FFe: Please merge cryptsetup 2:1.4.1-2 (main) from debian unstable (main)

Gah. About a week after you filed this, Debian updated to cryptsetup 1.3.0. From the changelog, it looks like the more recent Debian packages contain fixes that we want.

I'm sorry nobody's got to this before now. Could you please re-do this merge against the more recent debian revision, and I'll review and upload once you're done?

I've done precisely this here, in order to get loop-AES compatibility support. It all seems to be working fine in a Natty environment.

My diff against the Debian cryptsetup 1.3.0-3 source package is attached.

I'm just wondering if there's any chance of this version update making it into Oneiric -- and if there's anything further I can do to facilitate this?

This version contains alot of bugfixes.
See:
http://code.google.com/p/cryptsetup/wiki/Cryptsetup120
http://code.google.com/p/cryptsetup/wiki/Cryptsetup130
http://code.google.com/p/cryptsetup/wiki/Cryptsetup131
http://code.google.com/p/cryptsetup/wiki/Cryptsetup140
http://code.google.com/p/cryptsetup/wiki/Cryptsetup141

Did some more test on this. And everything seems to be working.

What I tested:
Created LUKS device with current version in Precise.
Upgraded cryptsetup
Mounted correctly, no issues.
Created LUKS device with the new version.
Mounted that

Everything seems to do its thing.

I think that having also the TRIM option in cryptsetup is a good thing to have.
Surely that more and more people are getting a SSD.

Status changed to 'Confirmed' because the bug affects multiple users.

The version currently in Pangolin Beta 1 (1.1.3) and the next version are both deprecated at "http://code.google.com/p/cryptsetup". It would be great to get this freshened up before Pangolin is released.

ACK! The current version is obsolete.

The merge looks good. Only two small comments:

- The diff in debian/cryptsetup.dirs isn't necessary anymore as debian/rules has a "mkdir -p" call.

- The diff in debian/cryptsetup.postinst isn't necessary anymore. The version in lucid is greater than 2:1.0.6+20090405.svn49-1ubuntu8.

Please test this on a system which uses an encrypted root/home partition, otherwise it seems ok to me. Thanks!

Attached a debdiff with the remarks fixed.
I'm going to test this now on a Precise system with crypted root.

Tested this with an encrypted root, and this works without issues!

libpam-mount is the remaining reverse dependency of the now obsolete libcryptsetup1, I'll handle the update to libcryptsetup4.

This bug was fixed in the package cryptsetup - 2:1.4.1-2ubuntu1

---------------
cryptsetup (2:1.4.1-2ubuntu1) precise; urgency=low

  [ Jean-Louis Dupond ]
  * Merge from debian unstable (LP: #776264), remaining changes:
    - debian/cryptdisks.functions: Suppress "Starting init crypto disks" message
      in "init" phase, to avoid writing over fsck progress text.
    - debian/cryptroot-hook: Quiet warnings from find on arches that
      don't have all the kernel/{arch,crypto} bits we're testing for.
    - debian/control:
      + Bump initramfs-tools Suggests to Depends: so system is not
        potentially rendered unbootable.
      + Depend on plymouth.
    - Add debian/cryptdisks-{enable,udev}.upstart.
    - debian/cryptdisks.functions:
      + new function, crypttab_start_one_disk, to look for the named source
        device in /etc/crypttab (by device name, UUID, or label) and start it
        if configured to do so
    - debian/cryptdisks{,-early}.init: Make the 'start' action of the init
      script a no-op, this should be handled entirely by the upstart job;
      and fix the LSB header to not declare this should be started in
      runlevel 'S'
    - debian/rules:
      + Do not install start symlinks for init scripts, and
        install debian/cryptdisks-{enable,udev}.upstart scripts.

  [ Steve Langasek ]
  * debian/cryptdisks.functions: handle the case where crypttab contains a
    name for the source device that is not the kernel's preferred name for
    it (as is the case for LVs).

cryptsetup (2:1.4.1-2) unstable; urgency=low

  * acknowledge NMU. Thanks to Michael Biebl. (closes: #659182)
  * don't print error for non-encrypted rootfs in initramfs cryptroot hook.
    Thanks to Jamie Heilman and Christoph Anton Mitterer for bugreports.
    (closes: #659087, #659106)
  * use dmsetup splitname to extract VG name from $node in initramfs cryptroot
    hook. Thanks to Kai Weber for the bugreport, Milan Broz and Claudio
    Imbrenda for suggestions and patches. (closes: #659235)

cryptsetup (2:1.4.1-1.1) unstable; urgency=low

  * Non-maintainer upload.
  * Fix dangling .so symlink. Don't hard code the library version but use
    readlink instead to determine where the .so symlink should point at.
    (closes: #659182)

cryptsetup (2:1.4.1-1) unstable; urgency=low

  * new upstream release (1.4.0 + 1.4.1) (closes: #647851)
    - fixes typo in german translation. (closes: #645528)
    - remove patches, all incorporated upstream.
    - soname bump, rename library package to libcryptsetup4
  * check for busybox in initramfs cryptroot hook, and install the sed binary
    in case it's either not installed or not activated. (closes: #591853)
  * add checks for 'type $KEYSCRIPT' to initscripts cryptdisks.functions, and
    to cryptroot initramfs script/hook. this adds support for keyscripts inside
    $PATH. thanks to Ian Jackson for the suggestion. (closes: #597583)
  * use argument '--sysinit' for vgchange in cryptroot initramfs script. Thanks
    to Christoph Anton Mitterer for the suggestion.
  * add option for discard/trim features to crypttab and initramfs scripts.
    Thanks to intrigeri and Peter Colberg for patches. (closes: #64...

This bug was fixed in the package libpam-mount - 2.10-2build1

---------------
libpam-mount (2.10-2build1) precise; urgency=low

  * No-change rebuild against libcryptsetup4. (LP: #776264)
 -- Martin Pitt <email address hidden> Thu, 08 Mar 2012 07:37:20 +0100