[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] Weird encrypted filesystem problem.



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The Tuesday 2007-04-17 at 13:56 +0200, Ludwig Nussel wrote:

> > Is there something I can do to expand info? How to know what that
> > "Function not implemented" is refering to?
> 
> Maybe an strace of mount gives some insight.

I'll try that later.


> > Could it be that the mount program in 10.2 can not mount device-mapper
> > things?
> 
> No, mount doesn't care where the device comes from.

Ok.


> > Perhaps I could try with a plain dvd, if you tell me a procedure.
> 
> plain dvd? You mean using an unencrypted dvd via device mapper?

Right, to see if mount can mount such a device.


> > (I tried again with a intentionally wrong passphrase, and there is no
> > complain; I don't like that).
> 
> There is no complaint at this point with the old method either. It's
> up to you/a script/mount to determine whether the decrypted data
> makes sense.

let me verify that... no, not so:

  nimrodel:/etc/postfix # umount /mnt/crypta.mm.x/
  nimrodel:/etc/postfix # mount /mnt/crypta.mm.x/
  Password: 
  mount: wrong fs type, bad option, bad superblock on /dev/loop1,
         missing codepage or other error
         In some cases useful info is found in syslog - try
         dmesg | tail  or so


If I type the passphrase (actually, the same one that the dvd uses) with 
one letter missing, I get that error above. This one mounts with this line 
in fstab:

  /biggy/crypta_f.mm.x    /mnt/crypta.mm.x    xfs  noauto,loop,encryption=twofish256       1 2


I think that if I mount manually, using losetup, the error message is a 
bit clearer.


> > The corresponding line in fstab for that dvd is:
> > 
> >   /dev/dvd    /mnt/dvd.crypta.x9      auto    ro,noauto,user,loop,encryption=twofishSL92
> > 
> > The filesystem is XFS.
> 
> Is the filesystem properly identified as xfs after you've set up the
> dm target? Ie does /lib/udev/vol_id /dev/mapper/foo tell you that
> it's xfs?

Let me see:


  nimrodel:/etc/postfix # /lib/udev/vol_id /dev/mapper/foo
  ID_FS_USAGE=filesystem
  ID_FS_TYPE=xfs
  ID_FS_VERSION=
  ID_FS_UUID=3c3574ab-f3c4-4540-98cd-14c4d7125cc5
  ID_FS_LABEL=crpt_dvd_xfs
  ID_FS_LABEL_SAFE=crpt_dvd_xfs
  nimrodel:/etc/postfix # 


Seems it is.


- -- 
Cheers,
       Carlos E. R.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFGJMRwtTMYHG2NR9URAl8NAKCIc6PYQFtSvW2cZAmEEMO+qrheTACfUONb
9H9gihxrB4Qk7IJKKzrNbw0=
=VcF+
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx