eCryptfs

Merge lp:~alberto-o/ecryptfs/swapfile-fix into lp:ecryptfs

  1. swapfile-fix
  2. Merge into trunk
Proposed by Alberto Pianon
Status: Needs review
Proposed branch: lp:~alberto-o/ecryptfs/swapfile-fix
Merge into: lp:ecryptfs
Diff against target: 60 lines (+15/-6)
2 files modified
debian/changelog (+6/-2)
src/utils/ecryptfs-setup-swap (+9/-4)
To merge this branch: bzr merge lp:~alberto-o/ecryptfs/swapfile-fix
Reviewer Review Type Date Requested Status
eCryptfs Pending
Review via email: mp+319130@code.launchpad.net

Description of the change

This fixes a small but very important bug (at least for Ubuntu): since Zesty uses swapfiles by default, because of this bug if you choose "encrypt home folder" during installation (which forces also swap encryption), after installation the system hangs a lot on every boot because it cannot activate swap.
Ecryptfs-setup-swap did not handle swapfiles correctly, and put a UUID in crypyttab as if the swapfile were a partition (see https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1670336)
Moreover, it called the wrong script to start the encrypted swap.

To post a comment you must log in.

Unmerged revisions

886. By Alberto Pianon

[ Alberto Pianon ]
src/utils/ecryptfs-setup-swap: Fix to make the script work with swapfiles
and to use the right script to start encrypted swap (LP: #1670336)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'debian/changelog'
--- debian/changelog 2016-07-15 00:14:41 +0000
+++ debian/changelog 2017-03-06 20:21:05 +0000
@@ -1,4 +1,4 @@
1ecryptfs-utils (112) UNRELEASED; urgency=medium1ecryptfs-utils (112ubuntu1) UNRELEASED; urgency=medium
22
3 [ Dustin Kirkland ]3 [ Dustin Kirkland ]
4 * UNRELEASED4 * UNRELEASED
@@ -25,7 +25,11 @@
25 modify the swap partitions on systems that ecryptfs-setup-swap has been25 modify the swap partitions on systems that ecryptfs-setup-swap has been
26 used on. (LP: #1447282, LP: #1597154)26 used on. (LP: #1447282, LP: #1597154)
2727
28 -- Dustin Kirkland <kirkland@ubuntu.com> Fri, 26 Feb 2016 18:00:18 -060028 [ Alberto Pianon ]
29 * src/utils/ecryptfs-setup-swap: Fix to make the script work with swapfiles
30 and to use the right script to start encrypted swap (LP: #1670336)
31
32 -- Alberto Pianon <alberto@pianon.eu> Mon, 06 Mar 2017 21:04:47 +0100
2933
30ecryptfs-utils (111) xenial; urgency=medium34ecryptfs-utils (111) xenial; urgency=medium
3135
3236
=== modified file 'src/utils/ecryptfs-setup-swap'
--- src/utils/ecryptfs-setup-swap 2016-07-13 05:02:30 +0000
+++ src/utils/ecryptfs-setup-swap 2017-03-06 20:21:05 +0000
@@ -150,7 +150,7 @@
150 info `gettext "Setting up swap:"` "[$swap]"150 info `gettext "Setting up swap:"` "[$swap]"
151 uuid=$(blkid -o value -s UUID $swap)151 uuid=$(blkid -o value -s UUID $swap)
152 # /etc/fstab might use a symlink like /dev/mapper/ubuntu--vg-swap_1152 # /etc/fstab might use a symlink like /dev/mapper/ubuntu--vg-swap_1
153 links=$(for d in $(udevadm info --query=symlink -n $swap); do echo /dev/$d; done)153 [ -f $swap ] || links=$(for d in $(udevadm info --query=symlink -n $swap); do echo /dev/$d; done)
154 for target in "UUID=$uuid" $swap $links; do154 for target in "UUID=$uuid" $swap $links; do
155 if [ -n "$target" ] && grep -qs "^$target\s\+" /etc/fstab; then155 if [ -n "$target" ] && grep -qs "^$target\s\+" /etc/fstab; then
156 sed -i "s:^$target\s\+:\#$target :" /etc/fstab156 sed -i "s:^$target\s\+:\#$target :" /etc/fstab
@@ -193,8 +193,11 @@
193 # Add crypttab entry193 # Add crypttab entry
194 # Use /dev/urandom, since this is not a long lived key (generated each boot),194 # Use /dev/urandom, since this is not a long lived key (generated each boot),
195 # and so that we don't block booting while waiting for entropy195 # and so that we don't block booting while waiting for entropy
196 echo "cryptswap$i UUID=$uuid /dev/urandom swap,offset=1024,cipher=aes-xts-plain64" >> /etc/crypttab196 if [ -f $swap ]; then # swapfile
197197 echo "cryptswap$i $swap /dev/urandom swap,offset=1024,cipher=aes-xts-plain64" >> /etc/crypttab
198 else # partition
199 echo "cryptswap$i UUID=$uuid /dev/urandom swap,offset=1024,cipher=aes-xts-plain64" >> /etc/crypttab
200 fi
198 # Add fstab entry201 # Add fstab entry
199 echo "/dev/mapper/cryptswap$i none swap sw 0 0" >> /etc/fstab202 echo "/dev/mapper/cryptswap$i none swap sw 0 0" >> /etc/fstab
200done203done
@@ -204,7 +207,9 @@
204 swapoff -a207 swapoff -a
205208
206 # Restart cryptdisks209 # Restart cryptdisks
207 /etc/init.d/cryptdisks restart210 #/etc/init.d/cryptdisks restart
211 # the above script does nothing, the following is the right command:
212 systemctl restart cryptsetup.target
208213
209 # Turn the swap on214 # Turn the swap on
210 swapon -a215 swapon -a

Subscribers

People subscribed via source and target branches