plymouth made SSL pass phrase dialog can't read input

Bug #734316 reported by meshway on 2011-03-13
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apache2 (Ubuntu)
Undecided
Unassigned

Bug Description

System:
Ubuntu Server 10.10

Packages:
apache plymouth

Description:
If you configure apache to use a password-protected SSL key. when apache booting with the system, it will ask you for a password. But the pass phrase dialog can't read the password from console. You must login on tty2, kill apache manually,then start it.

Solutions:
I find three way to fix it.

1)The first is in Bug #582963, I don't think this bug is because of apache.
   Adding "stty sane" to /etc/init.d/apache2.
   sed -e '/^ENV=/i stty sane' /etc/init.d/apache2|sudo tee /etc/init.d/apache2

2) and 3)will make plymouth can't start when the system is booting.

2)add "init=/sbin/init" at kernel boot command line

3)Stop self-starting plymouth (I can't uninstall it because of the dependencies)
   sudo cd /etc/init
   sudo tar -czvf initbak.tar.gz /etc/init
   sudo rm /init/plymouth*

meshway (meshway) on 2011-03-13
Changed in plymouth (Ubuntu):
assignee: nobody → meshway (meshway)
description: updated
Changed in plymouth (Ubuntu):
assignee: meshway (meshway) → nobody
meshway (meshway) on 2011-03-13
visibility: private → public
Marc Deslauriers (mdeslaur) wrote :

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.

security vulnerability: yes → no
Steve Langasek (vorlon) on 2011-03-25
affects: plymouth (Ubuntu) → apache2 (Ubuntu)
Clint Byrum (clint-fewbar) wrote :

Hi meshway, thanks for taking the time to file this bug report so we can make Ubuntu better!

I believe this is an exact duplicate of bug #582963 , which has been fixed, albeit not perfectly, in Natty by using plymouth's "ask for password" facilities.

We probably won't backport that to Maverick or prior releases, because it potentially halts the bootup. This needs to be documented in some release notes before we do it so we don't accidentally leave a time-bomb on somebody's remotely managed system for the next reboot.

As you note, the only real answer is to start apache2 manually when you have a pass phrase.

This is noted in the maverick release notes:

https://wiki.ubuntu.com/MaverickMeerkat/ReleaseNotes#Known Issues

Marking duplicate of bug #582963

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers