++ r = ioctl(fd, LOOP_GET_STATUS, &info); ++ if (!r) ++ convert_info_to_info64(&info, info64); ++ ++ /* don't leave copies of encryption key on stack */ ++ memset(&info, 0, sizeof(info)); ++ return r; ++} ++ ++/* returns: 1=unused 0=busy */ ++int is_unused_loop_device(int fd) ++{ ++ struct loop_info64 info64; ++ struct loop_info info; ++ int r; ++ ++ r = ioctl(fd, LOOP_GET_STATUS64, &info64); ++ memset(&info64, 0, sizeof(info64)); ++ if (!r) ++ return 0; ++ if (errno == ENXIO) ++ return 1; ++ ++ r = ioctl(fd, LOOP_GET_STATUS, &info); ++ memset(&info, 0, sizeof(info)); ++ if (!r) ++ return 0; ++ if (errno == ENXIO) ++ return 1; ++ if (errno == EOVERFLOW) ++ return 0; ++ return 1; ++} ++ ++struct loop_crypt_type_struct loop_crypt_type_tbl[] = { ++ { 0, 0, 0, "no" }, ++ { 0, 0, 0, "none" }, ++ { 1, 0, 0, "xor" }, ++ { 3, 1, 16, "twofish" }, ++ { 4, 1, 16, "blowfish" }, ++ { 7, 1, 16, "serpent" }, ++ { 8, 1, 16, "mars" }, ++ { 11, 3, 16, "rc6" }, ++ { 12, 0, 21, "tripleDES" }, ++ { 12, 0, 24, "3des" }, ++ { 12, 0, 24, "des3_ede" }, ++ { 16, 1, 16, "AES" }, ++ { -1, 0, 0, NULL } ++}; ++ ++static char *getApiName(char *e, int *len) ++{ ++ int x, y, z = 1, q = -1; ++ unsigned char *s; ++ ++ *len = y = 0; ++ s = strdup(e); ++ if(!s) ++ return ""; ++ x = strlen(s); ++ while(x > 0) { ++ x--; ++ if(!isdigit(s[x])) ++ break; ++ y += (s[x] - '0') * z; ++ z *= 10; ++ q = x; ++ } ++ while(x >= 0) { ++ s[x] = tolower(s[x]); ++ if(s[x] == '-') ++ s[x] = 0; ++ x--; ++ } ++ if(y >= 40) { ++ if(q >= 0) ++ s[q] = 0; ++ *len = y; ++ } ++ return(s); ++} ++ ++int loop_crypt_type(const char *name, u_int32_t *kbyp, char **apiName) ++{ ++ int i, k; ++ ++ *apiName = getApiName((char *)name, &k); ++ if(k < 0) ++ k = 0; ++ if(k > 256) ++ k = 256; ++ for (i = 0; loop_crypt_type_tbl[i].id != -1; i++) { ++ if (!strcasecmp (*apiName , loop_crypt_type_tbl[i].name)) { ++ *kbyp = k ? k >> 3 : loop_crypt_type_tbl[i].keyBytes; ++ return loop_crypt_type_tbl[i].id; ++ } ++ } ++ *kbyp = 16; /* 128 bits */ ++ return 18; /* LO_CRYPT_CRYPTOAPI */ ++} ++ ++int try_cryptoapi_loop_interface(int fd, struct loop_info64 *loopinfo, char *apiName) ++{ ++ snprintf(loopinfo->lo_crypt_name, sizeof(loopinfo->lo_crypt_name), "%s-cbc", apiName); ++ loopinfo->lo_crypt_name[LO_NAME_SIZE - 1] = 0; ++ loopinfo->lo_encrypt_type = 18; /* LO_CRYPT_CRYPTOAPI */ ++ return(loop_set_status64_ioctl(fd, loopinfo)); ++} +--- util-linux-2.12q/mount/loop.h ++++ util-linux-2.12q/mount/loop.h +@@ -1,6 +1,20 @@ +-#define LO_CRYPT_NONE 0 +-#define LO_CRYPT_XOR 1 +-#define LO_CRYPT_DES 2 ++/* ++ * loop.h ++ * ++ * Copyright 2003 by Jari Ruusu. ++ * Redistribution of this file is permitted under the GNU GPL ++ */ ++ ++#ifndef _LOOP_H ++#define _LOOP_H 1 ++ ++#include ++#include ++#include ++ ++#define LO_CRYPT_NONE 0 ++#define LO_CRYPT_XOR 1 ++#define LO_CRYPT_DES 2 + #define LO_CRYPT_CRYPTOAPI 18 + + #define LOOP_SET_FD 0x4C00 +@@ -9,17 +23,25 @@ + #define LOOP_GET_STATUS 0x4C03 + #define LOOP_SET_STATUS64 0x4C04 + #define LOOP_GET_STATUS64 0x4C05 ++#define LOOP_MULTI_KEY_SETUP 0x4C4D ++#define LOOP_MULTI_KEY_SETUP_V3 0x4C4E + +-#define LO_NAME_SIZE 64 +-#define LO_KEY_SIZE 32 +- +-#include "my_dev_t.h" ++#define LO_NAME_SIZE 64 ++#define LO_KEY_SIZE 32 + + struct loop_info { + int lo_number; +- my_dev_t lo_device; ++#if LINUX_VERSION_CODE >= 0x20600 ++ __kernel_old_dev_t lo_device; ++#else ++ __kernel_dev_t lo_device; ++#endif + unsigned long lo_inode; +- my_dev_t lo_rdevice; ++#if LINUX_VERSION_CODE >= 0x20600 ++ __kernel_old_dev_t lo_rdevice; ++#else ++ __kernel_dev_t lo_rdevice; ++#endif + int lo_offset; + int lo_encrypt_type; + int lo_encrypt_key_size; +@@ -30,22 +52,35 @@ + char reserved[4]; + }; + +-/* +- * Where to get __u8, __u32, __u64? Let us use unsigned char/int/long long +- * and get punished when someone comes with 128-bit long longs. +- */ + struct loop_info64 { +- unsigned long long lo_device; +- unsigned long long lo_inode; +- unsigned long long lo_rdevice; +- unsigned long long lo_offset; +- unsigned long long lo_sizelimit; /* bytes, 0 == max available */ +- unsigned int lo_number; +- unsigned int lo_encrypt_type; +- unsigned int lo_encrypt_key_size; +- unsigned int lo_flags; +- unsigned char lo_file_name[LO_NAME_SIZE]; +- unsigned char lo_crypt_name[LO_NAME_SIZE]; +- unsigned char lo_encrypt_key[LO_KEY_SIZE]; +- unsigned long long lo_init[2]; ++ u_int64_t lo_device; /* ioctl r/o */ ++ u_int64_t lo_inode; /* ioctl r/o */ ++ u_int64_t lo_rdevice; /* ioctl r/o */ ++ u_int64_t lo_offset; /* bytes */ ++ u_int64_t lo_sizelimit; /* bytes, 0 == max available */ ++ u_int32_t lo_number; /* ioctl r/o */ ++ u_int32_t lo_encrypt_type; ++ u_int32_t lo_encrypt_key_size; /* ioctl w/o */ ++ u_int32_t lo_flags; /* ioctl r/o */ ++ unsigned char lo_file_name[LO_NAME_SIZE]; ++ unsigned char lo_crypt_name[LO_NAME_SIZE]; ++ unsigned char lo_encrypt_key[LO_KEY_SIZE]; /* ioctl w/o */ ++ u_int64_t lo_init[2]; ++}; ++ ++extern int loop_set_status64_ioctl(int, struct loop_info64 *); ++extern int loop_get_status64_ioctl(int, struct loop_info64 *); ++extern int is_unused_loop_device(int); ++ ++struct loop_crypt_type_struct { ++ short int id; ++ unsigned char flags; /* bit0 = show keybits, bit1 = add '-' before keybits */ ++ unsigned char keyBytes; ++ char *name; + }; ++ ++extern struct loop_crypt_type_struct loop_crypt_type_tbl[]; ++extern int loop_crypt_type(const char *, u_int32_t *, char **); ++extern int try_cryptoapi_loop_interface(int, struct loop_info64 *, char *); ++ ++#endif +--- util-linux-2.12q/mount/losetup.8 ++++ util-linux-2.12q/mount/losetup.8 +@@ -1,42 +1,28 @@ +-.TH LOSETUP 8 "2003-07-01" "Linux" "MAINTENANCE COMMANDS" ++.TH LOSETUP 8 "2004-11-25" "Linux" "MAINTENANCE COMMANDS" + .SH NAME + losetup \- set up and control loop devices + .SH SYNOPSIS + .ad l +-Get info: +-.sp +-.in +5 + .B losetup ++[ ++.B \-e ++.I encryption ++] [options] ++.I loop_device ++file ++.br ++.B losetup -F ++[options] + .I loop_device +-.sp +-.in -5 +-Delete loop: +-.sp +-.in +5 +-.B "losetup \-d" ++[file] ++.br ++.B losetup ++[ ++.B \-d ++] + .I loop_device +-.sp +-.in -5 +-Print name of first unused loop device: +-.sp +-.in +5 +-.B "losetup \-f" +-.sp +-.in -5 +-Setup loop device: +-.sp +-.in +5 +-.B losetup +-.RB [{\-e | \-E} +-.IR encryption ] +-.RB [ \-o +-.IR offset ] +-.RB [ \-p +-.IR pfd ] +-.in +8 +-.RB { \-f | \fIloop_device\fP } +-.I file +-.in -13 ++.br ++.B losetup -a + .ad b + .SH DESCRIPTION + .B losetup +@@ -44,45 +30,108 @@ + to detach loop devices and to query the status of a loop device. If only the + \fIloop_device\fP argument is given, the status of the corresponding loop + device is shown. +- +-.SS "Encryption" +-It is possible to specify transfer functions (for encryption/decryption +-or other purposes) using one of the +-.B \-E +-and +-.B \-e +-options. +-There are two mechanisms to specify the desired encryption: by number +-and by name. If an encryption is specified by number then one +-has to make sure that the Linux kernel knows about the encryption with that +-number, probably by patching the kernel. Standard numbers that are +-always present are 0 (no encryption) and 1 (XOR encryption). +-When the cryptoloop module is loaded (or compiled in), it uses number 18. +-This cryptoloop module wil take the name of an arbitrary encryption type +-and finds the module that knows how to perform that encryption. +-(Thus, either one uses a number different from 18 with the +-.B \-E +-option, or one uses a name with the +-.B \-e +-option.) + .SH OPTIONS +-.IP \fB\-d\fP ++.IP \fB\-a\fP ++Show status of all loop devices. ++.IP "\fB\-C \fIitercountk\fP" ++Runs hashed password through \fIitercountk\fP thousand iterations of AES-256 ++before using it for loop encryption. This consumes lots of CPU cycles at ++loop setup/mount time but not thereafter. In combination with password seed ++this slows down dictionary attacks. Iteration is not done in multi-key mode. ++.IP "\fB\-d\fP" + Detach the file or device associated with the specified loop device. +-.IP "\fB\-E \fIencryption_type\fP" +-Enable data encryption with specified number. +-.IP "\fB\-e \fIencryption_name\fP" +-Enable data encryption with specified name. +-.IP "\fB\-f\fP" +-Find the first unused loop device. If a +-.I file +-argument is present, use this device. Otherwise, print its name. ++.IP "\fB\-e \fIencryption\fP" ++.RS ++Enable data encryption. Following encryption types are recognized: ++.IP \fBNONE\fP ++Use no encryption (default). ++.PD 0 ++.IP \fBXOR\fP ++Use a simple XOR encryption. ++.IP "\fBAES128 AES\fP" ++Use 128 bit AES encryption. Password is hashed with SHA-256 by default. ++.IP \fBAES192\fP ++Use 192 bit AES encryption. Password is hashed with SHA-384 by default. ++.IP \fBAES256\fP ++Use 256 bit AES encryption. Password is hashed with SHA-512 by default. ++ ++.IP "\fBtwofish128 twofish160 twofish192 twofish256\fP" ++.IP "\fBblowfish128 blowfish160 blowfish192 blowfish256\fP" ++.IP "\fBserpent128 serpent192 serpent256 mars128 mars192\fP" ++.IP "\fBmars256 rc6-128 rc6-192 rc6-256 tripleDES\fP" ++These encryption types are available if they are enabled in kernel ++configuration or corresponding modules have been loaded to kernel. ++.PD ++.RE ++.IP "\fB\-F\fP" ++Reads and uses mount options from /etc/fstab that match specified loop ++device, including offset= sizelimit= encryption= pseed= phash= loinit= ++gpgkey= gpghome= itercountk= and looped to device/file name. loop= option in ++/etc/fstab must match specified loop device name. Command line options take ++precedence in case of conflict. ++.IP "\fB\-G \fIgpghome\fP" ++Set gpg home directory to \fIgpghome\fP, so that gpg uses public/private ++keys on \fIgpghome\fP directory. This is only used when gpgkey file needs to ++be decrypted using public/private keys. If gpgkey file is encrypted with ++symmetric cipher only, public/private keys are not required and this option ++has no effect. ++.IP "\fB\-H \fIphash\fP" ++Uses \fIphash\fP function to hash password. Available hash functions are ++sha256, sha384, sha512 and rmd160. unhashed1, unhashed2 and unhashed3 ++functions also exist for compatibility with some obsolete implementations. ++ ++Hash function random does not ask for password but sets up random keys and ++attempts to put loop to multi-key mode. When random/1777 hash type is used ++as mount option for mount program, mount program will create new file system ++on the loop device and construct initial permissions of file system root ++directory from octal digits that follow the slash character. ++ ++WARNING! DO NOT USE RANDOM HASH TYPE ON PARTITION WITH EXISTING IMPORTANT ++DATA ON IT. RANDOM HASH TYPE WILL DESTROY YOUR DATA. ++.IP "\fB\-I \fIloinit\fP" ++Passes a numeric value of \fIloinit\fP as a parameter to cipher transfer ++function. Cipher transfer functions are free to interpret value as they ++want. ++.IP "\fB\-K \fIgpgkey\fP" ++Password is piped to gpg so that gpg can decrypt file \fIgpgkey\fP which ++contains the real keys that are used to encrypt loop device. If decryption ++requires public/private keys and gpghome is not specified, all users use ++their own gpg public/private keys to decrypt \fIgpgkey\fP. Decrypted ++\fIgpgkey\fP should contain 1 or 64 or 65 keys, each key at least 20 ++characters and separated by newline. If decrypted \fIgpgkey\fP contains 64 ++or 65 keys, then loop device is put to multi-key mode. In multi-key mode ++first key is used for first sector, second key for second sector, and so on. ++65th key, if present, is used as additional input to MD5 IV computation. + .IP "\fB\-o \fIoffset\fP" + The data start is moved \fIoffset\fP bytes into the specified file or +-device. +-.IP "\fB\-p \fInum\fP" +-Read the passphrase from file descriptor with number +-.I num +-instead of from the terminal. ++device. Normally offset is included in IV (initialization vector) ++computations. If offset is prefixed with @ character, then offset is not ++included in IV computations. @ prefix functionality may not be supported on ++some older kernels and/or loop drivers. ++.IP "\fB\-p \fIpasswdfd\fP" ++Read the passphrase from file descriptor \fIpasswdfd\fP instead of the ++terminal. If -K option is not being used (no gpg key file), then losetup ++attempts to read 65 keys from \fIpasswdfd\fP, each key at least 20 ++characters and separated by newline. If losetup successfully reads 64 or 65 ++keys, then loop device is put to multi-key mode. If losetup encounters ++end-of-file before 64 keys are read, then only first key is used in ++single-key mode. ++.IP "\fB\-r\fP" ++Read-only mode. ++.IP "\fB\-s \fIsizelimit\fP" ++Size of loop device is limited to \fIsizelimit\fP bytes. If unspecified or ++set to zero, loop device size is set to maximum available (file size minus ++offset). This option may not be supported on some older kernels and/or loop ++drivers. ++.IP "\fB\-S \fIpseed\fP" ++Sets encryption password seed \fIpseed\fP which is appended to user supplied ++password before hashing. Using different seeds for different partitions ++makes dictionary attacks slower but does not prevent them if user supplied ++password is guessable. Seed is not used in multi-key mode. ++.IP "\fB\-T\fP" ++Asks password twice. ++.IP "\fB\-v\fP" ++Verbose mode. + .SH RETURN VALUE + .B losetup + returns 0 on success, nonzero on failure. When +@@ -94,43 +143,26 @@ + + .SH FILES + .nf +-/dev/loop0, /dev/loop1, ... loop devices (major=7) ++/dev/loop0,/dev/loop1,... loop devices (major=7) + .fi + .SH EXAMPLE +-If you are using the loadable module you must have the module loaded +-first with the command +-.IP +-# insmod loop.o +-.LP +-Maybe also encryption modules are needed. +-.IP +-# insmod des.o +-# insmod cryptoloop.o +-.LP + The following commands can be used as an example of using the loop device. + .nf +-.IP +-# dd if=/dev/zero of=/file bs=1k count=100 +-# losetup -e des /dev/loop0 /file +-Password: +-Init (up to 16 hex digits): +-# mkfs -t ext2 /dev/loop0 100 +-# mount -t ext2 /dev/loop0 /mnt ++ ++dd if=/dev/zero of=/file bs=1k count=500 ++head -c 2925 /dev/random | uuencode -m - | head -n 66 \\ ++ | tail -n 65 | gpg --symmetric -a >/etc/fskey9.gpg ++losetup -e AES128 -K /etc/fskey9.gpg /dev/loop0 /file ++mkfs -t ext2 /dev/loop0 ++mount -t ext2 /dev/loop0 /mnt + ... +-# umount /dev/loop0 +-# losetup -d /dev/loop0 +-.fi +-.LP +-If you are using the loadable module you may remove the module with +-the command +-.IP +-# rmmod loop +-.LP ++umount /dev/loop0 ++losetup -d /dev/loop0 + .fi + .SH RESTRICTION +-DES encryption is painfully slow. On the other hand, XOR is terribly weak. +-.\" .SH AUTHORS +-.\" .nf +-.\" Original version: Theodore Ts'o +-.\" Original DES by: Eric Young +-.\" .fi ++XOR encryption is terribly weak. ++.SH AUTHORS ++.nf ++Original version: Theodore Ts'o ++AES support: Jari Ruusu ++.fi +--- util-linux-2.12q/mount/loumount.c ++++ util-linux-2.12q/mount/loumount.c +@@ -0,0 +1,60 @@ ++/* ++ * loumount.c ++ * ++ * This code was extracted to separate file from lomount.c so that umount ++ * program doesn't have to link with all loop related setup code ++ */ ++ ++#define LOOPMAJOR 7 ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include "loop.h" ++#include "lomount.h" ++#include "xstrncpy.h" ++#include "nls.h" ++ ++int ++is_loop_device (const char *device) { ++ struct stat statbuf; ++ ++ return (stat(device, &statbuf) == 0 && ++ S_ISBLK(statbuf.st_mode) && ++ major(statbuf.st_rdev) == LOOPMAJOR); ++} ++ ++int ++del_loop (const char *device) { ++ int fd; ++ ++ if ((fd = open (device, O_RDONLY)) < 0) { ++ int errsv = errno; ++ fprintf(stderr, _("loop: can't delete device %s: %s\n"), ++ device, strerror (errsv)); ++ return 1; ++ } ++ if (ioctl (fd, LOOP_CLR_FD, 0) < 0) { ++ perror ("ioctl: LOOP_CLR_FD"); ++ return 1; ++ } ++ close (fd); ++ if (verbose > 1) ++ printf(_("del_loop(%s): success\n"), device); ++ return 0; ++} +--- util-linux-2.12q/mount/Makefile ++++ util-linux-2.12q/mount/Makefile +@@ -29,7 +29,6 @@ + + MAYBE = pivot_root swapoff + +-LO_OBJS = lomount.o $(LIB)/xstrncpy.o + NFS_OBJS = nfsmount.o nfsmount_xdr.o nfsmount_clnt.o + GEN_FILES = nfsmount.h nfsmount_xdr.c nfsmount_clnt.c + +@@ -49,24 +48,33 @@ + + mount: mount.o fstab.o sundries.o xmalloc.o realpath.o mntent.o version.o \ + get_label_uuid.o mount_by_label.o mount_blkid.o mount_guess_fstype.o \ +- getusername.o $(LIB)/setproctitle.o $(LIB)/env.o $(NFS_OBJS) $(LO_OBJS) ++ getusername.o $(LIB)/setproctitle.o $(LIB)/env.o $(NFS_OBJS) lomount.o \ ++ loumount.o loop.o sha512.o rmd160.o aes.o $(LIB)/xstrncpy.o + $(LINK) $^ -o $@ $(BLKID_LIB) + + umount: umount.o fstab.o sundries.o xmalloc.o realpath.o mntent.o \ + getusername.o get_label_uuid.o mount_by_label.o mount_blkid.o \ +- version.o $(LIB)/env.o $(LO_OBJS) ++ version.o $(LIB)/env.o loumount.o + $(LINK) $^ -o $@ $(BLKID_LIB) + + swapon: swapon.o version.o xmalloc.o \ +- get_label_uuid.o mount_by_label.o mount_blkid.o ++ get_label_uuid.o mount_by_label.o mount_blkid.o loop.o sha512.o $(LIB)/xstrncpy.o + $(LINK) $^ -o $@ $(BLKID_LIB) + + main_losetup.o: lomount.c + $(COMPILE) -DMAIN lomount.c -o $@ + +-losetup: main_losetup.o $(LIB)/xstrncpy.o ++losetup: main_losetup.o loumount.o loop.o sha512.o rmd160.o aes.o $(LIB)/xstrncpy.o + $(LINK) $^ -o $@ + ++loop.o lomount.o main_losetup.o swapon.o: loop.h ++ ++sha512.o lomount.o main_losetup.o swapon.o: sha512.h ++ ++rmd160.o lomount.o main_losetup.o: rmd160.h ++ ++aes.o lomount.o main_losetup.o: aes.h ++ + mount.o umount.o nfsmount.o losetup.o fstab.o realpath.o sundries.o: sundries.h + + mount.o umount.o fstab.o sundries.o: fstab.h +@@ -79,9 +87,9 @@ + + mount.o umount.o getusername.o: getusername.h + +-mount.o umount.o losetup.o lomount.o: lomount.h loop.h my_dev_t.h ++mount.o umount.o losetup.o lomount.o loumount.o: lomount.h loop.h + +-swapon.o: swap_constants.h swapargs.h ++swapon.o: swap_constants.h swapargs.h loop.h + + sundries.o nfsmount.o nfsmount_xdr.o nfsmount_clnt.o: nfsmount.h + +--- util-linux-2.12q/mount/mount.8 ++++ util-linux-2.12q/mount/mount.8 +@@ -281,6 +281,16 @@ + .B \-v + Verbose mode. + .TP ++.B \-p "\fIpasswdfd\fP" ++If the mount requires a passphrase to be entered, read it from file ++descriptor \fIpasswdfd\fP instead of from the terminal. If mount uses ++encrypted loop device and gpgkey= mount option is not being used (no gpg key ++file), then mount attempts to read 65 keys from \fIpasswdfd\fP, each key at ++least 20 characters and separated by newline. If mount successfully reads 64 ++or 65 keys, then loop device is put to multi-key mode. If mount encounters ++end-of-file before 64 keys are read, then only first key is used in ++single-key mode. ++.TP + .B \-a + Mount all filesystems (of the given types) mentioned in + .IR fstab . +@@ -328,12 +338,6 @@ + .I /etc + is on a read-only file system. + .TP +-.BI \-p " num" +-In case of a loop mount with encryption, read the passphrase from +-file descriptor +-.I num +-instead of from the terminal. +-.TP + .B \-s + Tolerate sloppy mount options rather than failing. This will ignore + mount options not supported by a filesystem type. Not all filesystems +@@ -1841,13 +1845,17 @@ + and then mount this device on + .IR /mnt . + +-This type of mount knows about three options, namely +-.BR loop ", " offset " and " encryption , ++This type of mount knows about 10 options, namely ++.BR loop ", " offset ", " sizelimit ", " encryption ", " pseed ", " phash ", " loinit ", " gpgkey ", " gpghome " and " itercountk + that are really options to + .BR \%losetup (8). + (These options can be used in addition to those specific + to the filesystem type.) + ++If the mount requires a passphrase, you will be prompted for one unless you ++specify a file descriptor to read from instead with the ++.BR \-p ++option. + If no explicit loop device is mentioned + (but just an option `\fB\-o loop\fP' is given), then + .B mount +--- util-linux-2.12q/mount/mount.c ++++ util-linux-2.12q/mount/mount.c +@@ -11,6 +11,7 @@ + #include + #include + #include ++#include + + #include + #include +@@ -80,9 +81,6 @@ + /* True if ruid != euid. */ + static int suid = 0; + +-/* Contains the fd to read the passphrase from, if any. */ +-static int pfd = -1; +- + /* Map from -o and fstab option strings to the flag argument to mount(2). */ + struct opt_map { + const char *opt; /* option name */ +@@ -167,7 +165,7 @@ + { NULL, 0, 0, 0 } + }; + +-static const char *opt_loopdev, *opt_vfstype, *opt_offset, *opt_encryption, ++static const char *opt_loopdev, *opt_vfstype, + *opt_speed, *opt_comment; + + static struct string_opt_map { +@@ -177,8 +175,15 @@ + } string_opt_map[] = { + { "loop=", 0, &opt_loopdev }, + { "vfs=", 1, &opt_vfstype }, +- { "offset=", 0, &opt_offset }, +- { "encryption=", 0, &opt_encryption }, ++ { "pseed=", 1, (const char **)&passSeedString }, ++ { "phash=", 0, (const char **)&passHashFuncName }, ++ { "loinit=", 0, (const char **)&loInitValue }, ++ { "gpgkey=", 0, (const char **)&gpgKeyFile }, ++ { "gpghome=", 0, (const char **)&gpgHomeDir }, ++ { "itercountk=", 1, (const char **)&passIterThousands }, ++ { "offset=", 0, (const char **)&loopOffsetBytes }, ++ { "sizelimit=", 0, (const char **)&loopSizeBytes }, ++ { "encryption=", 0, (const char **)&loopEncryptionType }, + { "speed=", 0, &opt_speed }, + { "comment=", 1, &opt_comment }, + { NULL, 0, NULL } +@@ -580,9 +585,8 @@ + + static int + loop_check(const char **spec, const char **type, int *flags, +- int *loop, const char **loopdev, const char **loopfile) { ++ int *loop, const char **loopdev, const char **loopfile, unsigned int *AutoChmodPtr) { + int looptype; +- unsigned long long offset; + + /* + * In the case of a loop mount, either type is of the form lo@/dev/loop5 +@@ -607,7 +611,7 @@ + *type = opt_vfstype; + } + +- *loop = ((*flags & MS_LOOP) || *loopdev || opt_offset || opt_encryption); ++ *loop = ((*flags & MS_LOOP) || *loopdev || loopOffsetBytes || loopSizeBytes || loopEncryptionType); + *loopfile = *spec; + + if (*loop) { +@@ -624,9 +628,7 @@ + return EX_SYSERR; /* no more loop devices */ + if (verbose) + printf(_("mount: going to use the loop device %s\n"), *loopdev); +- offset = opt_offset ? strtoull(opt_offset, NULL, 0) : 0; +- if (set_loop(*loopdev, *loopfile, offset, +- opt_encryption, pfd, &loopro)) { ++ if (set_loop (*loopdev, *loopfile, &loopro, type, AutoChmodPtr)) { + if (verbose) + printf(_("mount: failed setting up loop device\n")); + return EX_FAIL; +@@ -687,14 +689,6 @@ + } + + static void +-set_pfd(char *s) { +- if (!isdigit(*s)) +- die(EX_USAGE, +- _("mount: argument to -p or --pass-fd must be a number")); +- pfd = atoi(optarg); +-} +- +-static void + cdrom_setspeed(const char *spec) { + #define CDROM_SELECT_SPEED 0x5322 /* Set the CD-ROM speed */ + if (opt_speed) { +@@ -788,6 +782,7 @@ + const char *opts, *spec, *node, *types; + char *user = 0; + int loop = 0; ++ unsigned int LoopMountAutomaticChmod = 0; + const char *loopdev = 0, *loopfile = 0; + struct stat statbuf; + int nfs_mount_version = 0; /* any version */ +@@ -820,7 +815,7 @@ + * stale assignments of files to loop devices. Nasty when used for + * encryption. + */ +- res = loop_check(&spec, &types, &flags, &loop, &loopdev, &loopfile); ++ res = loop_check(&spec, &types, &flags, &loop, &loopdev, &loopfile, &LoopMountAutomaticChmod); + if (res) + goto out; + } +@@ -855,9 +850,20 @@ + + block_signals (SIG_BLOCK); + +- if (!fake) ++ if (!fake) { + mnt5_res = guess_fstype_and_mount (spec, node, &types, flags & ~MS_NOSYS, + mount_opts); ++ if(!mnt5_res && LoopMountAutomaticChmod && (getuid() == 0)) { ++ /* ++ * If loop was set up using random keys and new file system ++ * was created on the loop device, initial permissions for ++ * file system root directory need to be set here. ++ */ ++ if(chmod(node, LoopMountAutomaticChmod)) { ++ error (_("Error: encrypted file system chmod() failed")); ++ } ++ } ++ } + + if (fake || mnt5_res == 0) { + /* Mount succeeded, report this (if verbose) and write mtab entry. */ +@@ -1530,8 +1536,8 @@ + else + test_opts = xstrdup(optarg); + break; +- case 'p': /* fd on which to read passwd */ +- set_pfd(optarg); ++ case 'p': /* read passphrase from given fd */ ++ passFDnumber = optarg; + break; + case 'r': /* mount readonly */ + readonly = 1; +--- util-linux-2.12q/mount/rmd160.c ++++ util-linux-2.12q/mount/rmd160.c +@@ -0,0 +1,532 @@ ++/* rmd160.c - RIPE-MD160 ++ * Copyright (C) 1998 Free Software Foundation, Inc. ++ */ ++ ++/* This file was part of GnuPG. Modified for use within the Linux ++ * mount utility by Marc Mutz . None of this code is ++ * by myself. I just removed everything that you don't need when all ++ * you want to do is to use rmd160_hash_buffer(). ++ * My comments are marked with (mm). */ ++ ++/* GnuPG is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuPG is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ ++ ++#include /* (mm) for memcpy */ ++#include /* (mm) for BIG_ENDIAN and BYTE_ORDER */ ++#include "rmd160.h" ++ ++/* (mm) these are used by the original GnuPG file. In order to modify ++ * that file not too much, we keep the notations. maybe it would be ++ * better to include linux/types.h and typedef __u32 to u32 and __u8 ++ * to byte? */ ++typedef unsigned int u32; /* taken from e.g. util-linux's minix.h */ ++typedef unsigned char byte; ++ ++typedef struct { ++ u32 h0,h1,h2,h3,h4; ++ u32 nblocks; ++ byte buf[64]; ++ int count; ++} RMD160_CONTEXT; ++ ++/**************** ++ * Rotate a 32 bit integer by n bytes ++ */ ++#if defined(__GNUC__) && defined(__i386__) ++static inline u32 ++rol( u32 x, int n) ++{ ++ __asm__("roll %%cl,%0" ++ :"=r" (x) ++ :"0" (x),"c" (n)); ++ return x; ++} ++#else ++ #define rol(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) ) ++#endif ++ ++/********************************* ++ * RIPEMD-160 is not patented, see (as of 25.10.97) ++ * http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html ++ * Note that the code uses Little Endian byteorder, which is good for ++ * 386 etc, but we must add some conversion when used on a big endian box. ++ * ++ * ++ * Pseudo-code for RIPEMD-160 ++ * ++ * RIPEMD-160 is an iterative hash function that operates on 32-bit words. ++ * The round function takes as input a 5-word chaining variable and a 16-word ++ * message block and maps this to a new chaining variable. All operations are ++ * defined on 32-bit words. Padding is identical to that of MD4. ++ * ++ * ++ * RIPEMD-160: definitions ++ * ++ * ++ * nonlinear functions at bit level: exor, mux, -, mux, - ++ * ++ * f(j, x, y, z) = x XOR y XOR z (0 <= j <= 15) ++ * f(j, x, y, z) = (x AND y) OR (NOT(x) AND z) (16 <= j <= 31) ++ * f(j, x, y, z) = (x OR NOT(y)) XOR z (32 <= j <= 47) ++ * f(j, x, y, z) = (x AND z) OR (y AND NOT(z)) (48 <= j <= 63) ++ * f(j, x, y, z) = x XOR (y OR NOT(z)) (64 <= j <= 79) ++ * ++ * ++ * added constants (hexadecimal) ++ * ++ * K(j) = 0x00000000 (0 <= j <= 15) ++ * K(j) = 0x5A827999 (16 <= j <= 31) int(2**30 x sqrt(2)) ++ * K(j) = 0x6ED9EBA1 (32 <= j <= 47) int(2**30 x sqrt(3)) ++ * K(j) = 0x8F1BBCDC (48 <= j <= 63) int(2**30 x sqrt(5)) ++ * K(j) = 0xA953FD4E (64 <= j <= 79) int(2**30 x sqrt(7)) ++ * K'(j) = 0x50A28BE6 (0 <= j <= 15) int(2**30 x cbrt(2)) ++ * K'(j) = 0x5C4DD124 (16 <= j <= 31) int(2**30 x cbrt(3)) ++ * K'(j) = 0x6D703EF3 (32 <= j <= 47) int(2**30 x cbrt(5)) ++ * K'(j) = 0x7A6D76E9 (48 <= j <= 63) int(2**30 x cbrt(7)) ++ * K'(j) = 0x00000000 (64 <= j <= 79) ++ * ++ * ++ * selection of message word ++ * ++ * r(j) = j (0 <= j <= 15) ++ * r(16..31) = 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8 ++ * r(32..47) = 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12 ++ * r(48..63) = 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2 ++ * r(64..79) = 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13 ++ * r0(0..15) = 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12 ++ * r0(16..31)= 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2 ++ * r0(32..47)= 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13 ++ * r0(48..63)= 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14 ++ * r0(64..79)= 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11 ++ * ++ * ++ * amount for rotate left (rol) ++ * ++ * s(0..15) = 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8 ++ * s(16..31) = 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12 ++ * s(32..47) = 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5 ++ * s(48..63) = 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12 ++ * s(64..79) = 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6 ++ * s'(0..15) = 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6 ++ * s'(16..31)= 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11 ++ * s'(32..47)= 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5 ++ * s'(48..63)= 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8 ++ * s'(64..79)= 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11 ++ * ++ * ++ * initial value (hexadecimal) ++ * ++ * h0 = 0x67452301; h1 = 0xEFCDAB89; h2 = 0x98BADCFE; h3 = 0x10325476; ++ * h4 = 0xC3D2E1F0; ++ * ++ * ++ * RIPEMD-160: pseudo-code ++ * ++ * It is assumed that the message after padding consists of t 16-word blocks ++ * that will be denoted with X[i][j], with 0 <= i <= t-1 and 0 <= j <= 15. ++ * The symbol [+] denotes addition modulo 2**32 and rol_s denotes cyclic left ++ * shift (rotate) over s positions. ++ * ++ * ++ * for i := 0 to t-1 { ++ * A := h0; B := h1; C := h2; D = h3; E = h4; ++ * A' := h0; B' := h1; C' := h2; D' = h3; E' = h4; ++ * for j := 0 to 79 { ++ * T := rol_s(j)(A [+] f(j, B, C, D) [+] X[i][r(j)] [+] K(j)) [+] E; ++ * A := E; E := D; D := rol_10(C); C := B; B := T; ++ * T := rol_s'(j)(A' [+] f(79-j, B', C', D') [+] X[i][r'(j)] ++ [+] K'(j)) [+] E'; ++ * A' := E'; E' := D'; D' := rol_10(C'); C' := B'; B' := T; ++ * } ++ * T := h1 [+] C [+] D'; h1 := h2 [+] D [+] E'; h2 := h3 [+] E [+] A'; ++ * h3 := h4 [+] A [+] B'; h4 := h0 [+] B [+] C'; h0 := T; ++ * } ++ */ ++ ++/* Some examples: ++ * "" 9c1185a5c5e9fc54612808977ee8f548b2258d31 ++ * "a" 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe ++ * "abc" 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc ++ * "message digest" 5d0689ef49d2fae572b881b123a85ffa21595f36 ++ * "a...z" f71c27109c692c1b56bbdceb5b9d2865b3708dbc ++ * "abcdbcde...nopq" 12a053384a9c0c88e405a06c27dcf49ada62eb2b ++ * "A...Za...z0...9" b0e20b6e3116640286ed3a87a5713079b21f5189 ++ * 8 times "1234567890" 9b752e45573d4b39f4dbd3323cab82bf63326bfb ++ * 1 million times "a" 52783243c1697bdbe16d37f97f68f08325dc1528 ++ */ ++ ++ ++static void ++rmd160_init( RMD160_CONTEXT *hd ) ++{ ++ hd->h0 = 0x67452301; ++ hd->h1 = 0xEFCDAB89; ++ hd->h2 = 0x98BADCFE; ++ hd->h3 = 0x10325476; ++ hd->h4 = 0xC3D2E1F0; ++ hd->nblocks = 0; ++ hd->count = 0; ++} ++ ++ ++ ++/**************** ++ * Transform the message X which consists of 16 32-bit-words ++ */ ++static void ++transform( RMD160_CONTEXT *hd, byte *data ) ++{ ++ u32 a,b,c,d,e,aa,bb,cc,dd,ee,t; ++ #if BYTE_ORDER == BIG_ENDIAN ++ u32 x[16]; ++ { int i; ++ byte *p2, *p1; ++ for(i=0, p1=data, p2=(byte*)x; i < 16; i++, p2 += 4 ) { ++ p2[3] = *p1++; ++ p2[2] = *p1++; ++ p2[1] = *p1++; ++ p2[0] = *p1++; ++ } ++ } ++ #else ++ #if 0 ++ u32 *x =(u32*)data; ++ #else ++ /* this version is better because it is always aligned; ++ * The performance penalty on a 586-100 is about 6% which ++ * is acceptable - because the data is more local it might ++ * also be possible that this is faster on some machines. ++ * This function (when compiled with -02 on gcc 2.7.2) ++ * executes on a 586-100 (39.73 bogomips) at about 1900kb/sec; ++ * [measured with a 4MB data and "gpgm --print-md rmd160"] */ ++ u32 x[16]; ++ memcpy( x, data, 64 ); ++ #endif ++ #endif ++ ++ ++#define K0 0x00000000 ++#define K1 0x5A827999 ++#define K2 0x6ED9EBA1 ++#define K3 0x8F1BBCDC ++#define K4 0xA953FD4E ++#define KK0 0x50A28BE6 ++#define KK1 0x5C4DD124 ++#define KK2 0x6D703EF3 ++#define KK3 0x7A6D76E9 ++#define KK4 0x00000000 ++#define F0(x,y,z) ( (x) ^ (y) ^ (z) ) ++#define F1(x,y,z) ( ((x) & (y)) | (~(x) & (z)) ) ++#define F2(x,y,z) ( ((x) | ~(y)) ^ (z) ) ++#define F3(x,y,z) ( ((x) & (z)) | ((y) & ~(z)) ) ++#define F4(x,y,z) ( (x) ^ ((y) | ~(z)) ) ++#define R(a,b,c,d,e,f,k,r,s) do { t = a + f(b,c,d) + k + x[r]; \ ++ a = rol(t,s) + e; \ ++ c = rol(c,10); \ ++ } while(0) ++ ++ /* left lane */ ++ a = hd->h0; ++ b = hd->h1; ++ c = hd->h2; ++ d = hd->h3; ++ e = hd->h4; ++ R( a, b, c, d, e, F0, K0, 0, 11 ); ++ R( e, a, b, c, d, F0, K0, 1, 14 ); ++ R( d, e, a, b, c, F0, K0, 2, 15 ); ++ R( c, d, e, a, b, F0, K0, 3, 12 ); ++ R( b, c, d, e, a, F0, K0, 4, 5 ); ++ R( a, b, c, d, e, F0, K0, 5, 8 ); ++ R( e, a, b, c, d, F0, K0, 6, 7 ); ++ R( d, e, a, b, c, F0, K0, 7, 9 ); ++ R( c, d, e, a, b, F0, K0, 8, 11 ); ++ R( b, c, d, e, a, F0, K0, 9, 13 ); ++ R( a, b, c, d, e, F0, K0, 10, 14 ); ++ R( e, a, b, c, d, F0, K0, 11, 15 ); ++ R( d, e, a, b, c, F0, K0, 12, 6 ); ++ R( c, d, e, a, b, F0, K0, 13, 7 ); ++ R( b, c, d, e, a, F0, K0, 14, 9 ); ++ R( a, b, c, d, e, F0, K0, 15, 8 ); ++ R( e, a, b, c, d, F1, K1, 7, 7 ); ++ R( d, e, a, b, c, F1, K1, 4, 6 ); ++ R( c, d, e, a, b, F1, K1, 13, 8 ); ++ R( b, c, d, e, a, F1, K1, 1, 13 ); ++ R( a, b, c, d, e, F1, K1, 10, 11 ); ++ R( e, a, b, c, d, F1, K1, 6, 9 ); ++ R( d, e, a, b, c, F1, K1, 15, 7 ); ++ R( c, d, e, a, b, F1, K1, 3, 15 ); ++ R( b, c, d, e, a, F1, K1, 12, 7 ); ++ R( a, b, c, d, e, F1, K1, 0, 12 ); ++ R( e, a, b, c, d, F1, K1, 9, 15 ); ++ R( d, e, a, b, c, F1, K1, 5, 9 ); ++ R( c, d, e, a, b, F1, K1, 2, 11 ); ++ R( b, c, d, e, a, F1, K1, 14, 7 ); ++ R( a, b, c, d, e, F1, K1, 11, 13 ); ++ R( e, a, b, c, d, F1, K1, 8, 12 ); ++ R( d, e, a, b, c, F2, K2, 3, 11 ); ++ R( c, d, e, a, b, F2, K2, 10, 13 ); ++ R( b, c, d, e, a, F2, K2, 14, 6 ); ++ R( a, b, c, d, e, F2, K2, 4, 7 ); ++ R( e, a, b, c, d, F2, K2, 9, 14 ); ++ R( d, e, a, b, c, F2, K2, 15, 9 ); ++ R( c, d, e, a, b, F2, K2, 8, 13 ); ++ R( b, c, d, e, a, F2, K2, 1, 15 ); ++ R( a, b, c, d, e, F2, K2, 2, 14 ); ++ R( e, a, b, c, d, F2, K2, 7, 8 ); ++ R( d, e, a, b, c, F2, K2, 0, 13 ); ++ R( c, d, e, a, b, F2, K2, 6, 6 ); ++ R( b, c, d, e, a, F2, K2, 13, 5 ); ++ R( a, b, c, d, e, F2, K2, 11, 12 ); ++ R( e, a, b, c, d, F2, K2, 5, 7 ); ++ R( d, e, a, b, c, F2, K2, 12, 5 ); ++ R( c, d, e, a, b, F3, K3, 1, 11 ); ++ R( b, c, d, e, a, F3, K3, 9, 12 ); ++ R( a, b, c, d, e, F3, K3, 11, 14 ); ++ R( e, a, b, c, d, F3, K3, 10, 15 ); ++ R( d, e, a, b, c, F3, K3, 0, 14 ); ++ R( c, d, e, a, b, F3, K3, 8, 15 ); ++ R( b, c, d, e, a, F3, K3, 12, 9 ); ++ R( a, b, c, d, e, F3, K3, 4, 8 ); ++ R( e, a, b, c, d, F3, K3, 13, 9 ); ++ R( d, e, a, b, c, F3, K3, 3, 14 ); ++ R( c, d, e, a, b, F3, K3, 7, 5 ); ++ R( b, c, d, e, a, F3, K3, 15, 6 ); ++ R( a, b, c, d, e, F3, K3, 14, 8 ); ++ R( e, a, b, c, d, F3, K3, 5, 6 ); ++ R( d, e, a, b, c, F3, K3, 6, 5 ); ++ R( c, d, e, a, b, F3, K3, 2, 12 ); ++ R( b, c, d, e, a, F4, K4, 4, 9 ); ++ R( a, b, c, d, e, F4, K4, 0, 15 ); ++ R( e, a, b, c, d, F4, K4, 5, 5 ); ++ R( d, e, a, b, c, F4, K4, 9, 11 ); ++ R( c, d, e, a, b, F4, K4, 7, 6 ); ++ R( b, c, d, e, a, F4, K4, 12, 8 ); ++ R( a, b, c, d, e, F4, K4, 2, 13 ); ++ R( e, a, b, c, d, F4, K4, 10, 12 ); ++ R( d, e, a, b, c, F4, K4, 14, 5 ); ++ R( c, d, e, a, b, F4, K4, 1, 12 ); ++ R( b, c, d, e, a, F4, K4, 3, 13 ); ++ R( a, b, c, d, e, F4, K4, 8, 14 ); ++ R( e, a, b, c, d, F4, K4, 11, 11 ); ++ R( d, e, a, b, c, F4, K4, 6, 8 ); ++ R( c, d, e, a, b, F4, K4, 15, 5 ); ++ R( b, c, d, e, a, F4, K4, 13, 6 ); ++ ++ aa = a; bb = b; cc = c; dd = d; ee = e; ++ ++ /* right lane */ ++ a = hd->h0; ++ b = hd->h1; ++ c = hd->h2; ++ d = hd->h3; ++ e = hd->h4; ++ R( a, b, c, d, e, F4, KK0, 5, 8); ++ R( e, a, b, c, d, F4, KK0, 14, 9); ++ R( d, e, a, b, c, F4, KK0, 7, 9); ++ R( c, d, e, a, b, F4, KK0, 0, 11); ++ R( b, c, d, e, a, F4, KK0, 9, 13); ++ R( a, b, c, d, e, F4, KK0, 2, 15); ++ R( e, a, b, c, d, F4, KK0, 11, 15); ++ R( d, e, a, b, c, F4, KK0, 4, 5); ++ R( c, d, e, a, b, F4, KK0, 13, 7); ++ R( b, c, d, e, a, F4, KK0, 6, 7); ++ R( a, b, c, d, e, F4, KK0, 15, 8); ++ R( e, a, b, c, d, F4, KK0, 8, 11); ++ R( d, e, a, b, c, F4, KK0, 1, 14); ++ R( c, d, e, a, b, F4, KK0, 10, 14); ++ R( b, c, d, e, a, F4, KK0, 3, 12); ++ R( a, b, c, d, e, F4, KK0, 12, 6); ++ R( e, a, b, c, d, F3, KK1, 6, 9); ++ R( d, e, a, b, c, F3, KK1, 11, 13); ++ R( c, d, e, a, b, F3, KK1, 3, 15); ++ R( b, c, d, e, a, F3, KK1, 7, 7); ++ R( a, b, c, d, e, F3, KK1, 0, 12); ++ R( e, a, b, c, d, F3, KK1, 13, 8); ++ R( d, e, a, b, c, F3, KK1, 5, 9); ++ R( c, d, e, a, b, F3, KK1, 10, 11); ++ R( b, c, d, e, a, F3, KK1, 14, 7); ++ R( a, b, c, d, e, F3, KK1, 15, 7); ++ R( e, a, b, c, d, F3, KK1, 8, 12); ++ R( d, e, a, b, c, F3, KK1, 12, 7); ++ R( c, d, e, a, b, F3, KK1, 4, 6); ++ R( b, c, d, e, a, F3, KK1, 9, 15); ++ R( a, b, c, d, e, F3, KK1, 1, 13); ++ R( e, a, b, c, d, F3, KK1, 2, 11); ++ R( d, e, a, b, c, F2, KK2, 15, 9); ++ R( c, d, e, a, b, F2, KK2, 5, 7); ++ R( b, c, d, e, a, F2, KK2, 1, 15); ++ R( a, b, c, d, e, F2, KK2, 3, 11); ++ R( e, a, b, c, d, F2, KK2, 7, 8); ++ R( d, e, a, b, c, F2, KK2, 14, 6); ++ R( c, d, e, a, b, F2, KK2, 6, 6); ++ R( b, c, d, e, a, F2, KK2, 9, 14); ++ R( a, b, c, d, e, F2, KK2, 11, 12); ++ R( e, a, b, c, d, F2, KK2, 8, 13); ++ R( d, e, a, b, c, F2, KK2, 12, 5); ++ R( c, d, e, a, b, F2, KK2, 2, 14); ++ R( b, c, d, e, a, F2, KK2, 10, 13); ++ R( a, b, c, d, e, F2, KK2, 0, 13); ++ R( e, a, b, c, d, F2, KK2, 4, 7); ++ R( d, e, a, b, c, F2, KK2, 13, 5); ++ R( c, d, e, a, b, F1, KK3, 8, 15); ++ R( b, c, d, e, a, F1, KK3, 6, 5); ++ R( a, b, c, d, e, F1, KK3, 4, 8); ++ R( e, a, b, c, d, F1, KK3, 1, 11); ++ R( d, e, a, b, c, F1, KK3, 3, 14); ++ R( c, d, e, a, b, F1, KK3, 11, 14); ++ R( b, c, d, e, a, F1, KK3, 15, 6); ++ R( a, b, c, d, e, F1, KK3, 0, 14); ++ R( e, a, b, c, d, F1, KK3, 5, 6); ++ R( d, e, a, b, c, F1, KK3, 12, 9); ++ R( c, d, e, a, b, F1, KK3, 2, 12); ++ R( b, c, d, e, a, F1, KK3, 13, 9); ++ R( a, b, c, d, e, F1, KK3, 9, 12); ++ R( e, a, b, c, d, F1, KK3, 7, 5); ++ R( d, e, a, b, c, F1, KK3, 10, 15); ++ R( c, d, e, a, b, F1, KK3, 14, 8); ++ R( b, c, d, e, a, F0, KK4, 12, 8); ++ R( a, b, c, d, e, F0, KK4, 15, 5); ++ R( e, a, b, c, d, F0, KK4, 10, 12); ++ R( d, e, a, b, c, F0, KK4, 4, 9); ++ R( c, d, e, a, b, F0, KK4, 1, 12); ++ R( b, c, d, e, a, F0, KK4, 5, 5); ++ R( a, b, c, d, e, F0, KK4, 8, 14); ++ R( e, a, b, c, d, F0, KK4, 7, 6); ++ R( d, e, a, b, c, F0, KK4, 6, 8); ++ R( c, d, e, a, b, F0, KK4, 2, 13); ++ R( b, c, d, e, a, F0, KK4, 13, 6); ++ R( a, b, c, d, e, F0, KK4, 14, 5); ++ R( e, a, b, c, d, F0, KK4, 0, 15); ++ R( d, e, a, b, c, F0, KK4, 3, 13); ++ R( c, d, e, a, b, F0, KK4, 9, 11); ++ R( b, c, d, e, a, F0, KK4, 11, 11); ++ ++ ++ t = hd->h1 + d + cc; ++ hd->h1 = hd->h2 + e + dd; ++ hd->h2 = hd->h3 + a + ee; ++ hd->h3 = hd->h4 + b + aa; ++ hd->h4 = hd->h0 + c + bb; ++ hd->h0 = t; ++} ++ ++ ++/* Update the message digest with the contents ++ * of INBUF with length INLEN. ++ */ ++static void ++rmd160_write( RMD160_CONTEXT *hd, byte *inbuf, size_t inlen) ++{ ++ if( hd->count == 64 ) { /* flush the buffer */ ++ transform( hd, hd->buf ); ++ hd->count = 0; ++ hd->nblocks++; ++ } ++ if( !inbuf ) ++ return; ++ if( hd->count ) { ++ for( ; inlen && hd->count < 64; inlen-- ) ++ hd->buf[hd->count++] = *inbuf++; ++ rmd160_write( hd, NULL, 0 ); ++ if( !inlen ) ++ return; ++ } ++ ++ while( inlen >= 64 ) { ++ transform( hd, inbuf ); ++ hd->count = 0; ++ hd->nblocks++; ++ inlen -= 64; ++ inbuf += 64; ++ } ++ for( ; inlen && hd->count < 64; inlen-- ) ++ hd->buf[hd->count++] = *inbuf++; ++} ++ ++/* The routine terminates the computation ++ */ ++ ++static void ++rmd160_final( RMD160_CONTEXT *hd ) ++{ ++ u32 t, msb, lsb; ++ byte *p; ++ ++ rmd160_write(hd, NULL, 0); /* flush */; ++ ++ msb = 0; ++ t = hd->nblocks; ++ if( (lsb = t << 6) < t ) /* multiply by 64 to make a byte count */ ++ msb++; ++ msb += t >> 26; ++ t = lsb; ++ if( (lsb = t + hd->count) < t ) /* add the count */ ++ msb++; ++ t = lsb; ++ if( (lsb = t << 3) < t ) /* multiply by 8 to make a bit count */ ++ msb++; ++ msb += t >> 29; ++ ++ if( hd->count < 56 ) { /* enough room */ ++ hd->buf[hd->count++] = 0x80; /* pad */ ++ while( hd->count < 56 ) ++ hd->buf[hd->count++] = 0; /* pad */ ++ } ++ else { /* need one extra block */ ++ hd->buf[hd->count++] = 0x80; /* pad character */ ++ while( hd->count < 64 ) ++ hd->buf[hd->count++] = 0; ++ rmd160_write(hd, NULL, 0); /* flush */; ++ memset(hd->buf, 0, 56 ); /* fill next block with zeroes */ ++ } ++ /* append the 64 bit count */ ++ hd->buf[56] = lsb ; ++ hd->buf[57] = lsb >> 8; ++ hd->buf[58] = lsb >> 16; ++ hd->buf[59] = lsb >> 24; ++ hd->buf[60] = msb ; ++ hd->buf[61] = msb >> 8; ++ hd->buf[62] = msb >> 16; ++ hd->buf[63] = msb >> 24; ++ transform( hd, hd->buf ); ++ ++ p = hd->buf; ++ #if BYTE_ORDER == BIG_ENDIAN ++ #define X(a) do { *p++ = hd->h##a ; *p++ = hd->h##a >> 8; \ ++ *p++ = hd->h##a >> 16; *p++ = hd->h##a >> 24; } while(0) ++ #else /* little endian */ ++ #define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0) ++ #endif ++ X(0); ++ X(1); ++ X(2); ++ X(3); ++ X(4); ++ #undef X ++} ++ ++/**************** ++ * Shortcut functions which puts the hash value of the supplied buffer ++ * into outbuf which must have a size of 20 bytes. ++ */ ++void ++rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ) ++{ ++ RMD160_CONTEXT hd; ++ ++ rmd160_init( &hd ); ++ rmd160_write( &hd, (byte*)buffer, length ); ++ rmd160_final( &hd ); ++ memcpy( outbuf, hd.buf, 20 ); ++} +--- util-linux-2.12q/mount/rmd160.h ++++ util-linux-2.12q/mount/rmd160.h +@@ -0,0 +1,9 @@ ++#ifndef RMD160_H ++#define RMD160_H ++ ++void ++rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ); ++ ++#endif /*RMD160_H*/ ++ ++ +--- util-linux-2.12q/mount/sha512.c ++++ util-linux-2.12q/mount/sha512.c +@@ -0,0 +1,432 @@ ++/* ++ * sha512.c ++ * ++ * Written by Jari Ruusu, April 16 2001 ++ * ++ * Copyright 2001 by Jari Ruusu. ++ * Redistribution of this file is permitted under the GNU Public License. ++ */ ++ ++#include ++#include ++#include "sha512.h" ++ ++/* Define one or more of these. If none is defined, you get all of them */ ++#if !defined(SHA256_NEEDED)&&!defined(SHA512_NEEDED)&&!defined(SHA384_NEEDED) ++# define SHA256_NEEDED 1 ++# define SHA512_NEEDED 1 ++# define SHA384_NEEDED 1 ++#endif ++ ++#if defined(SHA256_NEEDED) ++static const u_int32_t sha256_hashInit[8] = { ++ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, ++ 0x1f83d9ab, 0x5be0cd19 ++}; ++static const u_int32_t sha256_K[64] = { ++ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, ++ 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, ++ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, ++ 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, ++ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, ++ 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, ++ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, ++ 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, ++ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, ++ 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, ++ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 ++}; ++#endif ++ ++#if defined(SHA512_NEEDED) ++static const u_int64_t sha512_hashInit[8] = { ++ 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, 0x3c6ef372fe94f82bULL, ++ 0xa54ff53a5f1d36f1ULL, 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL, ++ 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL ++}; ++#endif ++ ++#if defined(SHA384_NEEDED) ++static const u_int64_t sha384_hashInit[8] = { ++ 0xcbbb9d5dc1059ed8ULL, 0x629a292a367cd507ULL, 0x9159015a3070dd17ULL, ++ 0x152fecd8f70e5939ULL, 0x67332667ffc00b31ULL, 0x8eb44a8768581511ULL, ++ 0xdb0c2e0d64f98fa7ULL, 0x47b5481dbefa4fa4ULL ++}; ++#endif ++ ++#if defined(SHA512_NEEDED) || defined(SHA384_NEEDED) ++static const u_int64_t sha512_K[80] = { ++ 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, ++ 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, ++ 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL, ++ 0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, ++ 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL, ++ 0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, ++ 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL, ++ 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, ++ 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL, ++ 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, ++ 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL, ++ 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, ++ 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, ++ 0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, ++ 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL, ++ 0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, ++ 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL, ++ 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, ++ 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL, ++ 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, ++ 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL, ++ 0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, ++ 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL, ++ 0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, ++ 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL, ++ 0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, ++ 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL ++}; ++#endif ++ ++#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) ++#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) ++#define R(x,y) ((y) >> (x)) ++ ++#if defined(SHA256_NEEDED) ++void sha256_init(sha256_context *ctx) ++{ ++ memcpy(&ctx->sha_H[0], &sha256_hashInit[0], sizeof(ctx->sha_H)); ++ ctx->sha_blocks = 0; ++ ctx->sha_bufCnt = 0; ++} ++ ++#define S(x,y) (((y) >> (x)) | ((y) << (32 - (x)))) ++#define uSig0(x) ((S(2,(x))) ^ (S(13,(x))) ^ (S(22,(x)))) ++#define uSig1(x) ((S(6,(x))) ^ (S(11,(x))) ^ (S(25,(x)))) ++#define lSig0(x) ((S(7,(x))) ^ (S(18,(x))) ^ (R(3,(x)))) ++#define lSig1(x) ((S(17,(x))) ^ (S(19,(x))) ^ (R(10,(x)))) ++ ++static void sha256_transform(sha256_context *ctx, unsigned char *datap) ++{ ++ register int j; ++ u_int32_t a, b, c, d, e, f, g, h; ++ u_int32_t T1, T2, W[64], Wm2, Wm15; ++ ++ /* read the data, big endian byte order */ ++ j = 0; ++ do { ++ W[j] = (((u_int32_t)(datap[0]))<<24) | (((u_int32_t)(datap[1]))<<16) | ++ (((u_int32_t)(datap[2]))<<8 ) | ((u_int32_t)(datap[3])); ++ datap += 4; ++ } while(++j < 16); ++ ++ /* initialize variables a...h */ ++ a = ctx->sha_H[0]; ++ b = ctx->sha_H[1]; ++ c = ctx->sha_H[2]; ++ d = ctx->sha_H[3]; ++ e = ctx->sha_H[4]; ++ f = ctx->sha_H[5]; ++ g = ctx->sha_H[6]; ++ h = ctx->sha_H[7]; ++ ++ /* apply compression function */ ++ j = 0; ++ do { ++ if(j >= 16) { ++ Wm2 = W[j - 2]; ++ Wm15 = W[j - 15]; ++ W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16]; ++ } ++ T1 = h + uSig1(e) + Ch(e,f,g) + sha256_K[j] + W[j]; ++ T2 = uSig0(a) + Maj(a,b,c); ++ h = g; g = f; f = e; ++ e = d + T1; ++ d = c; c = b; b = a; ++ a = T1 + T2; ++ } while(++j < 64); ++ ++ /* compute intermediate hash value */ ++ ctx->sha_H[0] += a; ++ ctx->sha_H[1] += b; ++ ctx->sha_H[2] += c; ++ ctx->sha_H[3] += d; ++ ctx->sha_H[4] += e; ++ ctx->sha_H[5] += f; ++ ctx->sha_H[6] += g; ++ ctx->sha_H[7] += h; ++ ++ ctx->sha_blocks++; ++} ++ ++void sha256_write(sha256_context *ctx, unsigned char *datap, int length) ++{ ++ while(length > 0) { ++ if(!ctx->sha_bufCnt) { ++ while(length >= sizeof(ctx->sha_out)) { ++ sha256_transform(ctx, datap); ++ datap += sizeof(ctx->sha_out); ++ length -= sizeof(ctx->sha_out); ++ } ++ if(!length) return; ++ } ++ ctx->sha_out[ctx->sha_bufCnt] = *datap++; ++ length--; ++ if(++ctx->sha_bufCnt == sizeof(ctx->sha_out)) { ++ sha256_transform(ctx, &ctx->sha_out[0]); ++ ctx->sha_bufCnt = 0; ++ } ++ } ++} ++ ++void sha256_final(sha256_context *ctx) ++{ ++ register int j; ++ u_int64_t bitLength; ++ u_int32_t i; ++ unsigned char padByte, *datap; ++ ++ bitLength = (ctx->sha_blocks << 9) | (ctx->sha_bufCnt << 3); ++ padByte = 0x80; ++ sha256_write(ctx, &padByte, 1); ++ ++ /* pad extra space with zeroes */ ++ padByte = 0; ++ while(ctx->sha_bufCnt != 56) { ++ sha256_write(ctx, &padByte, 1); ++ } ++ ++ /* write bit length, big endian byte order */ ++ ctx->sha_out[56] = bitLength >> 56; ++ ctx->sha_out[57] = bitLength >> 48; ++ ctx->sha_out[58] = bitLength >> 40; ++ ctx->sha_out[59] = bitLength >> 32; ++ ctx->sha_out[60] = bitLength >> 24; ++ ctx->sha_out[61] = bitLength >> 16; ++ ctx->sha_out[62] = bitLength >> 8; ++ ctx->sha_out[63] = bitLength; ++ sha256_transform(ctx, &ctx->sha_out[0]); ++ ++ /* return results in ctx->sha_out[0...31] */ ++ datap = &ctx->sha_out[0]; ++ j = 0; ++ do { ++ i = ctx->sha_H[j]; ++ datap[0] = i >> 24; ++ datap[1] = i >> 16; ++ datap[2] = i >> 8; ++ datap[3] = i; ++ datap += 4; ++ } while(++j < 8); ++ ++ /* clear sensitive information */ ++ memset(&ctx->sha_out[32], 0, sizeof(sha256_context) - 32); ++} ++ ++void sha256_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole) ++{ ++ sha256_context ctx; ++ ++ if(ole < 1) return; ++ memset(ob, 0, ole); ++ if(ole > 32) ole = 32; ++ sha256_init(&ctx); ++ sha256_write(&ctx, ib, ile); ++ sha256_final(&ctx); ++ memcpy(ob, &ctx.sha_out[0], ole); ++ memset(&ctx, 0, sizeof(ctx)); ++} ++ ++#endif ++ ++#if defined(SHA512_NEEDED) ++void sha512_init(sha512_context *ctx) ++{ ++ memcpy(&ctx->sha_H[0], &sha512_hashInit[0], sizeof(ctx->sha_H)); ++ ctx->sha_blocks = 0; ++ ctx->sha_blocksMSB = 0; ++ ctx->sha_bufCnt = 0; ++} ++#endif ++ ++#if defined(SHA512_NEEDED) || defined(SHA384_NEEDED) ++#undef S ++#undef uSig0 ++#undef uSig1 ++#undef lSig0 ++#undef lSig1 ++#define S(x,y) (((y) >> (x)) | ((y) << (64 - (x)))) ++#define uSig0(x) ((S(28,(x))) ^ (S(34,(x))) ^ (S(39,(x)))) ++#define uSig1(x) ((S(14,(x))) ^ (S(18,(x))) ^ (S(41,(x)))) ++#define lSig0(x) ((S(1,(x))) ^ (S(8,(x))) ^ (R(7,(x)))) ++#define lSig1(x) ((S(19,(x))) ^ (S(61,(x))) ^ (R(6,(x)))) ++ ++static void sha512_transform(sha512_context *ctx, unsigned char *datap) ++{ ++ register int j; ++ u_int64_t a, b, c, d, e, f, g, h; ++ u_int64_t T1, T2, W[80], Wm2, Wm15; ++ ++ /* read the data, big endian byte order */ ++ j = 0; ++ do { ++ W[j] = (((u_int64_t)(datap[0]))<<56) | (((u_int64_t)(datap[1]))<<48) | ++ (((u_int64_t)(datap[2]))<<40) | (((u_int64_t)(datap[3]))<<32) | ++ (((u_int64_t)(datap[4]))<<24) | (((u_int64_t)(datap[5]))<<16) | ++ (((u_int64_t)(datap[6]))<<8 ) | ((u_int64_t)(datap[7])); ++ datap += 8; ++ } while(++j < 16); ++ ++ /* initialize variables a...h */ ++ a = ctx->sha_H[0]; ++ b = ctx->sha_H[1]; ++ c = ctx->sha_H[2]; ++ d = ctx->sha_H[3]; ++ e = ctx->sha_H[4]; ++ f = ctx->sha_H[5]; ++ g = ctx->sha_H[6]; ++ h = ctx->sha_H[7]; ++ ++ /* apply compression function */ ++ j = 0; ++ do { ++ if(j >= 16) { ++ Wm2 = W[j - 2]; ++ Wm15 = W[j - 15]; ++ W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16]; ++ } ++ T1 = h + uSig1(e) + Ch(e,f,g) + sha512_K[j] + W[j]; ++ T2 = uSig0(a) + Maj(a,b,c); ++ h = g; g = f; f = e; ++ e = d + T1; ++ d = c; c = b; b = a; ++ a = T1 + T2; ++ } while(++j < 80); ++ ++ /* compute intermediate hash value */ ++ ctx->sha_H[0] += a; ++ ctx->sha_H[1] += b; ++ ctx->sha_H[2] += c; ++ ctx->sha_H[3] += d; ++ ctx->sha_H[4] += e; ++ ctx->sha_H[5] += f; ++ ctx->sha_H[6] += g; ++ ctx->sha_H[7] += h; ++ ++ ctx->sha_blocks++; ++ if(!ctx->sha_blocks) ctx->sha_blocksMSB++; ++} ++ ++void sha512_write(sha512_context *ctx, unsigned char *datap, int length) ++{ ++ while(length > 0) { ++ if(!ctx->sha_bufCnt) { ++ while(length >= sizeof(ctx->sha_out)) { ++ sha512_transform(ctx, datap); ++ datap += sizeof(ctx->sha_out); ++ length -= sizeof(ctx->sha_out); ++ } ++ if(!length) return; ++ } ++ ctx->sha_out[ctx->sha_bufCnt] = *datap++; ++ length--; ++ if(++ctx->sha_bufCnt == sizeof(ctx->sha_out)) { ++ sha512_transform(ctx, &ctx->sha_out[0]); ++ ctx->sha_bufCnt = 0; ++ } ++ } ++} ++ ++void sha512_final(sha512_context *ctx) ++{ ++ register int j; ++ u_int64_t bitLength, bitLengthMSB; ++ u_int64_t i; ++ unsigned char padByte, *datap; ++ ++ bitLength = (ctx->sha_blocks << 10) | (ctx->sha_bufCnt << 3); ++ bitLengthMSB = (ctx->sha_blocksMSB << 10) | (ctx->sha_blocks >> 54); ++ padByte = 0x80; ++ sha512_write(ctx, &padByte, 1); ++ ++ /* pad extra space with zeroes */ ++ padByte = 0; ++ while(ctx->sha_bufCnt != 112) { ++ sha512_write(ctx, &padByte, 1); ++ } ++ ++ /* write bit length, big endian byte order */ ++ ctx->sha_out[112] = bitLengthMSB >> 56; ++ ctx->sha_out[113] = bitLengthMSB >> 48; ++ ctx->sha_out[114] = bitLengthMSB >> 40; ++ ctx->sha_out[115] = bitLengthMSB >> 32; ++ ctx->sha_out[116] = bitLengthMSB >> 24; ++ ctx->sha_out[117] = bitLengthMSB >> 16; ++ ctx->sha_out[118] = bitLengthMSB >> 8; ++ ctx->sha_out[119] = bitLengthMSB; ++ ctx->sha_out[120] = bitLength >> 56; ++ ctx->sha_out[121] = bitLength >> 48; ++ ctx->sha_out[122] = bitLength >> 40; ++ ctx->sha_out[123] = bitLength >> 32; ++ ctx->sha_out[124] = bitLength >> 24; ++ ctx->sha_out[125] = bitLength >> 16; ++ ctx->sha_out[126] = bitLength >> 8; ++ ctx->sha_out[127] = bitLength; ++ sha512_transform(ctx, &ctx->sha_out[0]); ++ ++ /* return results in ctx->sha_out[0...63] */ ++ datap = &ctx->sha_out[0]; ++ j = 0; ++ do { ++ i = ctx->sha_H[j]; ++ datap[0] = i >> 56; ++ datap[1] = i >> 48; ++ datap[2] = i >> 40; ++ datap[3] = i >> 32; ++ datap[4] = i >> 24; ++ datap[5] = i >> 16; ++ datap[6] = i >> 8; ++ datap[7] = i; ++ datap += 8; ++ } while(++j < 8); ++ ++ /* clear sensitive information */ ++ memset(&ctx->sha_out[64], 0, sizeof(sha512_context) - 64); ++} ++ ++void sha512_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole) ++{ ++ sha512_context ctx; ++ ++ if(ole < 1) return; ++ memset(ob, 0, ole); ++ if(ole > 64) ole = 64; ++ sha512_init(&ctx); ++ sha512_write(&ctx, ib, ile); ++ sha512_final(&ctx); ++ memcpy(ob, &ctx.sha_out[0], ole); ++ memset(&ctx, 0, sizeof(ctx)); ++} ++#endif ++ ++#if defined(SHA384_NEEDED) ++void sha384_init(sha512_context *ctx) ++{ ++ memcpy(&ctx->sha_H[0], &sha384_hashInit[0], sizeof(ctx->sha_H)); ++ ctx->sha_blocks = 0; ++ ctx->sha_blocksMSB = 0; ++ ctx->sha_bufCnt = 0; ++} ++ ++void sha384_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole) ++{ ++ sha512_context ctx; ++ ++ if(ole < 1) return; ++ memset(ob, 0, ole); ++ if(ole > 48) ole = 48; ++ sha384_init(&ctx); ++ sha512_write(&ctx, ib, ile); ++ sha512_final(&ctx); ++ memcpy(ob, &ctx.sha_out[0], ole); ++ memset(&ctx, 0, sizeof(ctx)); ++} ++#endif +--- util-linux-2.12q/mount/sha512.h ++++ util-linux-2.12q/mount/sha512.h +@@ -0,0 +1,45 @@ ++/* ++ * sha512.h ++ * ++ * Written by Jari Ruusu, April 16 2001 ++ * ++ * Copyright 2001 by Jari Ruusu. ++ * Redistribution of this file is permitted under the GNU Public License. ++ */ ++ ++#include ++ ++typedef struct { ++ unsigned char sha_out[64]; /* results are here, bytes 0...31 */ ++ u_int32_t sha_H[8]; ++ u_int64_t sha_blocks; ++ int sha_bufCnt; ++} sha256_context; ++ ++typedef struct { ++ unsigned char sha_out[128]; /* results are here, bytes 0...63 */ ++ u_int64_t sha_H[8]; ++ u_int64_t sha_blocks; ++ u_int64_t sha_blocksMSB; ++ int sha_bufCnt; ++} sha512_context; ++ ++/* no sha384_context, use sha512_context */ ++ ++/* 256 bit hash, provides 128 bits of security against collision attacks */ ++extern void sha256_init(sha256_context *); ++extern void sha256_write(sha256_context *, unsigned char *, int); ++extern void sha256_final(sha256_context *); ++extern void sha256_hash_buffer(unsigned char *, int, unsigned char *, int); ++ ++/* 512 bit hash, provides 256 bits of security against collision attacks */ ++extern void sha512_init(sha512_context *); ++extern void sha512_write(sha512_context *, unsigned char *, int); ++extern void sha512_final(sha512_context *); ++extern void sha512_hash_buffer(unsigned char *, int, unsigned char *, int); ++ ++/* 384 bit hash, provides 192 bits of security against collision attacks */ ++extern void sha384_init(sha512_context *); ++/* no sha384_write(), use sha512_write() */ ++/* no sha384_final(), use sha512_final(), result in ctx->sha_out[0...47] */ ++extern void sha384_hash_buffer(unsigned char *, int, unsigned char *, int); +--- util-linux-2.12q/mount/swapon.8 ++++ util-linux-2.12q/mount/swapon.8 +@@ -142,6 +142,22 @@ + .I /proc/swaps + or + .IR /etc/fstab ). ++.PP ++If ++.I loop=/dev/loop? ++and ++.I encryption=AES128 ++options are present in ++.I /etc/fstab ++then ++.BR "swapon -a" ++will set up loop devices using random keys, run ++.BR "mkswap" ++on them, and enable encrypted swap on specified loop devices. Encrypted loop ++devices are set up with page size offset so that unencrypted swap signatures ++on first page of swap devices are not touched. ++.BR "swapoff -a" ++will tear down such loop devices. + .SH NOTE + You should not use + .B swapon +--- util-linux-2.12q/mount/swapon.c ++++ util-linux-2.12q/mount/swapon.c +@@ -1,22 +1,45 @@ + /* + * A swapon(8)/swapoff(8) for Linux 0.99. + * swapon.c,v 1.1.1.1 1993/11/18 08:40:51 jrs Exp ++ * ++ * 1997-02-xx ++ * - added '-s' (summary option) ++ * 1999-02-22 Arkadiusz Miķkiewicz ++ * - added Native Language Support ++ * 1999-03-21 Arnaldo Carvalho de Melo ++ * - fixed strerr(errno) in gettext calls ++ * 2001-03-22 Erik Troan ++ * - added -e option for -a ++ * - -a shouldn't try to add swaps that are already enabled ++ * 2002-04-14 Jari Ruusu ++ * - added encrypted swap support + */ + + #include + #include + #include ++#include + #include + #include + #include + #include ++#include ++#include + #include ++#include ++#include ++#include ++#include ++#include + #include "xmalloc.h" + #include "swap_constants.h" + #include "swapargs.h" + #include "nls.h" + #include "mount_blkid.h" + #include "mount_by_label.h" ++#include "loop.h" ++#include "xstrncpy.h" ++#include "sha512.h" + + #define streq(s, t) (strcmp ((s), (t)) == 0) + +@@ -297,6 +320,260 @@ + } + + static int ++prepare_encrypted_swap(const char *partition, char *loop, char *encryption) ++{ ++ int x, y, fd, ffd; ++ sha512_context s; ++ unsigned char b[4096], multiKeyBits[65][32]; ++ char *a[10], *apiName; ++ struct loop_info64 loopinfo; ++ FILE *f; ++ ++ /* ++ * Some sanity checks ++ */ ++ if(strlen(partition) < 1) { ++ fprintf(stderr, _("swapon: invalid swap device name\n")); ++ return 0; ++ } ++ if(strlen(loop) < 1) { ++ fprintf(stderr, _("swapon: invalid loop device name\n")); ++ return 0; ++ } ++ if(strlen(encryption) < 1) { ++ fprintf(stderr, _("swapon: invalid encryption type\n")); ++ return 0; ++ } ++ ++ /* ++ * Abort if loop device does not exist or is already in use ++ */ ++ if((fd = open(loop, O_RDWR)) == -1) { ++ fprintf(stderr, _("swapon: unable to open loop device %s\n"), loop); ++ return 0; ++ } ++ if(is_unused_loop_device(fd) == 0) { ++ fprintf(stderr, _("swapon: loop device %s already in use\n"), loop); ++ goto errout0; ++ } ++ ++ /* ++ * Compute SHA-512 over first 40 KB of old swap data. This data ++ * is mostly unknown data encrypted using unknown key. SHA-512 hash ++ * output is then used as entropy for new swap encryption key. ++ */ ++ if(!(f = fopen(partition, "r+"))) { ++ fprintf(stderr, _("swapon: unable to open swap device %s\n"), partition); ++ goto errout0; ++ } ++ fseek(f, (long)PAGE_SIZE, SEEK_SET); ++ sha512_init(&s); ++ for(x = 0; x < 10; x++) { ++ if(fread(&b[0], sizeof(b), 1, f) != 1) break; ++ sha512_write(&s, &b[0], sizeof(b)); ++ } ++ sha512_final(&s); ++ ++ /* ++ * Overwrite 40 KB of old swap data 20 times so that recovering ++ * SHA-512 output beyond this point is difficult and expensive. ++ */ ++ for(y = 0; y < 20; y++) { ++ int z; ++ struct { ++ struct timeval tv; ++ unsigned char h[64]; ++ int x,y,z; ++ } j; ++ if(fseek(f, (long)PAGE_SIZE, SEEK_SET)) break; ++ memcpy(&j.h[0], &s.sha_out[0], 64); ++ gettimeofday(&j.tv, NULL); ++ j.y = y; ++ for(x = 0; x < 10; x++) { ++ j.x = x; ++ for(z = 0; z < sizeof(b); z += 64) { ++ j.z = z; ++ sha512_hash_buffer((unsigned char *)&j, sizeof(j), &b[z], 64); ++ } ++ if(fwrite(&b[0], sizeof(b), 1, f) != 1) break; ++ } ++ memset(&j, 0, sizeof(j)); ++ if(fflush(f)) break; ++ if(fsync(fileno(f))) break; ++ } ++ fclose(f); ++ ++ /* ++ * Use all 512 bits of hash output ++ */ ++ memcpy(&b[0], &s.sha_out[0], 64); ++ memset(&s, 0, sizeof(s)); ++ ++ /* ++ * Read 32 bytes of random entropy from kernel's random ++ * number generator. This code may be executed early on startup ++ * scripts and amount of random entropy may be non-existent. ++ * SHA-512 of old swap data is used as workaround for missing ++ * entropy in kernel's random number generator. ++ */ ++ if(!(f = fopen("/dev/urandom", "r"))) { ++ fprintf(stderr, _("swapon: unable to open /dev/urandom\n")); ++ goto errout0; ++ } ++ fread(&b[64], 32, 1, f); ++ ++ /* ++ * Set up struct loop_info64 ++ */ ++ if((ffd = open(partition, O_RDWR)) < 0) { ++ fprintf(stderr, _("swapon: unable to open swap device %s\n"), partition); ++ goto errout1; ++ } ++ memset(&loopinfo, 0, sizeof(loopinfo)); ++ xstrncpy(loopinfo.lo_file_name, partition, LO_NAME_SIZE); ++ loopinfo.lo_encrypt_type = loop_crypt_type(encryption, &loopinfo.lo_encrypt_key_size, &apiName); ++ if(loopinfo.lo_encrypt_type <= 1) { ++ fprintf(stderr, _("swapon: unsupported swap encryption type %s\n"), encryption); ++errout2: ++ close(ffd); ++errout1: ++ fclose(f); ++errout0: ++ close(fd); ++ memset(&loopinfo.lo_encrypt_key[0], 0, sizeof(loopinfo.lo_encrypt_key)); ++ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); ++ return 0; ++ } ++ loopinfo.lo_offset = PAGE_SIZE; ++ /* single-key hash */ ++ sha512_hash_buffer(&b[0], 64+32, &loopinfo.lo_encrypt_key[0], sizeof(loopinfo.lo_encrypt_key)); ++ /* multi-key hash */ ++ x = 0; ++ while(x < 65) { ++ fread(&b[64+32], 16, 1, f); ++ sha512_hash_buffer(&b[0], 64+32+16, &multiKeyBits[x][0], 32); ++ x++; ++ } ++ ++ /* ++ * Try to set up single-key loop ++ */ ++ if(ioctl(fd, LOOP_SET_FD, ffd) < 0) { ++ fprintf(stderr, _("swapon: LOOP_SET_FD failed\n")); ++ goto errout2; ++ } ++ if ((loopinfo.lo_encrypt_type == 18) || (loop_set_status64_ioctl(fd, &loopinfo) < 0)) { ++ if(try_cryptoapi_loop_interface(fd, &loopinfo, apiName) < 0) { ++ fprintf(stderr, _("swapon: LOOP_SET_STATUS failed\n")); ++ ioctl(fd, LOOP_CLR_FD, 0); ++ goto errout2; ++ } ++ } ++ ++ /* ++ * Try to put loop to multi-key v3 or v2 mode. ++ * If this fails, then let it operate in single-key mode. ++ */ ++ if(ioctl(fd, LOOP_MULTI_KEY_SETUP_V3, &multiKeyBits[0][0]) < 0) { ++ ioctl(fd, LOOP_MULTI_KEY_SETUP, &multiKeyBits[0][0]); ++ } ++ ++ /* ++ * Loop is now set up. Clean up the keys. ++ */ ++ memset(&loopinfo.lo_encrypt_key[0], 0, sizeof(loopinfo.lo_encrypt_key)); ++ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); ++ close(ffd); ++ fclose(f); ++ close(fd); ++ ++ /* ++ * Write 40 KB of zeroes to loop device. That same data is written ++ * to underlying partition in encrypted form. This is done to guarantee ++ * that next time encrypted swap is initialized, the SHA-512 hash will ++ * be different. And, if encrypted swap data writes over this data, that's ++ * even better. ++ */ ++ if(!(f = fopen(loop, "r+"))) { ++ fprintf(stderr, _("swapon: unable to open loop device %s\n"), loop); ++ return 0; ++ } ++ memset(&b[0], 0, sizeof(b)); ++ for(x = 0; x < 10; x++) { ++ if(fwrite(&b[0], sizeof(b), 1, f) != 1) break; ++ } ++ fflush(f); ++ fsync(fileno(f)); ++ fclose(f); ++ sync(); ++ ++ /* ++ * Run mkswap on loop device so that kernel understands it as swap. ++ * Redirect stderr to /dev/null and ignore exit value. ++ */ ++ if(!(x = fork())) { ++ if((x = open("/dev/null", O_WRONLY)) >= 0) { ++ dup2(x, 2); ++ close(x); ++ } ++ a[0] = "mkswap"; ++ a[1] = loop; ++ a[2] = 0; ++ execvp(a[0], &a[0]); ++ execv("/sbin/mkswap", &a[0]); ++ /* error to stdout, stderr is directed to /dev/null */ ++ printf(_("swapon: unable to execute mkswap\n")); ++ exit(1); ++ } ++ if(x == -1) { ++ fprintf(stderr, _("swapon: fork failed\n")); ++ return 0; ++ } ++ waitpid(x, &y, 0); ++ sync(); ++ ++ return 1; ++} ++ ++static void ++shutdown_encrypted_swap(char *loop) ++{ ++ int fd; ++ struct stat statbuf; ++ struct loop_info64 loopinfo; ++ unsigned char b[32]; ++ FILE *f; ++ ++ if(stat(loop, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) { ++ if((fd = open(loop, O_RDWR)) >= 0) { ++ if(!loop_get_status64_ioctl(fd, &loopinfo)) { ++ /* ++ * Read 32 bytes of random data from kernel's random ++ * number generator and write that to loop device. ++ * This preserves some of kernel's random entropy ++ * to next activation of encrypted swap on this ++ * partition. ++ */ ++ if((f = fopen("/dev/urandom", "r")) != NULL) { ++ fread(&b[0], 32, 1, f); ++ fclose(f); ++ write(fd, &b[0], 32); ++ fsync(fd); ++ } ++ } ++ close(fd); ++ } ++ sync(); ++ if((fd = open(loop, O_RDONLY)) >= 0) { ++ if(!loop_get_status64_ioctl(fd, &loopinfo)) { ++ ioctl(fd, LOOP_CLR_FD, 0); ++ } ++ close(fd); ++ } ++ } ++} ++ ++static int + swapon_all(void) { + FILE *fp; + struct mntent *fstab; +@@ -317,6 +594,8 @@ + const char *special; + int skip = 0; + int pri = priority; ++ char *opt, *opts; ++ char *loop = NULL, *encryption = NULL; + + if (!streq(fstab->mnt_type, MNTTYPE_SWAP)) + continue; +@@ -325,23 +604,39 @@ + if (!special) + continue; + +- if (!is_in_proc_swaps(special) && +- (!ifexists || !access(special, R_OK))) { +- /* parse mount options; */ +- char *opt, *opts = strdup(fstab->mnt_opts); +- +- for (opt = strtok(opts, ","); opt != NULL; +- opt = strtok(NULL, ",")) { +- if (strncmp(opt, "pri=", 4) == 0) +- pri = atoi(opt+4); +- if (strcmp(opt, "noauto") == 0) +- skip = 1; ++ /* parse mount options; */ ++ opts = strdup(fstab->mnt_opts); ++ if (!opts) { ++ fprintf(stderr, "not enough memory"); ++ exit(1); ++ } ++ for (opt = strtok(opts, ","); opt != NULL; opt = strtok(NULL, ",")) { ++ if (strncmp(opt, "pri=", 4) == 0) ++ pri = atoi(opt+4); ++ if (strcmp(opt, "noauto") == 0) ++ skip = 1; ++ if (strncmp(opt, "loop=", 5) == 0) ++ loop = opt + 5; ++ if (strncmp(opt, "encryption=", 11) == 0) ++ encryption = opt + 11; ++ } ++ if(skip) ++ continue; ++ if (loop && encryption) { ++ if(!is_in_proc_swaps(loop) && (!ifexists || !access(special, R_OK))) { ++ if (!prepare_encrypted_swap(special, loop, encryption)) { ++ status |= -1; ++ continue; ++ } ++ status |= do_swapon(loop, pri); + } +- if (!skip) +- status |= do_swapon(special, pri); ++ continue; ++ } ++ if (!is_in_proc_swaps(special) && (!ifexists || !access(special, R_OK))) { ++ status |= do_swapon(special, pri); + } + } +- fclose(fp); ++ endmntent(fp); + + return status; + } +@@ -504,11 +799,49 @@ + exit(2); + } + while ((fstab = getmntent(fp)) != NULL) { +- if (streq(fstab->mnt_type, MNTTYPE_SWAP) && +- !is_in_proc_swaps(fstab->mnt_fsname)) +- do_swapoff(fstab->mnt_fsname, QUIET); ++ const char *orig_special = fstab->mnt_fsname; ++ const char *special; ++ int skip = 0; ++ char *opt, *opts; ++ char *loop = NULL, *encryption = NULL; ++ ++ if (!streq(fstab->mnt_type, MNTTYPE_SWAP)) ++ continue; ++ ++ special = mount_get_devname(orig_special); ++ if (!special) ++ continue; ++ ++ /* parse mount options; */ ++ opts = strdup(fstab->mnt_opts); ++ if (!opts) { ++ fprintf(stderr, "not enough memory"); ++ exit(1); ++ } ++ for (opt = strtok(opts, ","); opt != NULL; opt = strtok(NULL, ",")) { ++ if (strcmp(opt, "noauto") == 0) ++ skip = 1; ++ if (strncmp(opt, "loop=", 5) == 0) ++ loop = opt + 5; ++ if (strncmp(opt, "encryption=", 11) == 0) ++ encryption = opt + 11; ++ } ++ if (loop && encryption) { ++ if (!is_in_proc_swaps(loop)) { ++ if(skip) ++ continue; ++ do_swapoff(loop, QUIET); ++ } ++ shutdown_encrypted_swap(loop); ++ continue; ++ } ++ if(skip) ++ continue; ++ if (!is_in_proc_swaps(special)) { ++ do_swapoff(special, QUIET); ++ } + } +- fclose(fp); ++ endmntent(fp); + } + + return status; diff --git a/mkzimage_cmdline.8 b/mkzimage_cmdline.8 new file mode 100644 index 0000000..31438de --- /dev/null +++ b/mkzimage_cmdline.8 @@ -0,0 +1,20 @@ +.\" $Id: mkzimage_cmdline.8 590 2006-02-07 14:38:07Z jplack $ +.TH mkzimage_cmdline 8 +.SH NAME +\fBmkzimage_cmdline\fR - edit the built-in kernel cmdline in a PowerPC CHRP zImage +.SH SYNOPSIS +\fBmkzimage_cmdline [-a 0|1] [-s 'kernel cmdline'] [-c] zImage\fR +.SH DESCRIPTION +\fBmkzimage_cmdline\fR adds a kernel cmdline to a zImage. This string will be passed to the kernel, the contents in /options/boot-file will be overwritten with the provided cmdline. +.SH OPTIONS +.TP +.B \-a 0|1 +activate or deactivate the the cmdline +.TP +.B \-s 'kernel cmdline' +pass this string to the kernel. It can be up to 511 chars long. +.TP +.B \-c +clear cmdline area in zImage +.SH AUTHOR +Olaf Hering diff --git a/mkzimage_cmdline.c b/mkzimage_cmdline.c new file mode 100644 index 0000000..b341627 --- /dev/null +++ b/mkzimage_cmdline.c @@ -0,0 +1,183 @@ +/* $Id: mkzimage_cmdline.c 590 2006-02-07 14:38:07Z jplack $ */ +/* + * a little tool to modify the cmdline inside a zImage + * Olaf Hering Copyright (C) 2003, 2004 + */ + +/* + 2003-10-02, version 1 + 2003-11-15, version 2: fix short reads if the string is at the end of the file + 2004-08-07, version 3: use mmap + */ +/* + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +#define MY_VERSION 3 + +static int activate; +static int clear; +static int set; +static char *string; +static char *filename; + +static const char cmdline_start[] = "cmd_line_start"; +static const char cmdline_end[] = "cmd_line_end"; + +static void my_version(void) +{ + printf("version: %d\n", MY_VERSION); + printf("(C) SuSE Linux AG, Nuernberg, Germany, 2003, 2004\n"); + return; +} + +static void my_rtfm(const char *app) +{ + printf("modify the built-in cmdline of a CHRP boot image\n"); + printf("%s filename\n", app); + printf("work with zImage named 'filename'\n"); + printf(" [-h] display this help\n"); + printf(" [-v] display version\n"); + printf(" [-a 0|1] disable/enable built-in cmdline\n"); + printf(" overrides whatever is passed from OpenFirmware\n"); + printf(" [-s STRING] store STRING in the boot image\n"); + printf(" [-c] clear previous content before update\n"); + printf(" no option will show the current settings in 'filename'\n"); + return; +} + +int main(int argc, char **argv) +{ + struct stat sb; + int fd, found; + unsigned char *p, *s, *e, *tmp, *active; + + if (argc < 2) { + my_rtfm(argv[0]); + exit(1); + } + + while (1) { + int i; + i = getopt(argc, argv, "a:hcvs:"); + if (i == -1) + break; + switch (i) { + case 'a': + if (*optarg == '0') + activate = -1; + else + activate = 1; + break; + case 'c': + clear = 1; + break; + case 'h': + my_rtfm(argv[0]); + exit(0); + case 's': + string = strdup(optarg); + if (!string) { + fprintf(stderr, "set: no mem\n"); + exit(1); + } + set = 1; + break; + case 'v': + my_version(); + exit(0); + default: + printf("unknown option\n"); + my_rtfm(argv[0]); + exit(1); + } + } + if (argc <= optind) { + fprintf(stderr, "filename required\n"); + exit(1); + } + filename = strdup(argv[optind]); + if (!filename) { + fprintf(stderr, "no mem\n"); + exit(1); + } + + fd = open(filename, (activate || clear || set) ? O_RDWR : O_RDONLY); + if (fd == -1) + goto error; + found = stat(filename, &sb); + if (found < 0) + goto error; + if (!S_ISREG(sb.st_mode)) { + fprintf(stderr, "%s is not a file\n", filename); + exit(1); + } + + p = mmap(NULL, sb.st_size, + ((activate || clear || set) ? + PROT_WRITE : 0) | PROT_READ, MAP_SHARED, fd, 0); + if (p == MAP_FAILED) + goto error; + s = p; + e = p + sb.st_size - sizeof(cmdline_start) - sizeof(cmdline_end); + found = 0; + while (s < e) { + if (memcmp(++s, cmdline_start, sizeof(cmdline_start) - 1) != 0) + continue; + found = 1; + break; + } + if (!found) + goto no_start; + found = 0; + + active = s - 1; + tmp = s = s + sizeof(cmdline_start) - 1; + e = p + sb.st_size - sizeof(cmdline_end); + while (tmp < e) { + if (memcmp(++tmp, cmdline_end, sizeof(cmdline_end)) != 0) + continue; + found = 1; + break; + } + if (!found) + goto no_end; + + if (activate || clear || set) { + if (activate) + *active = activate > 0 ? '1' : '0'; + if (clear) + memset(s, 0x0, tmp - s); + if (set) + snprintf(s, tmp - s, "%s", string); + } else { + fprintf(stdout, "cmd_line size:%d\n", tmp - s); + fprintf(stdout, "cmd_line: %s\n", s); + fprintf(stdout, "active: %c\n", *active); + } + + munmap(p, sb.st_size); + close(fd); + return 0; + + error: + perror(filename); + return 1; + no_start: + fprintf(stderr, "%s: %s not found.\n", filename, cmdline_start); + return 1; + no_end: + fprintf(stderr, "%s: %s not found.\n", filename, cmdline_end); + return 1; +} diff --git a/mount-nfs-nonreserved b/mount-nfs-nonreserved new file mode 100644 index 0000000..58be497 --- /dev/null +++ b/mount-nfs-nonreserved @@ -0,0 +1,61 @@ +diff -u util-linux-2.11z/mount/nfsmount.c-o util-linux-2.11z/mount/nfsmount.c +--- util-linux-2.11z/mount/nfsmount.c-o 2003-06-18 15:23:06.000000000 +0200 ++++ util-linux-2.11z/mount/nfsmount.c 2003-06-18 15:25:35.000000000 +0200 +@@ -215,7 +215,7 @@ + } status; + struct stat statbuf; + char *s; +- int port, mountport, proto, bg, soft, intr; ++ int port, mountport, proto, bg, soft, intr, nonreserved; + int posix, nocto, noac, nolock, broken_suid, noacl; + int retry, tcp; + int mountprog, mountvers, nfsprog, nfsvers; +@@ -320,6 +320,7 @@ + noac = 0; + retry = 10000; /* 10000 minutes ~ 1 week */ + tcp = 0; ++ nonreserved = 0; + + mountprog = MOUNTPROG; + mountvers = 0; +@@ -411,6 +412,8 @@ + soft = !val; + else if (!strcmp(opt, "intr")) + intr = val; ++ else if (!strcmp(opt, "reserved")) ++ nonreserved = !val; + else if (!strcmp(opt, "posix")) + posix = val; + else if (!strcmp(opt, "cto")) +@@ -445,7 +448,8 @@ + | (intr ? NFS_MOUNT_INTR : 0) + | (posix ? NFS_MOUNT_POSIX : 0) + | (nocto ? NFS_MOUNT_NOCTO : 0) +- | (noac ? NFS_MOUNT_NOAC : 0); ++ | (noac ? NFS_MOUNT_NOAC : 0) ++ | (nonreserved ? NFS_MOUNT_NONRESERVED : 0); + #if NFS_MOUNT_VERSION >= 2 + if (nfs_mount_version >= 2) + data.flags |= (tcp ? NFS_MOUNT_TCP : 0); +diff -u util-linux-2.11z/mount/nfs_mount4.h-o util-linux-2.11z/mount/nfs_mount4.h +--- util-linux-2.11z/mount/nfs_mount4.h-o 2003-06-18 15:23:06.000000000 +0200 ++++ util-linux-2.11z/mount/nfs_mount4.h 2003-06-18 15:26:04.000000000 +0200 +@@ -52,3 +52,4 @@ + #define NFS_MOUNT_NONLM 0x0200 /* 3 */ + #define NFS_MOUNT_BROKEN_SUID 0x0400 /* 4 */ + #define NFS_MOUNT_NOACL 0x0800 /* 4 */ ++#define NFS_MOUNT_NONRESERVED 0x1000 +--- util-linux-2.11z/mount/nfs.5-o 2003-06-18 07:10:54.000000000 -0700 ++++ util-linux-2.11z/mount/nfs.5 2003-06-18 07:14:05.000000000 -0700 +@@ -213,6 +213,11 @@ + NFS version 3. (On NFS version 2 filesystems this option has no effect.) + This option also deactivates the GETACL and SETACL remote procedure calls + which are otherwise used to manipulate ACLs. ++.TP 1.5i ++.I noreserved ++Don't use a reserved source port. This usually requires special options ++on the NFS server (insecure for linux knfsd), but allows more than 1024 ++mounts from a single IP address. + .P + All of the non-value options have corresponding nooption forms. + For example, nointr means don't allow file operations to be diff --git a/mount.8-acl.diff b/mount.8-acl.diff new file mode 100644 index 0000000..83402f6 --- /dev/null +++ b/mount.8-acl.diff @@ -0,0 +1,39 @@ +Index: mount/mount.8 +================================================================================ +--- mount/mount.8 ++++ mount/mount.8 +@@ -943,6 +943,17 @@ + Sync all data and metadata every + .I nrsec + seconds. The default value is 5 seconds. Zero means default. ++.RE ++.TP ++.BR user_xattr ++Enable Extended User Attributes. See the ++.BR attr (5) ++manual page. ++.TP ++.BR acl ++Enable POSIX Access Control Lists. See the ++.BR acl (5) ++manual page. + + .SH "Mount options for fat" + (Note: +@@ -1495,6 +1506,16 @@ + .I resizer + utility which can be obtained from + .IR ftp://ftp.namesys.com/pub/reiserfsprogs . ++.TP ++.BR user_xattr ++Enable Extended User Attributes. See the ++.BR attr (5) ++manual page. ++.TP ++.BR acl ++Enable POSIX Access Control Lists. See the ++.BR acl (5) ++manual page. + + .SH "Mount options for romfs" + None. diff --git a/nfsboot b/nfsboot new file mode 100644 index 0000000..62e284e --- /dev/null +++ b/nfsboot @@ -0,0 +1,50 @@ +#! /bin/sh +# Copyright (c) 2004 SuSE AG, Nuernberg, Germany. All rights reserved. +# +# Author: Mads Martin Joergensen +# +# /etc/init.d/nfsboot +# +# System startup script for service(s) needed with NFS +# +### BEGIN INIT INFO +# Provides: nfsboot +# Required-Start: $network $portmap +# Required-Stop: +# Default-Start: 3 5 +# Default-Stop: +# Description: Service(s) needed with NFS +### END INIT INFO + +SMNOTIFYBIN=/sbin/sm-notify +OPTIONS=" -q" +test -x $SMNOTIFYBIN || exit 5 + +. /etc/rc.status + +rc_reset + +case "$1" in + # It's a one shot binary notifying clients, so the below is + # ok in this special case. + start|restart|try-restart|reload|force-reload) + echo -n "Starting nfsboot (`/bin/basename $SMNOTIFYBIN`) " + $SMNOTIFYBIN $OPTIONS + rc_status -v + ;; + stop) + # we had rc_reset above, so we return 0 anyway + ;; + status) + # sm-notify is not a daemon, but a one-shot binary + # nothing to be checked, status is unknown + rc_failed 4 + rc_status -v + ;; + *) + echo "Usage: $0 {start|stop|restart|try-restart|reload|force-reload|status}" + exit 1 + ;; +esac +rc_exit + diff --git a/nologin.8 b/nologin.8 new file mode 100644 index 0000000..1aceb4a --- /dev/null +++ b/nologin.8 @@ -0,0 +1,63 @@ +.\" $OpenBSD: nologin.8,v 1.8 1999/06/04 02:45:19 aaron Exp $ +.\" $NetBSD: nologin.8,v 1.3 1995/03/18 14:59:09 cgd Exp $ +.\" +.\" Copyright (c) 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)nologin.8 8.1 (Berkeley) 6/19/93 +.\" +.Dd February 15, 1997 +.Dt NOLOGIN 8 +.Os +.Sh NAME +.Nm nologin +.Nd politely refuse a login +.Sh SYNOPSIS +.Nm nologin +.Sh DESCRIPTION +.Nm +displays a message that an account is not available and +exits non-zero. +It is intended as a replacement shell field for accounts that +have been disabled. +.Pp +If the file +.Pa /etc/nologin.txt +exists, +.Nm +displays its contents to the user instead of the default message. +.Sh SEE ALSO +.Xr login 1 +.Sh HISTORY +The +.Nm +command appeared in +.Bx 4.4 . diff --git a/nologin.c b/nologin.c new file mode 100644 index 0000000..fc0ff26 --- /dev/null +++ b/nologin.c @@ -0,0 +1,58 @@ +/* $OpenBSD: nologin.c,v 1.2 1997/04/04 16:51:37 millert Exp $ */ + +/* + * Copyright (c) 1997, Jason Downs. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include +#include +#include +#include + +/* Distinctly different from _PATH_NOLOGIN. */ +#define _PATH_NOLOGIN_TXT "/etc/nologin.txt" + +#define DEFAULT_MESG "This account is currently not available.\n" + +/*ARGSUSED*/ +int main(argc, argv) + int argc; + char *argv[]; +{ + int nfd, nrd; + char nbuf[128]; + + nfd = open(_PATH_NOLOGIN_TXT, O_RDONLY); + if (nfd < 0) { + write(STDOUT_FILENO, DEFAULT_MESG, strlen(DEFAULT_MESG)); + exit (1); + } + + while ((nrd = read(nfd, nbuf, sizeof(nbuf))) > 0) + write(STDOUT_FILENO, nbuf, nrd); + close (nfd); + + exit (1); +} diff --git a/raw.init b/raw.init new file mode 100644 index 0000000..76623b7 --- /dev/null +++ b/raw.init @@ -0,0 +1,61 @@ +#! /bin/sh +# Copyright (c) 1995-2001 SuSE GmbH Nuernberg, Germany. +# +# Author: Dirk Lerner +# +# /etc/init.d/raw +# +# and symbolic its link +# +# /usr/sbin/rcraw +# +### BEGIN INIT INFO +# Provides: raw +# Required-Start: $local_fs $remote_fs +# Required-Stop: +# Default-Start: 2 3 5 +# Default-Stop: 0 1 6 +# Description: raw-devices +### END INIT INFO + +. /etc/rc.status + +CONFIG=/etc/raw +RAW_BIN=/usr/sbin/raw +RAW_MODULE=raw +test -x $RAW_BIN || exit 5 + +if [ ! -f $CONFIG ];then + echo "file: $CONFIG not found" + exit 6 +fi + +rc_reset +case "$1" in + start) + /sbin/modprobe $RAW_MODULE && sleep 2 + line=`grep -v ^# < $CONFIG` + + for i in $line;do + rawdev=`echo $i | cut -f1 -d:` + rawbind=`echo $i | cut -f2- -d:` + echo -n "bind /dev/raw/$rawdev to /dev/$rawbind..." + $RAW_BIN /dev/raw/$rawdev /dev/$rawbind > /dev/null 2>&1 + rc_status -v + done + ;; + stop) + echo -n "to unbind the rawdevice please perform a system shutdown" + rc_failed 3 + rc_status -v + ;; + status) + $RAW_BIN -qa 2> /dev/null + rc_status -v + ;; + *) + echo "Usage: $0 {start|stop|status}" + exit 1 + ;; +esac +rc_exit diff --git a/ready b/ready new file mode 100644 index 0000000..473a0f4 diff --git a/renice.8 b/renice.8 new file mode 100644 index 0000000..1aab359 --- /dev/null +++ b/renice.8 @@ -0,0 +1,136 @@ +.\" Copyright (c) 1983, 1991, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)renice.8 8.1 (Berkeley) 6/9/93 +.\" +.Dd June 9, 1993 +.Dt RENICE 8 +.Os BSD 4 +.Sh NAME +.Nm renice +.Nd alter priority of running processes +.Sh SYNOPSIS +.Nm renice +.Ar priority +.Oo +.Op Fl p +.Ar pid ... +.Oc +.Oo +.Op Fl g +.Ar pgrp ... +.Oc +.Oo +.Op Fl u +.Ar user ... +.Oc +.Sh DESCRIPTION +.Nm Renice +alters the +scheduling priority of one or more running processes. +The following +.Ar who +parameters are interpreted as process ID's, process group +ID's, or user names. +.Nm Renice Ns 'ing +a process group causes all processes in the process group +to have their scheduling priority altered. +.Nm Renice Ns 'ing +a user causes all processes owned by the user to have +their scheduling priority altered. +By default, the processes to be affected are specified by +their process ID's. +.Pp +Options supported by +.Nm renice : +.Bl -tag -width Ds +.It Fl g +Force +.Ar who +parameters to be interpreted as process group ID's. +.It Fl u +Force the +.Ar who +parameters to be interpreted as user names. +.It Fl p +Resets the +.Ar who +interpretation to be (the default) process ID's. +.El +.Pp +For example, +.Bd -literal -offset +renice +1 987 -u daemon root -p 32 +.Ed +.Pp +would change the priority of process ID's 987 and 32, and +all processes owned by users daemon and root. +.Pp +Users other than the super-user may only alter the priority of +processes they own, +and can only monotonically increase their ``nice value'' +within the range 0 to +.Dv PRIO_MAX +(20). +(This prevents overriding administrative fiats.) +The super-user +may alter the priority of any process +and set the priority to any value in the range +.Dv PRIO_MIN +(\-20) +to +.Dv PRIO_MAX . +Useful priorities are: +20 (the affected processes will run only when nothing else +in the system wants to), +0 (the ``base'' scheduling priority), +anything negative (to make things go very fast). +.Sh FILES +.Bl -tag -width /etc/passwd -compact +.It Pa /etc/passwd +to map user names to user ID's +.El +.Sh SEE ALSO +.Xr getpriority 2 , +.Xr setpriority 2 +.Sh BUGS +Non super-users can not increase scheduling priorities of their own processes, +even if they were the ones that decreased the priorities in the first place. +.br +The Linux kernel (at least version 2.0.0) and linux libc (at least +version 5.2.18) does not agree entirely on what the specifics of the +systemcall interface to set nice values is. Thus causes renice to +report bogus previous nice values. +.Sh HISTORY +The +.Nm +command appeared in +.Bx 4.0 . diff --git a/schedutils-1.4.0.tar.bz2 b/schedutils-1.4.0.tar.bz2 new file mode 100644 index 0000000..f046c5a --- /dev/null +++ b/schedutils-1.4.0.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:84038ab2b3ea6ff4b31b46638b9ceae56aebc95742e9b75276c6e6f5465f05b1 +size 15930 diff --git a/setctsid.8 b/setctsid.8 new file mode 100644 index 0000000..da66ed3 --- /dev/null +++ b/setctsid.8 @@ -0,0 +1,25 @@ +.\" Rick Sladkey +.\" In the public domain. +.\" Path modifications by faith@cs.unc.edu +.TH SETCTSID 8 "12 April 1999" "Linux 2.2" "Linux Programmer's Manual" +.SH NAME +setctsid \- run a program in a new session and tty +.SH SYNOPSIS +.B setctsid +.RB [ -f ] +.I /dev/ +.I program +.RB [ args... ] +.SH DESCRIPTION +.B setctsid +runs a program in a new session with a new controlling terminal +.IR /dev/ . +The +.B -f +option causes +.B setctsid +to run the program in a new process. +.SH "SEE ALSO" +.BR setsid (2) +.SH AUTHORS +Rick Sladkey , Werner Fink diff --git a/setctsid.c b/setctsid.c new file mode 100644 index 0000000..d5eb704 --- /dev/null +++ b/setctsid.c @@ -0,0 +1,90 @@ +/* + * setctsid.c -- execute a command in a new session and with + * new controlling terminal + * + * derviated from: setctsid.c of Rick Sladkey + * In the public domain. + * + * Changed by Werner Fink, + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define xerror(n) do { int error = errno; \ + if (!isatty(fileno(stderr))) \ + syslog(LOG_ERR, n ": %s", strerror(error)); \ + else \ + errno = error, perror(n); \ + } while (0) + +int main(int argc, char *argv[]) +{ + int fd; + struct stat buf; + int dofork = 0; + + if (argc > 1 && !strcmp(argv[1], "-f")) { + dofork = 1; + argc--; + argv++; + } + if (argc < 3) { + fprintf(stderr, "usage: setctsid [-f] tty program [arg ...]\n"); + exit(1); + } + if (stat(argv[1], &buf) < 0) { + perror(argv[1]); + exit(1); + } + if (!(S_ISCHR(buf.st_mode))) { + /* why do we care? */ + fprintf(stderr, "%s: not a character device\n", argv[1]); + exit(1); + } + if (dofork) { + switch (fork()) { + case -1: + perror("fork"); + exit(1); + case 0: + break; + default: + exit(0); + } + } + if (setsid() < 0) { + perror("setsid"); + exit(1); + } + if ((fd = open(argv[1], O_RDWR, 0)) < 0) { + xerror("open"); + exit(1); + } + dup2(fd, fileno(stdin)); + dup2(fd, fileno(stdout)); + dup2(fd, fileno(stderr)); + + if (isatty(fd)) { + if (ioctl(fileno(stdin), TIOCSCTTY, argv[1]) < 0) { + xerror("ioctl"); + exit(1); + } + } + + if (fd > fileno(stderr)) + close(fd); + + execvp(argv[2], argv + 2); + xerror("execvp"); + exit(1); +} diff --git a/sm-notify-20060111.tar.bz2 b/sm-notify-20060111.tar.bz2 new file mode 100644 index 0000000..e5cf4a7 --- /dev/null +++ b/sm-notify-20060111.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ffe524be61389246a7ebb71832bf3f750834dbf8e5a38d4cc1548e267a8fb853 +size 5843 diff --git a/stupid-programmer.diff b/stupid-programmer.diff new file mode 100644 index 0000000..6b4f2ee --- /dev/null +++ b/stupid-programmer.diff @@ -0,0 +1,38 @@ +--- disk-utils/fsck.cramfs.c ++++ disk-utils/fsck.cramfs.c +@@ -76,16 +76,7 @@ + + #define PAD_SIZE 512 + +-#include +-#ifdef PAGE_SIZE +-#define PAGE_CACHE_SIZE ((int) PAGE_SIZE) +-#elif defined __ia64__ +-#define PAGE_CACHE_SIZE (16384) +-#elif defined __alpha__ +-#define PAGE_CACHE_SIZE (8192) +-#else +-#define PAGE_CACHE_SIZE (4096) +-#endif ++#define PAGE_CACHE_SIZE getpagesize() /* Stupid programmer */ + + /* Guarantee access to at least 8kB at a time */ + #define ROMBUFFER_BITS 13 +@@ -95,7 +86,7 @@ + static unsigned long read_buffer_block = ~0UL; + + /* Uncompressing data structures... */ +-static char outbuffer[PAGE_CACHE_SIZE*2]; ++static char *outbuffer; /* Stupid programmer */ + z_stream stream; + + #endif /* INCLUDE_FS_TESTS */ +@@ -464,6 +455,8 @@ + int c; /* for getopt */ + int start = 0; + ++ outbuffer = malloc(PAGE_CACHE_SIZE); /* Stupid programmer */ ++ + if (argc) + progname = argv[0]; + diff --git a/time-1.7.dif b/time-1.7.dif new file mode 100644 index 0000000..f3b9104 --- /dev/null +++ b/time-1.7.dif @@ -0,0 +1,20 @@ +--- resuse.h ++++ resuse.h +@@ -39,6 +39,9 @@ + # if HAVE_WAIT3 + # include + # else ++# if defined(__linux__) && defined(__alpha__) ++# include ++# else + /* Process resource usage structure. */ + struct rusage + { +@@ -49,6 +52,7 @@ + ru_oublock, ru_msgsnd, ru_msgrcv, ru_nsignals, + ru_nvcsw, ru_nivcsw; + }; ++# endif + # endif + #endif + diff --git a/time-1.7.tar.gz b/time-1.7.tar.gz new file mode 100644 index 0000000..d9a5b53 --- /dev/null +++ b/time-1.7.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e37ea79a253bf85a85ada2f7c632c14e481a5fd262a362f6f4fd58e68601496d +size 103066 diff --git a/util-linux-2.11q-fs_mac.diff b/util-linux-2.11q-fs_mac.diff new file mode 100644 index 0000000..58bc11d --- /dev/null +++ b/util-linux-2.11q-fs_mac.diff @@ -0,0 +1,250 @@ +--- util-linux-2.12q/fdisk/fdiskmaclabel.c ++++ util-linux-2.12q/fdisk/fdiskmaclabel.c +@@ -0,0 +1,87 @@ ++/* ++ Changes: ++ Sat Mar 20 09:51:38 EST 1999 Arnaldo Carvalho de Melo ++ Internationalization ++*/ ++#include /* stderr */ ++#include /* strstr */ ++#include /* write */ ++ ++#include ++ ++#include "common.h" ++#include "fdisk.h" ++#include "fdiskmaclabel.h" ++#include "nls.h" ++ ++#define MAC_BITMASK 0xffff0000 ++ ++ ++static int other_endian = 0; ++static short volumes=1; ++ ++/* ++ * only dealing with free blocks here ++ */ ++ ++static void ++mac_info( void ) { ++ puts( ++ _("\n\tThere is a valid Mac label on this disk.\n" ++ "\tUnfortunately fdisk(1) cannot handle these disks.\n" ++ "\tUse either pdisk or parted to modify the partition table.\n" ++ "\tNevertheless some advice:\n" ++ "\t1. fdisk will destroy its contents on write.\n" ++ "\t2. Be sure that this disk is NOT a still vital\n" ++ "\t part of a volume group. (Otherwise you may\n" ++ "\t erase the other disks as well, if unmirrored.)\n") ++ ++ ); ++} ++ ++void ++mac_nolabel( void ) ++{ ++ maclabel->magic = 0; ++ mac_label = 0; ++ partitions = 4; ++ memset( MBRbuffer, 0, sizeof(MBRbuffer) ); /* avoid fdisk cores */ ++ return; ++} ++ ++int ++check_mac_label( void ) ++{ ++ /* ++ Conversion: only 16 bit should compared ++ e.g.: HFS Label is only 16bit long ++ */ ++ ++ int magic_masked = 0 ; ++ magic_masked = maclabel->magic & MAC_BITMASK ; ++ ++ switch (magic_masked) { ++ case MAC_LABEL_MAGIC : ++ case MAC_LABEL_MAGIC_2: ++ case MAC_LABEL_MAGIC_3: ++ goto IS_MAC; ++ break; ++ default: ++ mac_label = 0; ++ other_endian = 0; ++ return 0; ++ ++ ++ } ++ ++ IS_MAC: ++ other_endian = (maclabel->magic == MAC_LABEL_MAGIC_SWAPPED); // =? ++ update_units(); ++ mac_label = 1; ++ partitions= 1016; // =? ++ volumes = 15; // =? ++ mac_info(); ++ mac_nolabel(); /* %% */ ++ mac_label = 1; /* %% */ ++ return 1; ++} +--- util-linux-2.12q/fdisk/fdiskmaclabel.h ++++ util-linux-2.12q/fdisk/fdiskmaclabel.h +@@ -0,0 +1,40 @@ ++#include /* for __u32 etc */ ++/* ++ * Copyright (C) Andreas Neuper, Sep 1998. ++ * This file may be redistributed under ++ * the terms of the GNU Public License. ++ */ ++ ++typedef struct { ++ unsigned int magic; /* expect MAC_LABEL_MAGIC */ ++ unsigned int fillbytes1[124]; ++ unsigned int physical_volume_id; ++ unsigned int fillbytes2[124]; ++} mac_partition; ++ ++#define MAC_LABEL_MAGIC 0x45520000 // MAC magic number only 16bits, do i always know that there are 0200 following ? Problem, after magic the uint16_t res1; follows, i donnno know about the 200k ++#define MAC_LABEL_MAGIC_2 0x50530000 ++#define MAC_LABEL_MAGIC_3 0x504d0000 ++ ++ ++#define MAC_LABEL_MAGIC_SWAPPED 0x00002554 ++ ++#define MAC_LABEL_MAGIC_2_SWAPPED 0x00003505 ++#define MAC_LABEL_MAGIC_3_SWAPPED 0x0000d405 ++ ++ ++/* fdisk.c */ ++#define maclabel ((mac_partition *)MBRbuffer) ++extern char MBRbuffer[MAX_SECTOR_SIZE]; ++extern char changed[MAXIMUM_PARTS]; ++extern unsigned int heads, sectors, cylinders; ++extern int show_begin; ++extern int mac_label; ++extern char *partition_type(unsigned char type); ++extern void update_units(void); ++extern char read_chars(char *mesg); ++ ++/* fdiskmaclabel.c */ ++extern struct systypes mac_sys_types[]; ++extern void mac_nolabel( void ); ++extern int check_mac_label( void ); +--- util-linux-2.12q/fdisk/Makefile ++++ util-linux-2.12q/fdisk/Makefile +@@ -39,7 +39,7 @@ + endif + endif + +-cfdisk: cfdisk.o llseek.o disksize.o i386_sys_types.o $(LIB)/xstrncpy.o ++cfdisk: cfdisk.o llseek.o disksize.o i386_sys_types.o $(LIB)/xstrncpy.o + ifeq "$(HAVE_SLANG)" "yes" + $(CC) $(LDFLAGS) $^ -o $@ $(LIBSLANG) + else +@@ -55,15 +55,17 @@ + rm -f activate + ln -s sfdisk activate + +-fdisk: fdisk.o llseek.o disksize.o fdiskbsdlabel.o fdisksgilabel.o \ +- fdisksunlabel.o fdiskaixlabel.o i386_sys_types.o partname.o ++fdisk: fdisk.o llseek.o disksize.o fdiskbsdlabel.o fdisksgilabel.o fdisksunlabel.o \ ++ fdiskmaclabel.o fdiskaixlabel.o i386_sys_types.o partname.o + fdisk.o: fdisk.c fdisk.h + fdiskbsdlabel.o: fdiskbsdlabel.c fdisk.h fdiskbsdlabel.h + fdisksunlabel.o: fdisksunlabel.c fdisksunlabel.h fdisk.h + fdiskaixlabel.o: fdiskaixlabel.c fdiskaixlabel.h fdisk.h ++fdiskmaclabel.o: fdiskmaclabel.c fdiskmaclabel.h fdisk.h ++ + fdisk.o cfdisk.o sfdisk.o fdiskbsdlabel.o fdisksunlabel.o \ +- fdisksgilabel.o fdiskaixlabel.o i386_sys_types.o partname.o: common.h +-sfdisk: sfdisk.o disksize.o i386_sys_types.o partname.o ++ fdisksgilabel.o fdiskaixlabel.o fdiskmaclabel.o i386_sys_types.o partname.o: common.h ++sfdisk: sfdisk.o disksize.o i386_sys_types.o partname.o + + install: all + $(INSTALLDIR) $(SBINDIR) +--- util-linux-2.12q/fdisk/fdisk.c ++++ util-linux-2.12q/fdisk/fdisk.c +@@ -26,6 +26,7 @@ + #include "fdisksunlabel.h" + #include "fdisksgilabel.h" + #include "fdiskaixlabel.h" ++#include "fdiskmaclabel.h" + + #include "../defines.h" + #ifdef HAVE_blkpg_h +@@ -165,11 +166,12 @@ + + unsigned long long total_number_of_sectors; + +-#define dos_label (!sun_label && !sgi_label && !aix_label && !osf_label) ++#define dos_label (!sun_label && !sgi_label && !aix_label && !mac_label && !osf_label) + int sun_label = 0; /* looking at sun disklabel */ + int sgi_label = 0; /* looking at sgi disklabel */ + int aix_label = 0; /* looking at aix disklabel */ + int osf_label = 0; /* looking at OSF/1 disklabel */ ++int mac_label = 0; /* looking at mac disklabel */ + int possibly_osf_label = 0; + + jmp_buf listingbuf; +@@ -363,6 +365,10 @@ + puts(_(" v verify the partition table")); + puts(_(" w write table to disk and exit")); + } ++ else if (mac_label) { ++ puts(_("no Commands available")); ++ ++ } + else if (aix_label) { + puts(_("Command action")); + puts(_(" m print this menu")); +@@ -443,6 +449,9 @@ + puts(_(" v verify the partition table")); + puts(_(" w write table to disk and exit")); + } ++ else if (mac_label) { ++ puts(_("no Commands available")); ++ } + else { + puts(_("Command action")); + puts(_(" b move beginning of data in a partition")); /* !sun */ +@@ -943,6 +952,9 @@ + if (check_aix_label()) + return 0; + ++ if (check_mac_label()) ++ return 0; ++ + if (check_osf_label()) { + possibly_osf_label = 1; + if (!valid_part_table_flag(MBRbuffer)) { +@@ -2074,6 +2086,15 @@ + "This will destroy the present disk contents.\n")); + return; + } ++ ++ if (mac_label) { ++ printf(_("\tSorry - this fdisk cannot handle Mac disk labels." ++ "\n\tIf you want to add DOS-type partitions, create" ++ "\n\ta new empty DOS partition table first. (Use o.)" ++ "\n\tWARNING: " ++ "This will destroy the present disk contents.\n")); ++ return; ++ } + + for (i = 0; i < 4; i++) + free_primary += !ptes[i].part_table->sys_ind; +@@ -2404,7 +2425,11 @@ + if (gb > 0) { /* I/O error */ + } else if (gb < 0) { /* no DOS signature */ + list_disk_geometry(); +- if (!aix_label && btrydev(device) < 0) ++ if (aix_label) ++ return; ++ if (mac_label) ++ return; ++ if (btrydev(device) < 0) + fprintf(stderr, + _("Disk %s doesn't contain a valid " + "partition table\n"), device); diff --git a/util-linux-2.11u-nfs-mount_acl.diff b/util-linux-2.11u-nfs-mount_acl.diff new file mode 100644 index 0000000..8977f08 --- /dev/null +++ b/util-linux-2.11u-nfs-mount_acl.diff @@ -0,0 +1,85 @@ +Adds the [no]acl NFS mount option that was added to the kernel. This +change has been discussed and accepted by Trond Myklebust + and Olaf Kirch . + + -- Andreas Gruenbacher + +================================================================================ +--- util-linux-2.12q/mount/mount.8 ++++ util-linux-2.12q/mount/mount.8 +@@ -1335,7 +1335,8 @@ + .BR ac , + .BR tcp , + .BR udp , +-.BR lock . ++.BR lock , ++.BR acl . + For details, see + .BR nfs (5). + +--- util-linux-2.12q/mount/nfs.5 ++++ util-linux-2.12q/mount/nfs.5 +@@ -204,6 +204,15 @@ + .I udp + Mount the NFS filesystem using the UDP protocol. This + is the default. ++.TP 1.5i ++.I noacl ++Assume no extended access control mechanisms like POSIX ACLs are used ++on the NFS filesystem, and depend on the file mode permission bits ++instead of using the ACCESS remote procedure call. The default is to ++use the ACCESS remote procedure call for making access decisions in ++NFS version 3. (On NFS version 2 filesystems this option has no effect.) ++This option also deactivates the GETACL and SETACL remote procedure calls ++which are otherwise used to manipulate ACLs. + .P + All of the non-value options have corresponding nooption forms. + For example, nointr means don't allow file operations to be +--- util-linux-2.12q/mount/nfs_mount4.h ++++ util-linux-2.12q/mount/nfs_mount4.h +@@ -51,4 +51,4 @@ + #define NFS_MOUNT_KERBEROS 0x0100 /* 3 */ + #define NFS_MOUNT_NONLM 0x0200 /* 3 */ + #define NFS_MOUNT_BROKEN_SUID 0x0400 /* 4 */ +- ++#define NFS_MOUNT_NOACL 0x0800 /* 4 */ +--- util-linux-2.12q/mount/nfsmount.c ++++ util-linux-2.12q/mount/nfsmount.c +@@ -216,7 +216,7 @@ + struct stat statbuf; + char *s; + int port, mountport, proto, bg, soft, intr; +- int posix, nocto, noac, nolock, broken_suid; ++ int posix, nocto, noac, nolock, broken_suid, noacl; + int retry, tcp; + int mountprog, mountvers, nfsprog, nfsvers; + int retval; +@@ -316,6 +316,7 @@ + nocto = 0; + nolock = 0; + broken_suid = 0; ++ noacl = 0; + noac = 0; + retry = 10000; /* 10000 minutes ~ 1 week */ + tcp = 0; +@@ -427,6 +428,8 @@ + printf(_("Warning: option nolock is not supported.\n")); + } else if (!strcmp(opt, "broken_suid")) { + broken_suid = val; ++ } else if (!strcmp(opt, "acl")) { ++ noacl = !val; + } else { + if (!sloppy) { + printf(_("unknown nfs mount option: " +@@ -452,8 +455,10 @@ + data.flags |= (nolock ? NFS_MOUNT_NONLM : 0); + #endif + #if NFS_MOUNT_VERSION >= 4 +- if (nfs_mount_version >= 4) ++ if (nfs_mount_version >= 4) { + data.flags |= (broken_suid ? NFS_MOUNT_BROKEN_SUID : 0); ++ data.flags |= (noacl ? NFS_MOUNT_NOACL : 0); ++ } + #endif + if (nfsvers > MAX_NFSPROT) { + fprintf(stderr, "NFSv%d not supported!\n", nfsvers); diff --git a/util-linux-2.11z-hwclock_geteuid.diff b/util-linux-2.11z-hwclock_geteuid.diff new file mode 100644 index 0000000..aa0ed74 --- /dev/null +++ b/util-linux-2.11z-hwclock_geteuid.diff @@ -0,0 +1,11 @@ +--- hwclock/hwclock.c ++++ hwclock/hwclock.c +@@ -1446,7 +1446,7 @@ + show = 1; /* default to show */ + + +- if (getuid() == 0) ++ if (geteuid() == 0) + permitted = TRUE; + else { + /* program is designed to run setuid (in some situations) */ diff --git a/util-linux-2.12-enablereplaybuild.diff b/util-linux-2.12-enablereplaybuild.diff new file mode 100644 index 0000000..f824893 --- /dev/null +++ b/util-linux-2.12-enablereplaybuild.diff @@ -0,0 +1,20 @@ +--- misc-utils/Makefile ++++ misc-utils/Makefile +@@ -12,7 +12,7 @@ + # Where to put man pages? + + MAN1= cal.1 chkdupexe.1 ddate.1 logger.1 look.1 mcookie.1 \ +- namei.1 rename.1 script.1 whereis.1 hostid.1 ++ namei.1 rename.1 script.1 whereis.1 hostid.1 scriptreplay.1 + + # Where to put binaries? + # See the "install" rule for the links. . . +@@ -20,7 +20,7 @@ + BIN= + + USRBIN= cal chkdupexe ddate hostid logger look mcookie \ +- namei rename script whereis ++ namei rename script scriptreplay whereis + + MAYBE= reset setterm + diff --git a/util-linux-2.12-hostid.diff b/util-linux-2.12-hostid.diff new file mode 100644 index 0000000..0a9423c --- /dev/null +++ b/util-linux-2.12-hostid.diff @@ -0,0 +1,137 @@ +--- util-linux-2.12q/misc-utils/hostid.1 ++++ util-linux-2.12q/misc-utils/hostid.1 +@@ -0,0 +1,24 @@ ++.TH hostid 1 ++.SH NAME ++hostid \- set or print system's host id. ++.SH SYNTAX ++.B hostid ++[\-v] [\|\fIdecimal-id\fR\|] ++.SH DESCRIPTION ++.\".NXR "hostid command" ++The ++.B hostid ++command prints the current host id number in hexadecimal and both ++decimal and hexadecimal in parenthesis if the \-v option is given. ++This numeric value is expected to be unique across all hosts ++and is normally set to resemble the host's Internet address. ++ ++Only the super-user can set the hostid by giving an argument. This value is ++stored in the file /etc/hostid and need only be performed once. ++ ++.SH AUTHOR ++Hostid is written by Mitch DSouza \- (m.dsouza@mrc-apu.cam.ac.uk) ++ ++.SH SEE ALSO ++gethostid(2), sethostid(2) ++ +--- util-linux-2.12q/misc-utils/hostid.c ++++ util-linux-2.12q/misc-utils/hostid.c +@@ -0,0 +1,88 @@ ++/* Program hostid. Changed on 7.10.1997 ++ New: - Hostid 0 is not permitted. ++ - Set hostid dezimal or hexadezimal, both possible. ++ - Maximum Value for id is tested ++ - Wrong Parameters are caught ++ Nov 13 2003 - cleanup, mmj@suse.de ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++ ++void usage(void); ++ ++void usage() ++{ ++ printf ("usage : hostid [-h] [-v] []\n\n" ++ "no options: print hostid as hexadecimal number\n" ++ "-h print this helptext\n" ++ "-v print hostid decimal and hexadecimal\n" ++ " set the hostid to \n\n" ++ "The id String can be specified as\n" ++ " - decimal number\n" ++ " - hexadecimal number preceded by 0x\n" ++ " - octal number preceded by 0 \n\n" ++ "Remarks:\n" ++ " - only root can set the hostid\n" ++ " - it's not possible to set the hostid to 0\n\n"); ++} ++ ++int main (int argc, char *argv[]) ++{ ++ long id; ++ int verbose = 0; ++ ++ if (argc > 2) { ++ printf ("wrong arguments\n"); ++ usage(); ++ exit(1); ++ } ++ ++ if (argc == 2 && strcmp(argv[1], "-h") == 0) { ++ usage(); ++ exit(0); ++ } ++ ++ if (argc == 2 && strcmp(argv[1], "-v") == 0) { ++ verbose = 1; ++ argc--; ++ argv++; ++ } ++ ++ switch (argc) { ++ case 2: ++ id = strtol(argv[1], NULL, 0); ++ if (errno == ERANGE) { ++ printf ("Overflow: given string was out of range\n"); ++ exit(1); ++ } ++ ++ if (id == 0) { ++ printf ("value not possible: Abort\n"); ++ usage(); ++ exit(1); ++ } ++ if (sethostid(id) != 0) { ++ perror("sethostid"); ++ exit(1); ++ } ++ break; ++ ++ case 1: ++ id = gethostid(); ++ if(id && verbose) { ++ printf("Hostid is %ld (0x%lx)\n", id, id); ++ } else if(id) { ++ printf("0x%lx\n", id); ++ } else { ++ printf ("Error while trying: gethostid\n"); ++ exit(1); ++ } ++ break; ++ } ++ ++ return 0; ++} +--- util-linux-2.12q/misc-utils/Makefile ++++ util-linux-2.12q/misc-utils/Makefile +@@ -12,14 +12,14 @@ + # Where to put man pages? + + MAN1= cal.1 chkdupexe.1 ddate.1 logger.1 look.1 mcookie.1 \ +- namei.1 rename.1 script.1 whereis.1 ++ namei.1 rename.1 script.1 whereis.1 hostid.1 + + # Where to put binaries? + # See the "install" rule for the links. . . + + BIN= + +-USRBIN= cal chkdupexe ddate logger look mcookie \ ++USRBIN= cal chkdupexe ddate hostid logger look mcookie \ + namei rename script whereis + + MAYBE= reset setterm diff --git a/util-linux-2.12-mount_guessfstype.diff b/util-linux-2.12-mount_guessfstype.diff new file mode 100644 index 0000000..2dbf0d7 --- /dev/null +++ b/util-linux-2.12-mount_guessfstype.diff @@ -0,0 +1,183 @@ +--- util-linux-2.12q/configure ++++ util-linux-2.12q/configure +@@ -190,6 +190,7 @@ + + # + # H9. For raw.c: do we have ? ++# H10. For guessfstype of CD-Extra, do we have ? + # + if ./testincl "linux/raw.h"; then + echo "HAVE_RAW_H=yes" >> make_include +@@ -552,6 +553,12 @@ + echo "HAVE_XGETTEXT=no" >> make_include + fi + ++# ++# H10. For guessfstype of CD-Extra, do we have ++# ++if ./testincl "linux/cdrom.h"; then ++ echo "#define HAVE_cdrom_h" >> defines.h ++fi + + # + # 8. For err.c: do we have __progname? +--- util-linux-2.12q/mount/mount_guess_fstype.c ++++ util-linux-2.12q/mount/mount_guess_fstype.c +@@ -26,6 +26,9 @@ + * 2001-10-26 Tim Launchbury + * added sysv magic. + * ++ * 2003-11-21 Mads Martin Joergensen ++ * added guessfstype support for CD-Extra ++ * + * aeb - many changes. + * + */ +@@ -37,11 +40,16 @@ + #include + #include + #include ++#include + #include "linux_fs.h" + #include "mount_blkid.h" + #include "mount_guess_fstype.h" + #include "sundries.h" /* for xstrdup */ + #include "nls.h" ++#include "../defines.h" ++#ifdef HAVE_cdrom_h ++#include ++#endif + + #define ETC_FILESYSTEMS "/etc/filesystems" + #define PROC_FILESYSTEMS "/proc/filesystems" +@@ -249,7 +257,51 @@ + return 0; + + /* do seeks and reads in disk order, otherwise a very short +- partition may cause a failure because of read error */ ++ partition may cause a failure because of read error ++ Rearranged a tiny bit to check ext2/3 before vfat. We still ++ have to make sure it's not iso9660 first, or otherwise we ++ might bail out wrongly due to an io-error */ ++ ++ if (!type) { ++ /* block 0 */ ++ if (lseek(fd, 0, SEEK_SET) != 0 ++ || read(fd, (char *) &xsb, sizeof(xsb)) != sizeof(xsb)) ++ goto try_iso9660; ++ } ++ ++ if (!type) { ++ /* block 1 */ ++ if (lseek(fd, 1024, SEEK_SET) != 1024 || ++ read(fd, (char *) &sb, sizeof(sb)) != sizeof(sb)) ++ goto io_error; ++ ++ /* ext2 has magic in little-endian on disk, so "swapped" is ++ superfluous; however, there have existed strange byteswapped ++ PPC ext2 systems */ ++ if (ext2magic(sb.e2s) == EXT2_SUPER_MAGIC || ++ ext2magic(sb.e2s) == EXT2_PRE_02B_MAGIC || ++ ext2magic(sb.e2s) == swapped(EXT2_SUPER_MAGIC)) { ++ type = "ext2"; ++ ++ /* maybe even ext3? */ ++ if ((assemble4le(sb.e2s.s_feature_compat) ++ & EXT3_FEATURE_COMPAT_HAS_JOURNAL) && ++ assemble4le(sb.e2s.s_journal_inum) != 0) ++ type = "ext3"; /* "ext3,ext2" */ ++ } ++ ++ else if (minixmagic(sb.ms) == MINIX_SUPER_MAGIC || ++ minixmagic(sb.ms) == MINIX_SUPER_MAGIC2 || ++ minixmagic(sb.ms) == MINIX2_SUPER_MAGIC || ++ minixmagic(sb.ms) == MINIX2_SUPER_MAGIC2) ++ type = "minix"; ++ ++ else if (extmagic(sb.es) == EXT_SUPER_MAGIC) ++ type = "ext"; ++ ++ else if (vxfsmagic(sb.vs) == VXFS_SUPER_MAGIC) ++ type = "vxfs"; ++ } + + if (!type) { + /* block 0 */ +@@ -307,40 +359,6 @@ + type = "sysv"; + } + +- if (!type) { +- /* block 1 */ +- if (lseek(fd, 1024, SEEK_SET) != 1024 || +- read(fd, (char *) &sb, sizeof(sb)) != sizeof(sb)) +- goto io_error; +- +- /* ext2 has magic in little-endian on disk, so "swapped" is +- superfluous; however, there have existed strange byteswapped +- PPC ext2 systems */ +- if (ext2magic(sb.e2s) == EXT2_SUPER_MAGIC || +- ext2magic(sb.e2s) == EXT2_PRE_02B_MAGIC || +- ext2magic(sb.e2s) == swapped(EXT2_SUPER_MAGIC)) { +- type = "ext2"; +- +- /* maybe even ext3? */ +- if ((assemble4le(sb.e2s.s_feature_compat) +- & EXT3_FEATURE_COMPAT_HAS_JOURNAL) && +- assemble4le(sb.e2s.s_journal_inum) != 0) +- type = "ext3"; /* "ext3,ext2" */ +- } +- +- else if (minixmagic(sb.ms) == MINIX_SUPER_MAGIC || +- minixmagic(sb.ms) == MINIX_SUPER_MAGIC2 || +- minixmagic(sb.ms) == swapped(MINIX_SUPER_MAGIC2) || +- minixmagic(sb.ms) == MINIX2_SUPER_MAGIC || +- minixmagic(sb.ms) == MINIX2_SUPER_MAGIC2) +- type = "minix"; +- +- else if (extmagic(sb.es) == EXT_SUPER_MAGIC) +- type = "ext"; +- +- else if (vxfsmagic(sb.vs) == VXFS_SUPER_MAGIC) +- type = "vxfs"; +- } + + if (!type) { + /* block 1 */ +@@ -416,8 +434,34 @@ + /* block 32 */ + try_iso9660: + if (lseek(fd, 0x8000, SEEK_SET) != 0x8000 +- || read(fd, (char *) &isosb, sizeof(isosb)) != sizeof(isosb)) +- goto io_error; ++ || read(fd, (char *) &isosb, sizeof(isosb)) != sizeof(isosb)) { ++#ifdef HAVE_cdrom_h ++ /* Try and see if we have an iso9660 data track later on */ ++ char toc_header[2]; ++ struct cdrom_tocentry *toc[CDROM_LEADOUT + 1]; ++ int i, offset; ++ ++ if (ioctl(fd, CDROMREADTOCHDR, &toc_header)) ++ goto io_error; ++ for (i = toc_header[0]; i <= toc_header[1]; i++) { ++ toc[i] = malloc(sizeof(struct cdrom_tocentry)); ++ memset(toc[i],0,sizeof(struct cdrom_tocentry)); ++ toc[i]->cdte_track = i; ++ toc[i]->cdte_format = CDROM_LBA; ++ if(ioctl(fd,CDROMREADTOCENTRY,toc[i])) ++ goto io_error; ++ if((toc[i]->cdte_ctrl & CDROM_DATA_TRACK)) { ++ offset = 2048 * (toc[i]->cdte_addr.lba + 16); ++ if(lseek(fd, offset, SEEK_SET) != offset) ++ goto io_error; ++ if(read(fd,(char *) &isosb,sizeof(isosb))==-1) ++ goto io_error; ++ } ++ } ++#else ++ goto io_error; ++#endif ++ } + + if (strncmp(isosb.hs.id, HS_STANDARD_ID, sizeof(isosb.hs.id)) == 0) { + /* "CDROM" */ diff --git a/util-linux-2.12-mountfallback.patch b/util-linux-2.12-mountfallback.patch new file mode 100644 index 0000000..5ffd6c7 --- /dev/null +++ b/util-linux-2.12-mountfallback.patch @@ -0,0 +1,34 @@ +--- util-linux-2.12q/mount/nfsmount.c ++++ util-linux-2.12q/mount/nfsmount.c +@@ -169,8 +169,20 @@ + } + if (!p.pm_vers) + p.pm_vers = MOUNTVERS; +- if (!p.pm_prot) ++ if (!p.pm_prot) { + p.pm_prot = IPPROTO_TCP; ++ if (!p.pm_port) { ++ p.pm_port = pmap_getport(server_addr, ++ p.pm_prog, p.pm_vers, p.pm_prot); ++ } ++ /* Fall back to UDP if there's no TCP registration for mount */ ++ if (!p.pm_port) { ++ fprintf(stderr, "mount server reported tcp not available, falling back to udp\n"); ++ p.pm_prot = IPPROTO_UDP; ++ p.pm_port = pmap_getport(server_addr, ++ p.pm_prog, p.pm_vers, p.pm_prot); ++ } ++ } + #if 0 + if (!p.pm_port) { + p.pm_port = pmap_getport(server_addr, p.pm_prog, p.pm_vers, +@@ -584,7 +596,8 @@ + pm_mnt = get_mountport(&mount_server_addr, + mountprog, + mountvers, +- proto, ++ 0, /* TCP or UDP: pick ++ whatever is available */ + mountport, + nfs_mount_version); + diff --git a/util-linux-2.12-multipleraw.diff b/util-linux-2.12-multipleraw.diff new file mode 100644 index 0000000..9e38775 --- /dev/null +++ b/util-linux-2.12-multipleraw.diff @@ -0,0 +1,65 @@ +--- disk-utils/raw.c ++++ disk-utils/raw.c +@@ -100,7 +100,7 @@ + } + + /* +- * It's a bind or a single query. Either way we need a raw device. ++ * It's a bind or a single query. + */ + + if (optind >= argc) +@@ -108,27 +108,38 @@ + raw_name = argv[optind++]; + + err = stat(raw_name, &statbuf); +- if (err) { ++ if (err && do_query) { + fprintf (stderr, "Cannot locate raw device '%s' (%s)\n", + raw_name, strerror(errno)); + exit(2); + } + +- if (!S_ISCHR(statbuf.st_mode)) { +- fprintf (stderr, "raw device '%s' is not a character dev\n", +- raw_name); +- exit(2); +- } +- if (major(statbuf.st_rdev) != RAW_MAJOR) { +- fprintf (stderr, "Device '%s' is not a raw dev\n", +- raw_name); +- exit(2); +- } +- +- raw_minor = minor(statbuf.st_rdev); ++ if (!err) { ++ if (!S_ISCHR(statbuf.st_mode)) { ++ fprintf (stderr, "raw device '%s' is not a character dev\n", ++ raw_name); ++ exit(2); ++ } ++ if (major(statbuf.st_rdev) != RAW_MAJOR) { ++ fprintf (stderr, "Device '%s' is not a raw dev\n", ++ raw_name); ++ exit(2); ++ } + +- if (do_query) +- return query(raw_minor, 0); ++ raw_minor = minor(statbuf.st_rdev); ++ if (do_query) ++ return query(raw_minor, 0); ++ } else { ++ char *p; ++ p = strrchr(raw_name, '/'); ++ if (p) { ++ p = strpbrk(p, "0123456789"); ++ if (p) ++ raw_minor = atoi(p); ++ } ++ if (!p) ++ raw_minor = -1; ++ } + + /* + * It's not a query, so we still have some parsing to do. Have diff --git a/util-linux-2.12-nfs-tcp.diff b/util-linux-2.12-nfs-tcp.diff new file mode 100644 index 0000000..06ff169 --- /dev/null +++ b/util-linux-2.12-nfs-tcp.diff @@ -0,0 +1,61 @@ +--- util-linux-2.12q/mount/nfs.5 ++++ util-linux-2.12q/mount/nfs.5 +@@ -199,11 +199,11 @@ + .TP 1.5i + .I tcp + Mount the NFS filesystem using the TCP protocol instead of the +-default UDP protocol. Many NFS servers only support UDP. ++UDP protocol. This is the default, but in case it fails (many NFS servers only ++support UDP) it will fallback and try UDP. + .TP 1.5i + .I udp +-Mount the NFS filesystem using the UDP protocol. This +-is the default. ++Mount the NFS filesystem using the UDP protocol. + .TP 1.5i + .I noacl + Assume no extended access control mechanisms like POSIX ACLs are used +@@ -227,8 +227,5 @@ + The posix, and nocto options are parsed by mount + but currently are silently ignored. + .P +-The tcp and namlen options are implemented but are not currently +-supported by the Linux kernel. +-.P + The umount command should notify the server + when an NFS filesystem is unmounted. +--- util-linux-2.12q/mount/nfsmount.c ++++ util-linux-2.12q/mount/nfsmount.c +@@ -319,7 +319,7 @@ + noacl = 0; + noac = 0; + retry = 10000; /* 10000 minutes ~ 1 week */ +- tcp = 0; ++ tcp = 2; + + mountprog = MOUNTPROG; + mountvers = 0; +@@ -439,6 +439,8 @@ + } + } + } ++ ++retry_udp: + proto = (tcp) ? IPPROTO_TCP : IPPROTO_UDP; + + data.flags = (soft ? NFS_MOUNT_SOFT : 0) +@@ -742,7 +744,13 @@ + * '0' for port (service unavailable), we then exit, + * notifying the user, rather than hanging up mount. + */ +- if (port == 0 && tcp == 1) { ++ if (port == 0 && tcp) { ++ if (tcp == 2) { ++ fprintf(stderr, "nfs server reported tcp not available, falling back to udp\n"); ++ close(fsock); ++ tcp = 0; ++ goto retry_udp; ++ } + perror(_("nfs server reported service unavailable")); + goto fail; + } diff --git a/util-linux-2.12-suse-compatibility.diff b/util-linux-2.12-suse-compatibility.diff new file mode 100644 index 0000000..0da6c54 --- /dev/null +++ b/util-linux-2.12-suse-compatibility.diff @@ -0,0 +1,149 @@ +--- util-linux-2.12q/mount/lomount.c ++++ util-linux-2.12q/mount/lomount.c +@@ -52,6 +52,24 @@ + extern void show_all_loops(void); + extern int read_options_from_fstab(char *, char **); + ++int passphrase_timeout=0; ++struct sigaction alrmact; ++ ++static void ++alrmhandler() { ++ /* let the SIGINT handler do the work: */ ++ kill(getpid(),SIGINT); ++ usleep(1000000); ++ kill(getpid(),SIGTERM); ++ usleep(1000000); ++ /* stubborn... */ ++ exit(0); ++} ++ ++ ++ ++ ++ + #if !defined(LOOP_PASSWORD_MIN_LENGTH) + # define LOOP_PASSWORD_MIN_LENGTH 20 + #endif +@@ -460,6 +478,15 @@ + int i, ask2; + + if(!passFDnumber) { ++ ++ if(passphrase_timeout) { ++ alrmact.sa_handler = &alrmhandler; ++ memset(&alrmact.sa_mask, 0, sizeof(alrmact.sa_mask)); ++ alrmact.sa_flags = 0; ++ sigaction(SIGALRM, &alrmact, NULL); ++ alarm(passphrase_timeout); ++ } ++ + p = getpass(_("Password: ")); + ask2 = passAskTwice ? 1 : 0; + } else { +@@ -493,6 +520,15 @@ + s = malloc(i + 1); + if(!s) goto nomem; + strcpy(s, p); ++ ++ if(passphrase_timeout) { ++ alrmact.sa_handler = &alrmhandler; ++ memset(&alrmact.sa_mask, 0, sizeof(alrmact.sa_mask)); ++ alrmact.sa_flags = 0; ++ sigaction(SIGALRM, &alrmact, NULL); ++ alarm(passphrase_timeout); ++ } ++ + p = getpass(_("Retype password: ")); + if(!p) goto nomem; + if(strcmp(s, p)) goto compareErr; +@@ -524,6 +560,15 @@ + strcpy(s, p); + memset(p, 0, i); + if(ask2) { ++ ++ if(passphrase_timeout) { ++ alrmact.sa_handler = &alrmhandler; ++ memset(&alrmact.sa_mask, 0, sizeof(alrmact.sa_mask)); ++ alrmact.sa_flags = 0; ++ sigaction(SIGALRM, &alrmact, NULL); ++ alarm(passphrase_timeout); ++ } ++ + p = getpass(_("Retype password: ")); + if(!p) goto nomem; + if(strcmp(s, p)) { +@@ -738,7 +783,7 @@ + struct loop_info64 loopinfo; + int fd, ffd, mode, i; + char *pass, *apiName = NULL; +- void (*hashFunc)(unsigned char *, int, unsigned char *, int); ++ void (*hashFunc)(unsigned char *, int, unsigned char *, int) = NULL; + unsigned char multiKeyBits[65][32]; + int minPassLen = LOOP_PASSWORD_MIN_LENGTH; + int run_mkfs_command = 0; +@@ -762,8 +807,23 @@ + + memset (&loopinfo, 0, sizeof (loopinfo)); + xstrncpy (loopinfo.lo_file_name, file, LO_NAME_SIZE); +- if (loopEncryptionType) ++ if (loopEncryptionType) { ++ if (strcasecmp(loopEncryptionType,"twofish")==0 ++ && !passHashFuncName) { ++ loopinfo.lo_encrypt_type = 3; /*LO_CRYPT_FISH*/ ++ loopinfo.lo_encrypt_key_size = 20; ++ passHashFuncName = strdup("rmd160"); ++ fprintf(stderr,"Switching to old S.u.S.E. loop_fish2 compatibility mode.\n"); ++ } else if (strcasecmp(loopEncryptionType,"twofishSL92")==0 ++ && !passHashFuncName) { ++ loopinfo.lo_encrypt_type = 3; /*LO_CRYPT_FISH*/ ++ loopinfo.lo_encrypt_key_size = 32; ++ passHashFuncName = strdup("sha512"); ++ fprintf(stderr,"Switching to SuSE 9.2 loop_fish2 compatibility mode.\n"); ++ } else { + loopinfo.lo_encrypt_type = loop_crypt_type (loopEncryptionType, &loopinfo.lo_encrypt_key_size, &apiName); ++ } ++ } + if (loopOffsetBytes) + loopinfo.lo_offset = mystrtoull(loopOffsetBytes, 1); + if (loopSizeBytes) +@@ -995,7 +1055,7 @@ + %s loop_device # give info\n\ + %s -a # give info of all loops\n\ + %s -d loop_device # delete\n\ +-options: -o offset -s sizelimit -p passwdfd -S pseed -H phash\n\ ++options: -o offset -s sizelimit -p passwdfd -S pseed -H phash -t timeout\n\ + -I loinit -T -K gpgkey -G gpghome -C itercountk -v -r\n"), + progname, progname, progname, progname, progname); + exit(1); +@@ -1139,7 +1199,7 @@ + + delete = 0; + progname = argv[0]; +- while ((c = getopt(argc,argv,"aC:de:FG:H:I:K:o:p:rs:S:Tv")) != -1) { ++ while ((c = getopt(argc,argv,"aC:de:FG:H:I:K:o:p:rs:S:t:Tv")) != -1) { + switch (c) { + case 'a': /* show status of all loops */ + option_a = 1; +@@ -1183,6 +1243,9 @@ + case 'S': /* optional seed for passphrase */ + passSeedString = optarg; + break; ++ case 't': ++ passphrase_timeout = atoi(optarg); ++ break; + case 'T': /* ask passphrase _twice_ */ + passAskTwice = "T"; + break; +--- util-linux-2.12q/mount/losetup.8 ++++ util-linux-2.12q/mount/losetup.8 +@@ -128,6 +128,9 @@ + password before hashing. Using different seeds for different partitions + makes dictionary attacks slower but does not prevent them if user supplied + password is guessable. Seed is not used in multi-key mode. ++.IP "\fB\-t \fItimeout\fP" ++make the password prompt time out after \fItimeout\fP seconds have ++passed by. + .IP "\fB\-T\fP" + Asks password twice. + .IP "\fB\-v\fP" diff --git a/util-linux-2.12a-mountbylabel-dm.patch b/util-linux-2.12a-mountbylabel-dm.patch new file mode 100644 index 0000000..2969097 --- /dev/null +++ b/util-linux-2.12a-mountbylabel-dm.patch @@ -0,0 +1,63 @@ +--- util-linux-2.12a/mount/mount_by_label.c.old 2004-08-11 22:25:06.000000000 +0100 ++++ util-linux-2.12a/mount/mount_by_label.c 2004-08-11 22:25:21.000000000 +0100 +@@ -17,6 +17,8 @@ + * - Added JFS v2 format support + * 2002-07-26 Luciano Chavez + * - Added EVMS support ++ * 2004-08-11 Alasdair Kergon ++ * - Added LVM2/device-mapper support + */ + + #include +@@ -38,6 +40,7 @@ + #define VG_DIR "/proc/lvm/VGs" + #define EVMS_VOLUME_NAME_SIZE 127 + #define PROC_EVMS_VOLUMES "/proc/evms/volumes" ++#define DEVICEMAPPERDIR "/dev/mapper" + + static struct uuidCache_s { + struct uuidCache_s *next; +@@ -101,6 +104,34 @@ + closedir(vg_dir); + } + ++/* LVM2/device-mapper support */ ++static void ++uuidcache_init_dm(void) { ++ char lvm_device[PATH_MAX]; ++ DIR *d; ++ struct dirent *lv_iter; ++ char uuid[16], *label; ++ ++ if (!(d = opendir(DEVICEMAPPERDIR))) { ++ if (errno != ENOENT) ++ perror("mount (init_dm)"); ++ return; ++ } ++ ++ while ((lv_iter = readdir(d))) { ++ if (!strcmp(lv_iter->d_name, "control") || ++ !strcmp(lv_iter->d_name, ".") || ++ !strcmp(lv_iter->d_name, "..")) ++ continue; ++ snprintf(lvm_device, sizeof(lvm_device), "%s/%s", ++ DEVICEMAPPERDIR, lv_iter->d_name); ++ if (!get_label_uuid(strdup(lvm_device), &label, uuid)) ++ uuidcache_addentry(strdup(lvm_device), ++ label, uuid); ++ } ++ closedir(d); ++} ++ + static int + uuidcache_init_evms(void) { + FILE *procvol; +@@ -250,6 +281,8 @@ + fclose(procpt); + + uuidcache_init_lvm(); ++ ++ uuidcache_init_dm(); + } + + #define UUID 1 diff --git a/util-linux-2.12a-mountpointwithcolon.diff b/util-linux-2.12a-mountpointwithcolon.diff new file mode 100644 index 0000000..d3aca72 --- /dev/null +++ b/util-linux-2.12a-mountpointwithcolon.diff @@ -0,0 +1,21 @@ +--- util-linux-2.12q/mount/mount.c ++++ util-linux-2.12q/mount/mount.c +@@ -1178,11 +1178,15 @@ + + if (types == NULL && !mounttype && !is_existing_file(spec)) { + if (strchr (spec, ':') != NULL) { +- types = "nfs"; +- if (verbose) +- printf(_("mount: no type was given - " ++ types = do_guess_fstype(spec); ++ if(types == NULL) { ++ types = "nfs"; ++ if (verbose) { ++ printf(_("mount: no type was given - " + "I'll assume nfs because of " + "the colon\n")); ++ } ++ } + } else if(!strncmp(spec, "//", 2)) { + types = "smbfs"; + if (verbose) diff --git a/util-linux-2.12a-procswapscheck.diff b/util-linux-2.12a-procswapscheck.diff new file mode 100644 index 0000000..208c7fd --- /dev/null +++ b/util-linux-2.12a-procswapscheck.diff @@ -0,0 +1,24 @@ +--- util-linux-2.12q/mount/swapon.c ++++ util-linux-2.12q/mount/swapon.c +@@ -160,10 +160,19 @@ + static int + is_in_proc_swaps(const char *fname) { + int i; ++ struct stat stfname, stswapFile; + +- for (i = 0; i < numSwaps; i++) +- if (swapFiles[i] && !strcmp(fname, swapFiles[i])) ++ stat(fname, &stfname); ++ ++ for (i = 0; i < numSwaps; i++) { ++ if(S_ISBLK(stfname.st_mode)) { ++ stat(swapFiles[i], &stswapFile); ++ if(S_ISBLK(stswapFile.st_mode)) ++ if(stfname.st_rdev == stswapFile.st_rdev) ++ return 1; ++ } else if (swapFiles[i] && !strcmp(fname, swapFiles[i])) + return 1; ++ } + return 0; + } + diff --git a/util-linux-2.12h-mtablock.diff b/util-linux-2.12h-mtablock.diff new file mode 100644 index 0000000..1ae109c --- /dev/null +++ b/util-linux-2.12h-mtablock.diff @@ -0,0 +1,86 @@ +--- util-linux-2.12q/mount/fstab.c ++++ util-linux-2.12q/mount/fstab.c +@@ -395,6 +395,7 @@ + + /* Flag for already existing lock file. */ + static int we_created_lockfile = 0; ++static int lock_file_desc = -1; + + /* Flag to indicate that signals have been set up. */ + static int signals_have_been_setup = 0; +@@ -417,6 +418,8 @@ + unlock_mtab (void) { + if (we_created_lockfile) { + unlink (MOUNTED_LOCK); ++ close(lock_file_desc); ++ lock_file_desc = -1; + we_created_lockfile = 0; + } + } +@@ -443,6 +446,7 @@ + + void + lock_mtab (void) { ++ sigset_t sigmask; + int tries = 3; + char linktargetfile[MOUNTLOCK_LINKTARGET_LTH]; + +@@ -467,6 +471,10 @@ + signals_have_been_setup = 1; + } + ++ /* Allow all signals while trying to lock mtab */ ++ sigemptyset(&sigmask); ++ sigprocmask(SIG_SETMASK, &sigmask, &sigmask); ++ + sprintf(linktargetfile, MOUNTLOCK_LINKTARGET, getpid ()); + + /* Repeat until it was us who made the link */ +@@ -521,12 +529,21 @@ + if (j == 0) { + /* We made the link. Now claim the lock. */ + if (fcntl (fd, F_SETLK, &flock) == -1) { ++ int errsv = errno; ++ if (!tries--) ++ die(EX_FILEIO, ++ _("Can't lock lock file %s: %s\n"), ++ MOUNTED_LOCK, strerror (errsv)); + if (verbose) { +- int errsv = errno; + printf(_("Can't lock lock file %s: %s\n"), + MOUNTED_LOCK, strerror (errsv)); + } +- /* proceed anyway */ ++ /* bummer - someone raced us to the file ++ * lock. Start all over again. */ ++ unlink(MOUNTED_LOCK); ++ } else { ++ we_created_lockfile = 1; ++ lock_file_desc = fd; + } + } else { + static int tries = 0; +@@ -551,8 +568,14 @@ + } + } + +- close(fd); ++ /* If we created the lock file, keep the fd else ++ * our POSIX lock will go away immediately */ ++ if (!we_created_lockfile) ++ close(fd); + } ++ ++ /* Restore original signal mask */ ++ sigprocmask(SIG_SETMASK, &sigmask, NULL); + } + + /* +--- util-linux-2.12q/mount/paths.h ++++ util-linux-2.12q/mount/paths.h +@@ -7,4 +7,4 @@ + #define MOUNTED_LOCK "/etc/mtab~" + #define MOUNTED_TEMP "/etc/mtab.tmp" + #endif +-#define LOCK_TIMEOUT 10 ++#define LOCK_TIMEOUT 30 diff --git a/util-linux-2.12h-short-passwords.diff b/util-linux-2.12h-short-passwords.diff new file mode 100644 index 0000000..ee917b1 --- /dev/null +++ b/util-linux-2.12h-short-passwords.diff @@ -0,0 +1,55 @@ +--- util-linux-2.12q/mount/lomount.c ++++ util-linux-2.12q/mount/lomount.c +@@ -73,6 +73,7 @@ + #if !defined(LOOP_PASSWORD_MIN_LENGTH) + # define LOOP_PASSWORD_MIN_LENGTH 20 + #endif ++#define SUSE_PASSWORD_MIN_LENGTH 8 + + char *passFDnumber = (char *)0; + char *passAskTwice = (char *)0; +@@ -459,7 +460,7 @@ + multiKeyPass[0] = 0; + break; + } +- if(strlen(multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break; ++ if(strlen(multiKeyPass[x]) < SUSE_PASSWORD_MIN_LENGTH) break; + x++; + } + if(x == 65) +@@ -498,7 +499,7 @@ + while(x < 65) { + multiKeyPass[x] = get_FD_pass(i); + if(!multiKeyPass[x]) goto nomem; +- if(strlen(multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break; ++ if(strlen(multiKeyPass[x]) < SUSE_PASSWORD_MIN_LENGTH) break; + x++; + } + if(x == 65) { +@@ -579,7 +580,7 @@ + memset(p, 0, i); + } + if(i < warnLen) { +- fprintf(stderr, _("WARNING - Please use longer password (%d or more characters)\n"), LOOP_PASSWORD_MIN_LENGTH); ++ fprintf(stderr, _("WARNING - Please use longer password (%d or more characters)\n"), SUSE_PASSWORD_MIN_LENGTH); + } + strcat(s, seed); + return(s); +@@ -785,7 +786,7 @@ + char *pass, *apiName = NULL; + void (*hashFunc)(unsigned char *, int, unsigned char *, int) = NULL; + unsigned char multiKeyBits[65][32]; +- int minPassLen = LOOP_PASSWORD_MIN_LENGTH; ++ int minPassLen = SUSE_PASSWORD_MIN_LENGTH; + int run_mkfs_command = 0; + + loopFileName = (char *)file; +@@ -900,7 +901,7 @@ + break; /* out of switch(loopinfo.lo_encrypt_type) */ + } + } +- pass = sGetPass (minPassLen, LOOP_PASSWORD_MIN_LENGTH); ++ pass = sGetPass (minPassLen, SUSE_PASSWORD_MIN_LENGTH); + if(!pass) goto close_fd_ffd_return1; + i = strlen(pass); + if(hashFunc == unhashed1_key_setup) { diff --git a/util-linux-2.12i-x86_64intel.diff b/util-linux-2.12i-x86_64intel.diff new file mode 100644 index 0000000..ac7f2f1 --- /dev/null +++ b/util-linux-2.12i-x86_64intel.diff @@ -0,0 +1,22 @@ +--- util-linux-2.12q/MCONFIG ++++ util-linux-2.12q/MCONFIG +@@ -17,7 +17,7 @@ + # Select for CPU i386 if the binaries must be able to run on an intel 386 + # (by default i486 code is generated, see below) + CPU=$(shell uname -m) +-ARCH=$(shell echo $(CPU) | sed 's/i.86/intel/;s/arm.*/arm/') ++ARCH=$(shell echo $(CPU) | sed 's/i.86/intel/;s/arm.*/arm/;s/x86_64/intel/') + + # If HAVE_PAM is set to "yes", then login, chfn, chsh, and newgrp + # will use PAM for authentication. Additionally, passwd will not be +@@ -137,6 +137,10 @@ + else + CPUTAIL=486 + endif ++ ifeq "$(CPU)" "x86_64" ++ CPUHEAD=-mcpu= ++ CPUTAIL=nocona ++ endif + CPUOPT= $(CPUHEAD)$(CPUTAIL) + OPT= -pipe -O2 $(CPUOPT) -fomit-frame-pointer + else diff --git a/util-linux-2.12q-ionice.diff b/util-linux-2.12q-ionice.diff new file mode 100644 index 0000000..e52f2ce --- /dev/null +++ b/util-linux-2.12q-ionice.diff @@ -0,0 +1,249 @@ +--- util-linux-2.12q/sys-utils/Makefile ++++ util-linux-2.12q/sys-utils/Makefile +@@ -8,7 +8,7 @@ + + # Where to put man pages? + +-MAN1= arch.1 flock.1 readprofile.1 ++MAN1= arch.1 flock.1 readprofile.1 ionice.1 + + MAN8= ctrlaltdel.8 cytune.8 dmesg.8 \ + ipcrm.8 ipcs.8 renice.8 \ +@@ -19,7 +19,7 @@ + + BIN= arch dmesg + +-USRBIN= cytune flock ipcrm ipcs renice setsid ++USRBIN= cytune flock ipcrm ipcs renice setsid ionice + + USRSBIN= readprofile tunelp + +@@ -71,6 +71,7 @@ + ctrlaltdel: ctrlaltdel.o $(LIB)/my_reboot.o + cytune.o: cytune.c cyclades.h + cytune: cytune.o ++ionice: ionice.o + ipcrm: ipcrm.o + ipcs: ipcs.o + rdev: rdev.o +--- util-linux-2.12q/sys-utils/ionice.1 ++++ util-linux-2.12q/sys-utils/ionice.1 +@@ -0,0 +1,71 @@ ++.TH ionice "1" "August 2005" ionice ++.SH NAME ++ionice \- get/set program io scheduling class and priority ++.SH SYNOPSIS ++.B ionice ++[\fI-c\fR] \fI[-n\fR] [\fI-p\fR] [COMMAND [ARG...]] ++ ++.SH DESCRIPTION ++This program sets the io scheduling class and priority for a program. As of ++this writing, Linux supports 3 scheduling classes: ++ ++\fBIdle\fR. ++A program running with idle io priority will only get disk time when no other ++program has asked for disk io for a defined grace period. The impact of idle ++io processes on normal system activity should be zero. This scheduling ++class does not take a priority argument. ++ ++\fBBest effort\fR. ++This is the default scheduling class for any process that hasn't asked for ++a specific io priority. Programs inherit the CPU nice setting for io ++priorities. This class takes a priority argument from \fI0-7\fR, with lower ++number being higher priority. Programs running at the same best effort ++priority are served in a round-robin fashion. ++ ++\fBReal time\fR. ++The RT scheduling class is given first access to the disk, regardless of ++what else is going on in the system. Thus the RT class needs to be used with ++some care, as it can starve other processes. As with the best effort class, ++8 priority levels are defined denoting how big a time slice a given process ++will receive on each scheduling window. ++ ++If no arguments or just \fI-p\fR is given, \fIionice\fR will query the ++current io scheduling class and priority for that process. ++ ++.SH OPTIONS ++.LP ++.TP 7 ++\fB-c\fP ++The scheduling class. 1 for real time, 2 for best-effort, 3 for idle. ++.TP 7 ++\fB-n\fP ++The scheduling class data. This defines the class data, if the class ++accepts an argument. For real time and best-effort, \fI0-7\fR is valid ++data. ++.TP 7 ++\fB-p\fP ++Pass in a process pid to change an already running process. If this argument ++is not given, \fBionice\fP will run the listed program with the given ++parameters. ++ ++.SH EXAMPLES ++.LP ++.TP 7 ++# \fBionice\fP -c3 -p89 ++.TP 7 ++Sets process with PID 89 as an idle io process. ++.TP 7 ++# \fBionice\fP -c2 -n0 bash ++.TP 7 ++Runs 'bash' as a best-effort program with highest priority. ++.TP 7 ++# \fBionice\fP -p89 ++.TP 7 ++Returns the class and priority of the process with PID 89. ++ ++.SH NOTES ++Linux supports io scheduling priorities and classes since 2.6.13 with the CFQ ++io scheduler. ++ ++.SH AUTHORS ++Jens Axboe +--- util-linux-2.12q/sys-utils/ionice.c ++++ util-linux-2.12q/sys-utils/ionice.c +@@ -0,0 +1,144 @@ ++/* ++ * ionice: set or get process io scheduling class and priority ++ * ++ * Copyright (C) 2005 Jens Axboe SUSE Labs ++ * ++ * Released under the terms of the GNU General Public License version 2 ++ * ++ */ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#if defined(__i386__) ++#define __NR_ioprio_set 289 ++#define __NR_ioprio_get 290 ++#elif defined(__powerpc__) || defined(__powerpc64__) ++#define __NR_ioprio_set 273 ++#define __NR_ioprio_get 274 ++#elif defined(__x86_64__) ++#define __NR_ioprio_set 251 ++#define __NR_ioprio_get 252 ++#elif defined(__ia64__) ++#define __NR_ioprio_set 1274 ++#define __NR_ioprio_get 1275 ++#elif defined(__alpha__) ++#define __NR_ioprio_set 442 ++#define __NR_ioprio_get 443 ++#elif defined(__s390__) || defined(__s390x__) ++#define __NR_ioprio_set 282 ++#define __NR_ioprio_get 283 ++#elif defined(__arm__) ++#define __NR_ioprio_set 314 ++#define __NR_ioprio_get 315 ++#else ++#error "Unsupported arch" ++#endif ++ ++static int ioprio_set(int which, int who, int ioprio) ++{ ++ return syscall(__NR_ioprio_set, which, who, ioprio); ++} ++ ++static int ioprio_get(int which, int who) ++{ ++ return syscall(__NR_ioprio_get, which, who); ++} ++ ++enum { ++ IOPRIO_CLASS_NONE, ++ IOPRIO_CLASS_RT, ++ IOPRIO_CLASS_BE, ++ IOPRIO_CLASS_IDLE, ++}; ++ ++enum { ++ IOPRIO_WHO_PROCESS = 1, ++ IOPRIO_WHO_PGRP, ++ IOPRIO_WHO_USER, ++}; ++ ++#define IOPRIO_CLASS_SHIFT 13 ++ ++const char *to_prio[] = { "none", "realtime", "best-effort", "idle", }; ++ ++static void usage(void) ++{ ++ printf("Usage: ionice [OPTIONS] [COMMAND [ARG]...]\n"); ++ printf("Sets or gets process io scheduling class and priority.\n"); ++ printf("\n\t-n\tClass data (typically 0-7, lower being higher prio)\n"); ++ printf("\t-c\tScheduling class\n"); ++ printf("\t\t\t1: realtime, 2: best-effort, 3: idle\n"); ++ printf("\t-p\tProcess pid\n"); ++ printf("\t-h\tThis help page\n"); ++ printf("\nJens Axboe (C) 2005\n"); ++} ++ ++int main(int argc, char *argv[]) ++{ ++ int ioprio = 4, set = 0, ioprio_class = IOPRIO_CLASS_BE; ++ int c, pid = 0; ++ ++ while ((c = getopt(argc, argv, "+n:c:p:h")) != EOF) { ++ switch (c) { ++ case 'n': ++ ioprio = strtol(optarg, NULL, 10); ++ set = 1; ++ break; ++ case 'c': ++ ioprio_class = strtol(optarg, NULL, 10); ++ set = 1; ++ break; ++ case 'p': ++ pid = strtol(optarg, NULL, 10); ++ break; ++ case 'h': ++ default: ++ usage(); ++ exit(0); ++ } ++ } ++ ++ switch (ioprio_class) { ++ case IOPRIO_CLASS_NONE: ++ ioprio_class = IOPRIO_CLASS_BE; ++ break; ++ case IOPRIO_CLASS_RT: ++ case IOPRIO_CLASS_BE: ++ break; ++ case IOPRIO_CLASS_IDLE: ++ ioprio = 7; ++ break; ++ default: ++ printf("bad prio class %d\n", ioprio_class); ++ return 1; ++ } ++ ++ if (!set) { ++ if (!pid && argv[optind]) ++ pid = strtol(argv[optind], NULL, 10); ++ ++ ioprio = ioprio_get(IOPRIO_WHO_PROCESS, pid); ++ ++ if (ioprio == -1) ++ perror("ioprio_get"); ++ else { ++ ioprio_class = ioprio >> IOPRIO_CLASS_SHIFT; ++ ioprio = ioprio & 0xff; ++ printf("%s: prio %d\n", to_prio[ioprio_class], ioprio); ++ } ++ } else { ++ if (ioprio_set(IOPRIO_WHO_PROCESS, pid, ioprio | ioprio_class << IOPRIO_CLASS_SHIFT) == -1) ++ perror("ioprio_set"); ++ ++ if (argv[optind]) ++ execvp(argv[optind], &argv[optind]); ++ } ++ ++ return 0; ++} diff --git a/util-linux-2.12q-mount--move.diff b/util-linux-2.12q-mount--move.diff new file mode 100644 index 0000000..9060495 --- /dev/null +++ b/util-linux-2.12q-mount--move.diff @@ -0,0 +1,29 @@ +--- mount/mount.c ++++ mount/mount.c +@@ -665,6 +665,25 @@ + else { + mntFILE *mfp; + ++ /* when moving a mount point, we have to make sure the mtab ++ * gets updated properly. We get info about the old mount ++ * point, copy it to the new mount point, and then delete ++ * the old mount point. */ ++ if (flags & MS_MOVE) { ++ const char *olddir = mnt.mnt_fsname; ++ struct mntentchn *oldmc = oldmc = getmntfile(olddir); ++ if (oldmc != NULL) { ++ mnt.mnt_fsname = strdup(oldmc->m.mnt_fsname); ++ mnt.mnt_type = oldmc->m.mnt_type; ++ mnt.mnt_opts = oldmc->m.mnt_opts; ++ mnt.mnt_freq = oldmc->m.mnt_freq; ++ mnt.mnt_passno = oldmc->m.mnt_passno; ++ } ++ update_mtab(olddir, NULL); ++ if (oldmc != NULL) ++ my_free(olddir); ++ } ++ + lock_mtab(); + mfp = my_setmntent(MOUNTED, "a+"); + if (mfp == NULL || mfp->mntent_fp == NULL) { + diff --git a/util-linux-2.12q-nfsv4.patch b/util-linux-2.12q-nfsv4.patch new file mode 100644 index 0000000..d33aaaf --- /dev/null +++ b/util-linux-2.12q-nfsv4.patch @@ -0,0 +1,628 @@ +--- util-linux-2.12q/mount/Makefile ++++ util-linux-2.12q/mount/Makefile +@@ -29,7 +29,7 @@ + + MAYBE = pivot_root swapoff + +-NFS_OBJS = nfsmount.o nfsmount_xdr.o nfsmount_clnt.o ++NFS_OBJS = nfsmount.o nfsmount_xdr.o nfsmount_clnt.o nfs4mount.o + GEN_FILES = nfsmount.h nfsmount_xdr.c nfsmount_clnt.c + + all: $(PROGS) +--- util-linux-2.12q/mount/mount.c ++++ util-linux-2.12q/mount/mount.c +@@ -847,8 +847,23 @@ + "without support for the type `nfs'")); + #endif + } ++#ifdef HAVE_NFS ++ /* ++ * NFSv4 support ++ */ ++ if (!fake && types && streq (types, "nfs4")) { ++ mnt_err = nfs4mount(spec, node, &flags, &extra_opts, &mount_opts, bg); ++ if (mnt_err) ++ return mnt_err; ++ goto nosigblock; ++#else ++ die (EX_SOFTWARE, _("mount: this version was compiled " ++ "without support for the type `nfs4'")); ++#endif ++ } + + block_signals (SIG_BLOCK); ++nosigblock: + + if (!fake) { + mnt5_res = guess_fstype_and_mount (spec, node, &types, flags & ~MS_NOSYS, +--- util-linux-2.12q/mount/nfs4mount.c ++++ util-linux-2.12q/mount/nfs4mount.c +@@ -0,0 +1,460 @@ ++/* ++ * nfs4mount.c -- Linux NFS mount ++ * Copyright (C) 2002 Trond Myklebust ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2, or (at your option) ++ * any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * Note: this file based on the original nfsmount.c ++ */ ++ ++#include "../defines.h" /* for HAVE_rpcsvc_nfs_prot_h and HAVE_inet_aton */ ++ ++#include ++#include ++#undef __FD_CLR ++#undef __FD_SET ++#undef __FD_ISSET ++#undef __FD_ZERO ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#ifdef HAVE_rpcsvc_nfs_prot_h ++#include ++#else ++#include ++#define nfsstat nfs_stat ++#endif ++ ++#include "sundries.h" ++ ++#include "mount_constants.h" ++#include "nfs4_mount.h" ++ ++#include "nls.h" ++ ++#ifndef NFS_PORT ++#define NFS_PORT 2049 ++#endif ++ ++extern int clnt_ping(struct sockaddr_in *, const u_long, const u_long, const u_int); ++extern void rpc_strerror(void); ++ ++struct { ++ char *flavour; ++ int fnum; ++} flav_map[] = { ++ { "krb5", RPC_AUTH_GSS_KRB5 }, ++ { "krb5i", RPC_AUTH_GSS_KRB5I }, ++ { "krb5p", RPC_AUTH_GSS_KRB5P }, ++ { "lipkey", RPC_AUTH_GSS_LKEY }, ++ { "lipkey-i", RPC_AUTH_GSS_LKEYI }, ++ { "lipkey-p", RPC_AUTH_GSS_LKEYP }, ++ { "spkm3", RPC_AUTH_GSS_SPKM }, ++ { "spkm3i", RPC_AUTH_GSS_SPKMI }, ++ { "spkm3p", RPC_AUTH_GSS_SPKMP }, ++ { "unix", AUTH_UNIX }, ++ { "sys", AUTH_SYS }, ++ { "null", AUTH_NULL }, ++ { "none", AUTH_NONE }, ++}; ++ ++#define FMAPSIZE (sizeof(flav_map)/sizeof(flav_map[0])) ++#define MAX_USER_FLAVOUR 16 ++ ++static int parse_sec(char *sec, int *pseudoflavour) ++{ ++ int i, num_flavour = 0; ++ ++ for (sec = strtok(sec, ":"); sec; sec = strtok(NULL, ":")) { ++ if (num_flavour >= MAX_USER_FLAVOUR) { ++ fprintf(stderr, ++ _("mount: maximum number of security flavors " ++ "exceeded\n")); ++ return 0; ++ } ++ for (i = 0; i < FMAPSIZE; i++) { ++ if (strcmp(sec, flav_map[i].flavour) == 0) { ++ pseudoflavour[num_flavour++] = flav_map[i].fnum; ++ break; ++ } ++ } ++ if (i == FMAPSIZE) { ++ fprintf(stderr, ++ _("mount: unknown security type %s\n"), sec); ++ return 0; ++ } ++ } ++ if (!num_flavour) ++ fprintf(stderr, ++ _("mount: no security flavors passed to sec= option\n")); ++ return num_flavour; ++} ++ ++static int parse_devname(char *hostdir, char **hostname, char **dirname) ++{ ++ char *s; ++ ++ if (!(s = strchr(hostdir, ':'))) { ++ fprintf(stderr, ++ _("mount: " ++ "directory to mount not in host:dir format\n")); ++ return -1; ++ } ++ *hostname = hostdir; ++ *dirname = s + 1; ++ *s = '\0'; ++ /* Ignore all but first hostname in replicated mounts ++ until they can be fully supported. (mack@sgi.com) */ ++ if ((s = strchr(hostdir, ','))) { ++ *s = '\0'; ++ fprintf(stderr, ++ _("mount: warning: " ++ "multiple hostnames not supported\n")); ++ } ++ return 0; ++} ++ ++static int fill_ipv4_sockaddr(const char *hostname, struct sockaddr_in *addr) ++{ ++ struct hostent *hp; ++ addr->sin_family = AF_INET; ++ ++ if (inet_aton(hostname, &addr->sin_addr)) ++ return 0; ++ if ((hp = gethostbyname(hostname)) == NULL) { ++ fprintf(stderr, _("mount: can't get address for %s\n"), ++ hostname); ++ return -1; ++ } ++ if (hp->h_length > sizeof(struct in_addr)) { ++ fprintf(stderr, ++ _("mount: got bad hp->h_length\n")); ++ hp->h_length = sizeof(struct in_addr); ++ } ++ memcpy(&addr->sin_addr, hp->h_addr, hp->h_length); ++ return 0; ++} ++ ++static int get_my_ipv4addr(char *ip_addr, int len) ++{ ++ char myname[1024]; ++ struct sockaddr_in myaddr; ++ ++ if (gethostname(myname, sizeof(myname))) { ++ fprintf(stderr, _("mount: can't determine client address\n")); ++ return -1; ++ } ++ if (fill_ipv4_sockaddr(myname, &myaddr)) ++ return -1; ++ snprintf(ip_addr, len, "%s", inet_ntoa(myaddr.sin_addr)); ++ ip_addr[len-1] = '\0'; ++ return 0; ++} ++ ++/* Convert RPC errors into strings */ ++void rpc_strerror(void) ++{ ++ int cf_stat = rpc_createerr.cf_stat; ++ int cf_errno = rpc_createerr.cf_error.re_errno; ++ char *ptr, *estr = clnt_sperrno(cf_stat); ++ ++ if (estr) { ++ if ((ptr = index(estr, ':'))) ++ estr = ++ptr; ++ ++ fprintf(stderr, "RPC Error: %d (%s )\n", cf_stat, estr); ++ if (cf_stat == RPC_SYSTEMERROR) ++ fprintf(stderr, "System Error: %d (%s)\n", cf_errno, strerror(cf_errno)); ++ } ++} ++ ++int ++clnt_ping(struct sockaddr_in *saddr, const u_long prog, const u_long vers, ++ const u_int prot) ++{ ++ static const struct timeval TIMEOUT = { 20, 0 }; ++ static const struct timeval RETRY_TIMEOUT = { 3, 0 }; ++ CLIENT *clnt=NULL; ++ int sock, stat; ++ static char clnt_res; ++ ++ rpc_createerr.cf_stat = stat = 0; ++ sock = RPC_ANYSOCK; ++ switch(prot) { ++ case IPPROTO_UDP: ++ clnt = clntudp_bufcreate(saddr, prog, vers, ++ RETRY_TIMEOUT, &sock, ++ RPCSMALLMSGSIZE, RPCSMALLMSGSIZE); ++ break; ++ case IPPROTO_TCP: ++ clnt = clnttcp_create(saddr, prog, vers, &sock, ++ RPCSMALLMSGSIZE, RPCSMALLMSGSIZE); ++ break; ++ default: ++ goto out_bad; ++ } ++ if (!clnt) ++ goto out_bad; ++ memset(&clnt_res, 0, sizeof(clnt_res)); ++ stat = clnt_call(clnt, NULLPROC, ++ (xdrproc_t)xdr_void, (caddr_t)NULL, ++ (xdrproc_t)xdr_void, (caddr_t)&clnt_res, ++ TIMEOUT); ++ clnt_destroy(clnt); ++ close(sock); ++ if (stat != RPC_PROGVERSMISMATCH) ++ return 1; ++ ++ out_bad: ++ return 0; ++} ++ ++ ++int nfs4mount(const char *spec, const char *node, int *flags, ++ char **extra_opts, char **mount_opts, ++ int running_bg) ++{ ++ static struct nfs4_mount_data data; ++ static char hostdir[1024]; ++ static char ip_addr[16] = "127.0.0.1"; ++ static struct sockaddr_in server_addr; ++ static int pseudoflavour[MAX_USER_FLAVOUR]; ++ int num_flavour = 0; ++ ++ char *hostname, *dirname, *old_opts; ++ char new_opts[1024]; ++ char *opt, *opteq; ++ char *s; ++ int val; ++ int bg, soft, intr; ++ int nocto, noac; ++ int retry; ++ int retval; ++ ++ retval = EX_FAIL; ++ if (strlen(spec) >= sizeof(hostdir)) { ++ fprintf(stderr, _("mount: " ++ "excessively long host:dir argument\n")); ++ goto fail; ++ } ++ strcpy(hostdir, spec); ++ if (parse_devname(hostdir, &hostname, &dirname)) ++ goto fail; ++ ++ if (fill_ipv4_sockaddr(hostname, &server_addr)) ++ goto fail; ++ if (get_my_ipv4addr(ip_addr, sizeof(ip_addr))) ++ goto fail; ++ ++ /* add IP address to mtab options for use when unmounting */ ++ s = inet_ntoa(server_addr.sin_addr); ++ old_opts = *extra_opts; ++ if (!old_opts) ++ old_opts = ""; ++ if (strlen(old_opts) + strlen(s) + 10 >= sizeof(new_opts)) { ++ fprintf(stderr, _("mount: " ++ "excessively long option argument\n")); ++ goto fail; ++ } ++ snprintf(new_opts, sizeof(new_opts), "%s%saddr=%s", ++ old_opts, *old_opts ? "," : "", s); ++ *extra_opts = xstrdup(new_opts); ++ ++ /* Set default options. ++ * rsize/wsize and timeo are left 0 in order to ++ * let the kernel decide. ++ */ ++ memset(&data, 0, sizeof(data)); ++ data.retrans = 3; ++ data.acregmin = 3; ++ data.acregmax = 60; ++ data.acdirmin = 30; ++ data.acdirmax = 60; ++ data.proto = IPPROTO_TCP; ++ ++ bg = 0; ++ soft = 0; ++ intr = NFS4_MOUNT_INTR; ++ nocto = 0; ++ noac = 0; ++ retry = 10000; /* 10000 minutes ~ 1 week */ ++ ++ /* ++ * NFSv4 specifies that the default port should be 2049 ++ */ ++ server_addr.sin_port = htons(NFS_PORT); ++ ++ /* parse options */ ++ ++ for (opt = strtok(old_opts, ","); opt; opt = strtok(NULL, ",")) { ++ if ((opteq = strchr(opt, '='))) { ++ val = atoi(opteq + 1); ++ *opteq = '\0'; ++ if (!strcmp(opt, "rsize")) ++ data.rsize = val; ++ else if (!strcmp(opt, "wsize")) ++ data.wsize = val; ++ else if (!strcmp(opt, "timeo")) ++ data.timeo = val; ++ else if (!strcmp(opt, "retrans")) ++ data.retrans = val; ++ else if (!strcmp(opt, "acregmin")) ++ data.acregmin = val; ++ else if (!strcmp(opt, "acregmax")) ++ data.acregmax = val; ++ else if (!strcmp(opt, "acdirmin")) ++ data.acdirmin = val; ++ else if (!strcmp(opt, "acdirmax")) ++ data.acdirmax = val; ++ else if (!strcmp(opt, "actimeo")) { ++ data.acregmin = val; ++ data.acregmax = val; ++ data.acdirmin = val; ++ data.acdirmax = val; ++ } ++ else if (!strcmp(opt, "retry")) ++ retry = val; ++ else if (!strcmp(opt, "port")) ++ server_addr.sin_port = htons(val); ++ else if (!strcmp(opt, "proto")) { ++ if (!strncmp(opteq+1, "tcp", 3)) ++ data.proto = IPPROTO_TCP; ++ else if (!strncmp(opteq+1, "udp", 3)) ++ data.proto = IPPROTO_UDP; ++ else ++ printf(_("Warning: Unrecognized proto= option.\n")); ++ } else if (!strcmp(opt, "clientaddr")) { ++ if (strlen(opteq+1) >= sizeof(ip_addr)) ++ printf(_("Invalid client address %s"), ++ opteq+1); ++ strncpy(ip_addr,opteq+1, sizeof(ip_addr)); ++ ip_addr[sizeof(ip_addr)-1] = '\0'; ++ } else if (!strcmp(opt, "sec")) { ++ num_flavour = parse_sec(opteq+1, pseudoflavour); ++ if (!num_flavour) ++ goto fail; ++ } else if (!strcmp(opt, "addr")) { ++ /* ignore */; ++ } else { ++ printf(_("unknown nfs mount parameter: " ++ "%s=%d\n"), opt, val); ++ goto fail; ++ } ++ } else { ++ val = 1; ++ if (!strncmp(opt, "no", 2)) { ++ val = 0; ++ opt += 2; ++ } ++ if (!strcmp(opt, "bg")) ++ bg = val; ++ else if (!strcmp(opt, "fg")) ++ bg = !val; ++ else if (!strcmp(opt, "soft")) ++ soft = val; ++ else if (!strcmp(opt, "hard")) ++ soft = !val; ++ else if (!strcmp(opt, "intr")) ++ intr = val; ++ else if (!strcmp(opt, "cto")) ++ nocto = !val; ++ else if (!strcmp(opt, "ac")) ++ noac = !val; ++ else { ++ if (!sloppy) { ++ printf(_("unknown nfs mount option: " ++ "%s%s\n"), val ? "" : "no", opt); ++ goto fail; ++ } ++ } ++ } ++ } ++ ++ data.flags = (soft ? NFS4_MOUNT_SOFT : 0) ++ | (intr ? NFS4_MOUNT_INTR : 0) ++ | (nocto ? NFS4_MOUNT_NOCTO : 0) ++ | (noac ? NFS4_MOUNT_NOAC : 0); ++ ++ if (num_flavour == 0) ++ pseudoflavour[num_flavour++] = AUTH_UNIX; ++ data.auth_flavourlen = num_flavour; ++ data.auth_flavours = pseudoflavour; ++ ++ data.client_addr.data = ip_addr; ++ data.client_addr.len = strlen(ip_addr); ++ ++ data.mnt_path.data = dirname; ++ data.mnt_path.len = strlen(dirname); ++ ++ data.hostname.data = hostname; ++ data.hostname.len = strlen(hostname); ++ data.host_addr = (struct sockaddr *)&server_addr; ++ data.host_addrlen = sizeof(server_addr); ++ ++#ifdef NFS_MOUNT_DEBUG ++ printf("rsize = %d, wsize = %d, timeo = %d, retrans = %d\n", ++ data.rsize, data.wsize, data.timeo, data.retrans); ++ printf("acreg (min, max) = (%d, %d), acdir (min, max) = (%d, %d)\n", ++ data.acregmin, data.acregmax, data.acdirmin, data.acdirmax); ++ printf("port = %d, bg = %d, retry = %d, flags = %.8x\n", ++ ntohs(server_addr.sin_port), bg, retry, data.flags); ++ printf("soft = %d, intr = %d, nocto = %d, noac = %d\n", ++ (data.flags & NFS4_MOUNT_SOFT) != 0, ++ (data.flags & NFS4_MOUNT_INTR) != 0, ++ (data.flags & NFS4_MOUNT_NOCTO) != 0, ++ (data.flags & NFS4_MOUNT_NOAC) != 0); ++ ++ if (num_flavour > 0) { ++ int pf_cnt, i; ++ ++ printf("sec = "); ++ for (pf_cnt = 0; pf_cnt < num_flavour; pf_cnt++) { ++ for (i = 0; i < FMAPSIZE; i++) { ++ if (flav_map[i].fnum == pseudoflavour[pf_cnt]) { ++ printf("%s", flav_map[i].flavour); ++ break; ++ } ++ } ++ printf("%s", (pf_cnt < num_flavour-1) ? ":" : "\n"); ++ } ++ } ++ printf("proto = %s\n", (data.proto == IPPROTO_TCP) ? "tcp" : "udp"); ++#endif ++ ++ data.version = NFS4_MOUNT_VERSION; ++ ++ clnt_ping(&server_addr, NFS_PROGRAM, 4, data.proto); ++ if (rpc_createerr.cf_stat) { ++ fprintf(stderr, "mount to NFS server '%s' failed.\n", data.hostname.data); ++ goto fail; ++ } ++ ++ *mount_opts = (char *) &data; ++ /* clean up */ ++ return 0; ++ ++fail: ++ if (verbose) { ++ rpc_strerror(); ++ } ++ return retval; ++} +--- util-linux-2.12q/mount/nfs4_mount.h ++++ util-linux-2.12q/mount/nfs4_mount.h +@@ -0,0 +1,82 @@ ++#ifndef _LINUX_NFS4_MOUNT_H ++#define _LINUX_NFS4_MOUNT_H ++ ++/* ++ * linux/include/linux/nfs4_mount.h ++ * ++ * Copyright (C) 2002 Trond Myklebust ++ * ++ * structure passed from user-space to kernel-space during an nfsv4 mount ++ */ ++ ++/* ++ * WARNING! Do not delete or change the order of these fields. If ++ * a new field is required then add it to the end. The version field ++ * tracks which fields are present. This will ensure some measure of ++ * mount-to-kernel version compatibility. Some of these aren't used yet ++ * but here they are anyway. ++ */ ++#define NFS4_MOUNT_VERSION 1 ++ ++struct nfs_string { ++ unsigned int len; ++ const char* data; ++}; ++ ++struct nfs4_mount_data { ++ int version; /* 1 */ ++ int flags; /* 1 */ ++ int rsize; /* 1 */ ++ int wsize; /* 1 */ ++ int timeo; /* 1 */ ++ int retrans; /* 1 */ ++ int acregmin; /* 1 */ ++ int acregmax; /* 1 */ ++ int acdirmin; /* 1 */ ++ int acdirmax; /* 1 */ ++ ++ /* see the definition of 'struct clientaddr4' in RFC3010 */ ++ struct nfs_string client_addr; /* 1 */ ++ ++ /* Mount path */ ++ struct nfs_string mnt_path; /* 1 */ ++ ++ /* Server details */ ++ struct nfs_string hostname; /* 1 */ ++ /* Server IP address */ ++ unsigned int host_addrlen; /* 1 */ ++ struct sockaddr* host_addr; /* 1 */ ++ ++ /* Transport protocol to use */ ++ int proto; /* 1 */ ++ ++ /* Pseudo-flavours to use for authentication. See RFC2623 */ ++ int auth_flavourlen; /* 1 */ ++ int *auth_flavours; /* 1 */ ++}; ++ ++/* bits in the flags field */ ++/* Note: the fields that correspond to existing NFSv2/v3 mount options ++ * should mirror the values from include/linux/nfs_mount.h ++ */ ++ ++#define NFS4_MOUNT_SOFT 0x0001 /* 1 */ ++#define NFS4_MOUNT_INTR 0x0002 /* 1 */ ++#define NFS4_MOUNT_NOCTO 0x0010 /* 1 */ ++#define NFS4_MOUNT_NOAC 0x0020 /* 1 */ ++#define NFS4_MOUNT_STRICTLOCK 0x1000 /* 1 */ ++#define NFS4_MOUNT_FLAGMASK 0xFFFF ++ ++/* pseudoflavors: */ ++ ++#define RPC_AUTH_GSS_KRB5 390003 ++#define RPC_AUTH_GSS_KRB5I 390004 ++#define RPC_AUTH_GSS_KRB5P 390005 ++#define RPC_AUTH_GSS_LKEY 390006 ++#define RPC_AUTH_GSS_LKEYI 390007 ++#define RPC_AUTH_GSS_LKEYP 390008 ++#define RPC_AUTH_GSS_SPKM 390009 ++#define RPC_AUTH_GSS_SPKMI 390010 ++#define RPC_AUTH_GSS_SPKMP 390011 ++ ++#endif +--- util-linux-2.12q/mount/nfs_mount4.h ++++ util-linux-2.12q/mount/nfs_mount4.h +@@ -8,7 +8,9 @@ + * so it is easiest to ignore the kernel altogether (at compile time). + */ + +-#define NFS_MOUNT_VERSION 4 ++#define NFS_MOUNT_VERSION 6 ++#define NFS_MAX_CONTEXT_LEN 256 ++ + + struct nfs2_fh { + char data[32]; +@@ -36,6 +38,9 @@ + int namlen; /* 2 */ + unsigned int bsize; /* 3 */ + struct nfs3_fh root; /* 4 */ ++ int pseudoflavor; /* 5 */ ++ char context[NFS_MAX_CONTEXT_LEN + 1]; /* 6 */ ++ + }; + + /* bits in the flags field */ +@@ -52,3 +57,19 @@ + #define NFS_MOUNT_NONLM 0x0200 /* 3 */ + #define NFS_MOUNT_BROKEN_SUID 0x0400 /* 4 */ + #define NFS_MOUNT_NOACL 0x0800 /* 4 */ ++#define NFS_MOUNT_SECFLAVOUR 0x2000 /* 5 */ ++ ++/* security pseudoflavors */ ++ ++#ifndef AUTH_GSS_KRB5 ++#define AUTH_GSS_KRB5 390003 ++#define AUTH_GSS_KRB5I 390004 ++#define AUTH_GSS_KRB5P 390005 ++#define AUTH_GSS_LKEY 390006 ++#define AUTH_GSS_LKEYI 390007 ++#define AUTH_GSS_LKEYP 390008 ++#define AUTH_GSS_SPKM 390009 ++#define AUTH_GSS_SPKMI 390010 ++#define AUTH_GSS_SPKMP 390011 ++#endif ++ diff --git a/util-linux-2.12q-null.diff b/util-linux-2.12q-null.diff new file mode 100644 index 0000000..d9eb82e --- /dev/null +++ b/util-linux-2.12q-null.diff @@ -0,0 +1,14 @@ +--- util-linux-2.12q/misc-utils/script.c ++++ util-linux-2.12q/misc-utils/script.c +@@ -325,9 +325,9 @@ + shname = shell; + + if (cflg) +- execl(shell, shname, "-c", cflg, 0); ++ execl(shell, shname, "-c", cflg, NULL); + else +- execl(shell, shname, "-i", 0); ++ execl(shell, shname, "-i", NULL); + + perror(shell); + fail(); diff --git a/util-linux-2.12q-strict-aliasing.diff b/util-linux-2.12q-strict-aliasing.diff new file mode 100644 index 0000000..94bd8f0 --- /dev/null +++ b/util-linux-2.12q-strict-aliasing.diff @@ -0,0 +1,11 @@ +--- util-linux-2.12q/mount/Makefile ++++ util-linux-2.12q/mount/Makefile +@@ -110,7 +110,7 @@ + $(COMPILE) $(RPC_CFLAGS) nfsmount_clnt.c + + nfsmount_xdr.o: nfsmount_xdr.c +- $(COMPILE) $(RPC_CFLAGS) nfsmount_xdr.c ++ $(COMPILE) -fno-strict-aliasing $(RPC_CFLAGS) nfsmount_xdr.c + + ifeq "$(HAVE_GOOD_RPC)" "yes" + nfsmount.h: nfsmount.x diff --git a/util-linux-2.12q-umount2-not-static.patch b/util-linux-2.12q-umount2-not-static.patch new file mode 100644 index 0000000..e07c3d1 --- /dev/null +++ b/util-linux-2.12q-umount2-not-static.patch @@ -0,0 +1,11 @@ +--- mount/umount.c ++++ mount/umount.c +@@ -40,7 +40,7 @@ + #include + #ifdef __NR_umount2 + +-static int umount2(const char *path, int flags); ++int umount2(const char *path, int flags); + + _syscall2(int, umount2, const char *, path, int, flags); + diff --git a/util-linux-2.12r-cal_formatting.patch b/util-linux-2.12r-cal_formatting.patch new file mode 100644 index 0000000..1758a2c --- /dev/null +++ b/util-linux-2.12r-cal_formatting.patch @@ -0,0 +1,26 @@ +--- misc-utils/cal.c ++++ misc-utils/cal.c +@@ -702,18 +702,16 @@ + } + + void +-trim_trailing_spaces(s) +- char *s; ++trim_trailing_spaces(char *s) + { + char *p; + + for (p = s; *p; ++p) + continue; +- while (p > s && isspace(*--p)) +- continue; +- if (p > s) +- ++p; +- *p = '\0'; ++ ++ p--; ++ if (isspace(*p)) ++ *p = '\0'; + } + + /* diff --git a/util-linux-2.12r-external-prog-on-guess.diff b/util-linux-2.12r-external-prog-on-guess.diff new file mode 100644 index 0000000..662da55 --- /dev/null +++ b/util-linux-2.12r-external-prog-on-guess.diff @@ -0,0 +1,133 @@ +From: Jeff Mahoney +Subject: [PATCH] mount: needs to handle special mountprog even on guessed file systems. + + If the user doesn't specify -t mount.fstype will never be called. + + This patch fixes that. + + Update: Fixes a bug where the mount would get added to mtab twice. + +-- + + mount.c | 47 +++++++++++++++++++++++++++++++++++++++++------ + mount_guess_fstype.c | 3 +-- + 2 files changed, 42 insertions(+), 8 deletions(-) + +diff -rup util-linux-2.12r/mount/mount.c util-linux-2.12r.updated/mount/mount.c +--- util-linux-2.12r/mount/mount.c 2006-05-17 17:35:37.000000000 -0400 ++++ util-linux-2.12r.updated/mount/mount.c 2006-05-17 17:35:17.000000000 -0400 +@@ -451,6 +451,10 @@ create_mtab (void) { + unlock_mtab(); + } + ++static int check_special_mountprog(const char *spec, const char *node, ++ const char *type, int flags, ++ char *extra_opts, int *status); ++ + /* count successful mount system calls */ + static int mountcount = 0; + +@@ -462,12 +466,30 @@ static int mountcount = 0; + static int + do_mount_syscall (struct mountargs *args) { + int flags = args->flags; +- int ret; + + if ((flags & MS_MGC_MSK) == 0) + flags |= MS_MGC_VAL; + +- ret = mount (args->spec, args->node, args->type, flags, args->data); ++ return mount (args->spec, args->node, args->type, flags, args->data); ++} ++ ++/* ++ * do_mount() ++ * Mount a single file system, possibly invoking an external handler to ++ * do so. Keep track of successes. ++ * returns: 0: OK, -1: error in errno ++ */ ++static int ++do_mount (struct mountargs *args) { ++ int ret; ++ if (check_special_mountprog(args->spec, args->node, args->type, ++ args->flags, args->data, &ret) == 0) ++ ret = do_mount_syscall(args); ++ else if (ret == 0) { /* set by the call */ ++ mountcount++; ++ ret = 1; ++ } ++ + if (ret == 0) + mountcount++; + return ret; +@@ -507,10 +529,11 @@ guess_fstype_and_mount(const char *spec, + char *p; + + while((p = index(t,',')) != NULL) { ++ int ret; + *p = 0; + args.type = *types = t; +- if(do_mount_syscall (&args) == 0) +- return 0; ++ if((ret = do_mount (&args)) >= 0) ++ return ret; + t = p+1; + } + /* do last type below */ +@@ -519,10 +542,10 @@ guess_fstype_and_mount(const char *spec, + + if (*types || (flags & MS_REMOUNT)) { + args.type = *types; +- return do_mount_syscall (&args); ++ return do_mount (&args); + } + +- return procfsloop(do_mount_syscall, &args, types); ++ return procfsloop(do_mount, &args, types); + } + + /* +@@ -895,8 +918,16 @@ retry_nfs: + nosigblock: + + if (!fake) { ++ int skip_mtab = 0; + mnt5_res = guess_fstype_and_mount (spec, node, &types, flags & ~MS_NOSYS, + mount_opts); ++ /* External program was executed to mount the file system, skip updating ++ * mtab. */ ++ if (mnt5_res == 1) { ++ skip_mtab = 1; ++ mnt5_res = 0; ++ res = 0; ++ } + if(!mnt5_res && LoopMountAutomaticChmod && (getuid() == 0)) { + /* + * If loop was set up using random keys and new file system +@@ -907,8 +938,12 @@ nosigblock: + error (_("Error: encrypted file system chmod() failed")); + } + } ++ ++ if (skip_mtab) ++ goto out; + } + ++ + if (fake || mnt5_res == 0) { + /* Mount succeeded, report this (if verbose) and write mtab entry. */ + if (loop) +diff -rup util-linux-2.12r/mount/mount_guess_fstype.c util-linux-2.12r.updated/mount/mount_guess_fstype.c +--- util-linux-2.12r/mount/mount_guess_fstype.c 2006-05-17 17:35:37.000000000 -0400 ++++ util-linux-2.12r.updated/mount/mount_guess_fstype.c 2006-05-17 17:19:44.000000000 -0400 +@@ -695,9 +695,8 @@ procfsloop(int (*mount_fn)(struct mounta + printf(_("Trying %s\n"), fsname); + fflush(stdout); + } +- if ((*mount_fn) (args) == 0) { ++ if ((ret = (*mount_fn) (args)) >= 0) { + *types = fsname; +- ret = 0; + break; + } else if (errno != EINVAL && + is_in_procfs(fsname) == 1) { diff --git a/util-linux-2.12r-fdisk_llseek.patch b/util-linux-2.12r-fdisk_llseek.patch new file mode 100644 index 0000000..786a385 --- /dev/null +++ b/util-linux-2.12r-fdisk_llseek.patch @@ -0,0 +1,234 @@ +--- fdisk/Makefile ++++ fdisk/Makefile +@@ -39,7 +39,7 @@ + endif + endif + +-cfdisk: cfdisk.o llseek.o disksize.o i386_sys_types.o $(LIB)/xstrncpy.o ++cfdisk: cfdisk.o disksize.o i386_sys_types.o $(LIB)/xstrncpy.o + ifeq "$(HAVE_SLANG)" "yes" + $(CC) $(LDFLAGS) $^ -o $@ $(LIBSLANG) + else +@@ -55,7 +55,7 @@ + rm -f activate + ln -s sfdisk activate + +-fdisk: fdisk.o llseek.o disksize.o fdiskbsdlabel.o fdisksgilabel.o fdisksunlabel.o \ ++fdisk: fdisk.o disksize.o fdiskbsdlabel.o fdisksgilabel.o fdisksunlabel.o \ + fdiskmaclabel.o fdiskaixlabel.o i386_sys_types.o partname.o + fdisk.o: fdisk.c fdisk.h + fdiskbsdlabel.o: fdiskbsdlabel.c fdisk.h fdiskbsdlabel.h +--- fdisk/cfdisk.c ++++ fdisk/cfdisk.c +@@ -84,9 +84,6 @@ + #include "xstrncpy.h" + #include "common.h" + +-extern long long ext2_llseek(unsigned int fd, long long offset, +- unsigned int origin); +- + #define VERSION UTIL_LINUX_VERSION + + #define DEFAULT_DEVICE "/dev/hda" +@@ -552,7 +549,7 @@ + + static void + read_sector(char *buffer, long long sect_num) { +- if (ext2_llseek(fd, sect_num*SECTOR_SIZE, SEEK_SET) < 0) ++ if (lseek(fd, sect_num*SECTOR_SIZE, SEEK_SET) < 0) + fatal(_("Cannot seek on disk drive"), 2); + if (read(fd, buffer, SECTOR_SIZE) != SECTOR_SIZE) + fatal(_("Cannot read disk drive"), 2); +@@ -560,7 +557,7 @@ + + static void + write_sector(char *buffer, long long sect_num) { +- if (ext2_llseek(fd, sect_num*SECTOR_SIZE, SEEK_SET) < 0) ++ if (lseek(fd, sect_num*SECTOR_SIZE, SEEK_SET) < 0) + fatal(_("Cannot seek on disk drive"), 2); + if (write(fd, buffer, SECTOR_SIZE) != SECTOR_SIZE) + fatal(_("Cannot write disk drive"), 2); +@@ -587,7 +584,7 @@ + long long offset; + + offset = (p_info[i].first_sector + p_info[i].offset) * SECTOR_SIZE; +- if (ext2_llseek(fd, offset, SEEK_SET) == offset ++ if (lseek(fd, offset, SEEK_SET) == offset + && read(fd, §or, sizeof(sector)) == sizeof(sector)) { + dos_copy_to_info(p_info[i].ostype, OSTYPESZ, + sector+DOS_OSTYPE_OFFSET, DOS_OSTYPE_SZ); +@@ -672,7 +669,7 @@ + + offset = (p_info[i].first_sector + p_info[i].offset) * SECTOR_SIZE + + 1024; +- if (ext2_llseek(fd, offset, SEEK_SET) == offset ++ if (lseek(fd, offset, SEEK_SET) == offset + && read(fd, &e2fsb, sizeof(e2fsb)) == sizeof(e2fsb) + && e2fsb.s_magic[0] + (e2fsb.s_magic[1]<<8) == EXT2_SUPER_MAGIC) { + label = e2fsb.s_volume_name; +@@ -688,7 +685,7 @@ + } + + offset = (p_info[i].first_sector + p_info[i].offset) * SECTOR_SIZE + 0; +- if (ext2_llseek(fd, offset, SEEK_SET) == offset ++ if (lseek(fd, offset, SEEK_SET) == offset + && read(fd, &xfsb, sizeof(xfsb)) == sizeof(xfsb) + && !strncmp(xfsb.s_magic, XFS_SUPER_MAGIC, 4)) { + label = xfsb.s_fname; +@@ -702,7 +699,7 @@ + /* jfs? */ + offset = (p_info[i].first_sector + p_info[i].offset) * SECTOR_SIZE + + JFS_SUPER1_OFF; +- if (ext2_llseek(fd, offset, SEEK_SET) == offset ++ if (lseek(fd, offset, SEEK_SET) == offset + && read(fd, &jfsb, sizeof(jfsb)) == sizeof(jfsb) + && !strncmp(jfsb.s_magic, JFS_MAGIC, strlen(JFS_MAGIC))) { + label = jfsb.s_label; +@@ -716,7 +713,7 @@ + /* reiserfs? */ + offset = (p_info[i].first_sector + p_info[i].offset) * SECTOR_SIZE + + REISERFS_DISK_OFFSET_IN_BYTES; +- if (ext2_llseek(fd, offset, SEEK_SET) == offset ++ if (lseek(fd, offset, SEEK_SET) == offset + && read(fd, &reiserfsb, sizeof(reiserfsb)) == sizeof(reiserfsb) + && has_reiserfs_magic_string(&reiserfsb, &reiserfs_is_3_6)) { + if (reiserfs_is_3_6) { +--- fdisk/fdiskbsdlabel.c ++++ fdisk/fdiskbsdlabel.c +@@ -566,7 +566,7 @@ + sector = get_start_sect(xbsd_part); + #endif + +- if (ext2_llseek (fd, (long long) sector * SECTOR_SIZE, SEEK_SET) == -1) ++ if (lseek (fd, (long long) sector * SECTOR_SIZE, SEEK_SET) == -1) + fatal (unable_to_seek); + if (BSD_BBSIZE != write (fd, disklabelbuffer, BSD_BBSIZE)) + fatal (unable_to_write); +@@ -735,7 +735,7 @@ + sector = 0; + #endif + +- if (ext2_llseek (fd, (long long) sector * SECTOR_SIZE, SEEK_SET) == -1) ++ if (lseek (fd, (long long) sector * SECTOR_SIZE, SEEK_SET) == -1) + fatal (unable_to_seek); + if (BSD_BBSIZE != read (fd, disklabelbuffer, BSD_BBSIZE)) + fatal (unable_to_read); +@@ -781,12 +781,12 @@ + + #if defined (__alpha__) && BSD_LABELSECTOR == 0 + alpha_bootblock_checksum (disklabelbuffer); +- if (ext2_llseek (fd, (long long) 0, SEEK_SET) == -1) ++ if (lseek (fd, (long long) 0, SEEK_SET) == -1) + fatal (unable_to_seek); + if (BSD_BBSIZE != write (fd, disklabelbuffer, BSD_BBSIZE)) + fatal (unable_to_write); + #else +- if (ext2_llseek (fd, (long long) sector * SECTOR_SIZE + BSD_LABELOFFSET, ++ if (lseek (fd, (long long) sector * SECTOR_SIZE + BSD_LABELOFFSET, + SEEK_SET) == -1) + fatal (unable_to_seek); + if (sizeof (struct xbsd_disklabel) != write (fd, d, sizeof (struct xbsd_disklabel))) +--- fdisk/fdisksgilabel.c ++++ fdisk/fdisksgilabel.c +@@ -379,7 +379,7 @@ + */ + sgiinfo *info = fill_sgiinfo(); + int infostartblock = SSWAP32(sgilabel->directory[0].vol_file_start); +- if (ext2_llseek(fd, (long long)infostartblock* ++ if (lseek(fd, (long long)infostartblock* + SECTOR_SIZE, SEEK_SET) < 0) + fatal(unable_to_seek); + if (write(fd, info, SECTOR_SIZE) != SECTOR_SIZE) +--- fdisk/llseek.c ++++ fdisk/llseek.c +@@ -13,31 +13,12 @@ + extern long long ext2_llseek (unsigned int, long long, unsigned int); + + #ifdef __linux__ +- +-#ifdef HAVE_LLSEEK +-#include +- +-#else /* HAVE_LLSEEK */ +- +-#if defined(__alpha__) || defined(__ia64__) || defined(__s390x__) +- +-#define my_llseek lseek +- +-#else +-#include /* for __NR__llseek */ +- +-static int _llseek (unsigned int, unsigned long, +- unsigned long, long long *, unsigned int); +- +-#ifdef __NR__llseek +- +-static _syscall5(int,_llseek,unsigned int,fd,unsigned long,offset_high, +- unsigned long, offset_low,long long *,result, +- unsigned int, origin) +- +-#else ++# if defined(__alpha__) || defined(__ia64__) || defined(__s390x__) ++# define my_llseek lseek ++# else + + /* no __NR__llseek on compilation machine - might give it explicitly */ ++# ifndef __NR__llseek + static int _llseek (unsigned int fd, unsigned long oh, + unsigned long ol, long long *result, + unsigned int origin) { +@@ -45,10 +26,10 @@ + return -1; + } + +-#endif ++# endif /* __NR__llseek */ + + static long long my_llseek (unsigned int fd, long long offset, +- unsigned int origin) ++ unsigned int origin) + { + long long result; + int retval; +--- fdisk/sfdisk.c ++++ fdisk/sfdisk.c +@@ -164,36 +164,16 @@ + /* + * sseek: seek to specified sector - return 0 on failure + * +- * For >4GB disks lseek needs a > 32bit arg, and we have to use llseek. +- * On the other hand, a 32 bit sector number is OK until 2TB. +- * The routines _llseek and sseek below are the only ones that +- * know about the loff_t type. +- * + * Note: we use 512-byte sectors here, irrespective of the hardware ss. + */ +-#undef use_lseek +-#if defined (__alpha__) || defined (__ia64__) || defined (__x86_64__) || defined (__s390x__) +-#define use_lseek +-#endif +- +-#ifndef use_lseek +-static __attribute__used +-_syscall5(int, _llseek, unsigned int, fd, ulong, hi, ulong, lo, +- loff_t *, res, unsigned int, wh); +-#endif +- + static int + sseek(char *dev, unsigned int fd, unsigned long s) { +- loff_t in, out; +- in = ((loff_t) s << 9); ++ off_t in, out; ++ in = ((off_t) s << 9); + out = 1; + +-#ifndef use_lseek +- if (_llseek (fd, in>>32, in & 0xffffffff, &out, SEEK_SET) != 0) { +-#else + if ((out = lseek(fd, in, SEEK_SET)) != in) { +-#endif +- perror("llseek"); ++ perror("lseek"); + error(_("seek error on %s - cannot seek to %lu\n"), dev, s); + return 0; + } diff --git a/util-linux-2.12r-fdiskcyl.patch b/util-linux-2.12r-fdiskcyl.patch new file mode 100644 index 0000000..70a0a1b --- /dev/null +++ b/util-linux-2.12r-fdiskcyl.patch @@ -0,0 +1,32 @@ +--- util-linux-2.12r/fdisk/fdisk.c.old 2006-05-11 19:20:15.000000000 -0400 ++++ util-linux-2.12r/fdisk/fdisk.c 2006-05-11 19:33:44.000000000 -0400 +@@ -1916,6 +1916,16 @@ + total_number_of_sectors - total); + } + ++static unsigned long long ++roundup_to_cylinder_boundary(unsigned long long offset) { ++ if (units_per_sector) { ++ unsigned long long extra_sectors = offset % units_per_sector; ++ if (extra_sectors != 0) ++ offset += (units_per_sector - extra_sectors) - 1; ++ } ++ return offset; ++} ++ + static void + add_partition(int n, int sys) { + char mesg[256]; /* 48 does not suffice in Japanese */ +@@ -1951,8 +1961,10 @@ + limit = get_start_sect(q) + get_nr_sects(q) - 1; + } + if (display_in_cyl_units) +- for (i = 0; i < partitions; i++) ++ for (i = 0; i < partitions; i++) { + first[i] = (cround(first[i]) - 1) * units_per_sector; ++ last[i] = roundup_to_cylinder_boundary(last[i]); ++ } + + snprintf(mesg, sizeof(mesg), _("First %s"), str_units(SINGULAR)); + do { + diff --git a/util-linux-2.12r-fdiskwrap.patch b/util-linux-2.12r-fdiskwrap.patch new file mode 100644 index 0000000..56bf598 --- /dev/null +++ b/util-linux-2.12r-fdiskwrap.patch @@ -0,0 +1,382 @@ +--- util-linux-2.12r/fdisk/fdisk.c ++++ util-linux-2.12r/fdisk/fdisk.c +@@ -61,7 +61,7 @@ + + /* A valid partition table sector ends in 0x55 0xaa */ + static unsigned int +-part_table_flag(char *b) { ++part_table_flag(unsigned char *b) { + return ((unsigned int) b[510]) + (((unsigned int) b[511]) << 8); + } + +@@ -71,7 +71,7 @@ + } + + static void +-write_part_table_flag(char *b) { ++write_part_table_flag(unsigned char *b) { + b[510] = 0x55; + b[511] = 0xaa; + } +@@ -98,17 +98,17 @@ + store4_little_endian(p->start4, start_sect); + } + +-unsigned int ++unsigned long long + get_start_sect(struct partition *p) { + return read4_little_endian(p->start4); + } + + static void +-set_nr_sects(struct partition *p, unsigned int nr_sects) { ++set_nr_sects(struct partition *p, unsigned long long nr_sects) { + store4_little_endian(p->size4, nr_sects); + } + +-unsigned int ++unsigned long long + get_nr_sects(struct partition *p) { + return read4_little_endian(p->size4); + } +@@ -120,7 +120,7 @@ + * Raw disk label. For DOS-type partition tables the MBR, + * with descriptions of the primary partitions. + */ +-char MBRbuffer[MAX_SECTOR_SIZE]; ++unsigned char MBRbuffer[MAX_SECTOR_SIZE]; + + /* + * per partition table entry data +@@ -134,8 +134,8 @@ + struct partition *part_table; /* points into sectorbuffer */ + struct partition *ext_pointer; /* points into sectorbuffer */ + char changed; /* boolean */ +- unsigned int offset; /* disk sector number */ +- char *sectorbuffer; /* disk sector contents */ ++ unsigned long long offset; /* disk sector number */ ++ unsigned char *sectorbuffer; /* disk sector contents */ + } ptes[MAXIMUM_PARTS]; + + char *disk_device, /* must be specified */ +@@ -154,15 +154,14 @@ + unsigned int pt_heads, pt_sectors; + unsigned int kern_heads, kern_sectors; + ++unsigned long long sector_offset = 1, extended_offset = 0, sectors; ++ + unsigned int heads, +- sectors, + cylinders, + sector_size = DEFAULT_SECTOR_SIZE, + user_set_sector_size = 0, +- sector_offset = 1, + units_per_sector = 1, +- display_in_cyl_units = 1, +- extended_offset = 0; /* offset of link pointers */ ++ display_in_cyl_units = 1; + + unsigned long long total_number_of_sectors; + +@@ -240,21 +239,21 @@ + } + + static void +-seek_sector(int fd, unsigned int secno) { +- long long offset = (long long) secno * sector_size; +- if (ext2_llseek(fd, offset, SEEK_SET) == (long long) -1) ++seek_sector(int fd, unsigned long long secno) { ++ off_t offset = (off_t) secno * sector_size; ++ if (lseek(fd, offset, SEEK_SET) == (off_t) -1) + fatal(unable_to_seek); + } + + static void +-read_sector(int fd, unsigned int secno, char *buf) { ++read_sector(int fd, unsigned long long secno, unsigned char *buf) { + seek_sector(fd, secno); + if (read(fd, buf, sector_size) != sector_size) + fatal(unable_to_read); + } + + static void +-write_sector(int fd, unsigned int secno, char *buf) { ++write_sector(int fd, unsigned long long secno, unsigned char *buf) { + seek_sector(fd, secno); + if (write(fd, buf, sector_size) != sector_size) + fatal(unable_to_write); +@@ -262,11 +261,11 @@ + + /* Allocate a buffer and read a partition table sector */ + static void +-read_pte(int fd, int pno, unsigned int offset) { ++read_pte(int fd, int pno, unsigned long long offset) { + struct pte *pe = &ptes[pno]; + + pe->offset = offset; +- pe->sectorbuffer = (char *) malloc(sector_size); ++ pe->sectorbuffer = malloc(sector_size); + if (!pe->sectorbuffer) + fatal(out_of_memory); + read_sector(fd, offset, pe->sectorbuffer); +@@ -274,7 +273,7 @@ + pe->part_table = pe->ext_pointer = NULL; + } + +-static unsigned int ++static unsigned long long + get_partition_start(struct pte *pe) { + return pe->offset + get_start_sect(pe->part_table); + } +@@ -547,10 +546,10 @@ + } + + static void +-set_partition(int i, int doext, unsigned int start, unsigned int stop, +- int sysid) { ++set_partition(int i, int doext, unsigned long long start, ++ unsigned long long stop, int sysid) { + struct partition *p; +- unsigned int offset; ++ unsigned long long offset; + + if (doext) { + p = ptes[i].ext_pointer; +@@ -1546,7 +1545,7 @@ + else + printf(_("\nDisk %s: %ld.%ld GB, %lld bytes\n"), + disk_device, megabytes/1000, (megabytes/100)%10, bytes); +- printf(_("%d heads, %d sectors/track, %d cylinders"), ++ printf(_("%d heads, %Ld sectors/track, %d cylinders"), + heads, sectors, cylinders); + if (units_per_sector == 1) + printf(_(", total %llu sectors"), +@@ -1778,20 +1777,21 @@ + struct partition *p; + int i; + +- printf(_("\nDisk %s: %d heads, %d sectors, %d cylinders\n\n"), ++ printf(_("\nDisk %s: %d heads, %Ld sectors, %d cylinders\n\n"), + disk_device, heads, sectors, cylinders); + printf(_("Nr AF Hd Sec Cyl Hd Sec Cyl Start Size ID\n")); + for (i = 0 ; i < partitions; i++) { + pe = &ptes[i]; + p = (extend ? pe->ext_pointer : pe->part_table); + if (p != NULL) { +- printf("%2d %02x%4d%4d%5d%4d%4d%5d%11u%11u %02x\n", ++ printf("%2d %02x%4d%4d%5d%4d%4d%5d%11lu%11lu %02x\n", + i + 1, p->boot_ind, p->head, + sector(p->sector), + cylinder(p->sector, p->cyl), p->end_head, + sector(p->end_sector), + cylinder(p->end_sector, p->end_cyl), +- get_start_sect(p), get_nr_sects(p), p->sys_ind); ++ (unsigned long) get_start_sect(p), ++ (unsigned long) get_nr_sects(p), p->sys_ind); + if (p->sys_ind) + check_consistency(p, i); + } +@@ -1799,7 +1799,7 @@ + } + + static void +-fill_bounds(unsigned int *first, unsigned int *last) { ++fill_bounds(unsigned long long *first, unsigned long long *last) { + int i; + struct pte *pe = &ptes[0]; + struct partition *p; +@@ -1832,7 +1832,7 @@ + n, h + 1, heads); + if (real_s >= sectors) + fprintf(stderr, _("Partition %d: sector %d greater than " +- "maximum %d\n"), n, s, sectors); ++ "maximum %Ld\n"), n, s, sectors); + if (real_c >= cylinders) + fprintf(stderr, _("Partitions %d: cylinder %d greater than " + "maximum %d\n"), n, real_c + 1, cylinders); +@@ -1845,8 +1845,8 @@ + static void + verify(void) { + int i, j; +- unsigned int total = 1; +- unsigned int first[partitions], last[partitions]; ++ unsigned long total = 1; ++ unsigned long long first[partitions], last[partitions]; + struct partition *p; + + if (warn_geometry()) +@@ -1890,7 +1890,7 @@ + + if (extended_offset) { + struct pte *pex = &ptes[ext_index]; +- unsigned int e_last = get_start_sect(pex->part_table) + ++ unsigned long long e_last = get_start_sect(pex->part_table) + + get_nr_sects(pex->part_table) - 1; + + for (i = 4; i < partitions; i++) { +@@ -1909,8 +1909,8 @@ + } + + if (total > total_number_of_sectors) +- printf(_("Total allocated sectors %d greater than the maximum " +- "%lld\n"), total, total_number_of_sectors); ++ printf(_("Total allocated sectors %ld greater than the maximum" ++ " %lld\n"), total, total_number_of_sectors); + else if (total < total_number_of_sectors) + printf(_("%lld unallocated sectors\n"), + total_number_of_sectors - total); +@@ -1923,7 +1923,7 @@ + struct partition *p = ptes[n].part_table; + struct partition *q = ptes[ext_index].part_table; + long long llimit; +- unsigned int start, stop = 0, limit, temp, ++ unsigned long long start, stop = 0, limit, temp, + first[partitions], last[partitions]; + + if (p && p->sys_ind) { +@@ -1969,7 +1969,7 @@ + if (start > limit) + break; + if (start >= temp+units_per_sector && read) { +- printf(_("Sector %d is already allocated\n"), temp); ++ printf(_("Sector %llu is already allocated\n"), temp); + temp = start; + read = 0; + } +@@ -2228,14 +2228,14 @@ + + #define MAX_PER_LINE 16 + static void +-print_buffer(char pbuffer[]) { ++print_buffer(unsigned char pbuffer[]) { + int i, + l; + + for (i = 0, l = 0; i < sector_size; i++, l++) { + if (l == 0) + printf("0x%03X:", i); +- printf(" %02X", (unsigned char) pbuffer[i]); ++ printf(" %02X", pbuffer[i]); + if (l == MAX_PER_LINE - 1) { + printf("\n"); + l = -1; +--- util-linux-2.12r/fdisk/fdisk.h ++++ util-linux-2.12r/fdisk/fdisk.h +@@ -84,8 +84,8 @@ + #define SINGULAR 1 + extern char *const str_units(int); + +-extern unsigned int get_start_sect(struct partition *p); +-extern unsigned int get_nr_sects(struct partition *p); ++extern unsigned long long get_start_sect(struct partition *p); ++extern unsigned long long get_nr_sects(struct partition *p); + + extern int osf_label; + +--- util-linux-2.12r/fdisk/fdiskaixlabel.h ++++ util-linux-2.12r/fdisk/fdiskaixlabel.h +@@ -19,9 +19,10 @@ + + /* fdisk.c */ + #define aixlabel ((aix_partition *)MBRbuffer) +-extern char MBRbuffer[MAX_SECTOR_SIZE]; ++extern unsigned char MBRbuffer[MAX_SECTOR_SIZE]; + extern char changed[MAXIMUM_PARTS]; +-extern unsigned int heads, sectors, cylinders; ++extern unsigned int heads, cylinders; ++extern unsigned long long sectors; + extern int show_begin; + extern int aix_label; + extern char *partition_type(unsigned char type); +--- util-linux-2.12r/fdisk/fdiskmaclabel.h ++++ util-linux-2.12r/fdisk/fdiskmaclabel.h +@@ -25,9 +25,10 @@ + + /* fdisk.c */ + #define maclabel ((mac_partition *)MBRbuffer) +-extern char MBRbuffer[MAX_SECTOR_SIZE]; ++extern unsigned char MBRbuffer[MAX_SECTOR_SIZE]; + extern char changed[MAXIMUM_PARTS]; +-extern unsigned int heads, sectors, cylinders; ++extern unsigned int heads, cylinders; ++extern unsigned long long sectors; + extern int show_begin; + extern int mac_label; + extern char *partition_type(unsigned char type); +--- util-linux-2.12r/fdisk/fdisksgilabel.c ++++ util-linux-2.12r/fdisk/fdisksgilabel.c +@@ -197,7 +197,7 @@ + w = strlen(disk_device); + + if (xtra) { +- printf(_("\nDisk %s (SGI disk label): %d heads, %d sectors\n" ++ printf(_("\nDisk %s (SGI disk label): %d heads, %llu sectors\n" + "%d cylinders, %d physical cylinders\n" + "%d extra sects/cyl, interleave %d:1\n" + "%s\n" +@@ -211,7 +211,7 @@ + sector_size); + } else { + printf(_("\nDisk %s (SGI disk label): " +- "%d heads, %d sectors, %d cylinders\n" ++ "%d heads, %llu sectors, %d cylinders\n" + "Units = %s of %d * %d bytes\n\n"), + disk_device, heads, sectors, cylinders, + str_units(PLURAL), units_per_sector, +--- util-linux-2.12r/fdisk/fdisksgilabel.h ++++ util-linux-2.12r/fdisk/fdisksgilabel.h +@@ -103,8 +103,9 @@ + /* fdisk.c */ + #define sgilabel ((sgi_partition *)MBRbuffer) + #define sgiparam (sgilabel->devparam) +-extern char MBRbuffer[MAX_SECTOR_SIZE]; +-extern unsigned int heads, sectors, cylinders, sector_size; ++extern unsigned char MBRbuffer[MAX_SECTOR_SIZE]; ++extern unsigned int heads, cylinders, sector_size; ++extern unsigned long long sectors; + extern int show_begin; + extern int sgi_label; + extern char *partition_type(unsigned char type); +--- util-linux-2.12r/fdisk/fdisksunlabel.c ++++ util-linux-2.12r/fdisk/fdisksunlabel.c +@@ -349,7 +349,7 @@ + } + + snprintf(sunlabel->info, sizeof(sunlabel->info), +- "%s%s%s cyl %d alt %d hd %d sec %d", ++ "%s%s%s cyl %d alt %d hd %d sec %llu", + p ? p->vendor : "", (p && *p->vendor) ? " " : "", + p ? p->model + : (floppy ? _("3,5\" floppy") : _("Linux custom")), +@@ -656,7 +656,7 @@ + w = strlen(disk_device); + if (xtra) + printf( +- _("\nDisk %s (Sun disk label): %d heads, %d sectors, %d rpm\n" ++ _("\nDisk %s (Sun disk label): %d heads, %llu sectors, %d rpm\n" + "%d cylinders, %d alternate cylinders, %d physical cylinders\n" + "%d extra sects/cyl, interleave %d:1\n" + "%s\n" +@@ -670,7 +670,7 @@ + str_units(PLURAL), units_per_sector); + else + printf( +- _("\nDisk %s (Sun disk label): %d heads, %d sectors, %d cylinders\n" ++ _("\nDisk %s (Sun disk label): %d heads, %llu sectors, %d cylinders\n" + "Units = %s of %d * 512 bytes\n\n"), + disk_device, heads, sectors, cylinders, + str_units(PLURAL), units_per_sector); +--- util-linux-2.12r/fdisk/fdisksunlabel.h ++++ util-linux-2.12r/fdisk/fdisksunlabel.h +@@ -37,8 +37,9 @@ + : (__u32)(x)) + + /* fdisk.c */ +-extern char MBRbuffer[MAX_SECTOR_SIZE]; +-extern unsigned int heads, sectors, cylinders; ++extern unsigned char MBRbuffer[MAX_SECTOR_SIZE]; ++extern unsigned int heads, cylinders; ++extern unsigned long long sectors; + extern int show_begin; + extern int sun_label; + extern char *partition_type(unsigned char type); diff --git a/util-linux-2.12r-losetup_password.patch b/util-linux-2.12r-losetup_password.patch new file mode 100644 index 0000000..8098f68 --- /dev/null +++ b/util-linux-2.12r-losetup_password.patch @@ -0,0 +1,231 @@ +Index: util-linux-2.12r/mount/lomount.c +=================================================================== +--- util-linux-2.12r.orig/mount/lomount.c ++++ util-linux-2.12r/mount/lomount.c +@@ -46,24 +46,24 @@ + #include "rmd160.h" + #include "aes.h" + ++#define LO_PASS_OK EXIT_SUCCESS ++#define LO_PASS_ERR EXIT_FAILURE ++#define LO_PASS_EMPTY 5 ++#define LO_PASS_SHORT 6 ++ + extern int verbose; + extern char *xstrdup (const char *s); /* not: #include "sundries.h" */ + extern void error (const char *fmt, ...); /* idem */ + extern void show_all_loops(void); + extern int read_options_from_fstab(char *, char **); + ++volatile int timeout=0; + int passphrase_timeout=0; + struct sigaction alrmact; + + static void + alrmhandler() { +- /* let the SIGINT handler do the work: */ +- kill(getpid(),SIGINT); +- usleep(1000000); +- kill(getpid(),SIGTERM); +- usleep(1000000); +- /* stubborn... */ +- exit(0); ++ timeout = 1; + } + + +@@ -473,11 +473,14 @@ static char *do_GPG_pipe(char *pass) + return multiKeyPass[0]; + } + +-static char *sGetPass(int minLen, int warnLen) ++static int sGetPass(char **pass, int minLen, int warnLen) + { + char *p, *s, *seed; + int i, ask2; + ++ *pass = NULL; ++ timeout = 0; ++ + if(!passFDnumber) { + + if(passphrase_timeout) { +@@ -489,6 +492,9 @@ static char *sGetPass(int minLen, int wa + } + + p = getpass(_("Password: ")); ++ alarm(0); ++ if (timeout) ++ return LO_PASS_EMPTY; + ask2 = passAskTwice ? 