Merge ~mkukri/ubuntu/+source/cryptsetup:merge-2.7.0-1 into ubuntu/+source/cryptsetup:debian/sid
- Git
- lp:~mkukri/ubuntu/+source/cryptsetup
- merge-2.7.0-1
- Merge into debian/sid
Status: | Needs review | ||||||||
---|---|---|---|---|---|---|---|---|---|
Proposed branch: | ~mkukri/ubuntu/+source/cryptsetup:merge-2.7.0-1 | ||||||||
Merge into: | ubuntu/+source/cryptsetup:debian/sid | ||||||||
Diff against target: |
2740 lines (+2092/-27) 14 files modified
debian/changelog (+1962/-0) debian/control (+7/-5) debian/functions (+9/-1) debian/initramfs/cryptroot-unlock (+12/-6) debian/initramfs/hooks/cryptroot (+5/-3) debian/rules (+3/-0) debian/tests/control (+3/-2) debian/tests/cryptroot-lvm.d/mock (+7/-2) debian/tests/cryptroot-nested.d/config (+7/-0) debian/tests/cryptroot-sysvinit.d/config (+7/-2) debian/tests/initramfs-hook (+16/-2) debian/tests/utils/cryptroot-common (+27/-3) debian/tests/utils/mkinitramfs (+2/-0) debian/tests/utils/mock.pm (+25/-1) |
||||||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Mate Kukri | Pending | ||
git-ubuntu import | Pending | ||
Review via email: mp+461463@code.launchpad.net |
Commit message
Merge cryptsetup with Debian unstable.
PPA build here: https:/
Local builds and installs okay, seems to unlock basic drive, I didn't do much more testing.
Description of the change
Unmerged commits
- b6efb7b... by Mate Kukri
-
changelog
- c970754... by Mate Kukri
-
update-maintainer
- 3086d17... by Mate Kukri
-
reconstruct-
changelog - 2235b24... by Mate Kukri
-
merge-changelogs
- 7ee737a... by Mate Kukri
-
* Support zstd compressed modules for the self test.
- f165c06... by Mate Kukri
-
* Compile-in support for a FIPS mode. LP: #2032659
- 7ec894d... by Vladimir Petko
-
Fix cryptroot-unlock for busybox compatibility.
- 40b90e4... by Vladimir Petko
-
Fix warning and error when running on ZFS on root
- d/functions: Return an empty devno for ZFS devices as they don't have
major:minor device numbers.
- d/initramfs/hooks/cryptroot : Ignore and don't print an error message
when devices don't have a devno. - e2623b9... by Vladimir Petko
-
debian/control:
+ Recommend plymouth.
+ Depend on busybox-initramfs instead of busybox | busybox-static.
+ Move cryptsetup-initramfs back to cryptsetup's Recommends.
+ Do not build cryptsetup-suspend binary package on i386. - 5a610d2... by Vladimir Petko
-
- Fix cryptroot-* autopkgtests on Ubuntu. (LP: #1983522)
+ debian/tests/utils/ mock.pm: return from consume() function if select()
times out or fails
+ debian/tests/utils/ cryptroot- common: fix apt source and kernel package
names for Ubuntu
+ debian/tests/cryptroot -sysvinit. d: use systemd-sysv init for Ubuntu
cryptroot- sysvinit package test
+ debian/tests/cryptroot -nested. d: fix cryptsetup-nested test, add
workaround for LP1831747 by adding a e2fsprogs dependency
+ debian/tests/initramfs -hook: fix test's initramfs layout for Ubuntu and
allow blowfish test use 64Mb of provisioned space (drop --size)
+ debian/tests/control: disable cryptdisks test
Preview Diff
1 | diff --git a/debian/changelog b/debian/changelog |
2 | index 7f68852..e3e95f6 100644 |
3 | --- a/debian/changelog |
4 | +++ b/debian/changelog |
5 | @@ -1,3 +1,34 @@ |
6 | +cryptsetup (2:2.7.0-1ubuntu1) noble; urgency=medium |
7 | + |
8 | + * Merge with Debian unstable. Remaining changes: |
9 | + - Support zstd compressed modules for the self test. |
10 | + - Compile-in support for a FIPS mode. LP #2032659 |
11 | + - debian/control: |
12 | + + Recommend plymouth. |
13 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
14 | + + Move cryptsetup-initramfs back to cryptsetup's Recommends. |
15 | + + Do not build cryptsetup-suspend binary package on i386. |
16 | + - Fix cryptroot-unlock for busybox compatibility. |
17 | + - Fix warning and error when running on ZFS on root |
18 | + + d/functions: Return an empty devno for ZFS devices as they don't have |
19 | + major:minor device numbers. |
20 | + + d/initramfs/hooks/cryptroot: Ignore and don't print an error message |
21 | + when devices don't have a devno. |
22 | + - Fix cryptroot-* autopkgtests on Ubuntu. (LP #1983522) |
23 | + + debian/tests/utils/mock.pm: return from consume() function if select() |
24 | + times out or fails |
25 | + + debian/tests/utils/cryptroot-common: fix apt source and kernel package |
26 | + names for Ubuntu |
27 | + + debian/tests/cryptroot-sysvinit.d: use systemd-sysv init for Ubuntu |
28 | + cryptroot-sysvinit package test |
29 | + + debian/tests/cryptroot-nested.d: fix cryptsetup-nested test, add |
30 | + workaround for LP1831747 by adding a e2fsprogs dependency |
31 | + + debian/tests/initramfs-hook: fix test's initramfs layout for Ubuntu and |
32 | + allow blowfish test use 64Mb of provisioned space (drop --size) |
33 | + + debian/tests/control: disable cryptdisks test |
34 | + |
35 | + -- Mate Kukri <mate.kukri@canonical.com> Wed, 28 Feb 2024 18:05:06 +0000 |
36 | + |
37 | cryptsetup (2:2.7.0-1) unstable; urgency=medium |
38 | |
39 | * Upload to unstable. |
40 | @@ -86,6 +117,68 @@ cryptsetup (2:2.7.0~rc0-1) experimental; urgency=medium |
41 | |
42 | -- Guilhem Moulin <guilhem@debian.org> Wed, 29 Nov 2023 17:19:10 +0100 |
43 | |
44 | +cryptsetup (2:2.6.1-6ubuntu1) noble; urgency=medium |
45 | + |
46 | + * Merge with Debian unstable. Remaining changes: |
47 | + - Support zstd compressed modules for the self test. |
48 | + - Compile-in support for a FIPS mode. LP #2032659 |
49 | + - debian/control: |
50 | + + Recommend plymouth. |
51 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
52 | + + Move cryptsetup-initramfs back to cryptsetup's Recommends. |
53 | + + Do not build cryptsetup-suspend binary package on i386. |
54 | + - Fix cryptroot-unlock for busybox compatibility. |
55 | + - Fix warning and error when running on ZFS on root |
56 | + + d/functions: Return an empty devno for ZFS devices as they don't have |
57 | + major:minor device numbers. |
58 | + + d/initramfs/hooks/cryptroot: Ignore and don't print an error message |
59 | + when devices don't have a devno. |
60 | + - Fix cryptroot-* autopkgtests on Ubuntu. (LP #1983522) |
61 | + + debian/tests/utils/mock.pm: return from consume() function if select() |
62 | + times out or fails |
63 | + + debian/tests/utils/cryptroot-common: fix apt source and kernel package |
64 | + names for Ubuntu |
65 | + + debian/tests/cryptroot-sysvinit.d: use systemd-sysv init for Ubuntu |
66 | + cryptroot-sysvinit package test |
67 | + + debian/tests/cryptroot-nested.d: fix cryptsetup-nested test, add |
68 | + workaround for LP1831747 by adding a e2fsprogs dependency |
69 | + + debian/tests/initramfs-hook: fix test's initramfs layout for Ubuntu and |
70 | + allow blowfish test use 64Mb of provisioned space (drop --size) |
71 | + + debian/tests/control: disable cryptdisks test |
72 | + |
73 | + -- Mate Kukri <mate.kukri@canonical.com> Wed, 03 Jan 2024 10:38:16 +0000 |
74 | + |
75 | +cryptsetup (2:2.6.1-5ubuntu1) noble; urgency=medium |
76 | + |
77 | + * Merge with Debian unstable. Remaining changes: |
78 | + - Support zstd compressed modules for the self test. |
79 | + - Compile-in support for a FIPS mode. LP #2032659 |
80 | + - debian/control: |
81 | + + Recommend plymouth. |
82 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
83 | + + Move cryptsetup-initramfs back to cryptsetup's Recommends. |
84 | + + Do not build cryptsetup-suspend binary package on i386. |
85 | + - Fix cryptroot-unlock for busybox compatibility. |
86 | + - Fix warning and error when running on ZFS on root |
87 | + + d/functions: Return an empty devno for ZFS devices as they don't have |
88 | + major:minor device numbers. |
89 | + + d/initramfs/hooks/cryptroot: Ignore and don't print an error message |
90 | + when devices don't have a devno. |
91 | + - Fix cryptroot-* autopkgtests on Ubuntu. (LP #1983522) |
92 | + + debian/tests/utils/mock.pm: return from consume() function if select() |
93 | + times out or fails |
94 | + + debian/tests/utils/cryptroot-common: fix apt source and kernel package |
95 | + names for Ubuntu |
96 | + + debian/tests/cryptroot-sysvinit.d: use systemd-sysv init for Ubuntu |
97 | + cryptroot-sysvinit package test |
98 | + + debian/tests/cryptroot-nested.d: fix cryptsetup-nested test, add |
99 | + workaround for LP1831747 by adding a e2fsprogs dependency |
100 | + + debian/tests/initramfs-hook: fix test's initramfs layout for Ubuntu and |
101 | + allow blowfish test use 64Mb of provisioned space (drop --size) |
102 | + + debian/tests/control: disable cryptdisks test |
103 | + |
104 | + -- Mate Kukri <mate.kukri@canonical.com> Mon, 20 Nov 2023 09:50:25 +0000 |
105 | + |
106 | cryptsetup (2:2.6.1-5) unstable; urgency=medium |
107 | |
108 | [ Guilhem Moulin ] |
109 | @@ -99,6 +192,49 @@ cryptsetup (2:2.6.1-5) unstable; urgency=medium |
110 | |
111 | -- Guilhem Moulin <guilhem@debian.org> Sun, 27 Aug 2023 12:24:57 +0200 |
112 | |
113 | +cryptsetup (2:2.6.1-4ubuntu3) mantic; urgency=medium |
114 | + |
115 | + * Support zstd compressed modules for the self test. |
116 | + |
117 | + -- Andrea Righi <andrea.righi@canonical.com> Mon, 11 Sep 2023 15:05:35 +0000 |
118 | + |
119 | +cryptsetup (2:2.6.1-4ubuntu2) mantic; urgency=medium |
120 | + |
121 | + * Compile-in support for a FIPS mode. LP: #2032659 |
122 | + |
123 | + -- Dimitri John Ledkov <dimitri.ledkov@canonical.com> Tue, 22 Aug 2023 16:06:53 +0100 |
124 | + |
125 | +cryptsetup (2:2.6.1-4ubuntu1) mantic; urgency=medium |
126 | + |
127 | + * Merge with Debian unstable (LP: #2019292). Remaining changes: |
128 | + - debian/control: |
129 | + + Recommend plymouth. |
130 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
131 | + + Move cryptsetup-initramfs back to cryptsetup's Recommends. |
132 | + + Do not build cryptsetup-suspend binary package on i386. |
133 | + - Fix cryptroot-unlock for busybox compatibility. |
134 | + - Fix warning and error when running on ZFS on root |
135 | + - d/functions: Return an empty devno for ZFS devices as they don't have |
136 | + major:minor device numbers. |
137 | + - d/initramfs/hooks/cryptroot: Ignore and don't print an error message |
138 | + when devices don't have a devno. |
139 | + - debian/patches/decrease_memlock_ulimit.patch |
140 | + Fixed FTBFS due to a restricted build environment |
141 | + - Fix cryptroot-* autopkgtests on Ubuntu. (LP: #1983522) |
142 | + + debian/tests/utils/mock.pm: return from consume() function if select() |
143 | + times out or fails |
144 | + + debian/tests/utils/cryptroot-common: fix apt source and kernel package |
145 | + names for Ubuntu |
146 | + + debian/tests/cryptroot-sysvinit.d: use systemd-sysv init for Ubuntu |
147 | + cryptroot-sysvinit package test |
148 | + + debian/tests/cryptroot-nested.d: fix cryptsetup-nested test, add |
149 | + workaround for LP1831747 by adding a e2fsprogs dependency |
150 | + + debian/tests/initramfs-hook: fix test's initramfs layout for Ubuntu and |
151 | + allow blowfish test use 64Mb of provisioned space (drop --size) |
152 | + + debian/tests/control: disable cryptdisks test |
153 | + |
154 | + -- Vladimir Petko <vladimir.petko@canonical.com> Mon, 15 May 2023 09:55:25 +1200 |
155 | + |
156 | cryptsetup (2:2.6.1-4) unstable; urgency=medium |
157 | |
158 | * Backport upstream MR !498, see #1028250: |
159 | @@ -133,6 +269,37 @@ cryptsetup (2:2.6.1-2) unstable; urgency=medium |
160 | |
161 | -- Guilhem Moulin <guilhem@debian.org> Thu, 02 Mar 2023 05:01:53 +0100 |
162 | |
163 | +cryptsetup (2:2.6.1-1ubuntu1) lunar; urgency=low |
164 | + |
165 | + * Merge with Debian unstable (LP: #2004423). Remaining changes: |
166 | + - debian/control: |
167 | + + Recommend plymouth. |
168 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
169 | + + Move cryptsetup-initramfs back to cryptsetup's Recommends. |
170 | + + Do not build cryptsetup-suspend binary package on i386. |
171 | + - Fix cryptroot-unlock for busybox compatibility. |
172 | + - Fix warning and error when running on ZFS on root |
173 | + - d/functions: Return an empty devno for ZFS devices as they don't have |
174 | + major:minor device numbers. |
175 | + - d/initramfs/hooks/cryptroot: Ignore and don't print an error message |
176 | + when devices don't have a devno. |
177 | + - debian/patches/decrease_memlock_ulimit.patch |
178 | + Fixed FTBFS due to a restricted build environment |
179 | + - Fix cryptroot-* autopkgtests on Ubuntu. (LP: #1983522) |
180 | + + debian/tests/utils/mock.pm: return from consume() function if select() |
181 | + times out or fails |
