[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] Weird encrypted filesystem problem.



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The Wednesday 2007-04-18 at 11:30 +0200, Ludwig Nussel wrote:

> > > The function does exist, it just throws an ENOSYS error :-)
> > 
> > Ah :-(
> > 
> > ¿Is that a bug I should report in bugzilla?
> 
> That's what I'm trying to find out.

Ah, ok, then just tell me when you have something else I could test.


> > And the missing "/sbin/mount.xfs"? What is that?
> 
> Normal, mount first checks if there is a special mount program for a
> filesystem.

I see.


> > I also have a concoction of zisofs compressed and xfs encripted
> > filesystems, but that one is complex to test (it worked last time I tried
> > some months back).
> 
> I don't understand what you mean. xfs is not an encryption algorithm
> it's a filesystem just as zisofs is.

Ok. I'll explain.

 - First I generate a zisofs compressed dvd image, using mkzftree (1) and 
   "mkisofs -Z", which I name "zisofs.iso".
 - Create an xfs image of an encrypted filesystem (losetup, twofish, etc), 
   in file '/Disco40/crypta.xfs.f'
 - I mount the xfs image, and copy on the resulting filesystem the 
   iso9660/zisofs dvd image created earlier (zisofs.iso).
 - I umount the xfs image, and burn it to a dvd.

The resulting dvd is both compressed and encrypted, and I mount it thus; 
in /etc/fstab I have:

  /Disco40/crypta.xfs.f   /mnt/crypta.x9.dvdbck   xfs  loop,noauto,user,encryption=twofishSL92   0 0
  #¡Encadenado!
  /mnt/crypta.x9.dvdbck/zisofs.iso  /mnt/crypta.x9z.dvdbck  auto  loop,ro,noauto,user,exec       0 0

The above are the lines for the dvd creation step. For reading the dvd 
back, I lost the entries, but they should be:

  /dev/dvd                        /mnt/dvd.crypta.x9    auto  ro,noauto,user,loop,encryption=twofishSL92  0 0
  /mnt/dvd.crypta.x9/zisofs.iso   /mnt/dvd.crypta.x9z   auto  loop,ro,noauto,user,exec                    0 0

First, I do "mount /mnt/crypta.x9.dvdbck", the encrypted xfs image. Next, I 
loop mount the compressed image on it, using "mount /mnt/crypta.x9z.dvdbck".

Not too weird, I hope ;-)


(I use twofishSL92 inadvertently, as explained at the start of the thread)



> > I have no idea how to mount plain dvds using the device map thing, which
> 
> The device mapper is of no use there. You can just mount the device
> directly.

I know. I just mean that perhaps it is possible to test that way if mount 
is capable of mounting a plain dvd via this remaper thing, or if it only 
fails when it is encrypted. But maybe that's not an issue, I really don't 
know. You are the expert, so whatever you say :-)

- -- 
Cheers,
       Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFGJkcNtTMYHG2NR9URApdvAKCYSAUauI8o8cxjXS7wuMeiFr1CjACeI49S
qoHR4o5LxZNSY0mbGmlLKKA=
=NYod
-----END PGP SIGNATURE-----