1 : 0; + } else { + i = atoi(passFDnumber); +@@ -504,11 +510,13 @@ static char *sGetPass(int minLen, int wa + } + if(x == 65) { + multiKeyMode = 65; +- return multiKeyPass[0]; ++ *pass = multiKeyPass[0]; ++ return LO_PASS_OK; + } + if(x == 64) { + multiKeyMode = 64; +- return multiKeyPass[0]; ++ *pass = multiKeyPass[0]; ++ return LO_PASS_OK; + } + p = multiKeyPass[0]; + } +@@ -531,6 +539,9 @@ static char *sGetPass(int minLen, int wa + } + + p = getpass(_("Retype password: ")); ++ alarm(0); ++ if (timeout) ++ return LO_PASS_EMPTY; + if(!p) goto nomem; + if(strcmp(s, p)) goto compareErr; + memset(s, 0, i); +@@ -538,17 +549,25 @@ static char *sGetPass(int minLen, int wa + ask2 = 0; + } + p = do_GPG_pipe(p); +- if(!p) return(NULL); ++ if(!p) ++ return LO_PASS_ERR; + if(!p[0]) { + fprintf(stderr, _("Error: gpg key file decryption failed\n")); +- return(NULL); ++ return LO_PASS_ERR; ++ } ++ if(multiKeyMode) { ++ *pass = p; ++ return LO_PASS_OK; + } +- if(multiKeyMode) return(p); + } + i = strlen(p); ++ if(i == 0) { ++ fprintf(stderr, _("Error: Empty password\n")); ++ return LO_PASS_EMPTY; ++ } + if(i < minLen) { + fprintf(stderr, _("Error: Password must be at least %d characters.\n"), minLen); +- return(NULL); ++ return LO_PASS_SHORT; + } + seed = passSeedString; + if(!seed) seed = ""; +@@ -556,7 +575,7 @@ static char *sGetPass(int minLen, int wa + if(!s) { + nomem: + fprintf(stderr, _("Error: Unable to allocate memory\n")); +- return(NULL); ++ return LO_PASS_ERR; + } + strcpy(s, p); + memset(p, 0, i); +@@ -571,11 +590,14 @@ static char *sGetPass(int minLen, int wa + } + + p = getpass(_("Retype password: ")); ++ alarm(0); ++ if (timeout) ++ return LO_PASS_EMPTY; + if(!p) goto nomem; + if(strcmp(s, p)) { + compareErr: + fprintf(stderr, _("Error: Passwords are not identical\n")); +- return(NULL); ++ return LO_PASS_ERR; + } + memset(p, 0, i); + } +@@ -583,7 +605,8 @@ static char *sGetPass(int minLen, int wa + fprintf(stderr, _("WARNING - Please use longer password (%d or more characters)\n"), SUSE_PASSWORD_MIN_LENGTH); + } + strcat(s, seed); +- return(s); ++ *pass = s; ++ return LO_PASS_OK; + } + + /* this is for compatibility with historic loop-AES version */ +@@ -788,6 +811,7 @@ set_loop(const char *device, const char + unsigned char multiKeyBits[65][32]; + int minPassLen = SUSE_PASSWORD_MIN_LENGTH; + int run_mkfs_command = 0; ++ int ret; + + loopFileName = (char *)file; + multiKeyMode = 0; +@@ -848,8 +872,8 @@ set_loop(const char *device, const char + loopinfo.lo_encrypt_key_size = 0; + break; + case LO_CRYPT_XOR: +- pass = sGetPass (1, 0); +- if(!pass) goto close_fd_ffd_return1; ++ ret = sGetPass (&pass, 1, 0); ++ if(ret) goto close_fd_ffd_return1; + xstrncpy (loopinfo.lo_encrypt_key, pass, LO_KEY_SIZE); + loopinfo.lo_encrypt_key_size = strlen(loopinfo.lo_encrypt_key); + break; +@@ -886,6 +910,7 @@ set_loop(const char *device, const char + /* This is not compatible with gpgkey= mount option */ + if(rd_wr_retry(atoi(passFDnumber), (char *)&loopinfo.lo_encrypt_key[0], LO_KEY_SIZE, 0) < 1) { + fprintf(stderr, _("Error: couldn't read binary key\n")); ++ ret = 1; + goto close_fd_ffd_return1; + } + break; /* out of switch(loopinfo.lo_encrypt_type) */ +@@ -894,6 +919,7 @@ set_loop(const char *device, const char + /* WARNING! DO NOT USE RANDOM HASH TYPE ON PARTITION WITH EXISTING */ + /* IMPORTANT DATA ON IT. RANDOM HASH TYPE WILL DESTROY YOUR DATA. */ + if(loop_create_random_keys((char*)file, *loopro, &multiKeyBits[0][0])) { ++ ret = 1; + goto close_fd_ffd_return1; + } + memcpy(&loopinfo.lo_encrypt_key[0], &multiKeyBits[0][0], sizeof(loopinfo.lo_encrypt_key)); +@@ -901,8 +927,8 @@ set_loop(const char *device, const char + break; /* out of switch(loopinfo.lo_encrypt_type) */ + } + } +- pass = sGetPass (minPassLen, SUSE_PASSWORD_MIN_LENGTH); +- if(!pass) goto close_fd_ffd_return1; ++ ret = sGetPass (&pass, minPassLen, SUSE_PASSWORD_MIN_LENGTH); ++ if(ret) goto close_fd_ffd_return1; + i = strlen(pass); + if(hashFunc == unhashed1_key_setup) { + /* this is for compatibility with historic loop-AES version */ +@@ -966,6 +992,7 @@ set_loop(const char *device, const char + break; + default: + fprintf (stderr, _("Error: don't know how to get key for encryption system %d\n"), loopinfo.lo_encrypt_type); ++ ret = 1; + goto close_fd_ffd_return1; + } + +@@ -985,7 +1012,7 @@ close_fd_ffd_return1: + close (fd); + close_ffd_return1: + close (ffd); +- return 1; ++ return ret; + } + + /* type 18 == LO_CRYPT_CRYPTOAPI */ +Index: util-linux-2.12r/mount/losetup.8 +=================================================================== +--- util-linux-2.12r.orig/mount/losetup.8 ++++ util-linux-2.12r/mount/losetup.8 +@@ -143,6 +143,10 @@ displays the status of a loop device, it + is not configured and 2 if an error occurred which prevented + .B losetup + from determining the status of the device. ++When using encryption ++.B losetup ++returns 5 if the passphrase is empty or a timeout occurred and 6 if ++the passphrase is too short. + + .SH FILES + .nf diff --git a/util-linux-2.12r-mkswap_fix.patch b/util-linux-2.12r-mkswap_fix.patch new file mode 100644 index 0000000..58d50a0 --- /dev/null +++ b/util-linux-2.12r-mkswap_fix.patch @@ -0,0 +1,15 @@ +Index: util-linux-2.12r/disk-utils/mkswap.c +=================================================================== +--- util-linux-2.12r.orig/disk-utils/mkswap.c 2004-12-21 09:21:24.000000000 -0800 ++++ util-linux-2.12r/disk-utils/mkswap.c 2006-10-23 17:51:24.636063632 -0700 +@@ -602,9 +602,7 @@ + version = 1; + else + /* use version 1 as default, if possible */ +- if (PAGES <= V0_MAX_PAGES && PAGES > V1_MAX_PAGES) +- version = 0; +- else if (linux_version_code() < MAKE_VERSION(2,1,117)) ++ if (linux_version_code() < MAKE_VERSION(2,1,117)) + version = 0; + else if (pagesize < 2048) + version = 0; diff --git a/util-linux-2.12r-mount-by-uuid.patch b/util-linux-2.12r-mount-by-uuid.patch new file mode 100644 index 0000000..982b9b6 --- /dev/null +++ b/util-linux-2.12r-mount-by-uuid.patch @@ -0,0 +1,53 @@ +diff -pur util-linux-2.12r/mount.orig/fstab.c util-linux-2.12r/mount/fstab.c +--- util-linux-2.12r/mount.orig/fstab.c 2004-12-21 20:09:24.000000000 +0100 ++++ util-linux-2.12r/mount/fstab.c 2005-11-10 08:53:42.000000000 +0100 +@@ -296,7 +296,7 @@ has_uuid(const char *device, const char + const char *devuuid; + int ret; + +- devuuid = mount_get_devname_by_uuid(device); ++ devuuid = mount_get_volume_uuid_by_spec(device); + ret = !strcmp(uuid, devuuid); + /* free(devuuid); */ + return ret; +Only in util-linux-2.12r/mount: fstab.c~ +diff -pur util-linux-2.12r/mount.orig/mount_blkid.c util-linux-2.12r/mount/mount_blkid.c +--- util-linux-2.12r/mount.orig/mount_blkid.c 2004-12-22 10:54:41.000000000 +0100 ++++ util-linux-2.12r/mount/mount_blkid.c 2005-11-10 08:55:00.000000000 +0100 +@@ -16,6 +16,11 @@ mount_blkid_put_cache(void) { + } + + const char * ++mount_get_volume_uuid_by_spec(const char *spec) { ++ return blkid_get_tag_value(blkid, "UUID", spec); ++} ++ ++const char * + mount_get_volume_label_by_spec(const char *spec) { + return blkid_get_tag_value(blkid, "LABEL", spec); + } +@@ -56,6 +61,11 @@ mount_blkid_put_cache(void) { + } + + const char * ++mount_get_volume_uuid_by_spec(const char *spec) { ++ return xstrdup(get_volume_uuid_by_spec(spec)); ++} ++ ++const char * + mount_get_volume_label_by_spec(const char *spec) { + return xstrdup(get_volume_label_by_spec(spec)); + } +Only in util-linux-2.12r/mount: mount_blkid.c~ +diff -pur util-linux-2.12r/mount.orig/mount_blkid.h util-linux-2.12r/mount/mount_blkid.h +--- util-linux-2.12r/mount.orig/mount_blkid.h 2004-04-13 22:00:02.000000000 +0200 ++++ util-linux-2.12r/mount/mount_blkid.h 2005-11-10 08:55:21.000000000 +0100 +@@ -7,6 +7,7 @@ extern void mount_blkid_get_cache(void); + extern void mount_blkid_put_cache(void); + extern const char *mount_get_devname_by_uuid(const char *uuid); + extern const char *mount_get_devname_by_label(const char *label); ++extern const char *mount_get_volume_uuid_by_spec(const char *spec); + extern const char *mount_get_volume_label_by_spec(const char *spec); + extern const char *mount_get_devname(const char *spec); + extern const char *mount_get_devname_for_mounting(const char *spec); +Only in util-linux-2.12r/mount: mount_blkid.h~ diff --git a/util-linux-2.12r-mount-doubleslashessourceprefix-cifs.diff b/util-linux-2.12r-mount-doubleslashessourceprefix-cifs.diff new file mode 100644 index 0000000..9b57882 --- /dev/null +++ b/util-linux-2.12r-mount-doubleslashessourceprefix-cifs.diff @@ -0,0 +1,58 @@ +Author: Lars Mueller +Subject: Use cifs instead of smbfs by default if the source starts with //; minor mount man pages changes (mention cifs and point to mount.cifs man page) +Bugzilla: na +submitted upstream: yes +accepeted upstream: no + +Index: util-linux-2.12r/mount/mount.8 +=================================================================== +--- util-linux-2.12r.orig/mount/mount.8 ++++ util-linux-2.12r/mount/mount.8 +@@ -367,6 +367,7 @@ currently supported include: + .IR adfs , + .IR affs , + .IR autofs , ++.IR cifs , + .IR coda , + .IR coherent , + .IR cramfs , +@@ -420,8 +421,8 @@ For most types all the + program has to do is issue a simple + .IR mount (2) + system call, and no detailed knowledge of the filesystem type is required. +-For a few types however (like nfs, smbfs, ncpfs) ad hoc code is +-necessary. The nfs ad hoc code is built in, but smbfs and ncpfs ++For a few types however (like nfs, cifs, smbfs, ncpfs) ad hoc code is ++necessary. The nfs ad hoc code is built in, but cifs, smbfs, and ncpfs + have a separate mount program. In order to make it possible to + treat all types in a uniform way, mount will execute the program + .I /sbin/mount.TYPE +@@ -733,6 +734,11 @@ These options are accepted but ignored. + (However, quota utilities may react to such strings in + .IR /etc/fstab .) + ++.SH "Mount options for cifs" ++See the options section of the ++.BR mount.cifs (8) ++man page (cifs-mount package must be installed). ++ + .SH "Mount options for coherent" + None. + +Index: util-linux-2.12r/mount/mount.c +=================================================================== +--- util-linux-2.12r.orig/mount/mount.c ++++ util-linux-2.12r/mount/mount.c +@@ -1178,10 +1178,10 @@ mount_one (const char *spec, const char + "I'll assume nfs because of " + "the colon\n")); + } else if(!strncmp(spec, "//", 2)) { +- types = "smbfs"; ++ types = "cifs"; + if (verbose) + printf(_("mount: no type was given - " +- "I'll assume smbfs because of " ++ "I'll assume cifs because of " + "the // prefix\n")); + } + } diff --git a/util-linux-2.12r-mount-mtab-update.patch b/util-linux-2.12r-mount-mtab-update.patch new file mode 100644 index 0000000..c620b11 --- /dev/null +++ b/util-linux-2.12r-mount-mtab-update.patch @@ -0,0 +1,29 @@ +--- mount/mount.c ++++ mount/mount.c +@@ -805,6 +805,7 @@ + int mnt5_res = 0; /* only for gcc */ + int mnt_err; + int flags; ++ int isroot; + char *extra_opts; /* written in mtab */ + char *mount_opts; /* actually used on system call */ + const char *opts, *spec, *node, *types; +@@ -913,13 +914,17 @@ + if (loop) + opt_loopdev = loopdev; + +- update_mtab_entry(loop ? loopfile : spec, ++ isroot = (streq (node, "/") || streq (node, "root") || ++ streq (node, "rootfs")); ++ if (!isroot) { ++ update_mtab_entry(loop ? loopfile : spec, + node, + types ? types : "unknown", + fix_opts_string (flags & ~MS_NOMTAB, extra_opts, user), + flags, + freq, + pass); ++ } + + block_signals (SIG_UNBLOCK); + res = 0; diff --git a/util-linux-2.12r-mount.8-xfs-update.patch b/util-linux-2.12r-mount.8-xfs-update.patch new file mode 100644 index 0000000..0519712 --- /dev/null +++ b/util-linux-2.12r-mount.8-xfs-update.patch @@ -0,0 +1,15 @@ +--- mount/mount.8 ++++ mount/mount.8 +@@ -1781,6 +1781,12 @@ + .TP + .B dmapi " / " xdsm + Enable the DMAPI (Data Management API) event callouts. ++Use with the "mtpt" option. ++.TP ++.BI mtpt= mountpoint ++Use with the "dmapi" option. The value specified here will be ++included in the DMAPI mount event, and should be the path of ++the actual mountpoint that is used. + .TP + .BI logbufs= value + Set the number of in-memory log buffers. diff --git a/util-linux-2.12r-nfs_remount_options.patch b/util-linux-2.12r-nfs_remount_options.patch new file mode 100644 index 0000000..04fd6b6 --- /dev/null +++ b/util-linux-2.12r-nfs_remount_options.patch @@ -0,0 +1,18 @@ +Index: util-linux-2.12r/mount/nfsmount.c +=================================================================== +--- util-linux-2.12r.orig/mount/nfsmount.c ++++ util-linux-2.12r/mount/nfsmount.c +@@ -305,8 +305,11 @@ int nfsmount(const char *spec, const cha + "excessively long option argument\n")); + goto fail; + } +- sprintf(new_opts, "%s%saddr=%s", +- old_opts, *old_opts ? "," : "", s); ++ if (*flags & MS_REMOUNT) ++ strcpy(new_opts, old_opts); ++ else ++ sprintf(new_opts, "%s%saddr=%s", ++ old_opts, *old_opts ? "," : "", s); + *extra_opts = xstrdup(new_opts); + + /* Set default options. diff --git a/util-linux-2.12r-nonfsmountfallback.diff b/util-linux-2.12r-nonfsmountfallback.diff new file mode 100644 index 0000000..97a7460 --- /dev/null +++ b/util-linux-2.12r-nonfsmountfallback.diff @@ -0,0 +1,31 @@ +--- util-linux-2.12r/mount/mount.c ++++ util-linux-2.12r/mount/mount.c +@@ -927,17 +927,6 @@ + + block_signals (SIG_UNBLOCK); + +-#ifdef HAVE_NFS +- if (mnt_err && types && streq (types, "nfs")) { +- if (nfs_mount_version == 4 && mnt_err != EBUSY && mnt_err != ENOENT) { +- if (verbose) +- printf(_("mount: failed with nfs mount version 4, trying 3..\n")); +- nfs_mount_version = 3; +- goto retry_nfs; +- } +- } +-#endif +- + /* Mount failed, complain, but don't die. */ + + if (types == 0) { +--- util-linux-2.12r/mount/nfsmount.c ++++ util-linux-2.12r/mount/nfsmount.c +@@ -76,7 +76,7 @@ + + #define MAKE_VERSION(p,q,r) (65536*(p) + 256*(q) + (r)) + +-#define MAX_NFSPROT ((nfs_mount_version >= 4) ? 3 : 2) ++#define MAX_NFSPROT 3 + + static int + linux_version_code(void) { diff --git a/util-linux-2.12r-pagesize.patch b/util-linux-2.12r-pagesize.patch new file mode 100644 index 0000000..e7a6968 --- /dev/null +++ b/util-linux-2.12r-pagesize.patch @@ -0,0 +1,12 @@ +--- mount/swapon.c ++++ mount/swapon.c +@@ -50,6 +50,9 @@ + + #define QUIET 1 + ++#undef PAGE_SIZE ++#define PAGE_SIZE sysconf(_SC_PAGESIZE) ++ + int all = 0; + int verbose = 0; + int priority = -1; /* non-prioritized swap by default */ diff --git a/util-linux-2.12r-partx.patch b/util-linux-2.12r-partx.patch new file mode 100644 index 0000000..bde9c4a --- /dev/null +++ b/util-linux-2.12r-partx.patch @@ -0,0 +1,118 @@ +Index: util-linux-2.12r/Makefile +=================================================================== +--- util-linux-2.12r.orig/Makefile ++++ util-linux-2.12r/Makefile +@@ -18,7 +18,8 @@ SUBDIRS=po \ + fdisk \ + hwclock \ + sys-utils \ +- text-utils ++ text-utils \ ++ partx + + .PHONEY: all install clean now + all: defines.h +@@ -43,7 +44,7 @@ install: + + clean: + -rm -f *.o *~ omake conftest conftest.c core +- @for subdir in $(SUBDIRS) partx; do \ ++ @for subdir in $(SUBDIRS); do \ + (cd $$subdir && $(MAKE) $@) || exit 1; \ + done + +Index: util-linux-2.12r/partx/partx.c +=================================================================== +--- util-linux-2.12r.orig/partx/partx.c ++++ util-linux-2.12r/partx/partx.c +@@ -38,6 +38,8 @@ + #include + #include + #include /* HDIO_GETGEO */ ++/* workaround for __user in header file */ ++#define __user + #include + #define BLKGETSIZE _IO(0x12,96) /* return device size */ + +@@ -333,29 +335,13 @@ xmalloc (size_t size) { + /* + * sseek: seek to specified sector + */ +-#if !defined (__alpha__) && !defined (__ia64__) && !defined (__s390x__) && !defined(__x86_64__) +-#define NEED__llseek +-#endif +- +-#ifdef NEED__llseek +-#include /* _syscall */ +-static +-_syscall5(int, _llseek, uint, fd, ulong, hi, ulong, lo, +- long long *, res, uint, wh); +-#endif +- + static int + sseek(int fd, unsigned int secnr) { + long long in, out; + in = ((long long) secnr << 9); + out = 1; + +-#ifdef NEED__llseek +- if (_llseek (fd, in>>32, in & 0xffffffff, &out, SEEK_SET) != 0 +- || out != in) +-#else + if ((out = lseek(fd, in, SEEK_SET)) != in) +-#endif + { + fprintf(stderr, "llseek error\n"); + return -1; +Index: util-linux-2.12r/partx/addpart.c +=================================================================== +--- util-linux-2.12r.orig/partx/addpart.c ++++ util-linux-2.12r/partx/addpart.c +@@ -3,6 +3,8 @@ + #include + #include + #include ++/* workaround for __user in header file */ ++#define __user + #include + + int +Index: util-linux-2.12r/partx/delpart.c +=================================================================== +--- util-linux-2.12r.orig/partx/delpart.c ++++ util-linux-2.12r/partx/delpart.c +@@ -3,6 +3,8 @@ + #include + #include + #include ++/* workaround for __user in header file */ ++#define __user + #include + + int +Index: util-linux-2.12r/partx/Makefile +=================================================================== +--- util-linux-2.12r.orig/partx/Makefile ++++ util-linux-2.12r/partx/Makefile +@@ -1,7 +1,12 @@ ++include ../MCONFIG ++ + OBJ = bsd.o dos.o partx.o solaris.o unixware.o gpt.o crc32.o + CFLAGS += -Wall ++SBIN= ++ ++SBIN:=$(SBIN) partx + +-all: addpart delpart partx ++all: addpart delpart $(SBIN) + + partx: $(OBJ) + +@@ -13,3 +18,7 @@ clean: + rm -f $(OBJ) addpart.o delpart.o addpart delpart partx *~ + + $(OBJ): partx.h ++ ++install: all ++ $(INSTALLDIR) $(SBINDIR) ++ $(INSTALLBIN) $(SBIN) $(SBINDIR) diff --git a/util-linux-2.12r-rawfixes.patch b/util-linux-2.12r-rawfixes.patch new file mode 100644 index 0000000..14ba34b --- /dev/null +++ b/util-linux-2.12r-rawfixes.patch @@ -0,0 +1,19 @@ +--- util-linux-2.12a/disk-utils/raw.c.=K0000=.orig ++++ util-linux-2.12a/disk-utils/raw.c +@@ -31,6 +31,7 @@ + #endif + #define DEVFS_RAWCTLDEV "/dev/raw/rawctl" + ++#define RAW_NR_MINORS 4096 + + char * progname; + int do_query = 0; +@@ -94,7 +95,7 @@ int main(int argc, char *argv[]) + if (do_query_all) { + if (optind < argc) + usage(1); +- for (i=1; i<255; i++) ++ for (i = 1; i < RAW_NR_MINORS; i++) + query(i, 1); + exit(0); + } diff --git a/util-linux-2.12r-readprofile-mapfile.patch b/util-linux-2.12r-readprofile-mapfile.patch new file mode 100644 index 0000000..810b440 --- /dev/null +++ b/util-linux-2.12r-readprofile-mapfile.patch @@ -0,0 +1,45 @@ +diff -ruNp util-linux-2.12r/sys-utils/readprofile.c util-linux-2.12r.fix/sys-utils/readprofile.c +--- util-linux-2.12r/sys-utils/readprofile.c 2004-12-11 11:11:09.000000000 +1100 ++++ util-linux-2.12r.fix/sys-utils/readprofile.c 2006-05-19 17:45:56.000000000 +1000 +@@ -324,6 +324,7 @@ main(int argc, char **argv) { + */ + while (fgets(mapline,S_LEN,map)) { + unsigned int this=0; ++ int done = 0; + + if (sscanf(mapline,"%llx %s %s",&next_add,mode,next_name)!=3) { + fprintf(stderr,_("%s: %s(%i): wrong map line\n"), +@@ -332,12 +333,17 @@ main(int argc, char **argv) { + } + header_printed = 0; + +- /* ignore any LEADING (before a '[tT]' symbol is found) +- Absolute symbols */ +- if ((*mode == 'A' || *mode == '?') && total == 0) continue; +- if (*mode != 'T' && *mode != 't' && +- *mode != 'W' && *mode != 'w') +- break; /* only text is profiled */ ++ /* the kernel only profiles up to _etext */ ++ if (!strcmp(next_name, "_etext")) ++ done = 1; ++ else { ++ /* ignore any LEADING (before a '[tT]' symbol is found) ++ Absolute symbols */ ++ if ((*mode == 'A' || *mode == '?') && total == 0) continue; ++ if (*mode != 'T' && *mode != 't' && ++ *mode != 'W' && *mode != 'w') ++ break; /* only text is profiled */ ++ } + + if (indx >= len / sizeof(*buf)) { + fprintf(stderr, _("%s: profile address out of range. " +@@ -387,6 +393,8 @@ main(int argc, char **argv) { + strcpy(fn_name,next_name); + + maplineno++; ++ if (done) ++ break; + } + + /* clock ticks, out of kernel text - probably modules */ + diff --git a/util-linux-2.12r-rpcsec-gss.patch b/util-linux-2.12r-rpcsec-gss.patch new file mode 100644 index 0000000..cdff5f4 --- /dev/null +++ b/util-linux-2.12r-rpcsec-gss.patch @@ -0,0 +1,114 @@ +--- mount/nfsmount.c.orig 2006-03-17 19:42:33.000000000 +1100 ++++ mount/nfsmount.c 2006-03-17 19:56:55.000000000 +1100 +@@ -119,8 +119,10 @@ find_kernel_nfs_mount_version(void) { + nfs_mount_version = 4; /* since 2.2.18pre9 */ + else if (kernel_version < MAKE_VERSION(2,3,99)) + nfs_mount_version = 3; ++ else if (kernel_version < MAKE_VERSION(2,6,3)) ++ nfs_mount_version = 4; + else +- nfs_mount_version = 4; /* since 2.3.99pre4 */ ++ nfs_mount_version = 6; + } + if (nfs_mount_version > NFS_MOUNT_VERSION) + nfs_mount_version = NFS_MOUNT_VERSION; +@@ -320,7 +322,6 @@ int nfsmount(const char *spec, const cha + #if NFS_MOUNT_VERSION >= 2 + data.namlen = NAME_MAX; + #endif +- + bg = 0; + soft = 0; + intr = 0; +@@ -402,6 +403,38 @@ int nfsmount(const char *spec, const cha + printf(_("Warning: Option namlen is not supported.\n")); + } else if (!strcmp(opt, "addr")) { + /* ignore */; ++#if NFS_MOUNT_VERSION >= 5 ++ } else if (!strcmp(opt, "sec")) { ++ char *secflavor = opteq+1; ++ /* see RFC 2623 */ ++ if (nfs_mount_version < 5) { ++ printf(_("Warning: this version of mount(1) does not support RPCSEC_GSS, ignoring sec=%s option\n"), secflavor); ++ continue; ++ } else if (!strcmp(secflavor, "sys")) ++ data.pseudoflavor = AUTH_SYS; ++ else if (!strcmp(secflavor, "krb5")) ++ data.pseudoflavor = AUTH_GSS_KRB5; ++ else if (!strcmp(secflavor, "krb5i")) ++ data.pseudoflavor = AUTH_GSS_KRB5I; ++ else if (!strcmp(secflavor, "krb5p")) ++ data.pseudoflavor = AUTH_GSS_KRB5P; ++ else if (!strcmp(secflavor, "lipkey")) ++ data.pseudoflavor = AUTH_GSS_LKEY; ++ else if (!strcmp(secflavor, "lipkey-i")) ++ data.pseudoflavor = AUTH_GSS_LKEYI; ++ else if (!strcmp(secflavor, "lipkey-p")) ++ data.pseudoflavor = AUTH_GSS_LKEYP; ++ else if (!strcmp(secflavor, "spkm3")) ++ data.pseudoflavor = AUTH_GSS_SPKM; ++ else if (!strcmp(secflavor, "spkm3i")) ++ data.pseudoflavor = AUTH_GSS_SPKMI; ++ else if (!strcmp(secflavor, "spkm3p")) ++ data.pseudoflavor = AUTH_GSS_SPKMP; ++ else if(!sloppy) { ++ printf(_("Warning: Unrecognized security flavor %s.\n"), secflavor); ++ goto fail; ++ } ++#endif + } else { + printf(_("unknown nfs mount parameter: " + "%s=%d\n"), opt, val); +@@ -474,6 +507,11 @@ retry_udp: + data.flags |= (noacl ? NFS_MOUNT_NOACL : 0); + } + #endif ++#if NFS_MOUNT_VERSION >= 5 ++ if ((nfs_mount_version >= 5) && data.pseudoflavor) { ++ data.flags |= NFS_MOUNT_SECFLAVOUR; ++ } ++#endif + if (nfsvers > MAX_NFSPROT) { + fprintf(stderr, "NFSv%d not supported!\n", nfsvers); + return 0; +@@ -510,6 +548,9 @@ retry_udp: + printf("tcp = %d\n", + (data.flags & NFS_MOUNT_TCP) != 0); + #endif ++#if NFS_MOUNT_VERSION >= 5 ++ printf("sec = %u\n", data.pseudoflavor); ++#endif + #endif + + data.version = nfs_mount_version; +@@ -717,6 +758,30 @@ retry_udp: + nfs_strerror(status.nfsv3.fhs_status)); + goto fail; + } ++#if NFS_MOUNT_VERSION >= 5 ++ if (data.pseudoflavor) { ++ mountres3_ok *mountres = &status.nfsv3.mountres3_u.mountinfo; ++ int i = mountres->auth_flavours.auth_flavours_len; ++ ++ if (i > 0) { ++ int *flavor = mountres->auth_flavours.auth_flavours_val; ++ while (--i >= 0) { ++ if (flavor[i] == data.pseudoflavor) { ++ break; ++ } ++ } ++ ++ if (i < 0) { ++ fprintf(stderr, ++ "mount: %s:%s failed, security flavor not supported\n", ++ hostname, dirname); ++ mountproc3_umnt_3(&dirname,mclient); ++ goto fail; ++ } ++ } ++ } ++#endif ++ + fhandle = &status.nfsv3.mountres3_u.mountinfo.fhandle; + memset(data.old_root.data, 0, NFS_FHSIZE); + memset(&data.root, 0, sizeof(data.root)); diff --git a/util-linux-2.12r-sec-manpage.patch b/util-linux-2.12r-sec-manpage.patch new file mode 100644 index 0000000..0621cd6 --- /dev/null +++ b/util-linux-2.12r-sec-manpage.patch @@ -0,0 +1,51 @@ +From: http://www.citi.umich.edu/projects/nfsv4/linux/util-linux-patches +Subject: Update nfs(5) manpage to document security flavors +References: 159368 + +Acked-by: okir@suse.de + + mount/nfs.5 | 24 ++++++++++++++++++++---- + 1 files changed, 20 insertions(+), 4 deletions(-) + +Index: util-linux-2.12r/mount/nfs.5 +=================================================================== +--- util-linux-2.12r.orig/mount/nfs.5 ++++ util-linux-2.12r/mount/nfs.5 +@@ -128,7 +128,7 @@ mount daemon program number. + Use an alternate RPC version number to contact the + mount daemon on the remote host. This option is useful + for hosts that can run multiple NFS servers. +-The default value is version 1. ++The default value depends on which kernel you are using. + .TP 1.5i + .I nfsprog=n + Use an alternate RPC program number to contact the +@@ -193,9 +193,25 @@ Suppress the retrieval of new attributes + .TP 1.5i + .I noac + Disable all forms of attribute caching entirely. This extracts a +-server performance penalty but it allows two different NFS clients +-to get reasonable good results when both clients are actively +-writing to common filesystem on the server. ++significant performance penalty but it allows two different NFS clients ++to get reasonable results when both clients are actively ++writing to a common export on the server. ++.TP 1.5i ++.I sec=mode ++Set the security flavor for this mount to "mode". ++The default setting is \f3sec=sys\f1, which uses local ++unix uids and gids to authenticate NFS operations (AUTH_SYS). ++Other currently supported settings are: ++\f3sec=krb5\f1, which uses Kerberos V5 instead of local unix uids ++and gids to authenticate users; ++\f3sec=krb5i\f1, which uses Kerberos V5 for user authentication ++and performs integrity checking of NFS operations using secure ++checksums to prevent data tampering; and ++\f3sec=krb5p\f1, which uses Kerberos V5 for user authentication ++and integrity checking, and encrypts NFS traffic to prevent ++traffic sniffing (this is the most secure setting). ++Note that there is a performance penalty when using integrity ++or privacy. + .TP 1.5i + .I tcp + Mount the NFS filesystem using the TCP protocol instead of the diff --git a/util-linux-2.12r-umount_nosysfs.patch b/util-linux-2.12r-umount_nosysfs.patch new file mode 100644 index 0000000..f8d5ea6 --- /dev/null +++ b/util-linux-2.12r-umount_nosysfs.patch @@ -0,0 +1,11 @@ +--- mount/umount.c ++++ mount/umount.c +@@ -724,7 +724,7 @@ + if (all) { + /* nodev stuff: sysfs, usbfs, oprofilefs, ... */ + if (types == NULL) +- types = "noproc,nodevfs,nodevpts"; ++ types = "noproc,nodevfs,nodevpts,nosysfs"; + result = umount_all (types, test_opts); + } else if (argc < 1) { + usage (stderr, 2); diff --git a/util-linux-2.12r.diff b/util-linux-2.12r.diff new file mode 100644 index 0000000..901db7f --- /dev/null +++ b/util-linux-2.12r.diff @@ -0,0 +1,86 @@ +--- util-linux-2.12q/configure ++++ util-linux-2.12q/configure +@@ -59,7 +59,7 @@ + + CC=${CC-cc} + CFLAGS=${CFLAGS-"-O2"} +-LDFLAGS=${LDFLAGS-"-s"} ++LDFLAGS=${LDFLAGS-""} + echo CC=$CC >> make_include + echo CFLAGS=$CFLAGS >> make_include + echo LDFLAGS=$LDFLAGS >> make_include +--- util-linux-2.12q/MCONFIG ++++ util-linux-2.12q/MCONFIG +@@ -22,7 +22,7 @@ + # If HAVE_PAM is set to "yes", then login, chfn, chsh, and newgrp + # will use PAM for authentication. Additionally, passwd will not be + # installed as it is not PAM aware. +-HAVE_PAM=no ++HAVE_PAM=yes + + # If HAVE_SELINUX is set to "yes", the login will make sure the user is + # logged into an appropriate security context +@@ -35,7 +35,7 @@ + + # If HAVE_PASSWD is set to "yes", then passwd will not be built or + # installed from the login-utils subdirectory. +-HAVE_PASSWD=no ++HAVE_PASSWD=yes + + # If you use chfn and chsh from this package, REQUIRE_PASSWORD will require + # non-root users to enter the account password before updating /etc/passwd. +@@ -59,7 +59,7 @@ + # not be built or installed from the login-utils subdirectory. (The + # shutdown and init from the SysVinit package do not depend on the last, + # mesg, and wall from that package.) +-HAVE_SYSVINIT_UTILS=yes ++HAVE_SYSVINIT_UTILS=no + + # If HAVE_WRITE is set to "yes", then write will not be built or + # installed from the misc-utils subdirectory. +@@ -77,7 +77,7 @@ + # user's tty to "tty" [The login in util-linux does this correctly, and + # xterm will do it correctly if X is compiled with USE_TTY_GROUP set + # properly.] +-USE_TTY_GROUP=yes ++USE_TTY_GROUP=no + + # If HAVE_KILL is set to "yes", then kill will not be built or + # installed from the misc-utils subdirectory. +@@ -141,7 +141,7 @@ + OPT= -pipe -O2 $(CPUOPT) -fomit-frame-pointer + else + ifeq "$(ARCH)" "arm" +- OPT= -pipe -O2 -fsigned-char -fomit-frame-pointer ++ OPT= -pipe -O2 -fomit-frame-pointer + else + OPT= -O2 -fomit-frame-pointer + endif +@@ -220,7 +220,7 @@ + INSTALLBIN= $(INSTALL) -m $(BINMODE) + INSTALLMAN= $(INSTALL) -m $(MANMODE) + INSTALLDAT= $(INSTALL) -m $(DATMODE) +-INSTALLSUID= $(INSTALL) -m $(SUIDMODE) -o root ++INSTALLSUID= $(INSTALL) -m $(SUIDMODE) + + ifeq "$(DISABLE_NLS)" "yes" + NLSFLAGS = -DDISABLE_NLS +--- util-linux-2.12q/mount/filesystems ++++ util-linux-2.12q/mount/filesystems +@@ -0,0 +1,5 @@ ++vfat ++hfs ++minix ++reiserfs ++* +--- util-linux-2.12q/mount/linux_fs.h ++++ util-linux-2.12q/mount/linux_fs.h +@@ -19,7 +19,7 @@ + #define MINIX2_SUPER_MAGIC2 0x2478 /* minix v2, 30 char names */ + struct minix_super_block { + u_char s_dummy[16]; +- u_char s_magic[2]; ++ short s_magic[2]; + }; + #define minixmagic(s) assemble2le(s.s_magic) + diff --git a/util-linux-2.12r.tar.bz2 b/util-linux-2.12r.tar.bz2 new file mode 100644 index 0000000..dd91c63 --- /dev/null +++ b/util-linux-2.12r.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b8e499b338ce9fbd1fb315194b26540ec823c0afc46c9e145ac7a3e38ad57e6b +size 1370907 diff --git a/util-linux-libvolume_id-support.patch b/util-linux-libvolume_id-support.patch new file mode 100644 index 0000000..adca26a --- /dev/null +++ b/util-linux-libvolume_id-support.patch @@ -0,0 +1,523 @@ +--- MCONFIG ++++ MCONFIG +@@ -138,8 +138,8 @@ + CPUTAIL=486 + endif + ifeq "$(CPU)" "x86_64" +- CPUHEAD=-mcpu= +- CPUTAIL=nocona ++ CPUHEAD=-mtune= ++ CPUTAIL=k8 + endif + CPUOPT= $(CPUHEAD)$(CPUTAIL) + OPT= -pipe -O2 $(CPUOPT) -fomit-frame-pointer +@@ -151,7 +151,7 @@ + endif + endif + +-WARNFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes ++WARNFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -g + + LIB=../lib + +--- configure ++++ configure +@@ -754,3 +754,23 @@ + echo "You don't have blkid" + fi + rm -f conftest conftest.c ++ ++# ++# 16. For mount, do we have libvolume_id? ++# ++echo ' ++#include ++#include ++int main(){ exit(0); volume_id_close(NULL); } ++' > conftest.c ++LIBS="-lvolume_id" ++eval $compile ++LIBS= ++if test -s conftest; then ++ echo "HAVE_VOLID=yes" >> make_include ++ echo "You have libvolume_id" ++else ++ echo "HAVE_VOLID=no" >> make_include ++ echo "You don't have libvolume_id" ++fi ++rm -f conftest conftest.c +--- mount/Makefile ++++ mount/Makefile +@@ -1,7 +1,7 @@ + include ../make_include + include ../MCONFIG + +-DEFINES = -DHAVE_NFS $(BLKID_DEFINE) ++DEFINES = -DHAVE_NFS $(BLKID_DEFINE) $(VOLID_DEFINE) + + RPCSVCDIR = rpcsvc + RPC_CFLAGS = -Wno-unused +@@ -25,6 +25,11 @@ + BLKID_LIB = -lblkid -luuid + endif + ++ifeq "$(HAVE_VOLID)" "yes" ++VOLID_DEFINE = -DHAVE_VOLID ++VOLID_LIB = -lvolume_id ++endif ++ + PROGS = $(SUID_PROGS) $(NOSUID_PROGS) + + MAYBE = pivot_root swapoff +@@ -48,23 +53,25 @@ + + mount: mount.o fstab.o sundries.o xmalloc.o realpath.o mntent.o version.o \ + get_label_uuid.o mount_by_label.o mount_blkid.o mount_guess_fstype.o \ ++ mount_udev.o \ + getusername.o $(LIB)/setproctitle.o $(LIB)/env.o $(NFS_OBJS) lomount.o \ + loumount.o loop.o sha512.o rmd160.o aes.o $(LIB)/xstrncpy.o +- $(LINK) $^ -o $@ $(BLKID_LIB) ++ $(LINK) $^ -o $@ $(BLKID_LIB) $(VOLID_LIB) + + umount: umount.o fstab.o sundries.o xmalloc.o realpath.o mntent.o \ + getusername.o get_label_uuid.o mount_by_label.o mount_blkid.o \ +- version.o $(LIB)/env.o loumount.o +- $(LINK) $^ -o $@ $(BLKID_LIB) ++ mount_udev.o version.o $(LIB)/env.o loumount.o ++ $(LINK) $^ -o $@ $(BLKID_LIB) $(VOLID_LIB) + + guessfstype: guessfstype.o mount_guess_fstype.o sundries.o realpath.o \ + fstab.o mntent.o get_label_uuid.o mount_blkid.o mount_by_label.o \ +- xmalloc.o +- $(LINK) $^ -o $@ ++ mount_udev.o xmalloc.o ++ $(LINK) $^ -o $@ $(VOLID_LIB) + + swapon: swapon.o version.o xmalloc.o \ +- get_label_uuid.o mount_by_label.o mount_blkid.o loop.o sha512.o $(LIB)/xstrncpy.o +- $(LINK) $^ -o $@ $(BLKID_LIB) ++ get_label_uuid.o mount_by_label.o mount_blkid.o mount_udev.o \ ++ loop.o sha512.o $(LIB)/xstrncpy.o ++ $(LINK) $^ -o $@ $(BLKID_LIB) $(VOLID_LIB) + + main_losetup.o: lomount.c + $(COMPILE) -DMAIN lomount.c -o $@ +@@ -142,7 +149,7 @@ + + clean: + rm -f a.out core *~ *.o swapargs.h $(PROGS) $(MAYBE) +- rm -f nfs_mountversion.h ++ rm -f nfs_mountversion.h nfsmount_clnt.c nfsmount.h nfsmount_xdr.c + + clobber distclean realclean: clean + rm -f $(GEN_FILES) +--- mount/fstab.c ++++ mount/fstab.c +@@ -305,6 +305,7 @@ + /* Find the entry (SPEC,FILE) in fstab */ + struct mntentchn * + getfsspecfile (const char *spec, const char *file) { ++ char *nspec; + struct mntentchn *mc, *mc0; + + mc0 = fstab_head(); +@@ -316,11 +317,12 @@ + return mc; + + /* second attempt: names found after symlink resolution */ ++ nspec = canonicalize(spec); + for (mc = mc0->nxt; mc && mc != mc0; mc = mc->nxt) + if ((streq(mc->m.mnt_dir, file) || + streq(canonicalize(mc->m.mnt_dir), file)) + && (streq(mc->m.mnt_fsname, spec) || +- streq(canonicalize(mc->m.mnt_fsname), spec))) ++ streq(canonicalize(mc->m.mnt_fsname), nspec))) + return mc; + + /* third attempt: names found after LABEL= or UUID= resolution */ +@@ -357,11 +359,21 @@ + struct mntentchn * + getfsspec (const char *spec) { + struct mntentchn *mc, *mc0; ++ const char *nspec, *fsname; + + mc0 = fstab_head(); +- for (mc = mc0->nxt; mc && mc != mc0; mc = mc->nxt) +- if (streq(mc->m.mnt_fsname, spec)) ++ for (mc = mc0->nxt; mc && mc != mc0; mc = mc->nxt) { ++ if (!strncmp (mc->m.mnt_fsname, "LABEL=", 6)) { ++ fsname = mount_get_devname_by_label(mc->m.mnt_fsname + 6); ++ } else if (!strncmp(mc->m.mnt_fsname, "UUID=", 5)) { ++ fsname = mount_get_devname_by_uuid(mc->m.mnt_fsname + 5); ++ } else { ++ fsname = mc->m.mnt_fsname; ++ } ++ nspec = canonicalize(fsname); ++ if (streq(nspec, spec)) + return mc; ++ } + return NULL; + } + +--- mount/mount.c ++++ mount/mount.c +@@ -1667,7 +1667,7 @@ + use only for testing purposes - + the guessing is not reliable at all */ + { +- char *fstype; ++ const char *fstype; + fstype = do_guess_fstype(optarg); + printf("%s\n", fstype ? fstype : "unknown"); + exit(fstype ? 0 : EX_FAIL); +@@ -1738,6 +1738,8 @@ + if (mc == NULL) + mc = getfsspec (spec); + if (mc == NULL) ++ mc = getfsspec (canonicalize(spec)); ++ if (mc == NULL) + die (EX_USAGE, + _("mount: cannot find %s in %s"), + spec, _PATH_FSTAB); +--- mount/mount_blkid.c ++++ mount/mount_blkid.c +@@ -1,6 +1,7 @@ + #include + #include "mount_blkid.h" + ++#ifndef HAVE_VOLID + #ifdef HAVE_BLKID + + blkid_cache blkid; +@@ -119,3 +120,4 @@ + + + #endif ++#endif +--- mount/mount_blkid.h ++++ mount/mount_blkid.h +@@ -11,3 +11,5 @@ + extern const char *mount_get_volume_label_by_spec(const char *spec); + extern const char *mount_get_devname(const char *spec); + extern const char *mount_get_devname_for_mounting(const char *spec); ++ ++extern const char *volume_id_get_tag(const char *spec, const char *token); +--- mount/mount_by_label.c ++++ mount/mount_by_label.c +@@ -1,4 +1,4 @@ +-#ifndef HAVE_BLKID ++#if (!defined HAVE_BLKID) && (!defined HAVE_VOLID) + /* + * mount_by_label.c - aeb + * +--- mount/mount_guess_fstype.c ++++ mount/mount_guess_fstype.c +@@ -54,9 +54,23 @@ + #define ETC_FILESYSTEMS "/etc/filesystems" + #define PROC_FILESYSTEMS "/proc/filesystems" + ++#ifdef HAVE_VOLID ++ ++static int ++known_fstype(const char *fstype) { ++ return 0; ++} ++ ++const char * ++do_guess_fstype(const char *spec) ++{ ++ return volume_id_get_tag(spec, "TYPE"); ++} ++ ++#else + #ifdef HAVE_BLKID + +-char * ++const char * + do_guess_fstype(const char *device) + { + return blkid_get_tag_value(blkid, "TYPE", device); +@@ -208,7 +222,7 @@ + return (sum == p[511]); + } + +-char * ++const char * + do_guess_fstype(const char *device) { + int fd; + char *type = NULL; +@@ -536,7 +550,7 @@ + } + + #endif +- ++#endif + static struct tried { + struct tried *next; + char *type; +@@ -578,9 +592,9 @@ + tried = NULL; + } + +-char * ++const char * + guess_fstype(const char *spec) { +- char *type = do_guess_fstype(spec); ++ const char *type = do_guess_fstype(spec); + if (verbose) { + printf (_("mount: you didn't specify a filesystem type for %s\n"), + spec); +--- /dev/null 2006-06-02 17:12:45.000000000 +0200 ++++ mount/mount_udev.c 2006-06-12 11:14:42.285154088 +0200 +@@ -0,0 +1,237 @@ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include "mount_blkid.h" ++ ++#ifdef HAVE_VOLID ++ ++extern int verbose; ++ ++struct volume_id_types_t { ++ int id; ++ char *token; ++ char *env; ++}; ++ ++enum { ++ VOLUME_ID_NONE=0, ++ VOLUME_ID_TYPE, ++ VOLUME_ID_LABEL, ++ VOLUME_ID_UUID ++}; ++ ++#define volume_id_offset(member) (unsigned long)offsetof(struct volume_id,member) ++ ++struct volume_id_types_t volume_id_types[] = { ++ { VOLUME_ID_TYPE, "TYPE", "ID_FS_TYPE" }, ++ { VOLUME_ID_LABEL, "LABEL", "ID_FS_LABEL" }, ++ { VOLUME_ID_UUID, "UUID", "ID_FS_UUID" }, ++ { VOLUME_ID_NONE, NULL, NULL }, ++}; ++ ++const char * ++volume_id_get_tag(const char *spec, const char *token) ++{ ++ struct volume_id *vid; ++ uint64_t size; ++ struct volume_id_types_t *volume_id_ptr = volume_id_types; ++ char *var, *value; ++ ++ value = calloc(1, VOLUME_ID_LABEL_SIZE); ++ if (!value) ++ return NULL; ++ ++ if (!spec) ++ return NULL; ++ ++ while (volume_id_ptr->token && strcmp(volume_id_ptr->token,token)) ++ volume_id_ptr++; ++ ++ if (!volume_id_ptr->token) { ++ free(value); ++ value = NULL; ++ goto out; ++ } ++ ++ /* Quick exit if ID_FS_* variables are set */ ++ if ((var = getenv(volume_id_ptr->env))) { ++ strncpy(value,var,VOLUME_ID_LABEL_SIZE - 1); ++ goto out; ++ } ++ ++ vid = volume_id_open_node(spec); ++ if (!vid) { ++ free(value); ++ value = NULL; ++ goto out; ++ } ++ ++ if (ioctl(vid->fd, BLKGETSIZE64, &size) != 0) ++ size = 0; ++ ++ if (volume_id_probe_all(vid, 0, size) == 0) { ++ switch(volume_id_ptr->id) { ++ case VOLUME_ID_TYPE: ++ strcpy(value, vid->type); ++ break; ++ case VOLUME_ID_LABEL: ++ strcpy(value, vid->label); ++ break; ++ case VOLUME_ID_UUID: ++ strcpy(value, vid->uuid); ++ break; ++ default: ++ free(value); ++ value = NULL; ++ break; ++ } ++ } else ++ value = NULL; ++ ++ volume_id_close(vid); ++ ++ out: ++ return value; ++} ++ ++void ++mount_blkid_get_cache(void) {} ++ ++void ++mount_blkid_put_cache(void) {} ++ ++const char * ++mount_get_volume_uuid_by_spec(const char *spec) ++{ ++ return volume_id_get_tag(spec, "UUID"); ++} ++ ++const char * ++mount_get_volume_label_by_spec(const char *spec) ++{ ++ return volume_id_get_tag(spec, "LABEL"); ++} ++ ++const char * ++mount_get_devname_by_uuid(const char *uuid) { ++ char *dev = NULL; ++ ++ if (!uuid) ++ return NULL; ++ ++ dev = malloc(19 + strlen(uuid)); ++ if (dev) { ++ strcpy(dev,"/dev/disk/by-uuid/"); ++ strcat(dev,uuid); ++ } ++ ++ return dev; ++} ++ ++const char * ++mount_get_devname_by_label(const char *label) { ++ char *dev = NULL; ++ ++ if (!label) ++ return NULL; ++ ++ dev = malloc(20 + strlen(label)); ++ if (dev) { ++ strcpy(dev,"/dev/disk/by-label/"); ++ strcat(dev,label); ++ } ++ ++ return dev; ++} ++ ++const char * ++mount_get_devname(const char *spec) ++{ ++ char *token, *cp, *value; ++ const char *nspec = NULL; ++ ++ if (!spec) ++ return NULL; ++ ++ token = strdup(spec); ++ if (!token) ++ return NULL; ++ ++ /* We have to return an allocated string */ ++ if (!(cp = strchr(token, '='))) ++ return token; ++ ++ value = token + (cp - token); ++ *value++ = '\0'; ++ ++ if (*value == '"' || *value == '\'') { ++ char c = *value++; ++ if (!(cp = strrchr(value, c))) ++ goto errout; /* missing closing quote */ ++ *cp = '\0'; ++ } ++ ++ if (!strcmp(token,"LABEL")) { ++ nspec = mount_get_devname_by_label(value); ++ } else if (!strcmp(token,"UUID")) { ++ nspec = mount_get_devname_by_uuid(value); ++ } ++ ++ free(token); ++ ++ errout: ++ return nspec; ++} ++ ++/* Also when no UUID= or LABEL= occur? No verbose? No warnings? */ ++const char * ++mount_get_devname_for_mounting(const char *spec) ++{ ++ char *token, *cp, *value; ++ const char *nspec = NULL; ++ ++ if (!spec) ++ return NULL; ++ ++ token = strdup(spec); ++ if (!token) ++ return NULL; ++ ++ /* We have to return an allocated string */ ++ if (!(cp = strchr(token, '='))) ++ return token; ++ ++ value = token + (cp - token); ++ *value++ = '\0'; ++ ++ if (*value == '"' || *value == '\'') { ++ char c = *value++; ++ if (!(cp = strrchr(value, c))) ++ goto errout; /* missing closing quote */ ++ *cp = '\0'; ++ } ++ ++ if (!strcmp(token,"LABEL")) { ++ nspec = mount_get_devname_by_label(value); ++ if (nspec && verbose > 1) ++ printf(_("mount: going to mount %s by LABEL\n"), spec); ++ } else if (!strcmp(token,"UUID")) { ++ nspec = mount_get_devname_by_uuid(value); ++ if (nspec && verbose > 1) ++ printf(_("mount: going to mount %s by UUID\n"), spec); ++ } ++ ++ free(token); ++ ++ errout: ++ return nspec; ++} ++ ++#endif +--- mount/mount_guess_fstype.h ++++ mount/mount_guess_fstype.h +@@ -8,8 +8,8 @@ struct mountargs { + + extern int verbose; + +-char *guess_fstype(const char *device); +-char *do_guess_fstype(const char *device); ++const char *guess_fstype(const char *device); ++const char *do_guess_fstype(const char *device); + int procfsloop(int (*mount_fn)(struct mountargs *), struct mountargs *args, + const char **type); + int is_in_procfs(const char *fstype); + diff --git a/util-linux-nfs-timeo.diff b/util-linux-nfs-timeo.diff new file mode 100644 index 0000000..2f41dec --- /dev/null +++ b/util-linux-nfs-timeo.diff @@ -0,0 +1,11 @@ +--- util-linux-2.12q/mount/nfsmount.c ++++ util-linux-2.12q/mount/nfsmount.c +@@ -489,7 +489,7 @@ + + /* Adjust options if none specified */ + if (!data.timeo) +- data.timeo = tcp ? 70 : 7; ++ data.timeo = tcp ? 