Ubuntu
cryptsetup package

Bug #474327
Comment #0

Comment 0 for bug 474327

Revision history for this message

Sergey Dolgov (solka) wrote on 2009-11-04: /lib/cryptsetup/checks/{un_,}vol_id should fail if vol_id from udev is not available

Binary package hint: cryptsetup

/lib/cryptsetup/checks/{un_,}vol_id are supposed to check for a type of file system on a disk volume. Functions from /lib/cryptsetup/cryptdisks.functions use those checks to determine whether it is safe to destroy the contents of a volume by e.g calling luks create on it:

PRECHECK="/lib/cryptsetup/checks/un_vol_id"

[...]

       if ! pre_out=$("$PRECHECK" "$src" 2> /dev/null) && \
           [ "$MAKESWAP" != "yes" ] && \
           ! /lib/cryptsetup/checks/vol_id "$src" swap >/dev/null; then
                log_warning_msg "$dst: the precheck for '$src' failed: $pre_out"
                return 1
        fi

[...]

cryptsetup $PARAMS create "$dst" "$src"

/lib/cryptsetup/checks/{un_,}vol_id rely on /lib/udev/vol_id from the udev package. In Karmic, vol_id it is no longer present. Most unfortunately, in this case the checks *pass* with mere warning:

if test ! -x "/lib/udev/vol_id"; then
echo " - WARNING: vol_id from udev is not available, impossible to run checks."
exit 0
fi

I would argue that exit 0 should be exit 1 instead, otherwise it can lead to silent data corruption in case the disks connected to the machine change. Here is how it happend to me:

I installed Karmic on HDD1; at that time it was the only drive in the box, and thus it was detected as sda. The installer created this entry in /etc/crypttab:

cryptswap1 /dev/sda3 /dev/urandom swap,cipher=aes-cbc-essiv:sha256

After that, I connected my second drive, HDD2, to the box. It happend to be connected to the first port of the SATA controller, so when I booted off HDD1, hard drive were detected as follows: HDD2: sda, HDD1: sdb. As a result, my ext3 partition on HDD2 ("new" sda3) became corrupted because of missing vol_id in udev and this bug.

It looks like the move from vol_id to blkid from util-linux is uderway; Debian already has /mnt/lib/cryptsetup/checks/blkid, but the same problem is present there too:

if test ! -x "/sbin/blkid"; then
echo " - WARNING: blkid from util-linux is not available, impossible to run checks."
exit 0
fi

which means data corruption if blkid is missing and your disks changed since the time /etc/crypttab was created.

Binary package hint: cryptsetup

PRECHECK="/lib/cryptsetup/checks/un_vol_id"

[...]

cryptsetup $PARAMS create "$dst" "$src"

/lib/cryptsetup/checks/{un_,}vol_id rely on /lib/udev/vol_id from the udev package. In Karmic, vol_id it is no longer present. Most unfortunately, in this case the checks *pass* with mere warning:

if test ! -x "/lib/udev/vol_id"; then
  echo " - WARNING: vol_id from udev is not available, impossible to run checks."
  exit 0
fi

I would argue that exit 0 should be exit 1 instead, otherwise it can lead to silent data corruption in case the disks connected to the machine change. Here is how it happend to me:

I installed Karmic on HDD1; at that time it was the only drive in the box, and thus it was detected as sda. The installer created this entry in /etc/crypttab:

cryptswap1 /dev/sda3 /dev/urandom swap,cipher=aes-cbc-essiv:sha256

It looks like the move from vol_id to blkid from util-linux is uderway; Debian already has /mnt/lib/cryptsetup/checks/blkid, but the same problem is present there too:

if test ! -x "/sbin/blkid"; then
  echo " - WARNING: blkid from util-linux is not available, impossible to run checks."
  exit 0
fi

which means data corruption if blkid is missing and your disks changed since the time /etc/crypttab was created.

Ubuntucryptsetup package

Comment 0 for bug 474327

Ubuntu
cryptsetup package