Accepting request 125753 from Base:System
- Remove pam_lastlog from login.pamd, login is doing it itself. [bnc#768067] (forwarded request 125752 from kukuk) OBS-URL: https://build.opensuse.org/request/show/125753 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/util-linux?expand=0&rev=151
This commit is contained in:
parent
aa19c628f4
commit
dc6cde93e0
@ -6,5 +6,5 @@ account include common-account
|
|||||||
password include common-password
|
password include common-password
|
||||||
session required pam_loginuid.so
|
session required pam_loginuid.so
|
||||||
session include common-session
|
session include common-session
|
||||||
session optional pam_lastlog.so nowtmp showfailed
|
#session optional pam_lastlog.so nowtmp showfailed
|
||||||
session optional pam_mail.so standard
|
session optional pam_mail.so standard
|
||||||
|
13
util-linux-2.21.2-noenc-suse.diff
Normal file
13
util-linux-2.21.2-noenc-suse.diff
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
Index: util-linux-2.21.2/libmount/src/context_loopdev.c
|
||||||
|
===================================================================
|
||||||
|
--- util-linux-2.21.2.orig/libmount/src/context_loopdev.c
|
||||||
|
+++ util-linux-2.21.2/libmount/src/context_loopdev.c
|
||||||
|
@@ -199,6 +199,8 @@ int mnt_context_setup_loopdev(struct lib
|
||||||
|
if (rc == 0 && (cxt->user_mountflags & MNT_MS_ENCRYPTION) &&
|
||||||
|
mnt_optstr_get_option(optstr, "encryption", &val, &len) == 0) {
|
||||||
|
DBG(CXT, mnt_debug_h(cxt, "encryption no longer supported"));
|
||||||
|
+ // XXX: nasty for the lib but there's on better way to give a hint atm
|
||||||
|
+ fprintf(stderr, "mount: encryption no longer supported. Please use /etc/crypttab instead (man 5 crypttab)\n");
|
||||||
|
rc = -EINVAL;
|
||||||
|
}
|
||||||
|
|
535
util-linux-2.21.2-noenc.diff
Normal file
535
util-linux-2.21.2-noenc.diff
Normal file
@ -0,0 +1,535 @@
|
|||||||
|
From e1f7680ca45c5173f7853feb76dd093cec8d17ad Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ludwig Nussel <ludwig.nussel@suse.de>
|
||||||
|
Date: Fri, 15 Jun 2012 09:38:36 +0200
|
||||||
|
Subject: [PATCH] remove obsolete encryption support from losetup
|
||||||
|
|
||||||
|
kernel cryptoloop is deprecated since ages and support for cryptoloop in
|
||||||
|
util-linux is incomplete/broken.
|
||||||
|
- no password hashing
|
||||||
|
- last 8 bit of key are always set to zero
|
||||||
|
- no binary keys possible (stops reading key at \n and \0)
|
||||||
|
|
||||||
|
In the past some Distros added the above features with patches. So
|
||||||
|
remove cryptoloop support from util-linux completely to make sure
|
||||||
|
people won't try using it.
|
||||||
|
|
||||||
|
Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
|
||||||
|
---
|
||||||
|
include/loopdev.h | 3 --
|
||||||
|
lib/loopdev.c | 56 ----------------------------------------
|
||||||
|
libmount/src/context_loopdev.c | 22 +++-------------
|
||||||
|
mount/mount.8 | 9 +-----
|
||||||
|
mount/mount.c | 20 +++++---------
|
||||||
|
sys-utils/losetup.8 | 29 ++------------------
|
||||||
|
sys-utils/losetup.c | 30 +++++----------------
|
||||||
|
sys-utils/mount.8 | 7 +----
|
||||||
|
sys-utils/mount.c | 34 +-----------------------
|
||||||
|
9 files changed, 25 insertions(+), 185 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/include/loopdev.h b/include/loopdev.h
|
||||||
|
index 906bee0..030f215 100644
|
||||||
|
--- a/include/loopdev.h
|
||||||
|
+++ b/include/loopdev.h
|
||||||
|
@@ -165,9 +165,6 @@ int loopcxt_set_offset(struct loopdev_cxt *lc, uint64_t offset);
|
||||||
|
int loopcxt_set_sizelimit(struct loopdev_cxt *lc, uint64_t sizelimit);
|
||||||
|
int loopcxt_set_flags(struct loopdev_cxt *lc, uint32_t flags);
|
||||||
|
int loopcxt_set_backing_file(struct loopdev_cxt *lc, const char *filename);
|
||||||
|
-int loopcxt_set_encryption(struct loopdev_cxt *lc,
|
||||||
|
- const char *encryption,
|
||||||
|
- const char *password);
|
||||||
|
|
||||||
|
extern char *loopcxt_get_backing_file(struct loopdev_cxt *lc);
|
||||||
|
extern int loopcxt_get_backing_devno(struct loopdev_cxt *lc, dev_t *devno);
|
||||||
|
diff --git a/lib/loopdev.c b/lib/loopdev.c
|
||||||
|
index fd3f9ba..807984e 100644
|
||||||
|
--- a/lib/loopdev.c
|
||||||
|
+++ b/lib/loopdev.c
|
||||||
|
@@ -963,62 +963,6 @@ int loopcxt_set_backing_file(struct loopdev_cxt *lc, const char *filename)
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
-static int digits_only(const char *s)
|
||||||
|
-{
|
||||||
|
- while (*s)
|
||||||
|
- if (!isdigit(*s++))
|
||||||
|
- return 0;
|
||||||
|
- return 1;
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-/*
|
||||||
|
- * @lc: context
|
||||||
|
- * @encryption: encryption name / type (see lopsetup man page)
|
||||||
|
- * @password
|
||||||
|
- *
|
||||||
|
- * Note that the encryption functionality is deprecated an unmaintained. Use
|
||||||
|
- * cryptsetup (it also supports AES-loops).
|
||||||
|
- *
|
||||||
|
- * The setting is removed by loopcxt_set_device() loopcxt_next()!
|
||||||
|
- *
|
||||||
|
- * Returns: 0 on success, <0 on error.
|
||||||
|
- */
|
||||||
|
-int loopcxt_set_encryption(struct loopdev_cxt *lc,
|
||||||
|
- const char *encryption,
|
||||||
|
- const char *password)
|
||||||
|
-{
|
||||||
|
- if (!lc)
|
||||||
|
- return -EINVAL;
|
||||||
|
-
|
||||||
|
- DBG(lc, loopdev_debug("setting encryption '%s'", encryption));
|
||||||
|
-
|
||||||
|
- if (encryption && *encryption) {
|
||||||
|
- if (digits_only(encryption)) {
|
||||||
|
- lc->info.lo_encrypt_type = atoi(encryption);
|
||||||
|
- } else {
|
||||||
|
- lc->info.lo_encrypt_type = LO_CRYPT_CRYPTOAPI;
|
||||||
|
- snprintf((char *)lc->info.lo_crypt_name, LO_NAME_SIZE,
|
||||||
|
- "%s", encryption);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- switch (lc->info.lo_encrypt_type) {
|
||||||
|
- case LO_CRYPT_NONE:
|
||||||
|
- lc->info.lo_encrypt_key_size = 0;
|
||||||
|
- break;
|
||||||
|
- default:
|
||||||
|
- DBG(lc, loopdev_debug("setting encryption key"));
|
||||||
|
- memset(lc->info.lo_encrypt_key, 0, LO_KEY_SIZE);
|
||||||
|
- strncpy((char *)lc->info.lo_encrypt_key, password, LO_KEY_SIZE);
|
||||||
|
- lc->info.lo_encrypt_key[LO_KEY_SIZE - 1] = '\0';
|
||||||
|
- lc->info.lo_encrypt_key_size = LO_KEY_SIZE;
|
||||||
|
- break;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- DBG(lc, loopdev_debug("encryption successfully set"));
|
||||||
|
- return 0;
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
/*
|
||||||
|
* @cl: context
|
||||||
|
*
|
||||||
|
diff --git a/libmount/src/context_loopdev.c b/libmount/src/context_loopdev.c
|
||||||
|
index 023c952..863ee3d 100644
|
||||||
|
--- a/libmount/src/context_loopdev.c
|
||||||
|
+++ b/libmount/src/context_loopdev.c
|
||||||
|
@@ -7,7 +7,6 @@
|
||||||
|
|
||||||
|
/*
|
||||||
|
* DOCS: - "lo@" prefix for fstype is unsupported
|
||||||
|
- * - encyption= mount option for loop device is unssuported
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <blkid.h>
|
||||||
|
@@ -35,8 +34,7 @@ int mnt_context_is_loopdev(struct libmnt_context *cxt)
|
||||||
|
|
||||||
|
if (cxt->user_mountflags & (MNT_MS_LOOP |
|
||||||
|
MNT_MS_OFFSET |
|
||||||
|
- MNT_MS_SIZELIMIT |
|
||||||
|
- MNT_MS_ENCRYPTION)) {
|
||||||
|
+ MNT_MS_SIZELIMIT)) {
|
||||||
|
|
||||||
|
DBG(CXT, mnt_debug_h(cxt, "loopdev specific options detected"));
|
||||||
|
return 1;
|
||||||
|
@@ -134,7 +132,7 @@ static int is_mounted_same_loopfile(struct libmnt_context *cxt,
|
||||||
|
int mnt_context_setup_loopdev(struct libmnt_context *cxt)
|
||||||
|
{
|
||||||
|
const char *backing_file, *optstr, *loopdev = NULL;
|
||||||
|
- char *val = NULL, *enc = NULL, *pwd = NULL;
|
||||||
|
+ char *val = NULL;
|
||||||
|
size_t len;
|
||||||
|
struct loopdev_cxt lc;
|
||||||
|
int rc = 0, lo_flags = 0;
|
||||||
|
@@ -200,13 +198,8 @@ int mnt_context_setup_loopdev(struct libmnt_context *cxt)
|
||||||
|
*/
|
||||||
|
if (rc == 0 && (cxt->user_mountflags & MNT_MS_ENCRYPTION) &&
|
||||||
|
mnt_optstr_get_option(optstr, "encryption", &val, &len) == 0) {
|
||||||
|
- enc = strndup(val, len);
|
||||||
|
- if (val && !enc)
|
||||||
|
- rc = -ENOMEM;
|
||||||
|
- if (enc && cxt->pwd_get_cb) {
|
||||||
|
- DBG(CXT, mnt_debug_h(cxt, "asking for pass"));
|
||||||
|
- pwd = cxt->pwd_get_cb(cxt);
|
||||||
|
- }
|
||||||
|
+ DBG(CXT, mnt_debug_h(cxt, "encryption no longer supported"));
|
||||||
|
+ rc = -EINVAL;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (rc == 0 && is_mounted_same_loopfile(cxt,
|
||||||
|
@@ -245,8 +238,6 @@ int mnt_context_setup_loopdev(struct libmnt_context *cxt)
|
||||||
|
rc = loopcxt_set_offset(&lc, offset);
|
||||||
|
if (!rc && sizelimit)
|
||||||
|
rc = loopcxt_set_sizelimit(&lc, sizelimit);
|
||||||
|
- if (!rc && enc && pwd)
|
||||||
|
- loopcxt_set_encryption(&lc, enc, pwd);
|
||||||
|
if (!rc)
|
||||||
|
loopcxt_set_flags(&lc, lo_flags);
|
||||||
|
if (rc) {
|
||||||
|
@@ -298,11 +289,6 @@ int mnt_context_setup_loopdev(struct libmnt_context *cxt)
|
||||||
|
loopcxt_set_fd(&lc, -1, 0);
|
||||||
|
}
|
||||||
|
done:
|
||||||
|
- free(enc);
|
||||||
|
- if (pwd && cxt->pwd_release_cb) {
|
||||||
|
- DBG(CXT, mnt_debug_h(cxt, "release pass"));
|
||||||
|
- cxt->pwd_release_cb(cxt, pwd);
|
||||||
|
- }
|
||||||
|
loopcxt_deinit(&lc);
|
||||||
|
return rc;
|
||||||
|
}
|
||||||
|
diff --git a/mount/mount.8 b/mount/mount.8
|
||||||
|
index 789d9fe..0644e8e 100644
|
||||||
|
--- a/mount/mount.8
|
||||||
|
+++ b/mount/mount.8
|
||||||
|
@@ -535,11 +535,6 @@ Don't canonicalize paths. The mount command canonicalizes all paths
|
||||||
|
file. This option can be used together with the
|
||||||
|
.B \-f
|
||||||
|
flag for already canonicalized absolut paths.
|
||||||
|
-.IP "\fB\-p, \-\-pass\-fd \fInum\fP"
|
||||||
|
-In case of a loop mount with encryption, read the passphrase from
|
||||||
|
-file descriptor
|
||||||
|
-.I num
|
||||||
|
-instead of from the terminal.
|
||||||
|
.IP "\fB\-s\fP"
|
||||||
|
Tolerate sloppy mount options rather than failing. This will ignore
|
||||||
|
mount options not supported by a filesystem type. Not all filesystems
|
||||||
|
@@ -2708,8 +2703,8 @@ not specified or the filesystem is known for libblkid, for example:
|
||||||
|
.B "mount -t ext3 /tmp/disk.img /mnt"
|
||||||
|
.sp
|
||||||
|
.RE
|
||||||
|
-This type of mount knows about four options, namely
|
||||||
|
-.BR loop ", " offset ", " sizelimit " and " encryption ,
|
||||||
|
+This type of mount knows about three options, namely
|
||||||
|
+.BR loop ", " offset ", " sizelimit " ,
|
||||||
|
that are really options to
|
||||||
|
.BR \%losetup (8).
|
||||||
|
(These options can be used in addition to those specific
|
||||||
|
diff --git a/mount/mount.c b/mount/mount.c
|
||||||
|
index 396f357..b69fd61 100644
|
||||||
|
--- a/mount/mount.c
|
||||||
|
+++ b/mount/mount.c
|
||||||
|
@@ -83,9 +83,6 @@ static int mounttype = 0;
|
||||||
|
/* True if (ruid != euid) or (0 != ruid), i.e. only "user" mounts permitted. */
|
||||||
|
static int restricted = 1;
|
||||||
|
|
||||||
|
-/* Contains the fd to read the passphrase from, if any. */
|
||||||
|
-static int pfd = -1;
|
||||||
|
-
|
||||||
|
#ifdef HAVE_LIBMOUNT_MOUNT
|
||||||
|
static struct libmnt_update *mtab_update;
|
||||||
|
static char *mtab_opts;
|
||||||
|
@@ -1262,7 +1259,7 @@ loop_check(const char **spec, const char **type, int *flags,
|
||||||
|
*type = opt_vfstype;
|
||||||
|
}
|
||||||
|
|
||||||
|
- *loop = ((*flags & MS_LOOP) || *loopdev || opt_offset || opt_sizelimit || opt_encryption);
|
||||||
|
+ *loop = ((*flags & MS_LOOP) || *loopdev || opt_offset || opt_sizelimit);
|
||||||
|
*loopfile = *spec;
|
||||||
|
|
||||||
|
/* Automatically create a loop device from a regular file if a filesystem
|
||||||
|
@@ -1317,6 +1314,11 @@ loop_check(const char **spec, const char **type, int *flags,
|
||||||
|
return EX_FAIL;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (opt_encryption) {
|
||||||
|
+ error("mount: %s", _("encryption not supported, use cryptsetup(8) instead"));
|
||||||
|
+ return EX_FAIL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
loopcxt_init(&lc, 0);
|
||||||
|
/* loopcxt_enable_debug(&lc, 1); */
|
||||||
|
|
||||||
|
@@ -1525,14 +1527,6 @@ update_mtab_entry(const char *spec, const char *node, const char *type,
|
||||||
|
#endif /* !HAVE_LIBMOUNT_MOUNT */
|
||||||
|
|
||||||
|
static void
|
||||||
|
-set_pfd(char *s) {
|
||||||
|
- if (!isdigit(*s))
|
||||||
|
- die(EX_USAGE,
|
||||||
|
- _("mount: argument to -p or --pass-fd must be a number"));
|
||||||
|
- pfd = atoi(optarg);
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-static void
|
||||||
|
cdrom_setspeed(const char *spec) {
|
||||||
|
#define CDROM_SELECT_SPEED 0x5322 /* Set the CD-ROM speed */
|
||||||
|
if (opt_speed) {
|
||||||
|
@@ -2579,7 +2573,7 @@ main(int argc, char *argv[]) {
|
||||||
|
test_opts = append_opt(test_opts, optarg, NULL);
|
||||||
|
break;
|
||||||
|
case 'p': /* fd on which to read passwd */
|
||||||
|
- set_pfd(optarg);
|
||||||
|
+ error("mount: %s", _("--pass-fd is no longer supported"));
|
||||||
|
break;
|
||||||
|
case 'r': /* mount readonly */
|
||||||
|
readonly = 1;
|
||||||
|
diff --git a/sys-utils/losetup.8 b/sys-utils/losetup.8
|
||||||
|
index f50b072..8c69689 100644
|
||||||
|
--- a/sys-utils/losetup.8
|
||||||
|
+++ b/sys-utils/losetup.8
|
||||||
|
@@ -40,8 +40,6 @@ Setup loop device:
|
||||||
|
.sp
|
||||||
|
.in +5
|
||||||
|
.B losetup
|
||||||
|
-.RB [{ \-e | \-E }
|
||||||
|
-.IR encryption ]
|
||||||
|
.RB [ \-o
|
||||||
|
.IR offset ]
|
||||||
|
.RB [ \-\-sizelimit
|
||||||
|
@@ -82,8 +80,6 @@ force loop driver to reread size of the file associated with the specified loop
|
||||||
|
detach the file or device associated with the specified loop device(s)
|
||||||
|
.IP "\fB\-D, \-\-detach-all\fP"
|
||||||
|
detach all associated loop devices
|
||||||
|
-.IP "\fB\-e, \-E, \-\-encryption \fIencryption_type\fP"
|
||||||
|
-enable data encryption with specified name or number
|
||||||
|
.IP "\fB\-f, \-\-find\fP"
|
||||||
|
find the first unused loop device. If a
|
||||||
|
.I file
|
||||||
|
@@ -98,10 +94,6 @@ the data start is moved \fIoffset\fP bytes into the specified file or
|
||||||
|
device
|
||||||
|
.IP "\fB\-\-sizelimit \fIsize\fP"
|
||||||
|
the data end is set to no more than \fIsize\fP bytes after the data start
|
||||||
|
-.IP "\fB\-p, \-\-pass-fd \fInum\fP"
|
||||||
|
-read the passphrase from file descriptor with number
|
||||||
|
-.I num
|
||||||
|
-instead of from the terminal
|
||||||
|
.IP "\fB\-P, \-\-partscan\fP"
|
||||||
|
force kernel to scan partition table on newly created loop device
|
||||||
|
.IP "\fB\-r, \-\-read-only\fP"
|
||||||
|
@@ -116,25 +108,10 @@ argument are present.
|
||||||
|
verbose mode
|
||||||
|
|
||||||
|
.SH ENCRYPTION
|
||||||
|
-.B Cryptoloop is deprecated in favor of dm-crypt. For more details see
|
||||||
|
-.B cryptsetup (8). It is possible that all bug reports regarding to -E/-e
|
||||||
|
-.B options will be ignored.
|
||||||
|
-
|
||||||
|
-
|
||||||
|
-It is possible to specify transfer functions (for encryption/decryption
|
||||||
|
-or other purposes) using one of the
|
||||||
|
-.B \-E
|
||||||
|
+Cryptoloop is no longer supported in favor of dm-crypt. For more details see
|
||||||
|
+.B cryptsetup (8)
|
||||||
|
and
|
||||||
|
-.B \-e
|
||||||
|
-options.
|
||||||
|
-There are two mechanisms to specify the desired encryption: by number
|
||||||
|
-and by name. If an encryption is specified by number then one
|
||||||
|
-has to make sure that the Linux kernel knows about the encryption with that
|
||||||
|
-number, probably by patching the kernel. Standard numbers that are
|
||||||
|
-always present are 0 (no encryption) and 1 (XOR encryption).
|
||||||
|
-When the cryptoloop module is loaded (or compiled in), it uses number 18.
|
||||||
|
-This cryptoloop module will take the name of an arbitrary encryption type
|
||||||
|
-and find the module that knows how to perform that encryption.
|
||||||
|
+.B crypttab (5).
|
||||||
|
|
||||||
|
.SH RETURN VALUE
|
||||||
|
.B losetup
|
||||||
|
diff --git a/sys-utils/losetup.c b/sys-utils/losetup.c
|
||||||
|
index 9f03151..2513253 100644
|
||||||
|
--- a/sys-utils/losetup.c
|
||||||
|
+++ b/sys-utils/losetup.c
|
||||||
|
@@ -18,7 +18,6 @@
|
||||||
|
#include "nls.h"
|
||||||
|
#include "strutils.h"
|
||||||
|
#include "loopdev.h"
|
||||||
|
-#include "xgetpass.h"
|
||||||
|
|
||||||
|
enum {
|
||||||
|
A_CREATE = 1, /* setup a new device */
|
||||||
|
@@ -164,10 +163,8 @@ static void usage(FILE *out)
|
||||||
|
" -j, --associated <file> list all devices associated with <file>\n"), out);
|
||||||
|
fputs(USAGE_SEPARATOR, out);
|
||||||
|
|
||||||
|
- fputs(_(" -e, --encryption <type> enable encryption with specified <name/num>\n"
|
||||||
|
- " -o, --offset <num> start at offset <num> into file\n"
|
||||||
|
+ fputs(_(" -o, --offset <num> start at offset <num> into file\n"
|
||||||
|
" --sizelimit <num> device limited to <num> bytes of the file\n"
|
||||||
|
- " -p, --pass-fd <num> read passphrase from file descriptor <num>\n"
|
||||||
|
" -P, --partscan create partitioned loop device\n"
|
||||||
|
" -r, --read-only setup read-only loop device\n"
|
||||||
|
" --show print device name after setup (with -f)\n"
|
||||||
|
@@ -185,8 +182,8 @@ static void usage(FILE *out)
|
||||||
|
int main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
struct loopdev_cxt lc;
|
||||||
|
- int act = 0, flags = 0, passfd = -1, c;
|
||||||
|
- char *file = NULL, *encryption = NULL;
|
||||||
|
+ int act = 0, flags = 0, c;
|
||||||
|
+ char *file = NULL;
|
||||||
|
uint64_t offset = 0, sizelimit = 0;
|
||||||
|
int res = 0, showdev = 0, lo_flags = 0;
|
||||||
|
|
||||||
|
@@ -249,7 +246,7 @@ int main(int argc, char **argv)
|
||||||