600 : 7; + + #ifdef NFS_MOUNT_DEBUG + printf("rsize = %d, wsize = %d, timeo = %d, retrans = %d\n", diff --git a/util-linux-nfs.8.diff b/util-linux-nfs.8.diff new file mode 100644 index 0000000..9ee6e65 --- /dev/null +++ b/util-linux-nfs.8.diff @@ -0,0 +1,11 @@ +--- util-linux-2.12q/mount/nfs.5 ++++ util-linux-2.12q/mount/nfs.5 +@@ -141,7 +141,7 @@ + Use an alternate RPC version number to contact the + NFS daemon on the remote host. This option is useful + for hosts that can run multiple NFS servers. +-The default value is version 2. ++The default value is version 3. + .TP 1.5i + .I nolock + Disable NFS locking. Do not start lockd. diff --git a/util-linux-nodiratime.diff b/util-linux-nodiratime.diff new file mode 100644 index 0000000..798b02d --- /dev/null +++ b/util-linux-nodiratime.diff @@ -0,0 +1,14 @@ +Index: util-linux-2.12/mount/mount.8 +=================================================================== +--- util-linux-2.12.orig/mount/mount.8 ++++ util-linux-2.12/mount/mount.8 +@@ -572,6 +572,9 @@ until the network has been enabled on th + Do not update inode access times on this file system (e.g, for faster + access on the news spool to speed up news servers). + .TP ++.B nodiratime ++Do not update directory inode access times on this filesystem. ++.TP + .B noauto + Can only be mounted explicitly (i.e., the + .B \-a diff --git a/util-linux-opt-hotplug.diff b/util-linux-opt-hotplug.diff new file mode 100644 index 0000000..ee5ed40 --- /dev/null +++ b/util-linux-opt-hotplug.diff @@ -0,0 +1,88 @@ + mount/mount.8 | 7 +++++++ + mount/mount.c | 15 +++++++++++++-- + mount/mount_constants.h | 3 +++ + 3 files changed, 23 insertions(+), 2 deletions(-) + +Index: util-linux-2.12r/mount/mount.8 +=================================================================== +--- util-linux-2.12r.orig/mount/mount.8 ++++ util-linux-2.12r/mount/mount.8 +@@ -572,6 +572,10 @@ This option implies the options + (unless overridden by subsequent options, as in the option line + .BR group,dev,suid ). + .TP ++.B hotplug ++Do not report errors for this device if it doesn't exist. ++.BR fcntl (2). ++.TP + .B mand + Allow mandatory locks on this filesystem. See + .BR fcntl (2). +@@ -599,6 +603,9 @@ Do not allow direct execution of any bin + (Until recently it was possible to run binaries anyway using a command like + /lib/ld*.so /mnt/binary. This trick fails since Linux 2.4.25 / 2.6.0.) + .TP ++.B nohotplug ++Report an error if the device does not exist. ++.TP + .B nomand + Do not allow mandatory locks on this filesystem. + .TP +Index: util-linux-2.12r/mount/mount.c +=================================================================== +--- util-linux-2.12r.orig/mount/mount.c ++++ util-linux-2.12r/mount/mount.c +@@ -162,9 +162,14 @@ static const struct opt_map opt_map[] = + { "diratime", 0, 1, MS_NODIRATIME }, /* Update dir access times */ + { "nodiratime", 0, 0, MS_NODIRATIME },/* Do not update dir access times */ + #endif ++#ifdef MS_HOTPLUG ++ { "hotplug", 0, 0, MS_HOTPLUG }, /* Don't fail if ENOENT on dev */ ++#endif + { NULL, 0, 0, 0 } + }; + ++static int option_hotplug; /* can not invent our own MS_FLAGS */ ++ + static const char *opt_loopdev, *opt_vfstype, + *opt_speed, *opt_comment; + +@@ -265,6 +270,10 @@ parse_opt(const char *opt, int *mask, ch + + for (om = opt_map; om->opt != NULL; om++) + if (streq (opt, om->opt)) { ++ if (om->mask & MS_HOTPLUG) { ++ option_hotplug = 1; ++ return; ++ } + if (om->inv) + *mask &= ~om->mask; + else +@@ -958,9 +967,11 @@ nosigblock: + else if (stat (node, &statbuf)) + error (_("mount: mount point %s is a symbolic link to nowhere"), + node); +- else if (stat (spec, &statbuf)) ++ else if (stat (spec, &statbuf)) { ++ if (option_hotplug) ++ goto out; + error (_("mount: special device %s does not exist"), spec); +- else { ++ } else { + errno = mnt_err; + perror("mount"); + } +Index: util-linux-2.12r/mount/mount_constants.h +=================================================================== +--- util-linux-2.12r.orig/mount/mount_constants.h ++++ util-linux-2.12r/mount/mount_constants.h +@@ -57,6 +57,9 @@ if we have a stack or plain mount - moun + #ifndef MS_VERBOSE + #define MS_VERBOSE 0x8000 /* 32768 */ + #endif ++ ++#define MS_HOTPLUG (1<<18) /* Don't fail if ENOENT on the dev, mount internal */ ++ + /* + * Magic mount flag number. Had to be or-ed to the flag values. + */ diff --git a/util-linux-wall.dif b/util-linux-wall.dif new file mode 100644 index 0000000..43faf7b --- /dev/null +++ b/util-linux-wall.dif @@ -0,0 +1,11 @@ +--- util-linux-2.12q/login-utils/wall.c ++++ util-linux-2.12q/login-utils/wall.c +@@ -217,8 +217,6 @@ + if (cnt == 79 || ch == '\n') { + for (; cnt < 79; ++cnt) + putc(' ', fp); +- putc('\r', fp); +- putc('\n', fp); + cnt = 0; + } + carefulputc(ch, fp); diff --git a/util-linux-warn-nfsudp.diff b/util-linux-warn-nfsudp.diff new file mode 100644 index 0000000..3841c8c --- /dev/null +++ b/util-linux-warn-nfsudp.diff @@ -0,0 +1,118 @@ +Index: util-linux-2.12/mount/nfs.5 +================================================================================ +--- util-linux-2.12q/mount/nfs.5 ++++ util-linux-2.12q/mount/nfs.5 +@@ -201,9 +201,13 @@ + Mount the NFS filesystem using the TCP protocol instead of the + UDP protocol. This is the default, but in case it fails (many NFS servers only + support UDP) it will fallback and try UDP. ++.IP ++.B Before using NFS over UDP, please refer to the section WARNINGS below. + .TP 1.5i + .I udp + Mount the NFS filesystem using the UDP protocol. ++.IP ++.B Before using NFS over UDP, please refer to the section WARNINGS below. + .TP 1.5i + .I noacl + Assume no extended access control mechanisms like POSIX ACLs are used +@@ -217,6 +221,83 @@ + All of the non-value options have corresponding nooption forms. + For example, nointr means don't allow file operations to be + interrupted. ++.SH WARNINGS ++Using NFS over UDP on high-speed links such as Gigabit ++.BR "can cause silent data corruption" . ++.P ++The problem can be triggered at high loads, and is caused by problems in ++IP fragment reassembly. NFS read and writes typically transmit UDP packets ++of 4 Kilobytes or more, which have to be broken up into several fragments ++in order to be sent over the Ethernet link, which limits packets to 1500 ++bytes by default. This process happens at the IP network layer and is ++called fragmentation. ++.P ++In order to identify fragments that belong together, IP assigns a 16bit ++.I IP ID ++value to each packet; fragments generated from the same UDP packet ++will have the same IP ID. The receiving system will collect these ++fragments and combine them to form the original UDP packet. This process ++is called reassembly. The default timeout for packet reassembly is ++30 seconds; if the network stack does not receive all fragments of ++a given packet within this interval, it assumes the missing fragment(s) ++got lost and discards those it already received. ++.P ++The problem this creates over high-speed links is that it is possible ++to send more than 65536 packets within 30 seconds. In fact, with ++heavy NFS traffic one can observe that the IP IDs repeat after about ++5 seconds. ++.P ++This has serious effects on reassembly: if one fragment gets lost, ++another fragment ++.I from a different packet ++but with the ++.I same IP ID ++will arrive within the 30 second timeout, and the network stack will ++combine these fragments to form a new packet. Most of the time, network ++layers above IP will detect this mismatched reassembly - in the case ++of UDP, the UDP checksum, which is a 16 bit checksum over the entire ++packet payload, will usually not match, and UDP will discard the ++bad packet. ++.P ++However, the UDP checksum is 16 bit only, so there is a chance of 1 in ++65536 that it will match even if the packet payload is completely ++random (which very often isn't the case). If that is the case, ++silent data corruption will occur. ++.P ++This potential should be taken seriously, at least on Gigabit ++Ethernet. ++Network speeds of 100Mbit/s should be considered less ++problematic, because with most traffic patterns IP ID wrap around ++will take much longer than 30 seconds. ++.P ++It is therefore strongly recommended to use ++.BR "NFS over TCP where possible" , ++since TCP does not perform fragmentation. ++.P ++If you absolutely have to use NFS over UDP over Gigabit Ethernet, ++some steps can be taken to mitigate the problem and reduce the ++probability of corruption: ++.TP +1.5i ++.I Jumbo frames: ++Many Gigabit network cards are capable of transmitting ++frames bigger than the 1500 byte limit of traditional Ethernet, typically ++9000 bytes. Using jumbo frames of 9000 bytes will allow you to run NFS over ++UDP at a page size of 8K without fragmentation. Of course, this is ++only feasible if all involved stations support jumbo frames. ++.IP ++To enable a machine to send jumbo frames on cards that support it, ++it is sufficient to configure the interface for a MTU value of 9000. ++.TP +1.5i ++.I Lower reassembly timeout: ++By lowering this timeout below the time it takes the IP ID counter ++to wrap around, incorrect reassembly of fragments can be prevented ++as well. To do so, simply write the new timeout value (in seconds) ++to the file ++.BR /proc/sys/net/ipv4/ipfrag_time . ++.IP ++A value of 2 seconds will greatly reduce the probability of IPID clashes on ++a single Gigabit link, while still allowing for a reasonable timeout ++when receiving fragmented traffic from distant peers. + .SH FILES + .I /etc/fstab + .SH "SEE ALSO" +--- util-linux-2.12q/mount/nfsmount.c ++++ util-linux-2.12q/mount/nfsmount.c +@@ -737,8 +737,12 @@ + goto fail; + } + fsock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); +- } else ++ } else { + fsock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); ++ fprintf(stderr, ++ "Using NFS over UDP can cause data corruption.\n" ++ "Please refer to the WARNINGS section of the nfs(5) manual page.\n"); ++ } + if (fsock < 0) { + perror(_("nfs socket")); + goto fail; diff --git a/util-linux.changes b/util-linux.changes new file mode 100644 index 0000000..274fc7b --- /dev/null +++ b/util-linux.changes @@ -0,0 +1,1912 @@ +------------------------------------------------------------------- +Tue Dec 12 11:04:07 CET 2006 - mkoenig@suse.de + +- provide different return codes for losetup with encryption + for empty and too short passwords. [#197493] + +------------------------------------------------------------------- +Tue Dec 5 18:13:32 CET 2006 - mkoenig@suse.de + +- default swap to V1 in any case [#205956] + patch: util-linux-2.12r-mkswap_fix.patch +- do not append addr option with each nfs remount [#130625] + patch: util-linux-2.12r-nfs_remount_options.patch +- add README.largedisk about fdisk partition size constraints + [#153657] + +------------------------------------------------------------------- +Tue Nov 7 13:09:45 CET 2006 - mkoenig@suse.de + +- enable partx [#214992] + +------------------------------------------------------------------- +Tue Oct 10 18:17:42 CEST 2006 - mkoenig@suse.de + +- Round up partition end LBA to a cylinder boundary during + add_partition() [#174892] +- Fix readprofile on ppc64 [#179122] +- Fix cal formatting bug [#203469] + +------------------------------------------------------------------- +Mon Oct 9 12:27:33 CEST 2006 - mkoenig@suse.de + +- Fix llseek issues. +- swapon.c: Do not use PAGE_SIZE macro. + +------------------------------------------------------------------- +Mon Aug 21 12:10:01 CEST 2006 - mkoenig@suse.de + +- Added sysfs to list of filesystems not to unmount with + umount -a, resolves #190385 + +------------------------------------------------------------------- +Mon Jun 12 14:08:25 CEST 2006 - kay.sievers@suse.de + +- use libvolume_id from provided as a rpm by udev 094 + +------------------------------------------------------------------- +Wed May 17 23:48:27 CEST 2006 - jeffm@suse.com + +- Fixed support for calling external programs w/o -t , + it would add mtab twice [#176582] + +------------------------------------------------------------------- +Mon Apr 24 14:33:20 CEST 2006 - hvogel@suse.de + +- document xfs dmapi mount options better [#158955] + +------------------------------------------------------------------- +Fri Apr 21 15:48:16 CEST 2006 - olh@suse.de + +- add mkzimage_cmdline to edit CHRP zImage kernel cmdline (168313) + +------------------------------------------------------------------- +Tue Apr 18 16:09:46 CEST 2006 - hvogel@suse.de + +- fix number of supported raw devices [#165570] + +------------------------------------------------------------------- +Wed Mar 29 13:54:32 CEST 2006 - olh@suse.de + +- clearify comments about mac disk label handling in fdisk + +------------------------------------------------------------------- +Tue Mar 28 17:53:46 CEST 2006 - hvogel@suse.de + +- more fixes for the fdiskwrap patch [#160822] + +------------------------------------------------------------------- +Tue Mar 21 11:35:26 CET 2006 - okir@suse.de + +- Update nfs(5) manpage to document security flavors [#159368] + +------------------------------------------------------------------- +Mon Mar 20 12:14:18 CET 2006 - hvogel@suse.de + +- fix numbers of supported raw devices to match the kernel + [#158203] +- make NFSv3 client support RPCSEC_GSS [#158401] +- fix that if the user doesn't specify -t + mount.fstype will never be called. [#155147] + +------------------------------------------------------------------- +Fri Mar 10 12:07:10 CET 2006 - hvogel@suse.de + +- Fix init.d/raw script to parse device names with , in them + correctly [#155653] + +------------------------------------------------------------------- +Thu Mar 9 12:28:04 CET 2006 - hare@suse.de + +- Fix potential security hole in libvolume_id (#133256) + +------------------------------------------------------------------- +Mon Mar 6 12:03:35 CET 2006 - hvogel@suse.de + +- patch fdiskmaclabel.h too + +------------------------------------------------------------------- +Thu Mar 2 15:49:06 CET 2006 - hvogel@suse.de + +- axboe made fdisk not wrap at 2TB [#153657] + +------------------------------------------------------------------- +Fri Feb 17 15:25:39 CET 2006 - lmuelle@suse.de + +- Use cifs instead of smbfs if the source starts with // and we do not set a + different fs type. + +------------------------------------------------------------------- +Sun Feb 12 12:40:21 CET 2006 - olh@suse.de + +- cosmetic fix for option_hotplug declaration + fix unininitalized string for unknown filesystems (#148855) + +------------------------------------------------------------------- +Fri Feb 10 14:00:48 CET 2006 - hvogel@suse.de + +- mount should not put / in the mtab twice if mount -f / is called + [#148409] +- fix hostid printf [#149163] + +------------------------------------------------------------------- +Wed Feb 1 03:58:58 CET 2006 - olh@suse.de + +- dont invent our own MS_FLAGS (#147132) + +------------------------------------------------------------------- +Wed Feb 1 02:20:17 CET 2006 - ro@suse.de + +- fix typo in previous change, binary negation is "~" + +------------------------------------------------------------------- +Fri Jan 27 13:02:36 CET 2006 - sscheler@suse.de + +- fixed mount hotplug option (#143352). now we don't send the + MS_HOTPLUG flag to the kernel any longer, because the kernel + doesn't know this option (EINVAL) and actually doesn't need to + know about it. + +------------------------------------------------------------------- +Fri Jan 27 12:55:29 CET 2006 - olh@suse.de + +- remove clock symlink, hwclock exists since 7 years + +------------------------------------------------------------------- +Fri Jan 27 11:46:17 CET 2006 - olh@suse.de + +- lsprop and nvsetenv moved to powerpc-utils [#144758] + +------------------------------------------------------------------- +Thu Jan 26 13:06:51 CET 2006 - hvogel@suse.de + +- Make nfsboot world readable [#145418] + +------------------------------------------------------------------- +Wed Jan 25 21:31:03 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Tue Jan 24 17:06:22 CET 2006 - mmj@suse.de + +- Remove faulty nfs fallback code [#139019] + +------------------------------------------------------------------- +Mon Jan 16 11:25:28 CET 2006 - mmj@suse.de + +- Add patch for nsetenv to fix short reads/short writes [#142546] + +------------------------------------------------------------------- +Wed Jan 11 12:46:28 CET 2006 - mmj@suse.de + +- Update sm-notify [#141542] + +------------------------------------------------------------------- +Wed Jan 4 13:52:31 CET 2006 - mmj@suse.de + +- Update to 2.12r including since 2.12q: + o cfdisk: fix a segfault with ReiserFS partitions + o umount: disallow -r option for non-root users + +------------------------------------------------------------------- +Tue Nov 22 11:49:39 CET 2005 - mmj@suse.de + +- install proper renice manpage [#132470] + +------------------------------------------------------------------- +Tue Nov 15 17:01:34 CET 2005 - uli@suse.de + +- umount2 is not static (only fails on ARM, surprisingly) +- added ARM ionice syscalls + +------------------------------------------------------------------- +Fri Nov 11 10:42:35 CET 2005 - hare@suse.de + +- Fix reverse-mapping of by-UUID and by-LABEL mounts. + +------------------------------------------------------------------- +Thu Nov 10 09:04:17 CET 2005 - hare@suse.de + +- Fix a mishandling of by-UUID mounts. +- Use libvolume_id from udev. + +------------------------------------------------------------------- +Sat Oct 22 17:55:16 CEST 2005 - mmj@suse.de + +- Increase lsprop.c max property size to 4k [#128155] + +------------------------------------------------------------------- +Mon Oct 10 12:44:05 CEST 2005 - mmj@suse.de + +- Add -fno-strict-aliasing to nfsmount_xdr.c + +------------------------------------------------------------------- +Mon Oct 3 09:55:56 CEST 2005 - mmj@suse.de + +- Teach the mount manual page about nodiratime [#118987] + +------------------------------------------------------------------- +Thu Sep 29 12:42:03 CEST 2005 - mmj@suse.de + +- Patch from jakub007@go2.pl to make mount --move update + /etc/mtab correctly [#115129] + +------------------------------------------------------------------- +Tue Sep 13 14:16:58 CEST 2005 - mmj@suse.de + +- Only allow root to pass -r to umount [#116741] + +------------------------------------------------------------------- +Mon Sep 5 13:18:27 CEST 2005 - mmj@suse.de + +- MAC -> Mac [#104081] + +------------------------------------------------------------------- +Fri Sep 2 13:48:17 CEST 2005 - mmj@suse.de + +- Don't package manual executable [#114849] + +------------------------------------------------------------------- +Thu Sep 1 10:56:25 CEST 2005 - mmj@suse.de + +- Add patch for device-mapper mount by label support [#75966] + +------------------------------------------------------------------- +Thu Sep 1 00:12:39 CEST 2005 - ro@suse.de + +- provide and obsolete schedutils + +------------------------------------------------------------------- +Tue Aug 23 18:00:01 CEST 2005 - hvogel@suse.de + +- update ionice patch by axboe so that ionice will complain about + missing sys_ioprio_set support, but it will still + execute the process. + +------------------------------------------------------------------- +Mon Aug 22 17:06:42 CEST 2005 - hvogel@suse.de + +- Fix rpm verify output [#105807] + (ghost entry for /var/lib/nfs/state) + +------------------------------------------------------------------- +Mon Aug 22 16:27:16 CEST 2005 - schwab@suse.de + +- Fix stupid buffer overflow bug in cfdisk [#66020]. + +------------------------------------------------------------------- +Wed Aug 17 12:59:24 CEST 2005 - hare@suse.de + +- Add option 'hotplug' to mount (#104405) + +------------------------------------------------------------------- +Mon Aug 15 16:33:48 CEST 2005 - schwab@suse.de + +- Always build with RPM_OPT_FLAGS. + +------------------------------------------------------------------- +Thu Aug 11 14:41:18 CEST 2005 - mmj@suse.de + +- Patch from Patrick Kirsch to make fdisk detect MAC-fs [#104081] + +------------------------------------------------------------------- +Wed Aug 3 20:50:59 CEST 2005 - mmj@suse.de + +- Merge schedutils to here (it's happened upstream already) + +------------------------------------------------------------------- +Tue Aug 2 08:47:47 CEST 2005 - mmj@suse.de + +- Support for s390 and s390x + +------------------------------------------------------------------- +Mon Aug 1 20:04:13 CEST 2005 - mmj@suse.de + +- It's not __ppc_ and __ppc64__ but __powerpc__ and __powerpc64__ + +------------------------------------------------------------------- +Mon Aug 1 12:17:39 CEST 2005 - mmj@suse.de + +- Add ionice binary from Jens Axboe + +------------------------------------------------------------------- +Wed Jun 29 11:26:31 CEST 2005 - mmj@suse.de + +- Document load and clearly issues about NFS over UDP [#80263] +- Don't compile with -fsigned-char [#93886] + +------------------------------------------------------------------- +Tue May 31 13:26:05 CEST 2005 - okir@suse.de + +- Added NFSv4 support + +------------------------------------------------------------------- +Mon May 9 17:27:59 CEST 2005 - hvogel@suse.de + +- move hashalot and cryptsetup tools to util-linux-crypto + +------------------------------------------------------------------- +Tue Apr 12 16:13:57 CEST 2005 - mmj@suse.de + +- bump TCP timeo to 600 [#76198] + +------------------------------------------------------------------- +Tue Mar 29 13:43:31 CEST 2005 - mmj@suse.de + +- Add awareness of twofishSL92 [#74359] +- Update hashalot to version 0.3 + +------------------------------------------------------------------- +Mon Mar 14 15:30:49 CET 2005 - okir@suse.de + +- Changed sm-notify to recognize host names as well as addresses. + +------------------------------------------------------------------- +Thu Mar 10 11:28:21 CET 2005 - mmj@suse.de + +- Don't strip anything explicitly +- Don't compile with -fno-strict-aliasing [#66020] + +------------------------------------------------------------------- +Fri Feb 4 14:48:27 CET 2005 - schwab@suse.de + +- Fix stupid programmer. + +------------------------------------------------------------------- +Mon Jan 24 17:01:51 CET 2005 - meissner@suse.de + +- implicit strcmp / strerror in setctsid fixed. +- 0 -> NULL in an execl + +------------------------------------------------------------------- +Fri Jan 21 14:37:21 CET 2005 - mmj@suse.de + +- Sleep after inserting the raw module to make sure it's ready [#49807] +- Update to 2.12q including since 2.12p: + o New upstream maintainer - Adrian Bunk + o sfdisk: add -G option + o Updated translations + +------------------------------------------------------------------- +Tue Jan 18 17:04:30 CET 2005 - okir@suse.de + +- Updated sm-notify; try not to stall bootup my moving the NSM + state update after we've backgrounded (#49072). + +------------------------------------------------------------------- +Mon Jan 10 14:45:12 CET 2005 - mmj@suse.de + +- Update adjtimex to 1.20 +- Update to util-linux-2.12p including since 2.12i: + o cfdisk: fix number of new partition when partitions not in disk order + o fdisk: fix Sun label handling in sector mode + o mkfs: never truncate filename (not that that ever happened) + o more: fix redraw flaw + o lomount: revert patch from 2.12j + o lptune.8: -T option is obsolete + o mkswap, mkswap.8, swapon: support labels + o umount: allow user unmounting repeatedly mounted nfs mounts + o cfdisk: recognize JFS, support reiserfs labels + o mount: fix option parsing bug + o mount.8: several updates + o swapon.8: document -v option + o Makefile: remove cat-id-tbl.c upon make clean + o fdisk: fixed a bug that would cause a non-update of a sun disklabel + o fdisk: use sectorsize instead of 512 for SGI + o hwclock: actually use HAVE_tm_gmtoff + o swapon: fix priority handling + o umount: refuse to unmount an empty string + o configure, MCONFIG: detect gcc 3.4.0 and use -mtune option + o configure: do not run ./conftest (for cross compilation) + o fsck.cramfs: try to get correct PAGE_CACHE_SIZE + o losetup: try to give better error messages + o readprofile: default map file is /boot/System.map + o rdev.8: added historical info on ramdisk + o cal: highlight today + o lomount: stop reading passwd at NUL, fix lo_encrypt key_size + o losetup: add -f option to find an unused loop device + o more: code cleanup + o mount: add "group" mount option + o sfdisk: fix 2.6.8 BLKRRPART ioctl damage + o swapon: let swapon -a skip the swapfiles marked "noauto" + o umount: fix problem with empty mtab + o umount: use special umount program if it exists + o new flock binary + o New messages + +------------------------------------------------------------------- +Tue Nov 30 11:02:32 CET 2004 - mmj@suse.de + +- Install ramsize, rdev, rootflags and vidmode on x86-64 [#48633] + +------------------------------------------------------------------- +Fri Nov 12 15:01:36 CET 2004 - schwab@suse.de + +- Don't install *fdisk on ia64. + +------------------------------------------------------------------- +Fri Nov 12 14:50:24 CET 2004 - ro@suse.de + +- correct permissions handling for wall and write + +------------------------------------------------------------------- +Tue Nov 9 16:00:23 CET 2004 - mmj@suse.de + +- Fix segfault with mount -l [#48029] + +------------------------------------------------------------------- +Fri Nov 5 11:36:16 CET 2004 - mmj@suse.de + +- Update to util-linux-2.12i including: + o MCONFIG: fix build conditions + o chfn, chsh: add error checking + o cytune: use local header cyclades.h + o fdisk: fix default SGI volume header size + o fstab.c: use strsignal() instead of sys_siglist[] + o hwclock: use when available on i386 + o hwclock: dont try KDGHWCLK on archs other than __m68k__ + o sfdisk: correct typo in __attribute__used nonsense + o sfdisk: use PACKED on __arm__ + o sfdisk: fix warning printout + +------------------------------------------------------------------- +Thu Nov 4 08:37:19 CET 2004 - mmj@suse.de + +- Update to util-linux-2.12h including: + o cfdisk: avoid crash if no partition table + o elvtune: tell user that this only works on 2.4 kernels + o lomount: clear passwords after use + o mount: accept comments (specified by comment=) in fstab + o mount: support ocfs, ocfs2 + o [u]mount: be more careful with malloc, try to avoid OOM with + many mounts + o sfdisk: __attribute__used nonsense to support gcc 3.4 + o shutdown: do not unmount various virtual filesystems + o mount.8: added recent ext2 mount options + o mount: support jfs mount-by-label, improve reiserfs support + o sfdisk: remove strange "ends in a digit" heuristic + o *fdisk: use common disksize() routine + +------------------------------------------------------------------- +Tue Oct 19 10:24:13 CEST 2004 - mmj@suse.de + +- Add patch from SGI for fdisk label [#47368] + +------------------------------------------------------------------- +Tue Sep 28 11:18:50 CEST 2004 - mmj@suse.de + +- And another one [#46201] + +------------------------------------------------------------------- +Wed Sep 15 23:11:56 CEST 2004 - mmj@suse.de + +- Add patch from Andries to fix cfdisk [#44996] + +------------------------------------------------------------------- +Tue Sep 7 07:32:39 CEST 2004 - mmj@suse.de + +- Update to util-linux-2.12c including: + o mount.8: added recent ext2 mount options + o mount: support jfs mount-by-label, improve reiserfs support + o sfdisk: remove strange "ends in a digit" heuristic + o *fdisk: use common disksize() routine [#44678] + +------------------------------------------------------------------- +Wed Aug 25 12:54:00 CEST 2004 - mmj@suse.de + +- Update to util-linux-2.12b including: + o chsh: improved error message + o dmesg: ask kernel proper buffer size + o losetup: handle 64-bit offsets + o blockdev: also report BLKGETSIZE64 result [#43464] + o blockdev, elvtune, fdisk: handle new kernel _IOR,_IOW defines + o fdisk: remove strange "ends in a digit" heuristic + o fdisk: also list Solaris as possible type for 0x82 + o mount: added --rbind option + o mount: use blkid library + o mount: support reiserfs mount by label + o mount: attempt to use the right definition of dev_t in struct + loopinfo + o mount.8: jfs mount options added + o readprofile: new -s option + o rename.1: added ref to mmv.1 + o replay: renamed to scriptreplay; correct typos + o script: do not use locale for time delay floating point number + format + o sfdisk: error messages to stderr + o New Catalan, Dutch, Finnish, French, German, Spanish, Swedish, + Turkish, Ukrainian messages +- Update the loop-AES patch, thanks to Sumit Bose +- Change the minimum password length to 8 chars + +------------------------------------------------------------------- +Tue Aug 24 08:03:24 CEST 2004 - mmj@suse.de + +- Fix signed/unsigned bug in lsprop [#44048] + +------------------------------------------------------------------- +Wed Aug 18 15:56:01 CEST 2004 - mmj@suse.de + +- Readd patch that got lost to make fdisk -l work better with + RAID controllers [#43485] + +------------------------------------------------------------------- +Mon Aug 9 11:06:34 CEST 2004 - mmj@suse.de + +- Add an improved version of the dmesg bufsize patch. + +------------------------------------------------------------------- +Tue Jun 22 15:50:05 CEST 2004 - mmj@suse.de + +- Add patch to try and guess a filesystem type before blindly + assuming it's nfs because of the colon [#42097] + +------------------------------------------------------------------- +Mon Jun 14 19:21:08 CEST 2004 - agruen@suse.de + +- Formatting error in mount.8 manual page. + +------------------------------------------------------------------- +Wed Jun 9 15:17:47 CEST 2004 - mmj@suse.de + +- Add patch from Olaf Kirch to make protocol selection for mount + independent of protocol selection for NFS, and picks what is + available (preferring TCP over UDP) [#41735] + +------------------------------------------------------------------- +Wed Jun 9 12:10:03 CEST 2004 - mls@suse.de + +- add '-f' option to setctsid + +------------------------------------------------------------------- +Thu May 27 15:07:13 CEST 2004 - okir@suse.de + +- sm-notify now binds to a reserved port + +------------------------------------------------------------------- +Sat May 15 16:15:00 CEST 2004 - mmj@suse.de + +- Add documentation about raw device handling [#39037] + +------------------------------------------------------------------- +Mon May 10 14:40:43 CEST 2004 - mmj@suse.de + +- Make dmesg dump entire buffer. Patch from Andries/odabrunz [#39761] + +------------------------------------------------------------------- +Wed May 6 10:05:16 CEST 2004 - mmj@suse.de + +- Also check if the device is the same when doing swapon. Could be + the same block device with 2 different names [#39436] + +------------------------------------------------------------------- +Wed May 5 11:12:47 CEST 2004 - mmj@suse.de + +- Do a /sbin/modprobe raw when invoking raw devices [#39037] + +------------------------------------------------------------------- +Tue Apr 20 09:28:09 CEST 2004 - mmj@suse.de + +- Update to 2.12a including: + o fdisk: fix for kernels 2.4.15-2.4.17 + o fdisk: fix when all partitions are in use + o hwclock: add a timeout when waiting for a clock update + o ipcs: compilation fix + o ipcs: shminfo.shmall gives pages + o mount: efs support + o partx: bigendian fix + o readprofile: support for 64-bit addresses + o setterm: fix klogctl error message + o setterm.1: clarification + o sfdisk: fix check for is_ide_cdrom_or_tape + o umount: skip proc, devfs, devpts on umount -a + +------------------------------------------------------------------- +Mon Apr 19 11:52:54 CEST 2004 - mmj@suse.de + +- Add patch for unlimited raw devices [#39037] + +------------------------------------------------------------------- +Thu Apr 15 11:08:50 CEST 2004 - mmj@suse.de + +- Make sm-notify be more quiet when nothing wrong, and log to sys- + log when something is. + +------------------------------------------------------------------- +Tue Apr 6 14:45:36 CEST 2004 - mmj@suse.de + +- Don't use startproc for sm-notify [#38481] + +------------------------------------------------------------------- +Mon Apr 5 14:55:39 CEST 2004 - mmj@suse.de + +- Removing elvtune alltogether was a bit drastic, since it of + course works fine with 2.4 kernels. So print a warning in case + the BLKELVGET ioctl returns something indicating 2.6 kernels. + +------------------------------------------------------------------- +Thu Apr 1 19:50:47 CEST 2004 - mmj@suse.de + +- Don't package elvtune anymore since it's obsolete now that io + scheduler can be tuned in /sys/block/hdX/queue/iosched/* [#37869] + +------------------------------------------------------------------- +Wed Mar 31 11:19:28 CEST 2004 - mmj@suse.de + +- Apply util-linux-2.12a fixes for hwclock and readprofile. The + hwclock bit is a timout fix which hopefully fixes [#35877] +- Move sm-notify to here from nfs-utils [#36737] + +------------------------------------------------------------------- +Mon Mar 29 13:26:20 CEST 2004 - mmj@suse.de + +- Adjust warnings about Crypto-API + +------------------------------------------------------------------- +Sun Mar 28 11:00:24 CEST 2004 - mmj@suse.de + +- Add patch to make script allways use the same LC_NUMERIC [#35476] + +------------------------------------------------------------------- +Fri Mar 26 21:38:27 CET 2004 - od@suse.de + +- Add setctsid by Werner Fink [#37177] + +------------------------------------------------------------------- +Fri Mar 26 15:07:00 CET 2004 - mmj@suse.de + +- Mount option "code" is now "codepage" so update /etc/fstab in + postinstall [#36950] + +------------------------------------------------------------------- +Fri Mar 26 11:49:01 CET 2004 - mmj@suse.de + +- Remove false statement in nfs.5 about the linux kernel not + supporting nfs over tcp [#37060] + +------------------------------------------------------------------- +Wed Mar 17 21:41:17 CET 2004 - mmj@suse.de + +- Use correct permissions for README.hashalot [#36303] + +------------------------------------------------------------------- +Mon Mar 8 10:51:46 CET 2004 - mmj@suse.de + +- Enable build of replay [#35434] + +------------------------------------------------------------------- +Wed Feb 25 14:07:15 CET 2004 - mmj@suse.de + +- Use loop-AES-v2.0f-util-linux-2.12.diff instead of losetup patch + added earlier. Thanks Sumit Bose! + +------------------------------------------------------------------- +Thu Feb 19 09:54:03 CET 2004 - mmj@suse.de + +- Add cryptsetup script from Christophe Saout, for usage with the + new dm-crypt. + +------------------------------------------------------------------- +Mon Feb 16 15:32:57 CET 2004 - mmj@suse.de + +- Add losetup patch and hashalot program from Ben Slusky + +------------------------------------------------------------------- +Sun Feb 1 14:11:51 CET 2004 - kukuk@suse.de + +- Remove newgrp again (will use POSIX conform version) + +------------------------------------------------------------------- +Fri Jan 16 13:26:55 CET 2004 - kukuk@suse.de + +- Add pam-devel to neededforbuild + +------------------------------------------------------------------- +Mon Jan 12 11:31:47 CET 2004 - mmj@suse.de + +- Adjust the nfs.5 manual page to reflect we're mounting nfs over + tcp pr. default. +- Collapse two similar patches 2 one. + +------------------------------------------------------------------- +Fri Dec 19 16:43:39 CET 2003 - garloff@suse.de + +- Fix by okir for previous patch. + +------------------------------------------------------------------- +Fri Dec 19 11:19:43 CET 2003 - garloff@suse.de + +- Add patch to fallback to UDP if TCP NFS mount fails. + +------------------------------------------------------------------- +Tue Dec 2 09:03:32 CET 2003 - mmj@suse.de + +- Make patch to guess if a CD is a CD-Extra [#30316] +- Adjust patch that moves ext2/3 in front of vfat +- Regenerate patches (filename still tells when they were added) + +------------------------------------------------------------------- +Tue Nov 18 13:57:28 CET 2003 - mmj@suse.de + +- Mount NFS over TCP pr. default [#33018] + +------------------------------------------------------------------- +Thu Nov 13 14:43:39 CET 2003 - mmj@suse.de + +- Update to util-linux-2.12 including: + o losetup: -p option specifies fd for passphrase + o fdisk: sgi layout fix + o mount: -p option specifies fd for passphrase + o mount: recognize some PCDOS floppies + o umount: in "umount name", first try to interpret "name" as a mount point + o translations updates for several languages + o cfdisk: localize the Y/N answer, improve printing localized messages + o cfdisk: make various variables long long - some disks are close to 2 TB + o cfdisk: use BLKGETSIZE64 + o fdisk: make various variables unsigned to lengthen the life of 32-bit vars + o fdisk: some sgi fixes + o fdisk: k=1000, K=1024 + o fdisk: removed last occurrences of HDIO_REQ + o fdisk: use BLKGETSIZE64 + o hwclock: fix rtc test + o login: set a timeout on printing the timeout message + o md5: x86_64 fix + o more: POSIX fixes + o mount: do not supply MS_MGC_VAL when there are conflicting flags + o mount: ncp and smb are called smbfs and ncpfs - global change + o mount: add support for xvm mount by label + o mount: correct hfs magic recognition + o mount: keep original umask - it influences the mount call + o raw.8: documented unbinding of raw devices + o readprofile: fixed off-by eight error + o script: add -c option + o sfdisk.8: added an example of partitioning with logical partitions + o sfdisk: only add a AA55 signature for DOS-type partition tables + o tailf: new + +------------------------------------------------------------------- +Tue Oct 21 15:49:01 CEST 2003 - mmj@suse.de + +- Correct permissions + +------------------------------------------------------------------- +Tue Oct 21 14:53:54 CEST 2003 - ja@suse.cz + +- added support for cryptoloop in 2.6.x kernels. + +------------------------------------------------------------------- +Wed Oct 15 13:20:54 CEST 2003 - mmj@suse.de + +- Don't build as root + +------------------------------------------------------------------- +Mon Oct 13 21:44:43 CEST 2003 - kukuk@suse.de + +- Enable newgrp + +------------------------------------------------------------------- +Thu Oct 2 11:31:14 CEST 2003 - kukuk@suse.de + +- Fix compiling with kernel 2.6.0-test6 header files + +------------------------------------------------------------------- +Tue Aug 12 15:27:20 CEST 2003 - mmj@suse.de + +- Update to pmac-utils-2.1 sources and only include nvsetenv + +------------------------------------------------------------------- +Tue Aug 12 12:38:18 CEST 2003 - mmj@suse.de + +- Add mount_guessfstype support for PCDOS [#27814] + +------------------------------------------------------------------- +Wed Jun 18 16:16:15 CEST 2003 - ak@suse.de + +- support noreserved option for NFS (#27428) + +------------------------------------------------------------------- +Thu Jun 5 14:06:51 CEST 2003 - mmj@suse.de + +- Rearrange the specfile wrt. archs + +------------------------------------------------------------------- +Tue May 13 11:20:26 CEST 2003 - mmj@suse.de + +- Use %defattr +- Remove files we don't package + +------------------------------------------------------------------- +Wed May 7 15:38:56 CEST 2003 - mmj@suse.de + +- Rearrange the do_guess_fstype() code to look for ext2/3 before + vfat [#26581] + +------------------------------------------------------------------- +Thu Apr 24 12:20:23 CEST 2003 - ro@suse.de + +- fix install_info --delete call and move from preun to postun + +------------------------------------------------------------------- +Mon Apr 14 15:12:27 CEST 2003 - pthomas@suse.de + +- Get rid of the syscall for adjtimex in selective cases and + just call the glibc wrapper. Fixes build on s390. + +------------------------------------------------------------------- +Mon Apr 14 10:35:38 CEST 2003 - pthomas@suse.de + +- Use geteuid instead of getuid in hwclock to enable making + hwclock suid root. + +------------------------------------------------------------------- +Mon Apr 7 15:40:54 CEST 2003 - mmj@suse.de + +- Only delete info entries when removing last version. + +------------------------------------------------------------------- +Thu Mar 13 11:29:54 CET 2003 - mmj@suse.de + +- Apply patch to make sfdisk not destroy BSD slices [#25093] + +------------------------------------------------------------------- +Mon Mar 3 16:19:04 CET 2003 - mmj@suse.de + +- Remove superflous umask(033); calls [#23292] + +------------------------------------------------------------------- +Mon Mar 3 12:27:01 CET 2003 - ro@suse.de + +- add missing info dir entries + +------------------------------------------------------------------- +Tue Feb 18 14:29:45 CET 2003 - agruen@suse.de + +- Add description of the effect of `mount -t nfs -o noacl' on + the use of the GETACL and SETACL remote procedure calls to + the nfs(5) manual page. + +------------------------------------------------------------------- +Mon Feb 17 15:44:28 CET 2003 - mmj@suse.de + +- It's called smbfs not smb [#23697] + +------------------------------------------------------------------- +Thu Feb 13 06:17:02 CET 2003 - mmj@suse.de + +- Readd patch for passphrase timeout that got lost [#23527] + +------------------------------------------------------------------- +Fri Feb 7 12:24:12 CET 2003 - mmj@suse.de + +- The install_info macros need PreReq: %install_info_prereq + +------------------------------------------------------------------- +Fri Feb 7 01:30:53 CET 2003 - ro@suse.de + +- added install_info macros + +------------------------------------------------------------------- +Tue Feb 4 22:34:10 CET 2003 - ro@suse.de + +- don't package /bin/kill (part of coreutils now) + +------------------------------------------------------------------- +Tue Feb 4 12:40:00 CET 2003 - meissner@suse.de + +- Include tarball with pmac-utils manpages, so we do not need + sgmltool and all its dependents. + +------------------------------------------------------------------- +Wed Jan 29 11:52:19 CET 2003 - mmj@suse.de + +- Update to util-linux-2.11z including: + · Translation updates + · mount: fix LABEL= handling for user umount, don't abort on read + error with photocds and add dmask and fmask vfat mount options + · setterm: accept devfs name + · simpleinit: security: refuse initctl_fd if FD_CLOEXEC fails + · umount: allow user umount after mount by label or uuid + +------------------------------------------------------------------- +Wed Jan 22 15:10:24 CET 2003 - sf@suse.de + +- removed last patch, added new (correct) patch + +------------------------------------------------------------------- +Wed Jan 22 12:48:30 CET 2003 - sf@suse.de + +- removed eliminate_doubles() from mkfs.cramfs.c + for x86_64, as it segfaults. + (makes the images slightly larger, about 10%) + +------------------------------------------------------------------- +Tue Jan 21 14:51:29 CET 2003 - mmj@suse.de + +- Added description of ISO mount options to mount.8 [#22915] + +------------------------------------------------------------------- +Mon Dec 2 12:21:38 CET 2002 - mmj@suse.de + +- Update the ReiserFS patch from Chris Mason + +------------------------------------------------------------------- +Fri Nov 29 10:38:02 CET 2002 - mmj@suse.de + +- Fix missing #include + +------------------------------------------------------------------- +Thu Nov 28 15:03:05 CET 2002 - mmj@suse.de + +- Make readprofile also try to locate the System.map in + /boot/System.map-`uname -r` [#22168] + +------------------------------------------------------------------- +Wed Nov 27 11:01:52 CET 2002 - mmj@suse.de + +- Update to util-linux-2.11y including: + o Translation updates + o fdisk,cfdisk: cosmetic fixes + o mount,umount: fix LABEL= handling for non-root [#17322] + o more: kill external help file + o simpleinit: security: refuse initctl_fd if setting FD_CLOEXEC + fails (patch we had, now folded upstream) + +------------------------------------------------------------------- +Wed Nov 20 12:19:33 CET 2002 - mmj@suse.de + +- Update to util-linux-2.11x including: + o Translation updates for several languages + o cfdisk: correct error printout + o fdisk: allow addition of a new partition when logicals all used + but primary free + o hwclock: detect systime jumps backward during setting hwclock + o Merge of the cramfs bloksize patch + o mount: new --rbind flag, for recursive