From fe32be5374e20136a511d8865f5516882898ba1929139f9d1dcecc1057a6e4e4 Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Thu, 26 Feb 2009 11:48:36 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cryptsetup?expand=0&rev=21 --- cryptsetup.changes | 30 +++++++++++++++++++----------- cryptsetup.spec | 31 ++++++++++++++++++------------- mkinitrd-boot.sh | 16 ++++++++++++---- mkinitrd-setup.sh | 6 ++++-- 4 files changed, 53 insertions(+), 30 deletions(-) diff --git a/cryptsetup.changes b/cryptsetup.changes index e6bc4ca..d57a5ff 100644 --- a/cryptsetup.changes +++ b/cryptsetup.changes @@ -1,7 +1,15 @@ +------------------------------------------------------------------- +Wed Feb 25 13:47:43 CET 2009 - jsmeix@suse.de + +- Fixed initrd LUKS password annoyance in mkinitrd-boot.sh and + mkinitrd-setup.sh when the same password is used for all + partitions. In this case the password is now only asked + once (bnc#465711). + ------------------------------------------------------------------- Sun Dec 14 12:27:34 CET 2008 - bwalle@suse.de -- Fix LUKS root partition residing on a soft raid (bnc #358341) +- Fix LUKS root partition residing on a soft raid (bnc#358341) ------------------------------------------------------------------- Mon Nov 3 14:03:33 CET 2008 - mkoenig@suse.de @@ -22,7 +30,7 @@ Wed Sep 3 11:09:34 CEST 2008 - hare@suse.de ------------------------------------------------------------------- Wed Aug 20 15:20:06 CEST 2008 - mkoenig@suse.de -- enable SELinux support [fate#303662] +- enable SELinux support (fate#303662) ------------------------------------------------------------------- Wed Aug 13 11:21:14 CEST 2008 - mkoenig@suse.de @@ -34,7 +42,7 @@ Wed Aug 13 11:21:14 CEST 2008 - mkoenig@suse.de Fri Aug 8 11:42:10 CEST 2008 - mkoenig@suse.de - boot.crypto: - * Provide some reasonable exit status [bnc#409502] + * Provide some reasonable exit status (bnc#409502) ------------------------------------------------------------------- Wed Jul 23 15:44:31 CEST 2008 - hare@suse.de @@ -44,7 +52,7 @@ Wed Jul 23 15:44:31 CEST 2008 - hare@suse.de ------------------------------------------------------------------- Wed Jul 23 13:05:20 CEST 2008 - mkoenig@suse.de -- use /sbin/udevadm settle instead of /sbin/udevsettle [bnc#404875] +- use /sbin/udevadm settle instead of /sbin/udevsettle (bnc#404875) ------------------------------------------------------------------- Tue May 6 12:36:49 CEST 2008 - mkoenig@suse.de @@ -55,7 +63,7 @@ Tue May 6 12:36:49 CEST 2008 - mkoenig@suse.de ------------------------------------------------------------------- Wed Apr 9 15:59:09 CEST 2008 - mkoenig@suse.de -- add support for boot.crypto-early [#355824] +- add support for boot.crypto-early (bnc#355824) needed to encrypt block devices for usage with LVM or MD adds a new option 'noearly' for crypttab, which will skip the device in boot.crypto-early. @@ -64,7 +72,7 @@ Wed Apr 9 15:59:09 CEST 2008 - mkoenig@suse.de Wed Feb 27 12:10:32 CET 2008 - mkoenig@suse.de - update to svn revision 46: - * fix out of bound for key index in delKey [bnc#360041] + * fix out of bound for key index in delKey (bnc#360041) * Add typo fixes to the cryptsetup.8 manpage * Add key-slot patch * Remove O_EXCL requirement for certain LUKS operations @@ -75,18 +83,18 @@ Mon Feb 4 16:22:42 CET 2008 - lnussel@suse.de - boot.crypto: * check for columns of terminal (bnc#337614) - * enhance crypttab manpage (#351061) - * check for fs_passno (#345339) + * enhance crypttab manpage (bnc#351061) + * check for fs_passno (bnc#345339) ------------------------------------------------------------------- Wed Jan 9 12:07:14 CET 2008 - lnussel@suse.de - upgrade to svn revision 42 which includes previous patches - boot.crypto: - * don't mount read-only as safety check (#345338) + * don't mount read-only as safety check (bnc#345338) * implement precheck scripts - * allow restarting of single volumes (#345605) - * status query of individual devices (#345605) + * allow restarting of single volumes (bnc#345605) + * status query of individual devices (bnc#345605) * add vol_id check script * maintain boot.crypto stuff in revision control and use tarball snapshots of it diff --git a/cryptsetup.spec b/cryptsetup.spec index e4883cc..08b1597 100644 --- a/cryptsetup.spec +++ b/cryptsetup.spec @@ -1,7 +1,7 @@ # # spec file for package cryptsetup (Version 1.0.5_SVNr46) # -# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -30,7 +30,7 @@ License: BSD 3-Clause; GPL v2 only; GPL v2 or later Group: System/Base AutoReqProv: on Version: 1.0.5_SVNr46 -Release: 58 +Release: 59 Summary: Set Up dm-crypt Based Encrypted Block Devices Source: cryptsetup-%{version}.tar.bz2 Source1: hashalot-%haver.tar.bz2 @@ -225,8 +225,13 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/libcryptsetup.so %changelog +* Wed Feb 25 2009 jsmeix@suse.de +- Fixed initrd LUKS password annoyance in mkinitrd-boot.sh and + mkinitrd-setup.sh when the same password is used for all + partitions. In this case the password is now only asked + once (bnc#465711). * Sun Dec 14 2008 bwalle@suse.de -- Fix LUKS root partition residing on a soft raid (bnc #358341) +- Fix LUKS root partition residing on a soft raid (bnc#358341) * Mon Nov 03 2008 mkoenig@suse.de - boot.crypto-early: explicitly start before boot.localfs * Fri Sep 12 2008 mkoenig@suse.de @@ -235,28 +240,28 @@ rm -rf $RPM_BUILD_ROOT * Wed Sep 03 2008 hare@suse.de - Call mkinitrd_setup during %%post and %%postun (bnc#413709) * Wed Aug 20 2008 mkoenig@suse.de -- enable SELinux support [fate#303662] +- enable SELinux support (fate#303662) * Wed Aug 13 2008 mkoenig@suse.de - boot.crypto: * Fix init script tags * Fri Aug 08 2008 mkoenig@suse.de - boot.crypto: - * Provide some reasonable exit status [bnc#409502] + * Provide some reasonable exit status (bnc#409502) * Wed Jul 23 2008 hare@suse.de - Include mkinitrd scriptlets. * Wed Jul 23 2008 mkoenig@suse.de -- use /sbin/udevadm settle instead of /sbin/udevsettle [bnc#404875] +- use /sbin/udevadm settle instead of /sbin/udevsettle (bnc#404875) * Tue May 06 2008 mkoenig@suse.de - load loop module in boot.crypto-early as it might be needed. It is previously initially loaded by boot.localfs. * Wed Apr 09 2008 mkoenig@suse.de -- add support for boot.crypto-early [#355824] +- add support for boot.crypto-early (bnc#355824) needed to encrypt block devices for usage with LVM or MD adds a new option 'noearly' for crypttab, which will skip the device in boot.crypto-early. * Wed Feb 27 2008 mkoenig@suse.de - update to svn revision 46: - * fix out of bound for key index in delKey [bnc#360041] + * fix out of bound for key index in delKey (bnc#360041) * Add typo fixes to the cryptsetup.8 manpage * Add key-slot patch * Remove O_EXCL requirement for certain LUKS operations @@ -264,15 +269,15 @@ rm -rf $RPM_BUILD_ROOT * Mon Feb 04 2008 lnussel@suse.de - boot.crypto: * check for columns of terminal (bnc#337614) - * enhance crypttab manpage (#351061) - * check for fs_passno (#345339) + * enhance crypttab manpage (bnc#351061) + * check for fs_passno (bnc#345339) * Wed Jan 09 2008 lnussel@suse.de - upgrade to svn revision 42 which includes previous patches - boot.crypto: - * don't mount read-only as safety check (#345338) + * don't mount read-only as safety check (bnc#345338) * implement precheck scripts - * allow restarting of single volumes (#345605) - * status query of individual devices (#345605) + * allow restarting of single volumes (bnc#345605) + * status query of individual devices (bnc#345605) * add vol_id check script * maintain boot.crypto stuff in revision control and use tarball snapshots of it diff --git a/mkinitrd-boot.sh b/mkinitrd-boot.sh index b48e98f..e822602 100644 --- a/mkinitrd-boot.sh +++ b/mkinitrd-boot.sh @@ -17,7 +17,7 @@ case $luks_lang in en*) - /* We only support english keyboard layout */ + # We only support english keyboard layout ;; *) echo "Only english keyboard layout supported." @@ -25,8 +25,16 @@ case $luks_lang in ;; esac +echo +echo -n "Enter LUKS Passphrase:" +read -s pass +echo + for curluks in $luks; do - DEVICE=$(eval echo \$luks_${curluks}) - check_for_device $DEVICE - /sbin/cryptsetup luksOpen $DEVICE $curluks + echo $pass | /sbin/cryptsetup luksOpen $(eval echo \$luks_${curluks}) $curluks || \ + /sbin/cryptsetup luksOpen $(eval echo \$luks_${curluks}) $curluks done + +pass='xxxxxxxxxxxxxxxxxxxx' +unset pass + diff --git a/mkinitrd-setup.sh b/mkinitrd-setup.sh index a1d346c..1974fa5 100644 --- a/mkinitrd-setup.sh +++ b/mkinitrd-setup.sh @@ -5,8 +5,9 @@ if [ -x /sbin/cryptsetup -a -x /sbin/dmsetup ] ; then luks_blockdev= + luks_add_device="$blockdev $luks_add_device" # bd holds the device we see the decrypted LUKS partition as - for bd in $blockdev ; do + for bd in $luks_add_device ; do luks_name= update_blockdev $bd luks_blockmajor=$blockmajor @@ -37,7 +38,7 @@ fi if [ "$root_luks" ]; then case $LANG in en*) - /* We only support english keyboard layout currently */ + # We only support english keyboard layout currently ;; *) echo "Only english keyboard layout supported." @@ -54,3 +55,4 @@ save_var root_luks # do we have luks? save_var luks # which names do the luks devices have? save_var cryptmodules # required kernel modules for crypto setup save_var luks_lang # original language settings +