182 | + + debian/tests/utils/cryptroot-common: fix apt source and kernel package |
183 | + names for Ubuntu |
184 | + + debian/tests/cryptroot-sysvinit.d: use systemd-sysv init for Ubuntu |
185 | + cryptroot-sysvinit package test |
186 | + + debian/tests/cryptroot-nested.d: fix cryptsetup-nested test, add |
187 | + workaround for LP1831747 by adding a e2fsprogs dependency |
188 | + + debian/tests/initramfs-hook: fix test's initramfs layout for Ubuntu and |
189 | + allow blowfish test use 64Mb of provisioned space (drop --size) |
190 | + + debian/tests/control: disable cryptdisks test |
191 | + |
192 | + -- Vladimir Petko <vladimir.petko@canonical.com> Mon, 13 Feb 2023 15:57:18 +1300 |
193 | + |
194 | cryptsetup (2:2.6.1-1) unstable; urgency=medium |
195 | |
196 | * New upstream bugfix release. |
197 | @@ -182,6 +349,54 @@ cryptsetup (2:2.6.0~rc0-1) experimental; urgency=medium |
198 | |
199 | -- Guilhem Moulin <guilhem@debian.org> Sat, 19 Nov 2022 17:30:40 +0100 |
200 | |
201 | +cryptsetup (2:2.5.0-6ubuntu3) lunar; urgency=medium |
202 | + |
203 | + * Fix cryptroot-lvm autopkgtest on Ubuntu. (LP: #1983522) |
204 | + - debian/tests/control: enable cryptroot-lvm |
205 | + - debian/tests/utils/mock.pm: return from consume() function if select() |
206 | + times out or fails |
207 | + |
208 | + -- Vladimir Petko <vladimir.petko@canonical.com> Fri, 02 Dec 2022 15:53:42 +1300 |
209 | + |
210 | +cryptsetup (2:2.5.0-6ubuntu2) lunar; urgency=medium |
211 | + |
212 | + * Fix cryptroot-* autopkgtests on Ubuntu. (LP: #1983522) |
213 | + - debian/tests/utils/cryptroot-common: fix apt source and kernel package |
214 | + names for Ubuntu |
215 | + - debian/tests/cryptroot-sysvinit.d: use systemd-sysv init for Ubuntu |
216 | + cryptroot-sysvinit package test |
217 | + - debian/tests/cryptroot-nested.d: fix cryptsetup-nested test, add |
218 | + workaround for LP1831747 by adding a e2fsprogs dependency |
219 | + - debian/tests/control: disable cryptdisks, cryptroot-lvm due to CI |
220 | + failures and update comments |
221 | + - debian/tests/utils/mock.pm: fix cryptoroot-lvm test adding retries to the |
222 | + suspend operation and consuming the console buffer before making |
223 | + assertions. It still hangs in CI and requires further work. |
224 | + - debian/tests/initramfs-hook: fix test's initramfs layout for Ubuntu and |
225 | + allow blowfish test use 64Mb of provisioned space (drop --size) |
226 | + |
227 | + -- Vladimir Petko <vladimir.petko@canonical.com> Fri, 02 Dec 2022 14:14:42 +1300 |
228 | + |
229 | +cryptsetup (2:2.5.0-6ubuntu1) lunar; urgency=low |
230 | + |
231 | + * Merge from Debian unstable. Remaining changes: |
232 | + - debian/control: |
233 | + + Recommend plymouth. |
234 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
235 | + + Move cryptsetup-initramfs back to cryptsetup's Recommends. |
236 | + + Do not build cryptsetup-suspend binary package on i386. |
237 | + - Fix cryptroot-unlock for busybox compatibility. |
238 | + - Fix warning and error when running on ZFS on root |
239 | + - d/functions: Return an empty devno for ZFS devices as they don't have |
240 | + major:minor device numbers. |
241 | + - d/initramfs/hooks/cryptroot: Ignore and don't print an error message |
242 | + when devices don't have a devno. |
243 | + - debian/patches/decrease_memlock_ulimit.patch |
244 | + Fixed FTBFS due to a restricted build environment |
245 | + - Disable failing Debian-tailored cryptroot-* autopkgtests |
246 | + |
247 | + -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 07 Nov 2022 08:36:38 -0800 |
248 | + |
249 | cryptsetup (2:2.5.0-6) unstable; urgency=medium |
250 | |
251 | * d/t/cryptroot-*: Mask systemd-firstboot.service. |
252 | @@ -277,6 +492,26 @@ cryptsetup (2:2.5.0-3) unstable; urgency=low |
253 | |
254 | -- Guilhem Moulin <guilhem@debian.org> Sun, 18 Sep 2022 23:01:46 +0200 |
255 | |
256 | +cryptsetup (2:2.5.0-2ubuntu1) kinetic; urgency=medium |
257 | + |
258 | + * Merge from Debian unstable. Remaining changes: |
259 | + - debian/control: |
260 | + + Recommend plymouth. |
261 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
262 | + + Move cryptsetup-initramfs back to cryptsetup's Recommends. |
263 | + + Do not build cryptsetup-suspend binary package on i386. |
264 | + - Fix cryptroot-unlock for busybox compatibility. |
265 | + - Fix warning and error when running on ZFS on root: (LP: #1830110) |
266 | + - d/functions: Return an empty devno for ZFS devices as they don't have |
267 | + major:minor device numbers. |
268 | + - d/initramfs/hooks/cryptroot: Ignore and don't print an error message |
269 | + when devices don't have a devno. |
270 | + - debian/patches/decrease_memlock_ulimit.patch |
271 | + Fixed FTBFS due to a restricted build environment |
272 | + * Disable failing Debian-tailored cryptroot-* autopkgtests, see bug #1983522 |
273 | + |
274 | + -- Benjamin Drung <bdrung@ubuntu.com> Wed, 24 Aug 2022 00:56:28 +0200 |
275 | + |
276 | cryptsetup (2:2.5.0-2) unstable; urgency=low |
277 | |
278 | [ Matthias Klose ] |
279 | @@ -335,6 +570,29 @@ cryptsetup (2:2.5.0-2) unstable; urgency=low |
280 | |
281 | -- Guilhem Moulin <guilhem@debian.org> Tue, 09 Aug 2022 01:40:50 +0200 |
282 | |
283 | +cryptsetup (2:2.5.0-1ubuntu1) kinetic; urgency=medium |
284 | + |
285 | + * Merge from Debian unstable. Remaining changes: |
286 | + - debian/control: |
287 | + + Recommend plymouth. |
288 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
289 | + + Move cryptsetup-initramfs back to cryptsetup's Recommends. |
290 | + + Do not build cryptsetup-suspend binary package on i386. |
291 | + - Fix cryptroot-unlock for busybox compatibility. |
292 | + - Fix warning and error when running on ZFS on root: (LP: #1830110) |
293 | + - d/functions: Return an empty devno for ZFS devices as they don't have |
294 | + major:minor device numbers. |
295 | + - d/initramfs/hooks/cryptroot: Ignore and don't print an error message |
296 | + when devices don't have a devno. |
297 | + - debian/patches/decrease_memlock_ulimit.patch |
298 | + Fixed FTBFS due to a restricted build environment |
299 | + - Stop building the udeb on request. |
300 | + * d/initramfs/hooks/cryptroot: Include OpenSSL legacy.so for ripemd160 and |
301 | + whirlpool hash algorithms (LP: #1979159) |
302 | + * Disable failing Debian-tailored cryptroot-* autopkgtests, see bug #1983522 |
303 | + |
304 | + -- Benjamin Drung <bdrung@ubuntu.com> Thu, 04 Aug 2022 12:30:02 +0200 |
305 | + |
306 | cryptsetup (2:2.5.0-1) unstable; urgency=medium |
307 | |
308 | * New upstream release. (Closes: #1000634, #1011128) |
309 | @@ -413,6 +671,26 @@ cryptsetup (2:2.5.0~rc1-1) experimental; urgency=low |
310 | |
311 | -- Guilhem Moulin <guilhem@debian.org> Fri, 15 Jul 2022 01:49:59 +0200 |
312 | |
313 | +cryptsetup (2:2.4.3-1ubuntu1) jammy; urgency=low |
314 | + |
315 | + * Merge from Debian unstable (LP: #1959427). Remaining changes: |
316 | + - debian/control: |
317 | + + Recommend plymouth. |
318 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
319 | + + Move cryptsetup-initramfs back to cryptsetup's Recommends. |
320 | + + Do not build cryptsetup-suspend binary package on i386. |
321 | + - Fix cryptroot-unlock for busybox compatibility. |
322 | + - Fix warning and error when running on ZFS on root: (LP: #1830110) |
323 | + - d/functions: Return an empty devno for ZFS devices as they don't have |
324 | + major:minor device numbers. |
325 | + - d/initramfs/hooks/cryptroot: Ignore and don't print an error message |
326 | + when devices don't have a devno. |
327 | + - debian/patches/decrease_memlock_ulimit.patch |
328 | + Fixed FTBFS due to a restricted build environment |
329 | + - Stop building the udeb on request. |
330 | + |
331 | + -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 28 Jan 2022 12:14:06 -0800 |
332 | + |
333 | cryptsetup (2:2.4.3-1) unstable; urgency=high |
334 | |
335 | [ Guilhem Moulin ] |
336 | @@ -426,6 +704,64 @@ cryptsetup (2:2.4.3-1) unstable; urgency=high |
337 | |
338 | -- Guilhem Moulin <guilhem@debian.org> Thu, 13 Jan 2022 19:07:05 +0100 |
339 | |
340 | +cryptsetup (2:2.4.2-1ubuntu4) jammy; urgency=medium |
341 | + |
342 | + * Move cryptsetup-initramfs back to cryptsetup's Recommends (from Suggests). |
343 | + |
344 | + -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Thu, 09 Dec 2021 12:53:00 +1300 |
345 | + |
346 | +cryptsetup (2:2.4.2-1ubuntu3) jammy; urgency=medium |
347 | + |
348 | + * Fix build on i386. |
349 | + |
350 | + -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Tue, 07 Dec 2021 13:17:48 +1300 |
351 | + |
352 | +cryptsetup (2:2.4.2-1ubuntu2) jammy; urgency=medium |
353 | + |
354 | + * Do not build new cryptsetup-suspend binary package on i386. |
355 | + |
356 | + -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Tue, 07 Dec 2021 11:47:55 +1300 |
357 | + |
358 | +cryptsetup (2:2.4.2-1ubuntu1) jammy; urgency=medium |
359 | + |
360 | + * Merge from Debian unstable. Remaining changes: |
361 | + - debian/control: |
362 | + + Recommend plymouth. |
363 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
364 | + - Fix cryptroot-unlock for busybox compatibility. |
365 | + - Fix warning and error when running on ZFS on root: (LP: #1830110) |
366 | + - d/functions: Return an empty devno for ZFS devices as they don't have |
367 | + major:minor device numbers. |
368 | + - d/initramfs/hooks/cryptroot: Ignore and don't print an error message when |
369 | + devices don't have a devno. |
370 | + Submitted to debian upstream as bug #902449. |
371 | + - debian/patches/decrease_memlock_ulimit.patch |
372 | + Fixed FTBFS due a restrict environment in the new Bionic Builder (LP: #1891473) |
373 | + tests/luks2-validation.test, tests/compat-test, tests/tcrypt-compat-test. |
374 | + - Thanks Guilherme G. Piccoli. |
375 | + - Stop building the udeb on request. |
376 | + * Dropped change, included in Debian: |
377 | + - Introduce retry logic for external invocations after mdadm (LP: #1879980) |
378 | + - Currently, if an encrypted rootfs is configured on top of a MD RAID1 |
379 | + array and such array gets degraded (e.g., a member is removed/failed) |
380 | + the cryptsetup scripts cannot mount the rootfs, and the boot fails. |
381 | + We fix that issue here by allowing the cryptroot script to be re-run |
382 | + by initramfs-tools/local-block stage, as mdadm can activate degraded |
383 | + arrays at that stage. |
384 | + There is an initramfs-tools counter-part for this fix, but alone the |
385 | + cryptsetup portion is harmless. |
386 | + - d/cryptsetup-initramfs.install: ship the new local-bottom script. |
387 | + - d/functions: declare variables for local-top|block|bottom scripts |
388 | + (flag that local-block is running and external invocation counter.) |
389 | + - d/i/s/local-block/cryptroot: set flag that local-block is running. |
390 | + - d/i/s/local-bottom/cryptroot: clean up the flag and counter files. |
391 | + - d/i/s/local-top/cryptroot: change the logic from just waiting 180 |
392 | + seconds to waiting 5 seconds first, then allowing initramfs-tools |
393 | + to run mdadm (to activate degraded arrays) and call back at least |
394 | + 30 times/seconds more. |
395 | + |
396 | + -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Thu, 02 Dec 2021 11:58:05 +1300 |
397 | + |
398 | cryptsetup (2:2.4.2-1) unstable; urgency=high |
399 | |
400 | * New upstream bugfix release 2.4.2. |
401 | @@ -544,6 +880,18 @@ cryptsetup (2:2.3.6-1+exp1) experimental; urgency=medium |
402 | |
403 | -- Guilhem Moulin <guilhem@debian.org> Fri, 28 May 2021 22:54:20 +0200 |
404 | |
405 | +cryptsetup (2:2.3.6-0ubuntu2) jammy; urgency=medium |
406 | + |
407 | + * No-change rebuild against openssl3 |
408 | + |
409 | + -- Simon Chopin <simon.chopin@canonical.com> Thu, 25 Nov 2021 14:22:07 +0200 |
410 | + |
411 | +cryptsetup (2:2.3.6-0ubuntu1) impish; urgency=medium |
412 | + |
413 | + * New upstream release. |
414 | + |
415 | + -- Matthieu Clemenceau <matthieu.clemenceau@canonical.com> Fri, 20 Aug 2021 11:32:12 +1200 |
416 | + |
417 | cryptsetup (2:2.3.5-1+exp1) experimental; urgency=medium |
418 | |
419 | * Upload to experimental. |
420 | @@ -616,6 +964,69 @@ cryptsetup (2:2.3.4-1+exp1) experimental; urgency=medium |
421 | |
422 | -- Guilhem Moulin <guilhem@debian.org> Fri, 04 Sep 2020 00:55:41 +0200 |
423 | |
424 | +cryptsetup (2:2.3.4-1ubuntu3) hirsute; urgency=medium |
425 | + |
426 | + * Stop building the udeb on request. |
427 | + |
428 | + -- Matthias Klose <doko@ubuntu.com> Mon, 22 Feb 2021 12:10:36 +0100 |
429 | + |
430 | +cryptsetup (2:2.3.4-1ubuntu2) hirsute; urgency=medium |
431 | + |
432 | + * No-change rebuild to drop the udeb package. |
433 | + |
434 | + -- Matthias Klose <doko@ubuntu.com> Mon, 22 Feb 2021 10:30:38 +0100 |
435 | + |
436 | +cryptsetup (2:2.3.4-1ubuntu1) hirsute; urgency=medium |
437 | + |
438 | + * Merge with Debian unstable. Remaining changes: |
439 | + - debian/control: |
440 | + + Recommend plymouth. |
441 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
442 | + - Fix cryptroot-unlock for busybox compatibility. |
443 | + - Fix warning and error when running on ZFS on root: (LP #1830110) |
444 | + - d/functions: Return an empty devno for ZFS devices as they don't have |
445 | + major:minor device numbers. |
446 | + - d/initramfs/hooks/cryptroot: Ignore and don't print an error message when |
447 | + devices don't have a devno. |
448 | + Submitted to debian upstream as bug #902449. |
449 | + - debian/patches/decrease_memlock_ulimit.patch |
450 | + Fixed FTBFS due a restrict environment in the new Bionic Builder (LP #1891473) |
451 | + tests/luks2-validation.test, tests/compat-test, tests/tcrypt-compat-test. |
452 | + - Thanks Guilherme G. Piccoli. |
453 | + - Introduce retry logic for external invocations after mdadm (LP #1879980) |
454 | + - Currently, if an encrypted rootfs is configured on top of a MD RAID1 |
455 | + array and such array gets degraded (e.g., a member is removed/failed) |
456 | + the cryptsetup scripts cannot mount the rootfs, and the boot fails. |
457 | + We fix that issue here by allowing the cryptroot script to be re-run |
458 | + by initramfs-tools/local-block stage, as mdadm can activate degraded |
459 | + arrays at that stage. |
460 | + There is an initramfs-tools counter-part for this fix, but alone the |
461 | + cryptsetup portion is harmless. |
462 | + - d/cryptsetup-initramfs.install: ship the new local-bottom script. |
463 | + - d/functions: declare variables for local-top|block|bottom scripts |
464 | + (flag that local-block is running and external invocation counter.) |
465 | + - d/i/s/local-block/cryptroot: set flag that local-block is running. |
466 | + - d/i/s/local-bottom/cryptroot: clean up the flag and counter files. |
467 | + - d/i/s/local-top/cryptroot: change the logic from just waiting 180 |
468 | + seconds to waiting 5 seconds first, then allowing initramfs-tools |
469 | + to run mdadm (to activate degraded arrays) and call back at least |
470 | + 30 times/seconds more. |
471 | + * Dropped changes: |
472 | + - Included in new upstream version: |
473 | + - SECURITY UPDATE: Out-of-bounds write |
474 | + - debian/patches/CVE-2020-14382-*.patch: check segment gaps regardless of |
475 | + heap space in lib/luks2/luks2_json_metadata.c. |
476 | + - CVE-2020-14382 |
477 | + - included in Debian: |
478 | + - debian/cryptsetup-bin.install: |
479 | + - Fix FTBFS due to dh_missing detecting crypsetup.conf in debian/tmp where |
480 | + it was installed from ./scripts/crypsetup.conf. |
481 | + - debian/rules: |
482 | + - fix FTBFS on riscv64 adding --with-tmpfilesdir to ensure all archs, even |
483 | + without systemd knows how to ship cryptsetup.conf |
484 | + |
485 | + -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Tue, 10 Nov 2020 10:37:25 +1300 |
486 | + |
487 | cryptsetup (2:2.3.4-1) unstable; urgency=high |
488 | |
489 | * New upstream bugfix release, including fix for CVE-2020-14382: |
490 | @@ -683,6 +1094,80 @@ cryptsetup (2:2.3.3-2) unstable; urgency=medium |
491 | |
492 | -- Guilhem Moulin <guilhem@debian.org> Wed, 12 Aug 2020 00:22:59 +0200 |
493 | |
494 | +cryptsetup (2:2.3.3-1ubuntu6) groovy; urgency=medium |
495 | + |
496 | + * Introduce retry logic for external invocations after mdadm (LP: #1879980) |
497 | + - Currently, if an encrypted rootfs is configured on top of a MD RAID1 |
498 | + array and such array gets degraded (e.g., a member is removed/failed) |
499 | + the cryptsetup scripts cannot mount the rootfs, and the boot fails. |
500 | + We fix that issue here by allowing the cryptroot script to be re-run |
501 | + by initramfs-tools/local-block stage, as mdadm can activate degraded |
502 | + arrays at that stage. |
503 | + There is an initramfs-tools counter-part for this fix, but alone the |
504 | + cryptsetup portion is harmless. |
505 | + - d/cryptsetup-initramfs.install: ship the new local-bottom script. |
506 | + - d/functions: declare variables for local-top|block|bottom scripts |
507 | + (flag that local-block is running and external invocation counter.) |
508 | + - d/i/s/local-block/cryptroot: set flag that local-block is running. |
509 | + - d/i/s/local-bottom/cryptroot: clean up the flag and counter files. |
510 | + - d/i/s/local-top/cryptroot: change the logic from just waiting 180 |
511 | + seconds to waiting 5 seconds first, then allowing initramfs-tools |
512 | + to run mdadm (to activate degraded arrays) and call back at least |
513 | + 30 times/seconds more. |
514 | + |
515 | + -- Guilherme G. Piccoli <gpiccoli@canonical.com> Wed, 16 Sep 2020 17:35:59 -0300 |
516 | + |
517 | +cryptsetup (2:2.3.3-1ubuntu5) groovy; urgency=medium |
518 | + |
519 | + * SECURITY UPDATE: Out-of-bounds write |
520 | + - debian/patches/CVE-2020-14382-*.patch: check segment gaps regardless of |
521 | + heap space in lib/luks2/luks2_json_metadata.c. |
522 | + - CVE-2020-14382 |
523 | + * debian/patches/decrease_memlock_ulimit.patch |
524 | + Fixed FTBFS due a restrict environment in the new Bionic Builder (LP: #1891473) |
525 | + tests/luks2-validation.test, tests/compat-test, tests/tcrypt-compat-test. |
526 | + - Thanks Guilherme G. Piccoli. |
527 | + |
528 | + -- Leonidas S. Barbosa <leo.barbosa@canonical.com> Wed, 09 Sep 2020 09:29:17 -0300 |
529 | + |
530 | +cryptsetup (2:2.3.3-1ubuntu4) groovy; urgency=medium |
531 | + |
532 | + * No change rebuild against new json-c ABI. |
533 | + |
534 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 28 Jul 2020 17:42:50 +0100 |
535 | + |
536 | +cryptsetup (2:2.3.3-1ubuntu3) groovy; urgency=medium |
537 | + |
538 | + * debian/rules: |
539 | + - fix FTBFS on riscv64 adding --with-tmpfilesdir to ensure all archs, even |
540 | + without systemd knows how to ship cryptsetup.conf |
541 | + |
542 | + -- Didier Roche <didrocks@ubuntu.com> Thu, 18 Jun 2020 11:44:50 +0200 |
543 | + |
544 | +cryptsetup (2:2.3.3-1ubuntu2) groovy; urgency=medium |
545 | + |
546 | + * debian/cryptsetup-bin.install: |
547 | + - Fix FTBFS due to dh_missing detecting crypsetup.conf in debian/tmp where |
548 | + it was installed from ./scripts/crypsetup.conf. |
549 | + * Fix warning and error when running on ZFS on root: (LP: #1830110) |
550 | + - d/functions: Return an empty devno for ZFS devices as they don't have |
551 | + major:minor device numbers. |
552 | + - d/initramfs/hooks/cryptroot: Ignore and don't print an error message when |
553 | + devices don't have a devno. |
554 | + Submitted to debian upstream as bug #902449. |
555 | + |
556 | + -- Didier Roche <didrocks@ubuntu.com> Thu, 18 Jun 2020 10:12:10 +0200 |
557 | + |
558 | +cryptsetup (2:2.3.3-1ubuntu1) groovy; urgency=low |
559 | + |
560 | + * Merge from Debian unstable. Remaining changes: |
561 | + - debian/control: |
562 | + + Recommend plymouth. |
563 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
564 | + - Fix cryptroot-unlock for busybox compatibility. |
565 | + |
566 | + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 09 Jun 2020 10:40:32 -0700 |
567 | + |
568 | cryptsetup (2:2.3.3-1) unstable; urgency=medium |
569 | |
570 | [ Guilhem Moulin ] |
571 | @@ -711,6 +1196,16 @@ cryptsetup (2:2.3.2-1) unstable; urgency=medium |
572 | |
573 | -- Guilhem Moulin <guilhem@debian.org> Wed, 06 May 2020 16:22:01 +0200 |
574 | |
575 | +cryptsetup (2:2.3.1-1ubuntu1) groovy; urgency=low |
576 | + |
577 | + * Merge from Debian unstable. Remaining changes: |
578 | + - debian/control: |
579 | + + Recommend plymouth. |
580 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
581 | + - Fix cryptroot-unlock for busybox compatibility. |
582 | + |
583 | + -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 01 May 2020 07:07:58 -0700 |
584 | + |
585 | cryptsetup (2:2.3.1-1) unstable; urgency=medium |
586 | |
587 | * New upstream release. |
588 | @@ -746,6 +1241,23 @@ cryptsetup (2:2.3.0-1) unstable; urgency=low |
589 | |
590 | -- Guilhem Moulin <guilhem@debian.org> Wed, 04 Mar 2020 00:48:19 +0100 |
591 | |
592 | +cryptsetup (2:2.2.2-3ubuntu2) focal; urgency=medium |
593 | + |
594 | + * Depend on cryptsetup from cryptsetup-initramfs instead of the dummy |
595 | + cryptsetup-run package. LP: #1864360. |
596 | + |
597 | + -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 27 Feb 2020 00:16:14 -0600 |
598 | + |
599 | +cryptsetup (2:2.2.2-3ubuntu1) focal; urgency=medium |
600 | + |
601 | + * Merge from Debian unstable. Remaining changes: |
602 | + - debian/control: |
603 | + + Recommend plymouth. |
604 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
605 | + - Fix cryptroot-unlock for busybox compatibility. |
606 | + |
607 | + -- Matthias Klose <doko@ubuntu.com> Mon, 10 Feb 2020 09:20:12 +0100 |
608 | + |
609 | cryptsetup (2:2.2.2-3) unstable; urgency=high |
610 | |
611 | * initramfs hook: Workaround fix for the libgcc_s's source location. |
612 | @@ -754,6 +1266,16 @@ cryptsetup (2:2.2.2-3) unstable; urgency=high |
613 | |
614 | -- Guilhem Moulin <guilhem@debian.org> Tue, 04 Feb 2020 14:11:12 +0100 |
615 | |
616 | +cryptsetup (2:2.2.2-2ubuntu1) focal; urgency=low |
617 | + |
618 | + * Merge from Debian unstable. Remaining changes: |
619 | + - debian/control: |
620 | + + Recommend plymouth. |
621 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
622 | + - Fix cryptroot-unlock for busybox compatibility. |
623 | + |
624 | + -- Steve Langasek <steve.langasek@ubuntu.com> Sat, 01 Feb 2020 22:11:22 -0800 |
625 | + |
626 | cryptsetup (2:2.2.2-2) unstable; urgency=medium |
627 | |
628 | [ Guilhem Moulin ] |
629 | @@ -771,6 +1293,16 @@ cryptsetup (2:2.2.2-2) unstable; urgency=medium |
630 | |
631 | -- Guilhem Moulin <guilhem@debian.org> Sat, 18 Jan 2020 20:53:19 +0100 |
632 | |
633 | +cryptsetup (2:2.2.2-1ubuntu1) focal; urgency=low |
634 | + |
635 | + * Merge from Debian unstable. Remaining changes: |
636 | + - debian/control: |
637 | + + Recommend plymouth. |
638 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
639 | + - Fix cryptroot-unlock for busybox compatibility. |
640 | + |
641 | + -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 11 Nov 2019 22:07:44 -0800 |
642 | + |
643 | cryptsetup (2:2.2.2-1) unstable; urgency=medium |
644 | |
645 | * New upstream bugfix release. |
646 | @@ -781,6 +1313,16 @@ cryptsetup (2:2.2.2-1) unstable; urgency=medium |
647 | |
648 | -- Guilhem Moulin <guilhem@debian.org> Fri, 01 Nov 2019 19:32:36 +0100 |
649 | |
650 | +cryptsetup (2:2.2.1-1ubuntu1) focal; urgency=low |
651 | + |
652 | + * Merge from Debian unstable. Remaining changes: |
653 | + - debian/control: |
654 | + + Recommend plymouth. |
655 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
656 | + - Fix cryptroot-unlock for busybox compatibility. |
657 | + |
658 | + -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 18 Oct 2019 15:14:29 -0700 |
659 | + |
660 | cryptsetup (2:2.2.1-1) unstable; urgency=medium |
661 | |
662 | * New upstream bugfix release. |
663 | @@ -788,6 +1330,16 @@ cryptsetup (2:2.2.1-1) unstable; urgency=medium |
664 | |
665 | -- Guilhem Moulin <guilhem@debian.org> Fri, 06 Sep 2019 13:28:55 +0200 |
666 | |
667 | +cryptsetup (2:2.2.0-3ubuntu1) eoan; urgency=low |
668 | + |
669 | + * Merge from Debian unstable. Remaining changes: |
670 | + - debian/control: |
671 | + + Recommend plymouth. |
672 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
673 | + - Fix cryptroot-unlock for busybox compatibility. |
674 | + |
675 | + -- Steve Langasek <steve.langasek@ubuntu.com> Wed, 28 Aug 2019 16:13:22 -0700 |
676 | + |
677 | cryptsetup (2:2.2.0-3) unstable; urgency=medium |
678 | |
679 | * Cherry pick upstream commit 8f8f0b32: Fix mapped segments overflow on |
680 | @@ -795,6 +1347,16 @@ cryptsetup (2:2.2.0-3) unstable; urgency=medium |
681 | |
682 | -- Guilhem Moulin <guilhem@debian.org> Mon, 26 Aug 2019 12:53:45 +0200 |
683 | |
684 | +cryptsetup (2:2.2.0-2ubuntu1) eoan; urgency=low |
685 | + |
686 | + * Merge from Debian unstable. Remaining changes: |
687 | + - debian/control: |
688 | + + Recommend plymouth. |
689 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
690 | + - Fix cryptroot-unlock for busybox compatibility. |
691 | + |
692 | + -- Steve Langasek <steve.langasek@ubuntu.com> Sun, 25 Aug 2019 12:25:55 -0700 |
693 | + |
694 | cryptsetup (2:2.2.0-2) unstable; urgency=medium |
695 | |
696 | * debian/control: Add 'Multi-Arch: foreign' tag to the transitional dummy |
697 | @@ -806,6 +1368,25 @@ cryptsetup (2:2.2.0-2) unstable; urgency=medium |
698 | |
699 | -- Guilhem Moulin <guilhem@debian.org> Wed, 21 Aug 2019 22:45:12 +0200 |
700 | |
701 | +cryptsetup (2:2.2.0-1ubuntu2) eoan; urgency=medium |
702 | + |
703 | + * debian/initramfs/cryptroot-unlock: canonicalize executable paths. |
704 | + Thanks to Paride Legovini <paride.legovini@canonical.com> for the patch. |
705 | + LP: #1840752. |
706 | + |
707 | + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 20 Aug 2019 15:34:10 -0700 |
708 | + |
709 | +cryptsetup (2:2.2.0-1ubuntu1) eoan; urgency=low |
710 | + |
711 | + * Merge from Debian unstable. Remaining changes: |
712 | + - debian/control: |
713 | + + Recommend plymouth. |
714 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
715 | + - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox |
716 | + compatibility. |
717 | + |
718 | + -- Gianfranco Costamagna <locutusofborg@debian.org> Tue, 20 Aug 2019 14:21:34 +0200 |
719 | + |
720 | cryptsetup (2:2.2.0-1) unstable; urgency=medium |
721 | |
722 | * New upstream release 2.2.0. Highlights include: |
723 | @@ -883,6 +1464,23 @@ cryptsetup (2:2.1.0-6) unstable; urgency=low |
724 | |
725 | -- Guilhem Moulin <guilhem@debian.org> Sat, 20 Jul 2019 22:15:04 -0300 |
726 | |
727 | +cryptsetup (2:2.1.0-5ubuntu2) eoan; urgency=medium |
728 | + |
729 | + * Rebuild against new libjson-c4. |
730 | + |
731 | + -- Gianfranco Costamagna <locutusofborg@debian.org> Sat, 29 Jun 2019 13:48:37 +0200 |
732 | + |
733 | +cryptsetup (2:2.1.0-5ubuntu1) eoan; urgency=low |
734 | + |
735 | + * Merge from Debian unstable. Remaining changes: |
736 | + - debian/control: |
737 | + + Recommend plymouth. |
738 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
739 | + - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox |
740 | + compatibility. |
741 | + |
742 | + -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 14 Jun 2019 14:09:31 -0700 |
743 | + |
744 | cryptsetup (2:2.1.0-5) unstable; urgency=medium |
745 | |
746 | [ Jonas Meurer ] |
747 | @@ -895,6 +1493,17 @@ cryptsetup (2:2.1.0-5) unstable; urgency=medium |
748 | |
749 | -- Guilhem Moulin <guilhem@debian.org> Mon, 10 Jun 2019 14:51:15 +0200 |
750 | |
751 | +cryptsetup (2:2.1.0-4ubuntu1) eoan; urgency=low |
752 | + |
753 | + * Merge from Debian unstable. Remaining changes: |
754 | + - debian/control: |
755 | + + Recommend plymouth. |
756 | + + Depend on busybox-initramfs instead of busybox | busybox-static. |
757 | + - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox |
758 | + compatibility. |
759 | + |
760 | + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 28 May 2019 18:32:08 -0700 |
761 | + |
762 | cryptsetup (2:2.1.0-4) unstable; urgency=medium |
763 | |
764 | [Guilhem Moulin] |
765 | @@ -914,6 +1523,26 @@ cryptsetup (2:2.1.0-4) unstable; urgency=medium |
766 | |
767 | -- Guilhem Moulin <guilhem@debian.org> Tue, 28 May 2019 17:04:16 +0200 |
768 | |
769 | +cryptsetup (2:2.1.0-3ubuntu2) eoan; urgency=medium |
770 | + |
771 | + * Depend on busybox-initramfs, which is the implementation we actually use |
772 | + for the initramfs and is guaranteed to always be present, instead of |
773 | + busybox-static. |
774 | + |
775 | + -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 09 May 2019 14:47:04 -0700 |
776 | + |
777 | +cryptsetup (2:2.1.0-3ubuntu1) eoan; urgency=low |
778 | + |
779 | + * Merge from Debian unstable. Remaining changes: |
780 | + - debian/control: |
781 | + + Recommend plymouth. |
782 | + + Invert the "busybox | busybox-static" Recommends, as the latter |
783 | + is the one we ship in main as part of the ubuntu-standard task. |
784 | + - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox |
785 | + compatibility. LP: #1651818 |
786 | + |
787 | + -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 03 May 2019 16:22:03 -0700 |
788 | + |
789 | cryptsetup (2:2.1.0-3) unstable; urgency=medium |
790 | |
791 | * d/scripts/decrypt_opensc: Fix standard output poisoning. Thanks to Nils |
792 | @@ -937,6 +1566,19 @@ cryptsetup (2:2.1.0-2) unstable; urgency=medium |
793 | |
794 | -- Guilhem Moulin <guilhem@debian.org> Thu, 28 Feb 2019 22:32:43 +0100 |
795 | |
796 | +cryptsetup (2:2.1.0-1ubuntu1) disco; urgency=medium |
797 | + |
798 | + * Merge from Debian unstable. LP: #1815484 |
799 | + * Remaining changes: |
800 | + - debian/control: |
801 | + + Recommend plymouth. |
802 | + + Invert the "busybox | busybox-static" Recommends, as the latter |
803 | + is the one we ship in main as part of the ubuntu-standard task. |
804 | + - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox |
805 | + compatibility. LP: #1651818 |
806 | + |
807 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 13 Feb 2019 21:28:23 +0000 |
808 | + |
809 | cryptsetup (2:2.1.0-1) unstable; urgency=medium |
810 | |
811 | * New upstream release. Highlights include: |
812 | @@ -979,6 +1621,20 @@ cryptsetup (2:2.1.0-1) unstable; urgency=medium |
813 | |
814 | -- Guilhem Moulin <guilhem@debian.org> Sat, 09 Feb 2019 00:40:17 +0100 |
815 | |
816 | +cryptsetup (2:2.0.6-1ubuntu1) disco; urgency=medium |
817 | + |
818 | + * Merge from Debian unstable. |
819 | + * Remaining changes: |
820 | + - debian/control: |
821 | + + Recommend plymouth. |
822 | + + Invert the "busybox | busybox-static" Recommends, as the latter |
823 | + is the one we ship in main as part of the ubuntu-standard task. |
824 | + - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox |
825 | + compatibility. LP: #1651818 |
826 | + * Dropped delta sector_size support, merged in Debian. |
827 | + |
828 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 05 Feb 2019 13:43:25 +0000 |
829 | + |
830 | cryptsetup (2:2.0.6-1) unstable; urgency=medium |
831 | |
832 | * New upstream bugfix release. Highlights include: |
833 | @@ -1043,6 +1699,27 @@ cryptsetup (2:2.0.4-3) unstable; urgency=medium |