|
break;
|
||||||
|
case 'E':
|
||||||
|
case 'e':
|
||||||
|
- encryption = optarg;
|
||||||
|
+ errx(EXIT_FAILURE, _("encryption not supported, use cryptsetup(8) instead"));
|
||||||
|
break;
|
||||||
|
case 'f':
|
||||||
|
act = A_FIND_FREE;
|
||||||
|
@@ -268,8 +265,7 @@ int main(int argc, char **argv)
|
||||||
|
flags |= LOOPDEV_FL_OFFSET;
|
||||||
|
break;
|
||||||
|
case 'p':
|
||||||
|
- passfd = strtol_or_err(optarg,
|
||||||
|
- _("invalid passphrase file descriptor"));
|
||||||
|
+ warn(_("--pass-fd is no longer supported"));
|
||||||
|
break;
|
||||||
|
case 'P':
|
||||||
|
lo_flags |= LO_FLAGS_PARTSCAN;
|
||||||
|
@@ -327,10 +323,10 @@ int main(int argc, char **argv)
|
||||||
|
}
|
||||||
|
|
||||||
|
if (act != A_CREATE &&
|
||||||
|
- (encryption || sizelimit || passfd != -1 || lo_flags || showdev))
|
||||||
|
+ (sizelimit || lo_flags || showdev))
|
||||||
|
errx(EXIT_FAILURE,
|
||||||
|
_("the options %s are allowed to loop device setup only"),
|
||||||
|
- "--{encryption,sizelimit,pass-fd,read-only,show}");
|
||||||
|
+ "--{sizelimit,read-only,show}");
|
||||||
|
|
||||||
|
if ((flags & LOOPDEV_FL_OFFSET) &&
|
||||||
|
act != A_CREATE && (act != A_SHOW || !file))
|
||||||
|
@@ -339,16 +335,8 @@ int main(int argc, char **argv)
|
||||||
|
switch (act) {
|
||||||
|
case A_CREATE:
|
||||||
|
{
|
||||||
|
- char *pass = NULL;
|
||||||
|
int hasdev = loopcxt_has_device(&lc);
|
||||||
|
|
||||||
|
- if (encryption) {
|
||||||
|
-#ifdef MCL_FUTURE
|
||||||
|
- if(mlockall(MCL_CURRENT | MCL_FUTURE))
|
||||||
|
- err(EXIT_FAILURE, _("couldn't lock into memory"));
|
||||||
|
-#endif
|
||||||
|
- pass = xgetpass(passfd, _("Password: "));
|
||||||
|
- }
|
||||||
|
do {
|
||||||
|
/* Note that loopcxt_{find_unused,set_device}() resets
|
||||||
|
* loopcxt struct.
|
||||||
|
@@ -357,8 +345,6 @@ int main(int argc, char **argv)
|
||||||
|
warnx(_("not found unused device"));
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
- if (encryption && pass)
|
||||||
|
- loopcxt_set_encryption(&lc, encryption, pass);
|
||||||
|
if (flags & LOOPDEV_FL_OFFSET)
|
||||||
|
loopcxt_set_offset(&lc, offset);
|
||||||
|
if (flags & LOOPDEV_FL_SIZELIMIT)
|
||||||
|
@@ -379,8 +365,6 @@ int main(int argc, char **argv)
|
||||||
|
}
|
||||||
|
} while (hasdev == 0);
|
||||||
|
|
||||||
|
- free(pass);
|
||||||
|
-
|
||||||
|
if (showdev && res == 0)
|
||||||
|
printf("%s\n", loopcxt_get_device(&lc));
|
||||||
|
break;
|
||||||
|
diff --git a/sys-utils/mount.8 b/sys-utils/mount.8
|
||||||
|
index 4f8af0a..73f5170 100644
|
||||||
|
--- a/sys-utils/mount.8
|
||||||
|
+++ b/sys-utils/mount.8
|
||||||
|
@@ -528,11 +528,6 @@ Don't canonicalize paths. The mount command canonicalizes all paths
|
||||||
|
file. This option can be used together with the
|
||||||
|
.B \-f
|
||||||
|
flag for already canonicalized absolut paths.
|
||||||
|
-.IP "\fB\-p, \-\-pass\-fd \fInum\fP"
|
||||||
|
-In case of a loop mount with encryption, read the passphrase from
|
||||||
|
-file descriptor
|
||||||
|
-.I num
|
||||||
|
-instead of from the terminal.
|
||||||
|
.IP "\fB\-s\fP"
|
||||||
|
Tolerate sloppy mount options rather than failing. This will ignore
|
||||||
|
mount options not supported by a filesystem type. Not all filesystems
|
||||||
|
@@ -2715,7 +2710,7 @@ not specified or the filesystem is known for libblkid, for example:
|
||||||
|
.sp
|
||||||
|
.RE
|
||||||
|
This type of mount knows about four options, namely
|
||||||
|
-.BR loop ", " offset ", " sizelimit " and " encryption ,
|
||||||
|
+.BR loop ", " offset ", " sizelimit ",
|
||||||
|
that are really options to
|
||||||
|
.BR \%losetup (8).
|
||||||
|
(These options can be used in addition to those specific
|
||||||
|
diff --git a/sys-utils/mount.c b/sys-utils/mount.c
|
||||||
|
index 7f2d5d8..031fd31 100644
|
||||||
|
--- a/sys-utils/mount.c
|
||||||
|
+++ b/sys-utils/mount.c
|
||||||
|
@@ -36,7 +36,6 @@
|
||||||
|
#include "env.h"
|
||||||
|
#include "optutils.h"
|
||||||
|
#include "strutils.h"
|
||||||
|
-#include "xgetpass.h"
|
||||||
|
#include "exitcodes.h"
|
||||||
|
#include "xalloc.h"
|
||||||
|
|
||||||
|
@@ -49,7 +48,6 @@
|
||||||
|
* --options-source-force MNT_OMODE_FORCE
|
||||||
|
*/
|
||||||
|
|
||||||
|
-static int passfd = -1;
|
||||||
|
static int readwrite;
|
||||||
|
|
||||||
|
static int mk_exit_code(struct libmnt_context *cxt, int rc);
|
||||||
|
@@ -103,32 +101,6 @@ static int table_parser_errcb(struct libmnt_table *tb __attribute__((__unused__)
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
-static char *encrypt_pass_get(struct libmnt_context *cxt)
|
||||||
|
-{
|
||||||
|
- if (!cxt)
|
||||||
|
- return 0;
|
||||||
|
-
|
||||||
|
-#ifdef MCL_FUTURE
|
||||||
|
- if (mlockall(MCL_CURRENT | MCL_FUTURE)) {
|
||||||
|
- warn(_("couldn't lock into memory"));
|
||||||
|
- return NULL;
|
||||||
|
- }
|
||||||
|
-#endif
|
||||||
|
- return xgetpass(passfd, _("Password: "));
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-static void encrypt_pass_release(struct libmnt_context *cxt
|
||||||
|
- __attribute__((__unused__)), char *pwd)
|
||||||
|
-{
|
||||||
|
- char *p = pwd;
|
||||||
|
-
|
||||||
|
- while (p && *p)
|
||||||
|
- *p++ = '\0';
|
||||||
|
-
|
||||||
|
- free(pwd);
|
||||||
|
- munlockall();
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
static void print_all(struct libmnt_context *cxt, char *pattern, int show_label)
|
||||||
|
{
|
||||||
|
struct libmnt_table *tb;
|
||||||
|
@@ -616,7 +588,6 @@ static void __attribute__((__noreturn__)) usage(FILE *out)
|
||||||
|
fprintf(out, _(
|
||||||
|
" -o, --options <list> comma-separated list of mount options\n"
|
||||||
|
" -O, --test-opts <list> limit the set of filesystems (use with -a)\n"
|
||||||
|
- " -p, --pass-fd <num> read the passphrase from file descriptor\n"
|
||||||
|
" -r, --read-only mount the filesystem read-only (same as -o ro)\n"
|
||||||
|
" -t, --types <list> limit the set of filesystem types\n"));
|
||||||
|
fprintf(out, _(
|
||||||
|
@@ -782,8 +753,7 @@ int main(int argc, char **argv)
|
||||||
|
err(MOUNT_EX_SYSERR, _("failed to set options pattern"));
|
||||||
|
break;
|
||||||
|
case 'p':
|
||||||
|
- passfd = strtol_or_err(optarg,
|
||||||
|
- _("invalid passphrase file descriptor"));
|
||||||
|
+ warnx(_("--pass-fd is no longer supported"));
|
||||||
|
break;
|
||||||
|
case 'L':
|
||||||
|
case 'U':
|
||||||
|
@@ -864,8 +834,6 @@ int main(int argc, char **argv)
|
||||||
|
else if (types)
|
||||||
|
mnt_context_set_fstype(cxt, types);
|
||||||
|
|
||||||
|
- mnt_context_set_passwd_cb(cxt, encrypt_pass_get, encrypt_pass_release);
|
||||||
|
-
|
||||||
|
if (all) {
|
||||||
|
/*
|
||||||
|
* A) Mount all
|
||||||
|
--
|
||||||
|
1.7.7
|
||||||
|
|
27
util-linux-HACK-boot.localfs.diff
Normal file
27
util-linux-HACK-boot.localfs.diff
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
From 89a0fa3ca57be7440500dd207d96ea1e2908959f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ludwig Nussel <ludwig.nussel@suse.de>
|
||||||
|
Date: Wed, 20 Jun 2012 10:56:05 +0200
|
||||||
|
Subject: [PATCH] UGLY HACK: boot.localfs parses mount ouput and needs source
|
||||||
|
rather than target
|
||||||
|
|
||||||
|
---
|
||||||
|
sys-utils/mount.c | 3 +++
|
||||||
|
1 files changed, 3 insertions(+), 0 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/sys-utils/mount.c b/sys-utils/mount.c
|
||||||
|
index 8706716..b28d67a 100644
|
||||||
|
--- a/sys-utils/mount.c
|
||||||
|
+++ b/sys-utils/mount.c
|
||||||
|
@@ -166,6 +166,9 @@ static int mount_all(struct libmnt_context *cxt)
|
||||||
|
while (mnt_context_next_mount(cxt, itr, &fs, &mntrc, &ignored) == 0) {
|
||||||
|
|
||||||
|
const char *tgt = mnt_fs_get_target(fs);
|
||||||
|
+ if (getenv("MOUNT_PRINT_SOURCE")) {
|
||||||
|
+ tgt = mnt_fs_get_srcpath(fs);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (ignored) {
|
||||||
|
if (mnt_context_is_verbose(cxt))
|
||||||
|
--
|
||||||
|
1.7.7
|
||||||
|
|
@ -1,3 +1,14 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Jun 22 09:37:20 CEST 2012 - kukuk@suse.de
|
||||||
|
|
||||||
|
- Remove pam_lastlog from login.pamd, login is doing it itself.
|
||||||
|
[bnc#768067]
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Jun 20 09:22:50 UTC 2012 - lnussel@suse.de
|
||||||
|
|
||||||
|
- add a hack for boot.localfs to determine the devices to wait for
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Jun 15 12:57:06 UTC 2012 - puzel@suse.com
|
Fri Jun 15 12:57:06 UTC 2012 - puzel@suse.com
|
||||||
|
|
||||||
@ -9,6 +20,12 @@ Fri Jun 15 12:57:06 UTC 2012 - puzel@suse.com
|
|||||||
- mount-new-improve-error-messages.patch
|
- mount-new-improve-error-messages.patch
|
||||||
- libmount-add-MNT_ERR_LOOPDEV.patch
|
- libmount-add-MNT_ERR_LOOPDEV.patch
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Jun 15 10:07:26 UTC 2012 - lnussel@suse.de
|
||||||
|
|
||||||
|
- remove encryption options completely as upstream will do that as
|
||||||
|
well in the next release (bnc#748879).
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jun 14 13:04:40 UTC 2012 - puzel@suse.com
|
Thu Jun 14 13:04:40 UTC 2012 - puzel@suse.com
|
||||||
|
|
||||||
|
@ -97,6 +97,13 @@ Patch7: libmount-add-special-MNT_ERR-codes.patch
|
|||||||
Patch8: mount-new-use-MNT_ERR-for-error-messages.patch
|
Patch8: mount-new-use-MNT_ERR-for-error-messages.patch
|
||||||
Patch9: libmount-add-MNT_ERR_LOOPDEV.patch
|
Patch9: libmount-add-MNT_ERR_LOOPDEV.patch
|
||||||
Patch10: mount-new-add-loopdev-specific-error-message.patch
|
Patch10: mount-new-add-loopdev-specific-error-message.patch
|
||||||
|
|
||||||
|
# disable encryption
|
||||||
|
Patch11: util-linux-2.21.2-noenc.diff
|
||||||
|
Patch12: util-linux-2.21.2-noenc-suse.diff
|
||||||
|
|
||||||
|
# hack for boot.localfs
|
||||||
|
Patch20: util-linux-HACK-boot.localfs.diff
|
||||||
#####
|
#####
|
||||||
|
|
||||||
##
|
##
|
||||||
@ -207,6 +214,10 @@ Files to develop applications using the libmount library.
|
|||||||
%patch8 -p1
|
%patch8 -p1
|
||||||
%patch9 -p1
|
%patch9 -p1
|
||||||
%patch10 -p1
|
%patch10 -p1
|
||||||
|
%patch11 -p1
|
||||||
|
%patch12 -p1
|
||||||
|
#
|
||||||
|
%patch20 -p1
|
||||||
|
|
||||||
#
|
#
|
||||||
cd adjtimex-*
|
cd adjtimex-*
|
||||||
|
Loading…
Reference in New Issue
Block a user