[Pkg-cryptsetup-devel] Bug#351022: endless loop after syntax
error in crypttab
Jonas Meurer
jonas at freesources.org
Thu Feb 2 17:28:01 UTC 2006
On 02/02/2006 debbug2 at danisch.de wrote:
> Package: cryptsetup
> Version: 2:1.0.1-16
>
> Hi,
>
> I wanted to setup an encrypted swap device as described in
> /usr/share/doc/cryptsetup/CryptoSwap.HowTo .
>
> Unfortunately I made a small mistake and wrote the options argument
> like
>
> swap precheck=swap
>
> (space, instead of a comma). /etc/init.d/cryptsetup then went into an
> endless loop, which could cause the machine to hang at boot time.
>
> /etc/init.d/cryptsetup should be able to skip syntax errors in the
> crypttab.
i've problems with reproducing this bug.
but unfortunately i found another bug with encrypted swap support.
first, do you have a swap check in /lib/cryptsetup/prechecks/swap? the
package doesn't provide one, so the 'precheck=swap' option should not do
anything.
second, for me the space instead of comma doesn't break cryptdisks. the
check simply is not run, as a fifth argument in /etc/crypttab is ignored
in any case.
third, and that is the real problem, the swap postcheck is rather
useless. most people will use /dev/random as key for swap partitions.
therefore the check for swap headers on the decrypted device will always
fail.
only if a constant key is used for swap (why should somebody do that),
the check can succeed.
but regarding your bugreport, i don't know how to reproduce it. can you
paste your complete swap line in /etc/crypttab?
i tried the following, and none ended in an endless loop:
swap /dev/vg_external/swap /dev/random swap
swap /dev/vg_external/swap /dev/random swap,precheck=swap
swap /dev/vg_external/swap /dev/random swap precheck=swap
swap /dev/vg_external/swap /dev/random swap postcheck=swap
swap /dev/vg_external/swap /dev/random swap,postcheck=swap
only the last one failed at all, with the reason i described above.
...
jonas
More information about the Pkg-cryptsetup-devel
mailing list