loopback mounts + o mount, umount: new -O option + o setpwnam.c: open temp pw file with O_EXCL + o simpleinit: fix for "spawn too fast" + o swapon: new -e option + +------------------------------------------------------------------- +Tue Nov 19 20:12:02 CET 2002 - mmj@suse.de + +- Fix multistring assignment in adjtimex + +------------------------------------------------------------------- +Mon Nov 11 11:26:14 CET 2002 - ro@suse.de + +- changed neededforbuild to +- changed neededforbuild to <> + +------------------------------------------------------------------- +Thu Oct 31 14:59:11 CET 2002 - mmj@suse.de + +- Add -b option to mkfs.cramfs (needed for biarch architectures) + +------------------------------------------------------------------- +Thu Oct 31 00:40:09 CET 2002 - ro@suse.de + +- hack time to build on alpha + +------------------------------------------------------------------- +Tue Oct 22 16:13:36 CEST 2002 - mmj@suse.de + +- Add correction to the ReiserFS patch that fixes the case where it + was possible but unlikely to detect a logged copy of a super on a + dedicated logging device as the real thing. From Chris Mason. + +------------------------------------------------------------------- +Tue Oct 22 14:13:30 CEST 2002 - mmj@suse.de + +- Update to util-linux-2.11w including: + o fdisk and cfdisk fixes + o more bigendian fix + o translation updates + o > 2GB swapspace + o mount umask, cramfs and ocfs stuff + +------------------------------------------------------------------- +Tue Oct 8 17:13:18 CEST 2002 - mmj@suse.de + +- Only enable below patch on ix86 and x86_64 + +------------------------------------------------------------------- +Mon Oct 7 16:35:24 CEST 2002 - mmj@suse.de + +- Make small bugfix to below patch + +------------------------------------------------------------------- +Sat Oct 5 01:27:51 CEST 2002 - mmj@suse.de + +- Apply patch to enable > 2GB swap (redhat) [#20533] + +------------------------------------------------------------------- +Wed Oct 2 15:27:47 CEST 2002 - mmj@suse.de + +- Add one-liner security fix to mount and umount. + +------------------------------------------------------------------- +Mon Sep 23 09:47:33 CEST 2002 - mmj@suse.de + +- Readd fix for klogconsole that got lost [#19834] + +------------------------------------------------------------------- +Fri Sep 13 12:55:24 CEST 2002 - mmj@suse.de + +- Added patch from Oracle to mount ocfs by label [#19262] + +------------------------------------------------------------------- +Thu Sep 12 18:06:21 CEST 2002 - mmj@suse.de + +- more: Do not cast char * to int and back [#18896] + +------------------------------------------------------------------- +Sat Aug 31 17:58:26 CEST 2002 - olh@suse.de + +- add mount_cramfs_be.diff to allow mount -oloop cramfsfile loopdir + +------------------------------------------------------------------- +Mon Aug 26 16:56:52 CEST 2002 - mmj@suse.de + +- Make mode not 666 when writing /etc/mtab [#18342] + +------------------------------------------------------------------- +Mon Aug 26 13:21:30 CEST 2002 - meissner@suse.de + +- quieten klogconsole if the console does not support TIOCLINUX [#12516] + +------------------------------------------------------------------- +Thu Aug 22 15:05:32 CEST 2002 - mmj@suse.de + +- Added patch from Andreas Gruenbacher for nfs-access-acl [#18183] + +------------------------------------------------------------------- +Wed Aug 21 10:33:05 CEST 2002 - mmj@suse.de + +- Fixed an mtab locking bug with patch from Olaf Kirch [#17637] + +------------------------------------------------------------------- +Mon Aug 19 16:46:54 CEST 2002 - mmj@suse.de + +- Updated reiserfs patch from Chris Mason +- Added patch for mount.8, thanks Andreas Gruenbacher + +------------------------------------------------------------------- +Thu Aug 15 19:56:31 CEST 2002 - mmj@suse.de + +- Correct PreReq: + +------------------------------------------------------------------- +Mon Aug 5 10:45:05 CEST 2002 - mmj@suse.de + +- Update to 2.11u which includes: + o Danish, German, Spanish, Swedish and Turkish updates. + o configure: for fsck.cramfs, mkfs.cramfs: add test for libz + o text-utils/Makefile: pg fix + o agetty: use same test as login does to find utmp entry + o fdisk: fix for fdisk on empty disk + o mount updates + +------------------------------------------------------------------- +Tue Jul 23 21:10:27 CEST 2002 - schwab@suse.de + +- Fix mkfs.cramfs for architectures with non-4k pages. + +------------------------------------------------------------------- +Wed Jul 17 00:34:49 CEST 2002 - mmj@suse.de + +- Merged base into util-linux + +------------------------------------------------------------------- +Mon Jul 15 10:23:51 CEST 2002 - mmj@suse.de + +- Added JFSv2 patch from Christoph Hellwig for volume label. Does + for JFS, what below patch does for ReiserFS. + +------------------------------------------------------------------- +Sun Jul 14 19:04:16 CEST 2002 - adrian@suse.de + +- fix ul-2.10m-sgi-fdisk.diff patch to apply again + +------------------------------------------------------------------- +Thu Jul 11 10:36:16 CEST 2002 - mmj@suse.de + +- Added patch from Chris Mason for volume label on reiserfs + +------------------------------------------------------------------- +Wed Jul 10 15:31:53 CEST 2002 - olh@suse.de + +- add mkfs.cramfs and fsck.cramfs to file list + +------------------------------------------------------------------- +Wed Jul 10 15:12:48 CEST 2002 - mmj@suse.de + +- Fixed nfs.5 to tell nfsver defaults to 3 [#16815] + +------------------------------------------------------------------- +Mon Jul 8 21:16:07 CEST 2002 - mmj@suse.de + +- Update to 2.11t which includes + * fdformat: remove test on major + * fdisk, hwclock and swap polishing + * Lots of translations + * cramfs tools includes from the kernel + * swap{on,off} honours /proc/swaps + * mount small fixups + +------------------------------------------------------------------- +Fri Jul 5 11:10:06 CEST 2002 - kukuk@suse.de + +- Use %ix86 macro + +------------------------------------------------------------------- +Mon Jul 1 14:23:38 CEST 2002 - bk@suse.de + +- get raw built on s390 and s390x +- remove %ifarchs s390 s390x for fdisk(needed for SCSI disks) + +------------------------------------------------------------------- +Mon Jun 17 10:52:49 CEST 2002 - mmj@suse.de + +- Added a fix for simpleinit exploit. + +------------------------------------------------------------------- +Thu Jun 13 17:01:38 CEST 2002 - olh@suse.de + +- disable hwclock ppc patch, maybe obsolete with recent kernels + +------------------------------------------------------------------- +Thu May 16 12:57:53 CEST 2002 - mmj@suse.de + +- Added manpage guessfstype(8) + +------------------------------------------------------------------- +Thu May 9 19:07:21 CEST 2002 - mmj@suse.de + +- Updated to util-linux-2.11r, including translations, x86-64 sup- + port and small bugfixes. + +------------------------------------------------------------------- +Sat Apr 13 14:19:46 CEST 2002 - mmj@suse.de + +- Updated to util-linux-2.11q, includes bugfixes. +- util-linux-mkswap.patch for ia64 was folded into mainline + +------------------------------------------------------------------- +Fri Apr 12 16:49:38 CEST 2002 - stepan@suse.de + +- added x86-64 support. + +------------------------------------------------------------------- +Thu Apr 4 20:06:09 CEST 2002 - ihno@suse.de + +- corrected printf to report shared memories sizes bigger than + 2 GByte correct (Bug #15585). It was reportet on s390x, but + should effect other 64-Bit systems as well. + +------------------------------------------------------------------- +Tue Mar 19 13:41:04 MET 2002 - mmj@suse.de + +- Updated to 2.11o. The hexdump patch have been dropped since it + was folded to mainline util-linux. + +------------------------------------------------------------------- +Fri Mar 15 12:08:15 CET 2002 - schwab@suse.de + +- Fix mkswap for ia64. + +------------------------------------------------------------------- +Mon Mar 4 16:21:41 MET 2002 - draht@suse.de + +- permissions fixes for write(1) and wall(1) + +------------------------------------------------------------------- +Fri Feb 1 14:46:45 CET 2002 - mmj@suse.de + +- Moved /usr/bin/logger to /bin/logger (needed by sysconfig) + +------------------------------------------------------------------- +Mon Jan 28 13:59:26 CET 2002 - mmj@suse.de + +- Added the guessfstype binary from msvec/fehr + +------------------------------------------------------------------- +Thu Jan 24 10:16:37 CET 2002 - ro@suse.de + +- modified fillup_and_insserv call (perl-hack not needed here) + +------------------------------------------------------------------- +Mon Jan 21 17:08:17 CET 2002 - mmj@suse.de + +- Merge NetBSD hexdump changes, fixes bugzilla #12801 + +------------------------------------------------------------------- +Thu Jan 10 14:18:21 CET 2002 - ro@suse.de + +- removed ACTIVATE_RAW_DEV + +------------------------------------------------------------------- +Mon Dec 31 19:05:45 UTC 2001 - adrian@suse.de + +- add patch for mips to create SGI partition tables with fdisk + +------------------------------------------------------------------- +Tue Dec 18 16:50:34 CET 2001 - bjacke@suse.de + +- add adjtimex + +------------------------------------------------------------------- +Mon Dec 10 18:22:06 CET 2001 - mmj@suse.de + +- Update to util-linux-2.11n + +------------------------------------------------------------------- +Tue Nov 20 14:48:25 CET 2001 - mmj@suse.de + +- Added a patch to 'wall' to remove unwanted newline (#12181) + +------------------------------------------------------------------- +Wed Nov 7 14:15:51 CET 2001 - kukuk@suse.de + +- Remove unneeded SPARC patch for hwclock + +------------------------------------------------------------------- +Sat Oct 13 20:59:29 CEST 2001 - kukuk@suse.de + +- Update to util-linux 2.11l + +------------------------------------------------------------------- +Wed Sep 12 00:13:22 MEST 2001 - garloff@suse.de + +- Fixed some dutch translations. (bug #10276) + +------------------------------------------------------------------- +Mon Sep 10 19:31:57 CEST 2001 - olh@suse.de + +- marry fdisk and AIX label again... + add lsprop for ppc + dumps the device tree in a human readable format + +------------------------------------------------------------------- +Mon Sep 3 09:50:11 CEST 2001 - kukuk@suse.de + +- Update to version 2.11i: + - blockdev: corrected ioctl numbers + - cal: fixed for multibyte locales + - line: new + - mount: added vxfs magic + +------------------------------------------------------------------- +Sat Sep 1 19:08:46 CEST 2001 - kukuk@suse.de + +- Let mount follow symlinks again + +------------------------------------------------------------------- +Wed Aug 29 16:00:18 CEST 2001 - kukuk@suse.de + +- Add new option to losetup manual page + +------------------------------------------------------------------- +Tue Aug 28 18:24:14 MEST 2001 - draht@suse.de + +- added timeout support for losetup (-t ) + +------------------------------------------------------------------- +Mon Aug 27 15:24:25 CEST 2001 - kukuk@suse.de + +- Add raw rc scripts, too + +------------------------------------------------------------------- +Sun Aug 26 08:51:29 CEST 2001 - bjacke@suse.de + +- added raw binary and put rawio into obsoletes and provides + +------------------------------------------------------------------- +Sat Aug 25 20:22:58 CEST 2001 - kukuk@suse.de + +- Fix path in getopt.1 manual page to example directory [Bug #9831] + +------------------------------------------------------------------- +Fri Aug 24 16:00:13 CEST 2001 - kukuk@suse.de + +- Small fix for hwclock on newer SPARCs + +------------------------------------------------------------------- +Mon Aug 13 15:51:59 CEST 2001 - ro@suse.de + +- changed neededforbuild to + +------------------------------------------------------------------- +Mon Jul 30 10:59:46 CEST 2001 - kukuk@suse.de + +- Update to util-linux-2.11h +- Add nologin program + +------------------------------------------------------------------- +Tue Jul 10 16:44:35 CEST 2001 - kukuk@suse.de + +- Remove swapdev from filelist + +------------------------------------------------------------------- +Tue Jul 10 13:10:23 CEST 2001 - kukuk@suse.de + +- Update to util-linux-2.11g + +------------------------------------------------------------------- +Wed Jun 6 17:25:33 EDT 2001 - bk@suse.de + +- added s390x to all ifnarch s390 + +------------------------------------------------------------------- +Fri Apr 20 12:09:40 CEST 2001 - kukuk@suse.de + +- Fix wall bug (character 80, 160, 240, are missing) [Bug #6962] + +------------------------------------------------------------------- +Mon Mar 26 10:24:40 CEST 2001 - kukuk@suse.de + +- Add exception for broken i2o disk device numbering scheme, kernel + hacker are not able to fix this and make it right [Bug #5881]. + +------------------------------------------------------------------- +Sat Mar 24 15:27:56 CET 2001 - kukuk@suse.de + +- Update to util-linux 2.11b + +------------------------------------------------------------------- +Thu Mar 15 15:47:34 CET 2001 - kukuk@suse.de + +- Fix changing of partitions with ID 0 on SPARC +- Remove duplicate mount patch + +------------------------------------------------------------------- +Wed Mar 14 21:29:23 CET 2001 - schwab@suse.de + +- Don't use _syscallX on ia64. +- Fix missing includes. + +------------------------------------------------------------------- +Wed Mar 14 11:05:22 CET 2001 - kukuk@suse.de + +- Update to version 2.11a + +------------------------------------------------------------------- +Fri Mar 2 17:05:01 CET 2001 - kukuk@suse.de + +- enable write again + +------------------------------------------------------------------- +Mon Feb 12 15:23:14 CET 2001 - kukuk@suse.de + +- cmos.c: Use sys/io.h, fix PowerPC hack + +------------------------------------------------------------------- +Tue Feb 6 11:54:34 CET 2001 - ro@suse.de + +- wall.c: include time.h + +------------------------------------------------------------------- +Mon Feb 5 11:13:56 CET 2001 - kukuk@suse.de + +- Split hex to extra package +- Update to util-linux-2.10s + +------------------------------------------------------------------- +Fri Feb 2 12:18:56 CET 2001 - werner@suse.de + +- Make swapon/swapoff more handy: + * Ignore swap files on ro mounted file systems + * If -a is given ignore already active devices at swapon + * If -a is given ignore not active devices at swapoff + +------------------------------------------------------------------- +Thu Jan 25 00:37:22 CET 2001 - ro@suse.de + +- added Provides: util + +------------------------------------------------------------------- +Fri Jan 12 10:08:29 MET 2001 - garloff@suse.de + +- Apply patch to lomount to allow all kerneli crypt algos to be + passed and allow to pass passwd with -k. +- losetup seems to support >2GB files just fine (#5433) + +------------------------------------------------------------------- +Tue Jan 2 12:04:33 CET 2001 - kukuk@suse.de + +- Save permissions of /etc/mtab [Bug #5027] + +------------------------------------------------------------------- +Tue Dec 5 15:25:45 CET 2000 - kukuk@suse.de + +- Search first in /etc/filesystems, then in /proc/filesystems + +------------------------------------------------------------------- +Tue Dec 5 11:10:10 CET 2000 - schwab@suse.de + +- Don't use _syscallX on ia64. + +------------------------------------------------------------------- + +Tue Dec 5 11:24:34 CET 2000 - kukuk@suse.de + +- Use AIX/fdisk patch from util-linux-2.10r +- Backport "guess filesystems" from util-linux-2.10r + +------------------------------------------------------------------- +Mon Dec 4 09:27:28 CET 2000 - olh@suse.de + +- fix diff again + +------------------------------------------------------------------- +Sun Dec 3 00:09:16 CET 2000 - olh@suse.de + +- no segfaults with AIX disklabels + +------------------------------------------------------------------- +Wed Nov 29 18:21:25 CET 2000 - uli@suse.de + +- fixed to build on PPC + +------------------------------------------------------------------- +Mon Nov 27 19:03:20 CET 2000 - schwab@suse.de + +- Fix broken casts in hwclock. + +------------------------------------------------------------------- +Thu Nov 23 15:48:35 CET 2000 - bk@suse.de + +- temporary disable pivot_root on s390(2.4 kernel is not yet built) + +------------------------------------------------------------------- +Wed Nov 22 13:28:06 CET 2000 - schwab@suse.de + +- Add pivot_root to file list. + +------------------------------------------------------------------- +Mon Nov 20 11:37:35 CET 2000 - kukuk@suse.de + +- Fix pmac-utils to compile with new kernel + +------------------------------------------------------------------- +Fri Nov 17 19:40:20 CET 2000 - kukuk@suse.de + +- Fix hwclock to compile on PPC + +------------------------------------------------------------------- +Wed Nov 15 12:39:13 CET 2000 - kukuk@suse.de + +- Update util-linux to 2.10q, merge flushb.diff + +------------------------------------------------------------------- +Thu Nov 2 10:21:12 CET 2000 - kukuk@suse.de + +- Remove some of the last specfile changes + +------------------------------------------------------------------- +Wed Nov 1 14:17:07 CET 2000 - olh@suse.de + +- update pmac-utils for new powermacs, cleanup specfile + +------------------------------------------------------------------- +Fri Oct 20 14:58:09 CEST 2000 - kukuk@suse.de + +- Update util-linux to 2.10p +- Rename package from util to util-linux + +------------------------------------------------------------------- +Wed Sep 27 11:30:21 CEST 2000 - kukuk@suse.de + +- Allow NFS v3 with 2.2.17.SuSE + +------------------------------------------------------------------- +Tue Sep 26 17:54:23 CEST 2000 - kukuk@suse.de + +- Fix mount for new NFS kernel patch + +------------------------------------------------------------------- +Sat Sep 9 17:36:24 CEST 2000 - kukuk@suse.de + +- Remove tcsh dependency +- Update to util-linux 2.10o, use of /etc/filesystems is still broken + +------------------------------------------------------------------- +Fri Aug 25 17:05:50 MEST 2000 - pthomas@suse.de + +- use %{_mandir} and %{_infodir} exclusively. This allows building + from source rpm on platforms other than 7.0. + +------------------------------------------------------------------- +Wed Jul 19 00:50:48 CEST 2000 - bk@suse.de + +- s390: removed dasdfmt and silo, %ifnarch s390 for some non-s390 things. + +------------------------------------------------------------------- +Tue May 30 18:45:56 CEST 2000 - bk@suse.de + +- added dasdfmt and silo on s390 + +------------------------------------------------------------------- +Mon May 15 18:15:05 CEST 2000 - kukuk@suse.de + +- util-linux: Update to 2.10m + +------------------------------------------------------------------- +Wed Apr 26 11:22:54 CEST 2000 - kukuk@suse.de + +- flusb: Don't use kernel headers, even if we don't need them! + +------------------------------------------------------------------- +Wed Apr 19 13:56:28 CEST 2000 - kukuk@suse.de + +- util-linux: Update to 2.10l + +------------------------------------------------------------------- +Mon Apr 17 15:06:51 CEST 2000 - kukuk@suse.de + +- util-linux: Update to 2.10k + +------------------------------------------------------------------- +Thu Apr 13 15:57:45 CEST 2000 - kukuk@suse.de + +- Move /sbin/setserial to /bin/setserial, add compat link to + /sbin. This fixes [Bug 1084] and is necessary for FHS 2.1 + +------------------------------------------------------------------- +Wed Apr 12 15:43:05 CEST 2000 - kukuk@suse.de + +- Fix util-linux for Alpha + +------------------------------------------------------------------- +Wed Apr 12 14:36:41 CEST 2000 - kukuk@suse.de + +- util-linux: Update to 2.10j + +------------------------------------------------------------------- +Sun Apr 2 01:08:05 CEST 2000 - bk@suse.de + +- suse s390 team added support for s390 + +------------------------------------------------------------------- +Thu Mar 30 21:31:15 CEST 2000 - uli@suse.de + +- hwclock/PPC: added support for MK48T559 RTC chip used in MTX+ boards + +------------------------------------------------------------------- +Fri Mar 24 11:49:25 CET 2000 - kukuk@suse.de + +- Add Linux LVM partition tag to fdisk +- Fix a lot of more possible buffer overruns +- Fix some fdisk sunlabel bugs +- added BuildRoot fixes from nadvorni@suse.cz + +------------------------------------------------------------------- +Wed Mar 22 14:28:27 CET 2000 - kukuk@suse.de + +- Update util-linux to 2.10h +- Add clock again for non PPC platforms + +------------------------------------------------------------------- +Fri Mar 17 15:10:50 CET 2000 - uli@suse.de + +- now contains both hwclock and clock on PPC (/sbin/init.d/boot + chooses what to run at runtime) + +------------------------------------------------------------------- +Tue Mar 14 19:23:26 CET 2000 - schwab@suse.de + +- Add support for ia64. + +------------------------------------------------------------------- +Thu Mar 9 21:25:15 CET 2000 - kukuk@suse.de + +- fdisk: Fix -l for Mylex RAID controller + +------------------------------------------------------------------- +Tue Mar 7 17:23:57 CET 2000 - kukuk@suse.de + +- etc/filesystems: Add minix and reiserfs + +------------------------------------------------------------------- +Tue Mar 7 11:49:23 CET 2000 - kukuk@suse.de + +- mount: fix endian problem with minix fs + +------------------------------------------------------------------- +Tue Feb 15 12:11:50 CET 2000 - kukuk@suse.de + +- mount: Add hack for PPC/syscall mount problem + +------------------------------------------------------------------- +Sun Feb 13 05:16:13 CET 2000 - bk@suse.de + +- let rdev continue in case it stubles over a bad file in /dev (/dev/snd fix) + +------------------------------------------------------------------- +Fri Feb 4 17:14:07 CET 2000 - kukuk@suse.de + +- Make PPC clock parameter compatible to hwclock + +------------------------------------------------------------------- +Thu Feb 3 14:42:23 CET 2000 - kukuk@suse.de + +- Fix filelist for SPARC + +------------------------------------------------------------------- +Thu Feb 3 11:14:29 CET 2000 - kukuk@suse.de + +- util-linux: Update to 2.10f (mount security fix) + +------------------------------------------------------------------- +Sun Jan 23 15:45:08 CET 2000 - kukuk@suse.de + +- util-linux: Update to 2.10e + +------------------------------------------------------------------- +Tue Jan 18 19:18:08 CET 2000 - kukuk@suse.de + +- mount now looks at first in /etc/filesystems and then in + /proc/filesystems + +------------------------------------------------------------------- +Tue Jan 18 16:32:05 CET 2000 - ro@suse.de + +- fixed pmac-utils to build with 2.3 as well + +------------------------------------------------------------------- +Tue Jan 18 14:56:22 CET 2000 - kukuk@suse.de + +- Fix a lot of fdisk buffer overruns [Bug 1642] + +------------------------------------------------------------------- +Mon Jan 17 18:23:56 CET 2000 - kukuk@suse.de + +- Fix setserial for Linux 2.3.40 +- Remove write, is now in nkitb +- Build minix and bfs tools for SPARC +- Fix some buffer overflows in fdisk + +------------------------------------------------------------------- +Fri Dec 17 15:00:19 MET 1999 - kukuk@suse.de + +- util-linux: Update to 2.10d +- hex: Update to 1.2 +- Move manual pages to /usr/share/man + +------------------------------------------------------------------- +Tue Nov 30 18:28:14 CET 1999 - uli@suse.de + +- re-added hwclock link for PPC (2nd try) + +------------------------------------------------------------------- +Tue Nov 30 17:49:27 MET 1999 - uli@suse.de + +- re-added hwclock link for PPC + +------------------------------------------------------------------- +Mon Nov 15 12:39:41 MET 1999 - kukuk@suse.de + +- util-linux: Update to 2.10b + +------------------------------------------------------------------- +Sat Nov 13 15:36:37 MET 1999 - kukuk@suse.de + +- setserial: Add Patch for Sparc +- Fix filelist for Sparc + +------------------------------------------------------------------- +Wed Oct 27 04:03:42 CEST 1999 - garloff@suse.de + +- added flushb (moved here from ddrescue). +- fix bug in logger (remove trailing newlines). + +------------------------------------------------------------------- +Fri Oct 22 11:29:51 MEST 1999 - kukuk@suse.de + +- util-linux: Remove old patches for mk_loop_h + +------------------------------------------------------------------- +Sat Oct 16 16:40:13 MEST 1999 - kukuk@suse.de + +- util-linux: Update to 2.9z + +------------------------------------------------------------------- +Fri Oct 8 10:58:48 MEST 1999 - kukuk@suse.de + +- Update to util-linux-2.9y (execpt fdisk) + +------------------------------------------------------------------- +Tue Sep 14 18:14:53 CEST 1999 - uli@suse.de + +- added PMac-specific utils for PPC + +------------------------------------------------------------------- +Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de + +- ran old prepare_spec on spec file to switch to new prepare_spec. + +------------------------------------------------------------------- +Thu Aug 26 15:05:03 CEST 1999 - uli@suse.de + +- disabled hayesesp for PPC + +------------------------------------------------------------------- +Wed Aug 25 18:04:35 MEST 1999 - kukuk@suse.de + +- Donīt install tsort, its now in textutils 2.0 + +------------------------------------------------------------------- +Tue Aug 24 10:11:06 MEST 1999 - kukuk@suse.de + +- Update to util-linux-2.9w (execpt fdisk) + +------------------------------------------------------------------- +Mon Aug 9 10:55:48 MEST 1999 - kukuk@suse.de + +- Update to util-linux-2.9v (execpt fdisk) + +------------------------------------------------------------------- +Tue Jul 20 18:01:29 CEST 1999 - garloff@suse.de + +- Added hex from Erich S. Raymond + +------------------------------------------------------------------- +Mon Jul 12 12:11:45 MEST 1999 - kukuk@suse.de + +- Add fdisk patch from Klaus G. Wagner +- Add mount patch from util-linux 2.9u + +------------------------------------------------------------------- +Tue Jul 6 12:23:47 MEST 1999 - kukuk@suse.de + +- update to util-linux-2.9t + +------------------------------------------------------------------- +Fri Jun 25 14:44:30 MEST 1999 - kukuk@suse.de + +- update to util-linux-2.9s + +------------------------------------------------------------------- +Wed Mar 3 11:25:50 MET 1999 - ro@suse.de + +- hwclock.c: always use busywait to get rtctime + (it's hard to find out at runtime if we will get an irq) + +------------------------------------------------------------------- +Tue Mar 2 00:42:15 MET 1999 - ro@suse.de + +- update to util-linux-2.9i +- update to setserial-2.15 +- using diffs from jurix and add-ons from kgw for compaq smart raid + +------------------------------------------------------------------- +Mon Feb 1 10:22:10 MET 1999 - ro@suse.de + +- rdev is not built on alpha + +------------------------------------------------------------------- +Mon Jan 18 21:29:36 MET 1999 - florian@suse.de + +- fixed one broken case to delete a partition in fdisk + +------------------------------------------------------------------- +Sun Dec 13 22:20:16 MET 1998 - bs@suse.de + +- fixed file list + +------------------------------------------------------------------- +Thu Dec 10 16:38:08 MET 1998 - fehr@suse.de + +- fix bug in fdisk + +------------------------------------------------------------------- +Tue Dec 8 15:43:23 MET 1998 - ro@suse.de + +- removed last from filelist +- added link /sbin/clock -> hwclock + +------------------------------------------------------------------- +Wed Nov 4 00:23:02 MET 1998 - ro@suse.de + +- fdisksunlabel: don't include scsi/scsi.h for glibc-2.0 + +------------------------------------------------------------------- +Fri Oct 30 11:46:38 MET 1998 - ro@suse.de + +- update to 2.9 / added hostid from previous diff +- copied some glibc changes from previous diff (strcpy..) + +------------------------------------------------------------------- +Thu Sep 17 13:04:14 MEST 1998 - ro@suse.de + +- define _GNU_SOURCE when using getopt + +------------------------------------------------------------------- +Mon Aug 31 16:12:36 MEST 1998 - ro@suse.de + +- full switch to util-linux 2.8 +-- sync has moved to pkg fileutils +-- chroot has moved to pkg sh_utils (has been there for a while) +-- adopted hostid from previous suse-pkg + +------------------------------------------------------------------- +Mon Aug 24 10:46:33 MEST 1998 - ro@suse.de + +- switched to use mount from util-linux-2.8 + +------------------------------------------------------------------- +Tue Jun 23 10:46:45 MEST 1998 - ro@suse.de + +- added fdisk, sfdisk, cfdisk from util-linux-2.8 + (including man-pages,readmes) + +------------------------------------------------------------------- +Mon Nov 17 14:14:47 MET 1997 - ro@suse.de + +- changed /local/bin/perl5 in chkdupexe to /usr/bin/perl + +------------------------------------------------------------------- +Fri Oct 31 13:38:58 MET 1997 - ro@suse.de + +- temporarily removed mount-hacker + +---------------------------------------------------------------------------- +Wed Oct 29 23:44:37 MET 1997 - florian@suse.de + +- add changes from ms@suse.de for hostid.c + + +---------------------------------------------------------------------------- +Tue May 20 14:10:37 MEST 1997 - florian@suse.de + + +- only support kernel 2.0.x for nfs mounts, please use /bin/mount-hacker + for kernel 2.1.x + + +---------------------------------------------------------------------------- +Wed Apr 30 15:57:14 CEST 1997 - florian@suse.de + + +- update to mount 2.6g + + +---------------------------------------------------------------------------- +Sun Apr 13 23:04:29 MEST 1997 - florian@suse.de + + +- update to new version util-linux 2.6 + +- update to new version mount 2.6e + + + +---------------------------------------------------------------------------- +Sat Nov 2 17:35:11 CET 1996 - florian@suse.de + + +- update to mount 2.5p + + +---------------------------------------------------------------------------- +Thu Oct 17 16:05:09 CEST 1996 - florian@suse.de + + +- Update auf neue Version von mount 2.5o. + + +---------------------------------------------------------------------------- +Tue Sep 3 17:01:45 MET DST 1996 - florian@suse.de + + +- updated to new version mount 2.5m +- (u)mount now gives much better error messages + + +---------------------------------------------------------------------- +Sun Aug 25 19:28:50 MET DST 1996 - bs@suse.de + +compile setterm with libtermcap and not libncurses +use newer mount instead of the old version in util-linux +(security fix) diff --git a/util-linux.spec b/util-linux.spec new file mode 100644 index 0000000..2fd8d73 --- /dev/null +++ b/util-linux.spec @@ -0,0 +1,1553 @@ +# +# spec file for package util-linux (Version 2.12r) +# +# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany. +# This file and all modifications and additions to the pristine +# package are under the same license as the package itself. +# +# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# + +# norootforbuild + +Name: util-linux +BuildRequires: libvolume_id-devel pam-devel +URL: http://kernel.org/pub/linux/utils/util-linux +Provides: util rawio raw base schedutils +Obsoletes: util rawio raw base schedutils +PreReq: %install_info_prereq permissions +License: BSD License and BSD-like, GNU General Public License (GPL) +Group: System/Base +Autoreqprov: on +Version: 2.12r +Release: 64 +Summary: A collection of basic system utilities +Source: ftp://ftp.kernel.org/pub/linux/utils/util-linux/%name-%version.tar.bz2 +Source2: nologin.c +Source3: nologin.8 +Source4: raw.init +Source5: etc.raw +Source8: guessfstype.8 +%define time_ver 1.7 +%define which_ver 2.13 +%define adjtimex_ver 1.20 +Source9: adjtimex-%{adjtimex_ver}.tar.bz2 +Source10: freeramdisk.tar.bz2 +Source11: klogconsole.tar.bz2 +Source12: which-%{which_ver}.tar.gz +Source13: time-%{time_ver}.tar.gz +Source15: cryptoloop.txt +Source16: schedutils-1.4.0.tar.bz2 +Source20: README.loop-AES-v2.2d +Source21: README.loop-AES-v2.2d.SuSE +Source22: setctsid.c +Source23: setctsid.8 +Source24: sm-notify-20060111.tar.bz2 +Source25: nfsboot +Source26: README.raw +Source27: renice.8 +Source28: mkzimage_cmdline.8 +Source29: mkzimage_cmdline.c +Source30: README.largedisk +Patch: util-linux-%version.diff +Patch2: loop-AES-v3.0a-util-linux-2.12p.diff +Patch3: util-linux-2.12-multipleraw.diff +Patch7: util-linux-2.12-hostid.diff +Patch8: util-linux-wall.dif +Patch10: util-linux-2.12-mount_guessfstype.diff +Patch11: guessfstype2.patch +Patch15: util-linux-nfs.8.diff +Patch23: util-linux-2.12h-mtablock.diff +Patch25: util-linux-2.11u-nfs-mount_acl.diff +Patch26: mount.8-acl.diff +Patch27: klogconsole-quiet.patch +Patch32: klogconsole.diff +Patch40: time-1.7.dif +Patch43: util-linux-2.11z-hwclock_geteuid.diff +Patch44: adjtimex-1.20-nosyscall.diff +Patch45: mount-nfs-nonreserved +Patch46: util-linux-2.12-nfs-tcp.diff +Patch51: util-linux-2.12-suse-compatibility.diff +Patch52: util-linux-2.12-enablereplaybuild.diff +Patch58: util-linux-2.12a-procswapscheck.diff +Patch61: util-linux-2.12-mountfallback.patch +Patch62: util-linux-2.12a-mountpointwithcolon.diff +Patch64: util-linux-2.12i-x86_64intel.diff +Patch70: util-linux-2.12h-short-passwords.diff +Patch71: util-linux-2.12q-null.diff +Patch72: stupid-programmer.diff +Patch74: util-linux-nfs-timeo.diff +Patch75: util-linux-2.12q-nfsv4.patch +Patch76: util-linux-warn-nfsudp.diff +Patch77: util-linux-2.12q-ionice.diff +Patch78: util-linux-2.11q-fs_mac.diff +Patch79: util-linux-opt-hotplug.diff +Patch81: util-linux-2.12a-mountbylabel-dm.patch +Patch83: util-linux-2.12q-mount--move.diff +Patch84: util-linux-nodiratime.diff +Patch85: util-linux-2.12q-strict-aliasing.diff +Patch86: util-linux-2.12r-mount-by-uuid.patch +Patch88: util-linux-2.12q-umount2-not-static.patch +Patch90: util-linux-2.12r-nonfsmountfallback.diff +Patch91: util-linux-2.12r-mount-mtab-update.patch +Patch92: util-linux-2.12r-mount-doubleslashessourceprefix-cifs.diff +Patch93: util-linux-2.12r-fdiskwrap.patch +Patch94: util-linux-2.12r-rawfixes.patch +Patch95: util-linux-2.12r-rpcsec-gss.patch +Patch96: util-linux-2.12r-external-prog-on-guess.diff +Patch97: util-linux-2.12r-sec-manpage.patch +Patch98: util-linux-2.12r-mount.8-xfs-update.patch +Patch99: util-linux-libvolume_id-support.patch +Patch100: util-linux-2.12r-umount_nosysfs.patch +Patch101: util-linux-2.12r-fdisk_llseek.patch +Patch102: util-linux-2.12r-pagesize.patch +Patch103: util-linux-2.12r-fdiskcyl.patch +Patch104: util-linux-2.12r-readprofile-mapfile.patch +Patch105: util-linux-2.12r-cal_formatting.patch +Patch106: util-linux-2.12r-partx.patch +Patch107: util-linux-2.12r-mkswap_fix.patch +Patch108: util-linux-2.12r-nfs_remount_options.patch +Patch109: util-linux-2.12r-losetup_password.patch +BuildRoot: %{_tmppath}/%{name}-%{version}-build +PreReq: %insserv_prereq %fillup_prereq /bin/sed + +%description +This package contains a large variety of low-level system utilities +that are necessary for a Linux system to function. It contains the +mount program, the fdisk configuration tool, and more. + + + +Authors: +-------- + Adrian Bunk + +%prep +%setup -q -a 9 -b 10 -b 11 -b 12 -b 13 -b 16 -b 24 +%patch -p1 +%patch2 -p1 +%patch3 -p0 +%patch7 -p1 +%patch8 -p1 +%patch10 -p1 +%patch11 -p1 +%patch43 +cd adjtimex-* +%patch44 -p1 +cd - +%patch15 -p1 +%patch23 -p1 +%patch25 -p1 +%patch26 -p0 +%patch46 -p1 +%patch51 -p1 +%patch52 -p0 +%patch58 -p1 +%patch61 -p1 +%patch62 -p1 +%patch64 -p1 +%patch70 -p1 +%patch71 -p1 +%patch72 +%patch74 -p1 +%patch75 -p1 +%patch76 -p1 +%patch77 -p1 +%patch78 -p1 +%patch79 -p1 +%patch81 -p1 +%patch83 +%patch84 -p1 +%patch85 -p1 +%patch86 -p1 +%patch88 +%patch90 -p1 +%patch91 +%patch92 -p1 +%patch93 -p1 +%patch94 -p1 +%patch95 +%patch96 -p1 +%patch97 -p1 +%patch98 +%patch99 -p0 +%patch100 +%patch101 +%patch102 +%patch103 -p1 +%patch104 -p1 +%patch105 +%patch106 -p1 +%patch107 -p1 +%patch108 -p1 +%patch109 -p1 +# setctsid +cp %{S:22} %{S:23} . +# nologin and guessfstype +cp %{S:2} %{S:3} %{S:8} %{S:15} %{S:20} %{S:21} %{S:26} %{S:30} . +cd ../klogconsole +%patch27 -p1 -b .quiet +%patch32 -p1 +cd ../time-* +%patch40 + +%build +# adjtimex build +cd adjtimex-%{adjtimex_ver} +CFLAGS="$RPM_OPT_FLAGS" ./configure +make +cd .. +pushd ../ +# freeramdisk build +cd freeramdisk +make CFLAGS="$RPM_OPT_FLAGS" freeramdisk +cd .. +# which build +cd which-%{which_ver} +%{?suse_update_config:%{suse_update_config}} +CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=/usr \ + --mandir=%{_mandir} \ + --infodir=%{_infodir} \ + %{_target_cpu}-suse-linux +make +cd .. +# time build +cd time-%{time_ver} +%{?suse_update_config:%{suse_update_config}} +CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE " INSTALL_PROGRAM='$(INSTALL)' \ + ./configure --prefix=/usr \ + --mandir=%{_mandir} \ + --infodir=%{_infodir} \ + %{_target_cpu}-suse-linux +make +make check +cd .. +# klogconsole build +cd klogconsole +make CFLAGS="$RPM_OPT_FLAGS" +cd .. +# sm-notify build +cd sm-notify* +make CFLAGS="$RPM_OPT_FLAGS" +cd .. +# schedutils build +cd schedutils-* +make CFLAGS="$RPM_OPT_FLAGS" +popd +# setctsid build +rm -f setctsid +make setctsid OPT="$RPM_OPT_FLAGS" +# util-linux itself +%ifarch s390 s390x +export CFLAGS=-DCONFIG_SMP +%endif +export CFLAGS +./configure +make OPT="$RPM_OPT_FLAGS" +gcc $RPM_OPT_FLAGS -o nologin nologin.c +gcc $RPM_OPT_FLAGS -o mkzimage_cmdline %{S:29} + +%install +mkdir -p "$RPM_BUILD_ROOT"{/etc/init.d,%{_mandir}/man{1,8},\ +/bin,/sbin,/usr/bin,/usr/sbin,%{_infodir}} +cp adjtimex-*/adjtimex %{buildroot}/usr/sbin/ +cp adjtimex-*/adjtimex.8 %{buildroot}%{_mandir}/man8/ +pushd .. +# freeramdisk install +cd freeramdisk +install freeramdisk $RPM_BUILD_ROOT/usr/sbin +install -m644 freeramdisk.info.gz $RPM_BUILD_ROOT%{_infodir} +cd .. +# which install +cd which-%{which_ver} +make install DESTDIR=$RPM_BUILD_ROOT +mkdir -p $RPM_BUILD_ROOT%{_defaultdocdir}/which +install -m 0644 README $RPM_BUILD_ROOT%{_defaultdocdir}/which/ +install -m 0644 EXAMPLES $RPM_BUILD_ROOT%{_defaultdocdir}/which/ +install -m 0644 README.alias $RPM_BUILD_ROOT%{_defaultdocdir}/which/ +cd .. +# time install +cd time-%{time_ver} +mkdir -p $RPM_BUILD_ROOT%{_defaultdocdir}/time +make install DESTDIR=$RPM_BUILD_ROOT \ + prefix=$RPM_BUILD_ROOT/usr \ + infodir=$RPM_BUILD_ROOT%{_infodir} \ + mandir=$RPM_BUILD_ROOT%{_mandir} +install -m 0644 README $RPM_BUILD_ROOT%{_defaultdocdir}/time/ +install -m 0644 AUTHORS $RPM_BUILD_ROOT%{_defaultdocdir}/time/ +install -m 0644 COPYING $RPM_BUILD_ROOT%{_defaultdocdir}/time/ +install -m 0644 NEWS $RPM_BUILD_ROOT%{_defaultdocdir}/time/ +cd .. +# klogconsole install +cd klogconsole +make install DEST=$RPM_BUILD_ROOT +cd .. +# sm-notify install +cd sm-notify* +install sm-notify $RPM_BUILD_ROOT/sbin +install -m 0644 sm-notify.8 $RPM_BUILD_ROOT/%_mandir/man8 +install %SOURCE25 $RPM_BUILD_ROOT/etc/init.d +mkdir -p $RPM_BUILD_ROOT/var/lib/nfs/sm +chmod 700 $RPM_BUILD_ROOT/var/lib/nfs/sm +mkdir -p $RPM_BUILD_ROOT/var/lib/nfs/sm.bak +chmod 700 $RPM_BUILD_ROOT/var/lib/nfs/sm.bak +touch $RPM_BUILD_ROOT/var/lib/nfs/state +chmod 644 $RPM_BUILD_ROOT/var/lib/nfs/state +cd .. +# schedutils install +cd schedutils-* +make PREFIX=$RPM_BUILD_ROOT/usr \ + DOCDIR=$RPM_BUILD_ROOT%_docdir/schedutils \ + MANDIR=$RPM_BUILD_ROOT%_mandir install installdoc +popd +# util-linux install +make DESTDIR=$RPM_BUILD_ROOT install +mv $RPM_BUILD_ROOT/usr/bin/logger $RPM_BUILD_ROOT/bin/logger +install -m 644 mount/filesystems $RPM_BUILD_ROOT/etc/filesystems +install -m 755 nologin $RPM_BUILD_ROOT/sbin +%ifnarch ppc ppc64 +install -m 755 mkzimage_cmdline $RPM_BUILD_ROOT/usr/bin +install -m 644 %{S:28} $RPM_BUILD_ROOT%{_mandir}/man8 +%endif +install -m 755 mount/guessfstype $RPM_BUILD_ROOT/bin +install -m 644 nologin.8 $RPM_BUILD_ROOT%{_mandir}/man8 +install -m 755 disk-utils/raw $RPM_BUILD_ROOT/usr/sbin +install -m 644 disk-utils/raw.8 $RPM_BUILD_ROOT%{_mandir}/man8 +install -m 644 guessfstype.8 $RPM_BUILD_ROOT%{_mandir}/man8 +# setctsid install +install -m 755 setctsid $RPM_BUILD_ROOT/usr/sbin +install -m 444 setctsid.8 $RPM_BUILD_ROOT%{_mandir}/man8/ +install -m 444 %SOURCE27 $RPM_BUILD_ROOT%{_mandir}/man8/ +echo -e "#! /bin/bash\n/sbin/blockdev --flushbufs \$1" > $RPM_BUILD_ROOT/usr/sbin/flushb +chmod 755 $RPM_BUILD_ROOT/usr/sbin/flushb +# Install scripts to configure raw devices at boot time +install -m 644 $RPM_SOURCE_DIR/etc.raw $RPM_BUILD_ROOT/etc/raw +install -m 755 $RPM_SOURCE_DIR/raw.init $RPM_BUILD_ROOT/etc/init.d/raw +ln -sf ../../etc/init.d/raw $RPM_BUILD_ROOT/usr/sbin/rcraw +# Stupid hack so we don't have a tcsh dependency +chmod 644 $RPM_BUILD_ROOT/usr/share/misc/getopt/* +# Following files we don't want to package, so remove them +rm -f $RPM_BUILD_ROOT/bin/kill +rm -f $RPM_BUILD_ROOT/sbin/guessfstype # in /bin +rm -f $RPM_BUILD_ROOT/usr/bin/last +rm -f $RPM_BUILD_ROOT/usr/bin/raw +rm -f $RPM_BUILD_ROOT/usr/bin/pg +rm -f $RPM_BUILD_ROOT/usr/share/man/man1/kill.1* +rm -f $RPM_BUILD_ROOT/usr/share/man/man1/last.1* +rm -f $RPM_BUILD_ROOT/usr/share/man/man1/pg.1* +%ifarch s390 s390x +rm -f $RPM_BUILD_ROOT/etc/fdprm +rm -f $RPM_BUILD_ROOT/usr/bin/cytune +rm -f $RPM_BUILD_ROOT/usr/bin/fdformat +rm -f $RPM_BUILD_ROOT/sbin/hwclock +rm -f $RPM_BUILD_ROOT/usr/sbin/klogconsole +rm -f $RPM_BUILD_ROOT/usr/bin/setfdprm +rm -f $RPM_BUILD_ROOT/usr/bin/setterm +rm -f $RPM_BUILD_ROOT/usr/sbin/tunelp +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/cytune.8* +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/fdformat.8* +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/hwclock.8* +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/klogconsole.8* +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/setfdprm.8* +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/tunelp.8* +%endif +%ifnarch %ix86 x86_64 +rm -f $RPM_BUILD_ROOT/usr/sbin/ramsize +rm -f $RPM_BUILD_ROOT/usr/sbin/rdev +rm -f $RPM_BUILD_ROOT/usr/sbin/rootflags +rm -f $RPM_BUILD_ROOT/usr/sbin/vidmode +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/ramsize.8* +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/rdev.8* +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/rootflags.8* +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/vidmode.8* +%endif +%ifarch ia64 sparc +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/cfdisk.8* +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/sfdisk.8* +rm -f $RPM_BUILD_ROOT/sbin/cfdisk +rm -f $RPM_BUILD_ROOT/sbin/sfdisk +%endif +%ifarch ia64 +rm -f $RPM_BUILD_ROOT/sbin/fdisk +rm -f $RPM_BUILD_ROOT%{_mandir}/man8/fdisk.8* +%endif + +%clean +rm -rf $RPM_BUILD_ROOT + +%post +%{fillup_and_insserv -ps raw ACTIVATE_RAW_DEV} +%{fillup_and_insserv -fY nfsboot} +%install_info --entry="* freeramdisk: (freeramdisk). tell kernel to free allocated memory for ramdisk" --info-dir=%{_infodir} %{_infodir}/freeramdisk.info.gz +%install_info --info-dir=%{_infodir} %{_infodir}/ipc.info.gz +%install_info --entry="* time: (time). summarizing used system resources" --info-dir=%{_infodir} %{_infodir}/time.info.gz +%install_info --entry="* which: (which). show the full path of (shell) commands" --info-dir=%{_infodir} %{_infodir}/which.info.gz +%run_permissions +# mount option 'code=' is now called 'codepage=' so change fstab +if [ -f etc/fstab ]; then + sed -i 's:code=:codepage=:' etc/fstab +fi + + +%postun +%install_info_delete --info-dir=%{_infodir} %{_infodir}/freeramdisk.info.gz +%install_info_delete --info-dir=%{_infodir} %{_infodir}/ipc.info.gz +%install_info_delete --info-dir=%{_infodir} %{_infodir}/time.info.gz +%install_info_delete --info-dir=%{_infodir} %{_infodir}/which.info.gz +%{insserv_cleanup} + +%verifyscript +%verify_permissions -e /usr/bin/wall -e /usr/bin/write + +%files +# Common files for all archs +%defattr(-,root,root) +%doc HISTORY INSTALL +%doc login-utils/README.getty +%doc login-utils/README.modems-with-agetty +%doc login-utils/README.poeigl +%doc misc-utils/README.cal +%doc misc-utils/README.namei +%doc misc-utils/README1.namei +%doc mount/README.mount +%doc hwclock/README.hwclock +%doc text-utils/README.col +%doc README.loop-AES-v2.2d README.loop-AES-v2.2d.SuSE +%doc README.largedisk +%config %attr(744,root,root) /etc/init.d/raw +%attr(755,root,root) /etc/init.d/nfsboot +%config(noreplace) %attr(644,root,root) /etc/raw +/usr/sbin/rcraw +/bin/arch +/bin/dmesg +/bin/guessfstype +/bin/more +/bin/mount +/bin/umount +%config /etc/filesystems +/sbin/agetty +/sbin/blockdev +/sbin/elvtune +/sbin/ctrlaltdel +/sbin/fsck.minix +/sbin/fsck.cramfs +/sbin/losetup +/sbin/mkfs +/sbin/mkfs.bfs +/sbin/mkfs.minix +/sbin/mkfs.cramfs +/sbin/mkswap +/sbin/nologin +/sbin/partx +/sbin/pivot_root +/sbin/sln +/sbin/sm-notify +/sbin/swapoff +/sbin/swapon +/bin/logger +/usr/bin/cal +/usr/bin/chkdupexe +/usr/bin/chrt +/usr/bin/col +/usr/bin/colcrt +/usr/bin/colrm +/usr/bin/column +/usr/bin/ddate +/usr/bin/flock +/usr/bin/getopt +/usr/bin/hexdump +/usr/bin/hostid +/usr/bin/ionice +/usr/bin/ipcrm +/usr/bin/ipcs +/usr/bin/isosize +/usr/bin/line +/usr/bin/look +/usr/bin/mcookie +/usr/bin/mesg +%ifnarch ppc ppc64 +/usr/bin/mkzimage_cmdline +%endif +/usr/bin/namei +/usr/bin/rename +/usr/bin/renice +/usr/bin/scriptreplay +/usr/bin/rev +/usr/bin/script +/usr/bin/setsid +/usr/bin/ul +/usr/bin/tailf +/usr/bin/taskset +/usr/bin/time +/usr/bin/which +/usr/sbin/freeramdisk +/usr/sbin/setctsid +%verify(not mode) %attr(0755,root,tty) /usr/bin/wall +/usr/bin/whereis +/usr/sbin/adjtimex +%verify(not mode) %attr(0755,root,tty) /usr/bin/write +%dir %{_defaultdocdir}/schedutils +%dir %{_defaultdocdir}/time +%dir %{_defaultdocdir}/which +/var/lib/nfs +%ghost /var/lib/nfs/state +%{_defaultdocdir}/schedutils/* +%{_defaultdocdir}/time/* +%{_defaultdocdir}/which/* +%{_infodir}/ipc.info.gz +%{_infodir}/freeramdisk.info*.gz +%{_infodir}/time.info*.gz +%{_infodir}/which.info*.gz +%{_mandir}/man1/arch.1.gz +%{_mandir}/man1/cal.1.gz +%{_mandir}/man1/chkdupexe.1.gz +%{_mandir}/man1/chrt.1.gz +%{_mandir}/man1/col.1.gz +%{_mandir}/man1/colcrt.1.gz +%{_mandir}/man1/colrm.1.gz +%{_mandir}/man1/column.1.gz +%{_mandir}/man1/ddate.1.gz +%{_mandir}/man1/flock.1.gz +%{_mandir}/man1/getopt.1.gz +%{_mandir}/man1/hexdump.1.gz +%{_mandir}/man1/hostid.1.gz +%{_mandir}/man1/line.1.gz +%{_mandir}/man1/logger.1.gz +%{_mandir}/man1/look.1.gz +%{_mandir}/man1/mcookie.1.gz +%{_mandir}/man1/mesg.1.gz +%{_mandir}/man1/more.1.gz +%{_mandir}/man1/namei.1.gz +%{_mandir}/man1/ionice.1.gz +%{_mandir}/man1/readprofile.1.gz +%{_mandir}/man1/rename.1.gz +%{_mandir}/man1/scriptreplay.1.gz +%{_mandir}/man1/rev.1.gz +%{_mandir}/man1/script.1.gz +%{_mandir}/man1/tailf.1.gz +%{_mandir}/man1/taskset.1.gz +%{_mandir}/man1/ul.1.gz +%{_mandir}/man1/wall.1.gz +%{_mandir}/man1/whereis.1.gz +%{_mandir}/man1/write.1.gz +%{_mandir}/man1/which.1.gz +%{_mandir}/man5/fstab.5.gz +%{_mandir}/man5/nfs.5.gz +%{_mandir}/man8/agetty.8.gz +%{_mandir}/man8/blockdev.8.gz +%{_mandir}/man1/setterm.1.gz +%{_mandir}/man8/elvtune.8* +%{_mandir}/man8/ctrlaltdel.8.gz +%{_mandir}/man8/adjtimex.8.gz +%{_mandir}/man8/mkfs.bfs.8.gz +%{_mandir}/man8/mkfs.minix.8.gz +%{_mandir}/man8/fsck.minix.8.gz +%{_mandir}/man8/dmesg.8.gz +%{_mandir}/man8/ipcrm.8.gz +%{_mandir}/man8/ipcs.8.gz +%{_mandir}/man8/isosize.8.gz +%{_mandir}/man8/losetup.8.gz +%{_mandir}/man8/mkfs.8.gz +%{_mandir}/man8/mkswap.8.gz +%{_mandir}/man8/mount.8.gz +%{_mandir}/man8/nologin.8.gz +%ifnarch ppc ppc64 +%{_mandir}/man8/mkzimage_cmdline.8.gz +%endif +%{_mandir}/man8/pivot_root.8.gz +%{_mandir}/man8/raw.8.gz +%{_mandir}/man8/renice.8.gz +%{_mandir}/man8/setsid.8.gz +%{_mandir}/man8/sln.8.gz +%{_mandir}/man8/sm-notify.8.gz +%{_mandir}/man8/swapoff.8.gz +%{_mandir}/man8/swapon.8.gz +%{_mandir}/man8/umount.8.gz +%{_mandir}/man8/guessfstype.8.gz +%{_mandir}/man8/setctsid.8.gz +/usr/sbin/raw +/usr/sbin/flushb +/usr/sbin/readprofile +%dir /usr/share/misc/getopt +%attr (755,root,root) /usr/share/misc/getopt/getopt-parse.bash +%attr (755,root,root) /usr/share/misc/getopt/getopt-parse.tcsh +%attr (755,root,root) /usr/share/misc/getopt/getopt-test.bash +%attr (755,root,root) /usr/share/misc/getopt/getopt-test.tcsh +/usr/share/locale/*/LC_MESSAGES/util-linux.mo +%ifnarch ia64 +%doc fdisk/README.fdisk +/sbin/fdisk +%{_mandir}/man8/fdisk.8.gz +%endif +%ifnarch sparc ia64 +%doc fdisk/README.cfdisk +%{_mandir}/man8/cfdisk.8.gz +%{_mandir}/man8/sfdisk.8.gz +/sbin/cfdisk +/sbin/sfdisk +%endif +%ifarch %ix86 x86_64 +/usr/sbin/ramsize +/usr/sbin/rdev +/usr/sbin/rootflags +/usr/sbin/vidmode +%{_mandir}/man8/ramsize.8.gz +%{_mandir}/man8/rdev.8.gz +%{_mandir}/man8/rootflags.8.gz +%{_mandir}/man8/vidmode.8.gz +%endif +%ifnarch s390 s390x +%config(noreplace) /etc/fdprm +/usr/bin/cytune +/usr/bin/fdformat +/sbin/hwclock +/usr/sbin/klogconsole +/usr/bin/setfdprm +/usr/bin/setterm +/usr/sbin/tunelp +%{_mandir}/man8/cytune.8.gz +%{_mandir}/man8/fdformat.8.gz +%{_mandir}/man8/hwclock.8.gz +%{_mandir}/man8/klogconsole.8.gz +%{_mandir}/man8/setfdprm.8.gz +%{_mandir}/man8/tunelp.8.gz +%endif + +%changelog -n util-linux +* Tue Dec 12 2006 - mkoenig@suse.de +- provide different return codes for losetup with encryption + for empty and too short passwords. [#197493] +* Tue Dec 05 2006 - mkoenig@suse.de +- default swap to V1 in any case [#205956] + patch: util-linux-2.12r-mkswap_fix.patch +- do not append addr option with each nfs remount [#130625] + patch: util-linux-2.12r-nfs_remount_options.patch +- add README.largedisk about fdisk partition size constraints + [#153657] +* Tue Nov 07 2006 - mkoenig@suse.de +- enable partx [#214992] +* Tue Oct 10 2006 - mkoenig@suse.de +- Round up partition end LBA to a cylinder boundary during + add_partition() [#174892] +- Fix readprofile on ppc64 [#179122] +- Fix cal formatting bug [#203469] +* Mon Oct 09 2006 - mkoenig@suse.de +- Fix llseek issues. +- swapon.c: Do not use PAGE_SIZE macro. +* Mon Aug 21 2006 - mkoenig@suse.de +- Added sysfs to list of filesystems not to unmount with + umount -a, resolves #190385 +* Mon Jun 12 2006 - kay.sievers@suse.de +- use libvolume_id from provided as a rpm by udev 094 +* Wed May 17 2006 - jeffm@suse.com +- Fixed support for calling external programs w/o -t , + it would add mtab twice [#176582] +* Mon Apr 24 2006 - hvogel@suse.de +- document xfs dmapi mount options better [#158955] +* Fri Apr 21 2006 - olh@suse.de +- add mkzimage_cmdline to edit CHRP zImage kernel cmdline (168313) +* Tue Apr 18 2006 - hvogel@suse.de +- fix number of supported raw devices [#165570] +* Wed Mar 29 2006 - olh@suse.de +- clearify comments about mac disk label handling in fdisk +* Tue Mar 28 2006 - hvogel@suse.de +- more fixes for the fdiskwrap patch [#160822] +* Tue Mar 21 2006 - okir@suse.de +- Update nfs(5) manpage to document security flavors [#159368] +* Mon Mar 20 2006 - hvogel@suse.de +- fix numbers of supported raw devices to match the kernel + [#158203] +- make NFSv3 client support RPCSEC_GSS [#158401] +- fix that if the user doesn't specify -t + mount.fstype will never be called. [#155147] +* Fri Mar 10 2006 - hvogel@suse.de +- Fix init.d/raw script to parse device names with , in them + correctly [#155653] +* Thu Mar 09 2006 - hare@suse.de +- Fix potential security hole in libvolume_id (#133256) +* Mon Mar 06 2006 - hvogel@suse.de +- patch fdiskmaclabel.h too +* Thu Mar 02 2006 - hvogel@suse.de +- axboe made fdisk not wrap at 2TB [#153657] +* Fri Feb 17 2006 - lmuelle@suse.de +- Use cifs instead of smbfs if the source starts with // and we do not set a + different fs type. +* Sun Feb 12 2006 - olh@suse.de +- cosmetic fix for option_hotplug declaration + fix unininitalized string for unknown filesystems (#148855) +* Fri Feb 10 2006 - hvogel@suse.de +- mount should not put / in the mtab twice if mount -f / is called + [#148409] +- fix hostid printf [#149163] +* Wed Feb 01 2006 - olh@suse.de +- dont invent our own MS_FLAGS (#147132) +* Wed Feb 01 2006 - ro@suse.de +- fix typo in previous change, binary negation is "~" +* Fri Jan 27 2006 - sscheler@suse.de +- fixed mount hotplug option (#143352). now we don't send the + MS_HOTPLUG flag to the kernel any longer, because the kernel + doesn't know this option (EINVAL) and actually doesn't need to + know about it. +* Fri Jan 27 2006 - olh@suse.de +- remove clock symlink, hwclock exists since 7 years +* Fri Jan 27 2006 - olh@suse.de +- lsprop and nvsetenv moved to powerpc-utils [#144758] +* Thu Jan 26 2006 - hvogel@suse.de +- Make nfsboot world readable [#145418] +* Wed Jan 25 2006 - mls@suse.de +- converted neededforbuild to BuildRequires +* Tue Jan 24 2006 - mmj@suse.de +- Remove faulty nfs fallback code [#139019] +* Mon Jan 16 2006 - mmj@suse.de +- Add patch for nsetenv to fix short reads/short writes [#142546] +* Wed Jan 11 2006 - mmj@suse.de +- Update sm-notify [#141542] +* Wed Jan 04 2006 - mmj@suse.de +- Update to 2.12r including since 2.12q: + o cfdisk: fix a segfault with ReiserFS partitions + o umount: disallow -r option for non-root users +* Tue Nov 22 2005 - mmj@suse.de +- install proper renice manpage [#132470] +* Tue Nov 15 2005 - uli@suse.de +- umount2 is not static (only fails on ARM, surprisingly) +- added ARM ionice syscalls +* Fri Nov 11 2005 - hare@suse.de +- Fix reverse-mapping of by-UUID and by-LABEL mounts. +* Thu Nov 10 2005 - hare@suse.de +- Fix a mishandling of by-UUID mounts. +- Use libvolume_id from udev. +* Sat Oct 22 2005 - mmj@suse.de +- Increase lsprop.c max property size to 4k [#128155] +* Mon Oct 10 2005 - mmj@suse.de +- Add -fno-strict-aliasing to nfsmount_xdr.c +* Mon Oct 03 2005 - mmj@suse.de +- Teach the mount manual page about nodiratime [#118987] +* Thu Sep 29 2005 - mmj@suse.de +- Patch from jakub007@go2.pl to make mount --move update + /etc/mtab correctly [#115129] +* Tue Sep 13 2005 - mmj@suse.de +- Only allow root to pass -r to umount [#116741] +* Mon Sep 05 2005 - mmj@suse.de +- MAC -> Mac [#104081] +* Fri Sep 02 2005 - mmj@suse.de +- Don't package manual executable [#114849] +* Thu Sep 01 2005 - mmj@suse.de +- Add patch for device-mapper mount by label support [#75966] +* Thu Sep 01 2005 - ro@suse.de +- provide and obsolete schedutils +* Tue Aug 23 2005 - hvogel@suse.de +- update ionice patch by axboe so that ionice will complain about + missing sys_ioprio_set support, but it will still + execute the process. +* Mon Aug 22 2005 - hvogel@suse.de +- Fix rpm verify output [#105807] + (ghost entry for /var/lib/nfs/state) +* Mon Aug 22 2005 - schwab@suse.de +- Fix stupid buffer overflow bug in cfdisk [#66020]. +* Wed Aug 17 2005 - hare@suse.de +- Add option 'hotplug' to mount (#104405) +* Mon Aug 15 2005 - schwab@suse.de +- Always build with RPM_OPT_FLAGS. +* Thu Aug 11 2005 - mmj@suse.de +- Patch from Patrick Kirsch to make fdisk detect MAC-fs [#104081] +* Wed Aug 03 2005 - mmj@suse.de +- Merge schedutils to here (it's happened upstream already) +* Tue Aug 02 2005 - mmj@suse.de +- Support for s390 and s390x +* Mon Aug 01 2005 - mmj@suse.de +- It's not __ppc_ and __ppc64__ but __powerpc__ and __powerpc64__ +* Mon Aug 01 2005 - mmj@suse.de +- Add ionice binary from Jens Axboe +* Wed Jun 29 2005 - mmj@suse.de +- Document load and clearly issues about NFS over UDP [#80263] +- Don't compile with -fsigned-char [#93886] +* Tue May 31 2005 - okir@suse.de +- Added NFSv4 support +* Mon May 09 2005 - hvogel@suse.de +- move hashalot and cryptsetup tools to util-linux-crypto +* Tue Apr 12 2005 - mmj@suse.de +- bump TCP timeo to 600 [#76198] +* Tue Mar 29 2005 - mmj@suse.de +- Add awareness of twofishSL92 [#74359] +- Update hashalot to version 0.3 +* Mon Mar 14 2005 - okir@suse.de +- Changed sm-notify to recognize host names as well as addresses. +* Thu Mar 10 2005 - mmj@suse.de +- Don't strip anything explicitly +- Don't compile with -fno-strict-aliasing [#66020] +* Fri Feb 04 2005 - schwab@suse.de +- Fix stupid programmer. +* Mon Jan 24 2005 - meissner@suse.de +- implicit strcmp / strerror in setctsid fixed. +- 0 -> NULL in an execl +* Fri Jan 21 2005 - mmj@suse.de +- Sleep after inserting the raw module to make sure it's ready [#49807] +- Update to 2.12q including since 2.12p: + o New upstream maintainer - Adrian Bunk + o sfdisk: add -G option + o Updated translations +* Tue Jan 18 2005 - okir@suse.de +- Updated sm-notify; try not to stall bootup my moving the NSM + state update after we've backgrounded (#49072). +* Mon Jan 10 2005 - mmj@suse.de +- Update adjtimex to 1.20 +- Update to util-linux-2.12p including since 2.12i: + o cfdisk: fix number of new partition when partitions not in disk order + o fdisk: fix Sun label handling in sector mode + o mkfs: never truncate filename (not that that ever happened) + o more: fix redraw flaw + o lomount: revert patch from 2.12j + o lptune.8: -T option is obsolete + o mkswap, mkswap.8, swapon: support labels + o umount: allow user unmounting repeatedly mounted nfs mounts + o cfdisk: recognize JFS, support reiserfs labels + o mount: fix option parsing bug + o mount.8: several updates + o swapon.8: document -v option + o Makefile: remove cat-id-tbl.c upon make clean + o fdisk: fixed a bug that would cause a non-update of a sun disklabel + o fdisk: use sectorsize instead of 512 for SGI + o hwclock: actually use HAVE_tm_gmtoff + o swapon: fix priority handling + o umount: refuse to unmount an empty string + o configure, MCONFIG: detect gcc 3.4.0 and use -mtune option + o configure: do not run ./conftest (for cross compilation) + o fsck.cramfs: try to get correct PAGE_CACHE_SIZE + o losetup: try to give better error messages + o readprofile: default map file is /boot/System.map + o rdev.8: added historical info on ramdisk + o cal: highlight today + o lomount: stop reading passwd at NUL, fix lo_encrypt key_size + o losetup: add -f option to find an unused loop device + o more: code cleanup + o mount: add "group" mount option + o sfdisk: fix 2.6.8 BLKRRPART ioctl damage + o swapon: let swapon -a skip the swapfiles marked "noauto" + o umount: fix problem with empty mtab + o umount: use special umount program if it exists + o new flock binary + o New messages +* Tue Nov 30 2004 - mmj@suse.de +- Install ramsize, rdev, rootflags and vidmode on x86-64 [#48633] +* Fri Nov 12 2004 - schwab@suse.de +- Don't install *fdisk on ia64. +* Fri Nov 12 2004 - ro@suse.de +- correct permissions handling for wall and write +* Tue Nov 09 2004 - mmj@suse.de +- Fix segfault with mount -l [#48029] +* Fri Nov 05 2004 - mmj@suse.de +- Update to util-linux-2.12i including: + o MCONFIG: fix build conditions + o chfn, chsh: add error checking + o cytune: use local header cyclades.h + o fdisk: fix default SGI volume header size + o fstab.c: use strsignal() instead of sys_siglist[] + o hwclock: use when available on i386 + o hwclock: dont try KDGHWCLK on archs other than __m68k__ + o sfdisk: correct typo in __attribute__used nonsense + o sfdisk: use PACKED on __arm__ + o sfdisk: fix warning printout +* Thu Nov 04 2004 - mmj@suse.de +- Update to util-linux-2.12h including: + o cfdisk: avoid crash if no partition table + o elvtune: tell user that this only works on 2.4 kernels + o lomount: clear passwords after use + o mount: accept comments (specified by comment=) in fstab + o mount: support ocfs, ocfs2 + o [u]mount: be more careful with malloc, try to avoid OOM with + many mounts + o sfdisk: __attribute__used nonsense to support gcc 3.4 + o shutdown: do not unmount various virtual filesystems + o mount.8: added recent ext2 mount options + o mount: support jfs mount-by-label, improve reiserfs support + o sfdisk: remove strange "ends in a digit" heuristic + o *fdisk: use common disksize() routine +* Tue Oct 19 2004 - mmj@suse.de +- Add patch from SGI for fdisk label [#47368] +* Tue Sep 28 2004 - mmj@suse.de +- And another one [#46201] +* Wed Sep 15 2004 - mmj@suse.de +- Add patch from Andries to fix cfdisk [#44996] +* Tue Sep 07 2004 - mmj@suse.de +- Update to util-linux-2.12c including: + o mount.8: added recent ext2 mount options + o mount: support jfs mount-by-label, improve reiserfs support + o sfdisk: remove strange "ends in a digit" heuristic + o *fdisk: use common disksize() routine [#44678] +* Wed Aug 25 2004 - mmj@suse.de +- Update to util-linux-2.12b including: + o chsh: improved error message + o dmesg: ask kernel proper buffer size + o losetup: handle 64-bit offsets + o blockdev: also report BLKGETSIZE64 result [#43464] + o blockdev, elvtune, fdisk: handle new kernel _IOR,_IOW defines + o fdisk: remove strange "ends in a digit" heuristic + o fdisk: also list Solaris as possible type for 0x82 + o mount: added --rbind option + o mount: use blkid library + o mount: support reiserfs mount by label + o mount: attempt to use the right definition of dev_t in struct + loopinfo + o mount.8: jfs mount options added + o readprofile: new -s option + o rename.1: added ref to mmv.1 + o replay: renamed to scriptreplay; correct typos + o script: do not use locale for time delay floating point number + format + o sfdisk: error messages to stderr + o New Catalan, Dutch, Finnish, French, German, Spanish, Swedish, + Turkish, Ukrainian messages +- Update the loop-AES patch, thanks to Sumit Bose +- Change the minimum password length to 8 chars +* Tue Aug 24 2004 - mmj@suse.de +- Fix signed/unsigned bug in lsprop [#44048] +* Wed Aug 18 2004 - mmj@suse.de +- Readd patch that got lost to make fdisk -l work better with + RAID controllers [#43485] +* Mon Aug 09 2004 - mmj@suse.de +- Add an improved version of the dmesg bufsize patch. +* Tue Jun 22 2004 - mmj@suse.de +- Add patch to try and guess a filesystem type before blindly + assuming it's nfs because of the colon [#42097] +* Mon Jun 14 2004 - agruen@suse.de +- Formatting error in mount.8 manual page. +* Wed Jun 09 2004 - mmj@suse.de +- Add patch from Olaf Kirch to make protocol selection for mount + independent of protocol selection for NFS, and picks what is + available (preferring TCP over UDP) [#41735] +* Wed Jun 09 2004 - mls@suse.de +- add '-f' option to setctsid +* Thu May 27 2004 - okir@suse.de +- sm-notify now binds to a reserved port +* Sat May 15 2004 - mmj@suse.de +- Add documentation about raw device handling [#39037] +* Mon May 10 2004 - mmj@suse.de +- Make dmesg dump entire buffer. Patch from Andries/odabrunz [#39761] +* Thu May 06 2004 - mmj@suse.de +- Also check if the device is the same when doing swapon. Could be + the same block device with 2 different names [#39436] +* Wed May 05 2004 - mmj@suse.de +- Do a /sbin/modprobe raw when invoking raw devices [#39037] +* Tue Apr 20 2004 - mmj@suse.de +- Update to 2.12a including: + o fdisk: fix for kernels 2.4.15-2.4.17 + o fdisk: fix when all partitions are in use + o hwclock: add a timeout when waiting for a clock update + o ipcs: compilation fix + o ipcs: shminfo.shmall gives pages + o mount: efs support + o partx: bigendian fix + o readprofile: support for 64-bit addresses + o setterm: fix klogctl error message + o setterm.1: clarification + o sfdisk: fix check for is_ide_cdrom_or_tape + o umount: skip proc, devfs, devpts on umount -a +* Mon Apr 19 2004 - mmj@suse.de +- Add patch for unlimited raw devices [#39037] +* Thu Apr 15 2004 - mmj@suse.de +- Make sm-notify be more quiet when nothing wrong, and log to sys- + log when something is. +* Tue Apr 06 2004 - mmj@suse.de +- Don't use startproc for sm-notify [#38481] +* Mon Apr 05 2004 - mmj@suse.de +- Removing elvtune alltogether was a bit drastic, since it of + course works fine with 2.4 kernels. So print a warning in case + the BLKELVGET ioctl returns something indicating 2.6 kernels. +* Thu Apr 01 2004 - mmj@suse.de +- Don't package elvtune anymore since it's obsolete now that io + scheduler can be tuned in /sys/block/hdX/queue/iosched/* [#37869] +* Wed Mar 31 2004 - mmj@suse.de +- Apply util-linux-2.12a fixes for hwclock and readprofile. The + hwclock bit is a timout fix which hopefully fixes [#35877] +- Move sm-notify to here from nfs-utils [#36737] +* Mon Mar 29 2004 - mmj@suse.de +- Adjust warnings about Crypto-API +* Sun Mar 28 2004 - mmj@suse.de +- Add patch to make script allways use the same LC_NUMERIC [#35476] +* Fri Mar 26 2004 - od@suse.de +- Add setctsid by Werner Fink [#37177] +* Fri Mar 26 2004 - mmj@suse.de +- Mount option "code" is now "codepage" so update /etc/fstab in + postinstall [#36950] +* Fri Mar 26 2004 - mmj@suse.de +- Remove false statement in nfs.5 about the linux kernel not + supporting nfs over tcp [#37060] +* Wed Mar 17 2004 - mmj@suse.de +- Use correct permissions for README.hashalot [#36303] +* Mon Mar 08 2004 - mmj@suse.de +- Enable build of replay [#35434] +* Wed Feb 25 2004 - mmj@suse.de +- Use loop-AES-v2.0f-util-linux-2.12.diff instead of losetup patch + added earlier. Thanks Sumit Bose! +* Thu Feb 19 2004 - mmj@suse.de +- Add cryptsetup script from Christophe Saout, for usage with the + new dm-crypt. +* Mon Feb 16 2004 - mmj@suse.de +- Add losetup patch and hashalot program from Ben Slusky +* Sun Feb 01 2004 - kukuk@suse.de +- Remove newgrp again (will use POSIX conform version) +* Fri Jan 16 2004 - kukuk@suse.de +- Add pam-devel to neededforbuild +* Mon Jan 12 2004 - mmj@suse.de +- Adjust the nfs.5 manual page to reflect we're mounting nfs over + tcp pr. default. +- Collapse two similar patches 2 one. +* Fri Dec 19 2003 - garloff@suse.de +- Fix by okir for previous patch. +* Fri Dec 19 2003 - garloff@suse.de +- Add patch to fallback to UDP if TCP NFS mount fails. +* Tue Dec 02 2003 - mmj@suse.de +- Make patch to guess if a CD is a CD-Extra [#30316] +- Adjust patch that moves ext2/3 in front of vfat +- Regenerate patches (filename still tells when they were added) +* Tue Nov 18 2003 - mmj@suse.de +- Mount NFS over TCP pr. default [#33018] +* Thu Nov 13 2003 - mmj@suse.de +- Update to util-linux-2.12 including: + o losetup: -p option specifies fd for passphrase + o fdisk: sgi layout fix + o mount: -p option specifies fd for passphrase + o mount: recognize some PCDOS floppies + o umount: in "umount name", first try to interpret "name" as a mount point + o translations updates for several languages + o cfdisk: localize the Y/N answer, improve printing localized messages + o cfdisk: make various variables long long - some disks are close to 2 TB + o cfdisk: use BLKGETSIZE64 + o fdisk: make various variables unsigned to lengthen the life of 32-bit vars + o fdisk: some sgi fixes + o fdisk: k=1000, K=1024 + o fdisk: removed last occurrences of HDIO_REQ + o fdisk: use BLKGETSIZE64 + o hwclock: fix rtc test + o login: set a timeout on printing the timeout message + o md5: x86_64 fix + o more: POSIX fixes + o mount: do not supply MS_MGC_VAL when there are conflicting flags + o mount: ncp and smb are called smbfs and ncpfs - global change + o mount: add support for xvm mount by label + o mount: correct hfs magic recognition + o mount: keep original umask - it influences the mount call + o raw.8: documented unbinding of raw devices + o readprofile: fixed off-by eight error + o script: add -c option + o sfdisk.8: added an example of partitioning with logical partitions + o sfdisk: only add a AA55 signature for DOS-type partition tables + o tailf: new +* Tue Oct 21 2003 - mmj@suse.de +- Correct permissions +* Tue Oct 21 2003 - ja@suse.cz +- added support for cryptoloop in 2.6.x kernels. +* Wed Oct 15 2003 - mmj@suse.de +- Don't build as root +* Mon Oct 13 2003 - kukuk@suse.de +- Enable newgrp +* Thu Oct 02 2003 - kukuk@suse.de +- Fix compiling with kernel 2.6.0-test6 header files +* Tue Aug 12 2003 - mmj@suse.de +- Update to pmac-utils-2.1 sources and only include nvsetenv +* Tue Aug 12 2003 - mmj@suse.de +- Add mount_guessfstype support for PCDOS [#27814] +* Wed Jun 18 2003 - ak@suse.de +- support noreserved option for NFS (#27428) +* Thu Jun 05 2003 - mmj@suse.de +- Rearrange the specfile wrt. archs +* Tue May 13 2003 - mmj@suse.de +- Use %%defattr +- Remove files we don't package +* Wed May 07 2003 - mmj@suse.de +- Rearrange the do_guess_fstype() code to look for ext2/3 before + vfat [#26581] +* Thu Apr 24 2003 - ro@suse.de +- fix install_info --delete call and move from preun to postun +* Mon Apr 14 2003 - pthomas@suse.de +- Get rid of the syscall for adjtimex in selective cases and + just call the glibc wrapper. Fixes build on s390. +* Mon Apr 14 2003 - pthomas@suse.de +- Use geteuid instead of getuid in hwclock to enable making + hwclock suid root. +* Mon Apr 07 2003 - mmj@suse.de +- Only delete info entries when removing last version. +* Thu Mar 13 2003 - mmj@suse.de +- Apply patch to make sfdisk not destroy BSD slices [#25093] +* Mon Mar 03 2003 - mmj@suse.de +- Remove superflous umask(033); calls [#23292] +* Mon Mar 03 2003 - ro@suse.de +- add missing info dir entries +* Tue Feb 18 2003 - agruen@suse.de +- Add description of the effect of `mount -t nfs -o noacl' on + the use of the GETACL and SETACL remote procedure calls to + the nfs(5) manual page. +* Mon Feb 17 2003 - mmj@suse.de +- It's called smbfs not smb [#23697] +* Thu Feb 13 2003 - mmj@suse.de +- Readd patch for passphrase timeout that got lost [#23527] +* Fri Feb 07 2003 - mmj@suse.de +- The install_info macros need PreReq: %%install_info_prereq +* Fri Feb 07 2003 - ro@suse.de +- added install_info macros +* Tue Feb 04 2003 - ro@suse.de +- don't package /bin/kill (part of coreutils now) +* Tue Feb 04 2003 - meissner@suse.de +- Include tarball with pmac-utils manpages, so we do not need + sgmltool and all its dependents. +* Wed Jan 29 2003 - mmj@suse.de +- Update to util-linux-2.11z including: + · Translation updates + · mount: fix LABEL= handling for user umount, don't abort on read + error with photocds and add dmask and fmask vfat mount options + · setterm: accept devfs name + · simpleinit: security: refuse initctl_fd if FD_CLOEXEC fails + · umount: allow user umount after mount by label or uuid +* Wed Jan 22 2003 - sf@suse.de +- removed last patch, added new (correct) patch +* Wed Jan 22 2003 - sf@suse.de +- removed eliminate_doubles() from mkfs.cramfs.c + for x86_64, as it segfaults. + (makes the images slightly larger, about 10%%) +* Tue Jan 21 2003 - mmj@suse.de +- Added description of ISO mount options to mount.8 [#22915] +* Mon Dec 02 2002 - mmj@suse.de +- Update the ReiserFS patch from Chris Mason +* Fri Nov 29 2002 - mmj@suse.de +- Fix missing #include +* Thu Nov 28 2002 - mmj@suse.de +- Make readprofile also try to locate the System.map in + /boot/System.map-`uname -r` [#22168] +* Wed Nov 27 2002 - mmj@suse.de +- Update to util-linux-2.11y including: + o Translation updates + o fdisk,cfdisk: cosmetic fixes + o mount,umount: fix LABEL= handling for non-root [#17322] + o more: kill external help file + o simpleinit: security: refuse initctl_fd if setting FD_CLOEXEC + fails (patch we had, now folded upstream) +* Wed Nov 20 2002 - mmj@suse.de +- Update to util-linux-2.11x including: + o Translation updates for several languages + o cfdisk: correct error printout + o fdisk: allow addition of a new partition when logicals all used + but primary free + o hwclock: detect systime jumps backward during setting hwclock + o Merge of the cramfs bloksize patch + o mount: new --rbind flag, for recursive loopback mounts + o mount, umount: new -O option + o setpwnam.c: open temp pw file with O_EXCL + o simpleinit: fix for "spawn too fast" + o swapon: new -e option +* Tue Nov 19 2002 - mmj@suse.de +- Fix multistring assignment in adjtimex +* Mon Nov 11 2002 - ro@suse.de +- changed neededforbuild to +- changed neededforbuild to <> +* Thu Oct 31 2002 - mmj@suse.de +- Add -b option to mkfs.cramfs (needed for biarch architectures) +* Thu Oct 31 2002 - ro@suse.de +- hack time to build on alpha +* Tue Oct 22 2002 - mmj@suse.de +- Add correction to the ReiserFS patch that fixes the case where it + was possible but unlikely to detect a logged copy of a super on a + dedicated logging device as the real thing. From Chris Mason. +* Tue Oct 22 2002 - mmj@suse.de +- Update to util-linux-2.11w including: + o fdisk and cfdisk fixes + o more bigendian fix + o translation updates + o > 2GB swapspace + o mount umask, cramfs and ocfs stuff +* Tue Oct 08 2002 - mmj@suse.de +- Only enable below patch on ix86 and x86_64 +* Mon Oct 07 2002 - mmj@suse.de +- Make small bugfix to below patch +* Sat Oct 05 2002 - mmj@suse.de +- Apply patch to enable > 2GB swap (redhat) [#20533] +* Wed Oct 02 2002 - mmj@suse.de +- Add one-liner security fix to mount and umount. +* Mon Sep 23 2002 - mmj@suse.de +- Readd fix for klogconsole that got lost [#19834] +* Fri Sep 13 2002 - mmj@suse.de +- Added patch from Oracle to mount ocfs by label [#19262] +* Thu Sep 12 2002 - mmj@suse.de +- more: Do not cast char * to int and back [#18896] +* Sat Aug 31 2002 - olh@suse.de +- add mount_cramfs_be.diff to allow mount -oloop cramfsfile loopdir +* Mon Aug 26 2002 - mmj@suse.de +- Make mode not 666 when writing /etc/mtab [#18342] +* Mon Aug 26 2002 - meissner@suse.de +- quieten klogconsole if the console does not support TIOCLINUX [#12516] +* Thu Aug 22 2002 - mmj@suse.de +- Added patch from Andreas Gruenbacher for nfs-access-acl [#18183] +* Wed Aug 21 2002 - mmj@suse.de +- Fixed an mtab locking bug with patch from Olaf Kirch [#17637] +* Mon Aug 19 2002 - mmj@suse.de +- Updated reiserfs patch from Chris Mason +- Added patch for mount.8, thanks Andreas Gruenbacher +* Thu Aug 15 2002 - mmj@suse.de +- Correct PreReq: +* Mon Aug 05 2002 - mmj@suse.de +- Update to 2.11u which includes: + o Danish, German, Spanish, Swedish and Turkish updates. + o configure: for fsck.cramfs, mkfs.cramfs: add test for libz + o text-utils/Makefile: pg fix + o agetty: use same test as login does to find utmp entry + o fdisk: fix for fdisk on empty disk + o mount updates +* Tue Jul 23 2002 - schwab@suse.de +- Fix mkfs.cramfs for architectures with non-4k pages. +* Wed Jul 17 2002 - mmj@suse.de +- Merged base into util-linux +* Mon Jul 15 2002 - mmj@suse.de +- Added JFSv2 patch from Christoph Hellwig for volume label. Does + for JFS, what below patch does for ReiserFS. +* Sun Jul 14 2002 - adrian@suse.de +- fix ul-2.10m-sgi-fdisk.diff patch to apply again +* Thu Jul 11 2002 - mmj@suse.de +- Added patch from Chris Mason for volume label on reiserfs +* Wed Jul 10 2002 - olh@suse.de +- add mkfs.cramfs and fsck.cramfs to file list +* Wed Jul 10 2002 - mmj@suse.de +- Fixed nfs.5 to tell nfsver defaults to 3 [#16815] +* Mon Jul 08 2002 - mmj@suse.de +- Update to 2.11t which includes + * fdformat: remove test on major + * fdisk, hwclock and swap polishing + * Lots of translations + * cramfs tools includes from the kernel + * swap{on,off} honours /proc/swaps + * mount small fixups +* Fri Jul 05 2002 - kukuk@suse.de +- Use %%ix86 macro +* Mon Jul 01 2002 - bk@suse.de +- get raw built on s390 and s390x +- remove %%ifarchs s390 s390x for fdisk(needed for SCSI disks) +* Mon Jun 17 2002 - mmj@suse.de +- Added a fix for simpleinit exploit. +* Thu Jun 13 2002 - olh@suse.de +- disable hwclock ppc patch, maybe obsolete with recent kernels +* Thu May 16 2002 - mmj@suse.de +- Added manpage guessfstype(8) +* Thu May 09 2002 - mmj@suse.de +- Updated to util-linux-2.11r, including translations, x86-64 sup- + port and small bugfixes. +* Sat Apr 13 2002 - mmj@suse.de +- Updated to util-linux-2.11q, includes bugfixes. +- util-linux-mkswap.patch for ia64 was folded into mainline +* Fri Apr 12 2002 - stepan@suse.de +- added x86-64 support. +* Thu Apr 04 2002 - ihno@suse.de +- corrected printf to report shared memories sizes bigger than + 2 GByte correct (Bug #15585). It was reportet on s390x, but + should effect other 64-Bit systems as well. +* Tue Mar 19 2002 - mmj@suse.de +- Updated to 2.11o. The hexdump patch have been dropped since it + was folded to mainline util-linux. +* Fri Mar 15 2002 - schwab@suse.de +- Fix mkswap for ia64. +* Mon Mar 04 2002 - draht@suse.de +- permissions fixes for write(1) and wall(1) +* Fri Feb 01 2002 - mmj@suse.de +- Moved /usr/bin/logger to /bin/logger (needed by sysconfig) +* Mon Jan 28 2002 - mmj@suse.de +- Added the guessfstype binary from msvec/fehr +* Thu Jan 24 2002 - ro@suse.de +- modified fillup_and_insserv call (perl-hack not needed here) +* Mon Jan 21 2002 - mmj@suse.de +- Merge NetBSD hexdump changes, fixes bugzilla #12801 +* Thu Jan 10 2002 - ro@suse.de +- removed ACTIVATE_RAW_DEV +* Mon Dec 31 2001 - adrian@suse.de +- add patch for mips to create SGI partition tables with fdisk +* Tue Dec 18 2001 - bjacke@suse.de +- add adjtimex +* Mon Dec 10 2001 - mmj@suse.de +- Update to util-linux-2.11n +* Tue Nov 20 2001 - mmj@suse.de +- Added a patch to 'wall' to remove unwanted newline (#12181) +* Wed Nov 07 2001 - kukuk@suse.de +- Remove unneeded SPARC patch for hwclock +* Sat Oct 13 2001 - kukuk@suse.de +- Update to util-linux 2.11l +* Wed Sep 12 2001 - garloff@suse.de +- Fixed some dutch translations. (bug #10276) +* Mon Sep 10 2001 - olh@suse.de +- marry fdisk and AIX label again... + add lsprop for ppc + dumps the device tree in a human readable format +* Mon Sep 03 2001 - kukuk@suse.de +- Update to version 2.11i: + - blockdev: corrected ioctl numbers + - cal: fixed for multibyte locales + - line: new + - mount: added vxfs magic +* Sat Sep 01 2001 - kukuk@suse.de +- Let mount follow symlinks again +* Wed Aug 29 2001 - kukuk@suse.de +- Add new option to losetup manual page +* Tue Aug 28 2001 - draht@suse.de +- added timeout support for losetup (-t ) +* Mon Aug 27 2001 - kukuk@suse.de +- Add raw rc scripts, too +* Sun Aug 26 2001 - bjacke@suse.de +- added raw binary and put rawio into obsoletes and provides +* Sat Aug 25 2001 - kukuk@suse.de +- Fix path in getopt.1 manual page to example directory [Bug #9831] +* Fri Aug 24 2001 - kukuk@suse.de +- Small fix for hwclock on newer SPARCs +* Mon Aug 13 2001 - ro@suse.de +- changed neededforbuild to +* Mon Jul 30 2001 - kukuk@suse.de +- Update to util-linux-2.11h +- Add nologin program +* Tue Jul 10 2001 - kukuk@suse.de +- Remove swapdev from filelist +* Tue Jul 10 2001 - kukuk@suse.de +- Update to util-linux-2.11g +* Wed Jun 06 2001 - bk@suse.de +- added s390x to all ifnarch s390 +* Fri Apr 20 2001 - kukuk@suse.de +- Fix wall bug (character 80, 160, 240, are missing) [Bug #6962] +* Mon Mar 26 2001 - kukuk@suse.de +- Add exception for broken i2o disk device numbering scheme, kernel + hacker are not able to fix this and make it right [Bug #5881]. +* Sat Mar 24 2001 - kukuk@suse.de +- Update to util-linux 2.11b +* Thu Mar 15 2001 - kukuk@suse.de +- Fix changing of partitions with ID 0 on SPARC +- Remove duplicate mount patch +* Wed Mar 14 2001 - schwab@suse.de +- Don't use _syscallX on ia64. +- Fix missing includes. +* Wed Mar 14 2001 - kukuk@suse.de +- Update to version 2.11a +* Fri Mar 02 2001 - kukuk@suse.de +- enable write again +* Mon Feb 12 2001 - kukuk@suse.de +- cmos.c: Use sys/io.h, fix PowerPC hack +* Tue Feb 06 2001 - ro@suse.de +- wall.c: include time.h +* Mon Feb 05 2001 - kukuk@suse.de +- Split hex to extra package +- Update to util-linux-2.10s +* Fri Feb 02 2001 - werner@suse.de +- Make swapon/swapoff more handy: + * Ignore swap files on ro mounted file systems + * If -a is given ignore already active devices at swapon + * If -a is given ignore not active devices at swapoff +* Thu Jan 25 2001 - ro@suse.de +- added Provides: util +* Fri Jan 12 2001 - garloff@suse.de +- Apply patch to lomount to allow all kerneli crypt algos to be + passed and allow to pass passwd with -k. +- losetup seems to support >2GB files just fine (#5433) +* Tue Jan 02 2001 - kukuk@suse.de +- Save permissions of /etc/mtab [Bug #5027] +* Tue Dec 05 2000 - kukuk@suse.de +- Search first in /etc/filesystems, then in /proc/filesystems +* Tue Dec 05 2000 - kukuk@suse.de +- Use AIX/fdisk patch from util-linux-2.10r +- Backport "guess filesystems" from util-linux-2.10r +* Tue Dec 05 2000 - schwab@suse.de +- Don't use _syscallX on ia64. +* Mon Dec 04 2000 - olh@suse.de +- fix diff again +* Sun Dec 03 2000 - olh@suse.de +- no segfaults with AIX disklabels +* Wed Nov 29 2000 - uli@suse.de +- fixed to build on PPC +* Mon Nov 27 2000 - schwab@suse.de +- Fix broken casts in hwclock. +* Thu Nov 23 2000 - bk@suse.de +- temporary disable pivot_root on s390(2.4 kernel is not yet built) +* Wed Nov 22 2000 - schwab@suse.de +- Add pivot_root to file list. +* Mon Nov 20 2000 - kukuk@suse.de +- Fix pmac-utils to compile with new kernel +* Fri Nov 17 2000 - kukuk@suse.de +- Fix hwclock to compile on PPC +* Wed Nov 15 2000 - kukuk@suse.de +- Update util-linux to 2.10q, merge flushb.diff +* Thu Nov 02 2000 - kukuk@suse.de +- Remove some of the last specfile changes +* Wed Nov 01 2000 - olh@suse.de +- update pmac-utils for new powermacs, cleanup specfile +* Fri Oct 20 2000 - kukuk@suse.de +- Update util-linux to 2.10p +- Rename package from util to util-linux +* Wed Sep 27 2000 - kukuk@suse.de +- Allow NFS v3 with 2.2.17.SuSE +* Tue Sep 26 2000 - kukuk@suse.de +- Fix mount for new NFS kernel patch +* Sat Sep 09 2000 - kukuk@suse.de +- Remove tcsh dependency +- Update to util-linux 2.10o, use of /etc/filesystems is still broken +* Fri Aug 25 2000 - pthomas@suse.de +- use %%{_mandir} and %%{_infodir} exclusively. This allows building + from source rpm on platforms other than 7.0. +* Wed Jul 19 2000 - bk@suse.de +- s390: removed dasdfmt and silo, %%ifnarch s390 for some non-s390 things. +* Tue May 30 2000 - bk@suse.de +- added dasdfmt and silo on s390 +* Mon May 15 2000 - kukuk@suse.de +- util-linux: Update to 2.10m +* Wed Apr 26 2000 - kukuk@suse.de +- flusb: Don't use kernel headers, even if we don't need them! +* Wed Apr 19 2000 - kukuk@suse.de +- util-linux: Update to 2.10l +* Mon Apr 17 2000 - kukuk@suse.de +- util-linux: Update to 2.10k +* Thu Apr 13 2000 - kukuk@suse.de +- Move /sbin/setserial to /bin/setserial, add compat link to + /sbin. This fixes [Bug 1084] and is necessary for FHS 2.1 +* Wed Apr 12 2000 - kukuk@suse.de +- Fix util-linux for Alpha +* Wed Apr 12 2000 - kukuk@suse.de +- util-linux: Update to 2.10j +* Sun Apr 02 2000 - bk@suse.de +- suse s390 team added support for s390 +* Thu Mar 30 2000 - uli@suse.de +- hwclock/PPC: added support for MK48T559 RTC chip used in MTX+ boards +* Fri Mar 24 2000 - kukuk@suse.de +- Add Linux LVM partition tag to fdisk +- Fix a lot of more possible buffer overruns +- Fix some fdisk sunlabel bugs +- added BuildRoot fixes from nadvorni@suse.cz +* Wed Mar 22 2000 - kukuk@suse.de +- Update util-linux to 2.10h +- Add clock again for non PPC platforms +* Fri Mar 17 2000 - uli@suse.de +- now contains both hwclock and clock on PPC (/sbin/init.d/boot + chooses what to run at runtime) +* Tue Mar 14 2000 - schwab@suse.de +- Add support for ia64. +* Thu Mar 09 2000 - kukuk@suse.de +- fdisk: Fix -l for Mylex RAID controller +* Tue Mar 07 2000 - kukuk@suse.de +- etc/filesystems: Add minix and reiserfs +* Tue Mar 07 2000 - kukuk@suse.de +- mount: fix endian problem with minix fs +* Tue Feb 15 2000 - kukuk@suse.de +- mount: Add hack for PPC/syscall mount problem +* Sun Feb 13 2000 - bk@suse.de +- let rdev continue in case it stubles over a bad file in /dev (/dev/snd fix) +* Fri Feb 04 2000 - kukuk@suse.de +- Make PPC clock parameter compatible to hwclock +* Thu Feb 03 2000 - kukuk@suse.de +- Fix filelist for SPARC +* Thu Feb 03 2000 - kukuk@suse.de +- util-linux: Update to 2.10f (mount security fix) +* Sun Jan 23 2000 - kukuk@suse.de +- util-linux: Update to 2.10e +* Tue Jan 18 2000 - kukuk@suse.de +- mount now looks at first in /etc/filesystems and then in + /proc/filesystems +* Tue Jan 18 2000 - ro@suse.de +- fixed pmac-utils to build with 2.3 as well +* Tue Jan 18 2000 - kukuk@suse.de +- Fix a lot of fdisk buffer overruns [Bug 1642] +* Mon Jan 17 2000 - kukuk@suse.de +- Fix setserial for Linux 2.3.40 +- Remove write, is now in nkitb +- Build minix and bfs tools for SPARC +- Fix some buffer overflows in fdisk +* Fri Dec 17 1999 - kukuk@suse.de +- util-linux: Update to 2.10d +- hex: Update to 1.2 +- Move manual pages to /usr/share/man +* Tue Nov 30 1999 - uli@suse.de +- re-added hwclock link for PPC (2nd try) +* Tue Nov 30 1999 - uli@suse.de +- re-added hwclock link for PPC +* Mon Nov 15 1999 - kukuk@suse.de +- util-linux: Update to 2.10b +* Sat Nov 13 1999 - kukuk@suse.de +- setserial: Add Patch for Sparc +- Fix filelist for Sparc +* Wed Oct 27 1999 - garloff@suse.de +- added flushb (moved here from ddrescue). +- fix bug in logger (remove trailing newlines). +* Fri Oct 22 1999 - kukuk@suse.de +- util-linux: Remove old patches for mk_loop_h +* Sat Oct 16 1999 - kukuk@suse.de +- util-linux: Update to 2.9z +* Fri Oct 08 1999 - kukuk@suse.de +- Update to util-linux-2.9y (execpt fdisk) +* Tue Sep 14 1999 - uli@suse.de +- added PMac-specific utils for PPC +* Mon Sep 13 1999 - bs@suse.de +- ran old prepare_spec on spec file to switch to new prepare_spec. +* Thu Aug 26 1999 - uli@suse.de +- disabled hayesesp for PPC +* Wed Aug 25 1999 - kukuk@suse.de +- Donīt install tsort, its now in textutils 2.0 +* Tue Aug 24 1999 - kukuk@suse.de +- Update to util-linux-2.9w (execpt fdisk) +* Mon Aug 09 1999 - kukuk@suse.de +- Update to util-linux-2.9v (execpt fdisk) +* Tue Jul 20 1999 - garloff@suse.de +- Added hex from Erich S. Raymond +* Mon Jul 12 1999 - kukuk@suse.de +- Add fdisk patch from Klaus G. Wagner +- Add mount patch from util-linux 2.9u +* Tue Jul 06 1999 - kukuk@suse.de +- update to util-linux-2.9t +* Fri Jun 25 1999 - kukuk@suse.de +- update to util-linux-2.9s +* Wed Mar 03 1999 - ro@suse.de +- hwclock.c: always use busywait to get rtctime + (it's hard to find out at runtime if we will get an irq) +* Tue Mar 02 1999 - ro@suse.de +- update to util-linux-2.9i +- update to setserial-2.15 +- using diffs from jurix and add-ons from kgw for compaq smart raid +* Mon Feb 01 1999 - ro@suse.de +- rdev is not built on alpha +* Mon Jan 18 1999 - florian@suse.de +- fixed one broken case to delete a partition in fdisk +* Sun Dec 13 1998 - bs@suse.de +- fixed file list +* Thu Dec 10 1998 - fehr@suse.de +- fix bug in fdisk +* Tue Dec 08 1998 - ro@suse.de +- removed last from filelist +- added link /sbin/clock -> hwclock +* Wed Nov 04 1998 - ro@suse.de +- fdisksunlabel: don't include scsi/scsi.h for glibc-2.0 +* Fri Oct 30 1998 - ro@suse.de +- update to 2.9 / added hostid from previous diff +- copied some glibc changes from previous diff (strcpy..) +* Thu Sep 17 1998 - ro@suse.de +- define _GNU_SOURCE when using getopt +* Mon Aug 31 1998 - ro@suse.de +- full switch to util-linux 2.8 +-- sync has moved to pkg fileutils +-- chroot has moved to pkg sh_utils (has been there for a while) +-- adopted hostid from previous suse-pkg +* Mon Aug 24 1998 - ro@suse.de +- switched to use mount from util-linux-2.8 +* Tue Jun 23 1998 - ro@suse.de +- added fdisk, sfdisk, cfdisk from util-linux-2.8 + (including man-pages,readmes) +* Mon Nov 17 1997 - ro@suse.de +- changed /local/bin/perl5 in chkdupexe to /usr/bin/perl +* Fri Oct 31 1997 - ro@suse.de +- temporarily removed mount-hacker +* Wed Oct 29 1997 - florian@suse.de +- add changes from ms@suse.de for hostid.c +* Tue May 20 1997 - florian@suse.de +- only support kernel 2.0.x for nfs mounts, please use /bin/mount-hacker + for kernel 2.1.x +* Wed Apr 30 1997 - florian@suse.de +- update to mount 2.6g +* Sun Apr 13 1997 - florian@suse.de +- update to new version util-linux 2.6 +- update to new version mount 2.6e +* Thu Jan 02 1997 - florian@suse.de +- update to mount 2.5p +* Thu Jan 02 1997 - florian@suse.de +- Update auf neue Version von mount 2.5o. +* Thu Jan 02 1997 - florian@suse.de +- updated to new version mount 2.5m +- (u)mount now gives much better error messages +* Thu Jan 02 1997 - bs@suse.de + compile setterm with libtermcap and not libncurses + use newer mount instead of the old version in util-linux + (security fix) diff --git a/which-2.13.tar.gz b/which-2.13.tar.gz new file mode 100644 index 0000000..7d80d61 --- /dev/null +++ b/which-2.13.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c6763cd994fcc825dbd420495af5b9e16f455a353ebbd15f502a49943c581045 +size 106270