834 | |
835 | -- Guilhem Moulin <guilhem@debian.org> Mon, 22 Oct 2018 17:45:35 +0200 |
836 | |
837 | +cryptsetup (2:2.0.4-2ubuntu2) cosmic; urgency=medium |
838 | + |
839 | + * Implement support for --sector-size cryptsetup plain mode option in |
840 | + crypttab. Matching support is also proposed to systemd-cryptsetup as |
841 | + well. LP: #1776626 |
842 | + |
843 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Fri, 31 Aug 2018 17:00:07 +0100 |
844 | + |
845 | +cryptsetup (2:2.0.4-2ubuntu1) cosmic; urgency=low |
846 | + |
847 | + * Merge from Debian unstable. LP: #1785610. |
848 | + * Remaining changes: |
849 | + - debian/control: |
850 | + + Recommend plymouth. |
851 | + + Invert the "busybox | busybox-static" Recommends, as the latter |
852 | + is the one we ship in main as part of the ubuntu-standard task. |
853 | + - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox |
854 | + compatibility. LP: #1651818 |
855 | + |
856 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 22 Aug 2018 22:51:47 +0100 |
857 | + |
858 | cryptsetup (2:2.0.4-2) unstable; urgency=medium |
859 | |
860 | * debian/cryptsetup-initramfs.preinst: Don't try to overwrite |
861 | @@ -1075,6 +1752,28 @@ cryptsetup (2:2.0.3-7) unstable; urgency=medium |
862 | |
863 | -- Guilhem Moulin <guilhem@debian.org> Mon, 30 Jul 2018 16:32:07 +0800 |
864 | |
865 | +cryptsetup (2:2.0.3-6ubuntu1) cosmic; urgency=low |
866 | + |
867 | + * Merge from Debian unstable. LP: #1781912. |
868 | + * Remaining changes: |
869 | + - debian/control: |
870 | + + Recommend plymouth. |
871 | + + Invert the "busybox | busybox-static" Recommends, as the latter |
872 | + is the one we ship in main as part of the ubuntu-standard task. |
873 | + - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox |
874 | + compatibility. LP: #1651818 |
875 | + * Dropped changes, included in Debian: |
876 | + - Drop explicit libgcrypt20 dependency from libcryptsetup4. |
877 | + - Drop the CRYPTSETUP variable warning from the initramfs hook, as |
878 | + overlayroot package ships a dropin in conf-hooks.d triggering false |
879 | + warnings. |
880 | + - Drop _BSD_SOURCE in favor of _DEFAULT_SOURCE |
881 | + - Drop c99 std, as the default is now higher than that |
882 | + * Dropped changes, no longer needed: |
883 | + - Add maintscript to drop removed upstart system jobs. |
884 | + |
885 | + -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 16 Jul 2018 08:27:58 -0400 |
886 | + |
887 | cryptsetup (2:2.0.3-6) unstable; urgency=medium |
888 | |
889 | * debian/TODO.md: Remove mention of parent device detection for mdadm |
890 | @@ -1359,6 +2058,45 @@ cryptsetup (2:2.0.3-1) unstable; urgency=medium |
891 | |
892 | -- Jonas Meurer <jonas@freesources.org> Fri, 15 Jun 2018 15:32:16 +0200 |
893 | |
894 | +cryptsetup (2:2.0.2-1ubuntu3) cosmic; urgency=medium |
895 | + |
896 | + * No-change rebuild against libargon2-1 |
897 | + |
898 | + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 10 Jul 2018 17:01:23 +0000 |
899 | + |
900 | +cryptsetup (2:2.0.2-1ubuntu2) cosmic; urgency=medium |
901 | + |
902 | + * Apply patch from Trent Nelson to fix cryptroot-unlock for busybox |
903 | + compatibility. LP: #1651818 |
904 | + |
905 | + -- Dimitri John Ledkov 🌈 <xnox@ubuntu.com> Thu, 21 Jun 2018 16:38:31 +0100 |
906 | + |
907 | +cryptsetup (2:2.0.2-1ubuntu1) bionic; urgency=low |
908 | + |
909 | + * Merge from Debian unstable. |
910 | + - bugfix upstream release, which solves problems with luks2 format |
911 | + disks not unlocking. LP: #1755322. |
912 | + * Remaining changes: |
913 | + - debian/control: |
914 | + + Depend on plymouth. |
915 | + + Invert the "busybox | busybox-static" Recommends, as the latter |
916 | + is the one we ship in main as part of the ubuntu-standard task. |
917 | + + Drop explicit libgcrypt20 dependency from libcryptsetup4. |
918 | + - Drop _BSD_SOURCE in favor of _DEFAULT_SOURCE |
919 | + - Drop c99 std, as the default is now higher than that |
920 | + - Drop upstart system jobs. |
921 | + - Add maintscript to drop removed upstart system jobs. |
922 | + - debian has its own now, but we have different version numbers. |
923 | + this delta can be dropped after 18.04 release. |
924 | + - Drop the CRYPTSETUP variable warning from the initramfs hook, as |
925 | + overlayroot package ships a dropin in conf-hooks.d triggering false |
926 | + warnings. |
927 | + * Dropped changes: |
928 | + - debian/cryptdisks{,-udev}.maintscript: drop, there is no package named |
929 | + 'cryptdisks' or 'cryptdisks-udev'. |
930 | + |
931 | + -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 06 Apr 2018 10:23:53 -0700 |
932 | + |
933 | cryptsetup (2:2.0.2-1) unstable; urgency=low |
934 | |
935 | * New upstream release 2.0.2 |
936 | @@ -1388,6 +2126,40 @@ cryptsetup (2:2.0.1-1) unstable; urgency=low |
937 | |
938 | -- Guilhem Moulin <guilhem@debian.org> Sun, 11 Feb 2018 00:02:05 +0100 |
939 | |
940 | +cryptsetup (2:2.0.1-0ubuntu2) bionic; urgency=medium |
941 | + |
942 | + * Drop the CRYPTSETUP variable warning from the initramfs hook, as |
943 | + overlayroot package ships a dropin in conf-hooks.d triggering false |
944 | + warnings. |
945 | + |
946 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Thu, 22 Feb 2018 14:49:16 +0000 |
947 | + |
948 | +cryptsetup (2:2.0.1-0ubuntu1) bionic; urgency=medium |
949 | + |
950 | + * Merge from Debian unstable. Remaining changes: |
951 | + - debian/control: |
952 | + + Depend on plymouth. |
953 | + + Invert the "busybox | busybox-static" Recommends, as the latter |
954 | + is the one we ship in main as part of the ubuntu-standard task. |
955 | + + Drop explicit libgcrypt20 dependency from libcryptsetup4. |
956 | + - Drop _BSD_SOURCE in favor of _DEFAULT_SOURCE |
957 | + - Drop c99 std, as the default is now higher than that |
958 | + - Drop upstart system jobs. |
959 | + - Add maintscript to drop removed upstart system jobs. |
960 | + - debian has its own now, but we have different version numbers |
961 | + * New upstream release |
962 | + * Cherry-pick Guilhem Moulin's changes below from Debian git |
963 | + |
964 | + [ Guilhem Moulin ] |
965 | + * New upstream release 2.0.1: |
966 | + - Use /run/cryptsetup as default for cryptsetup locking dir. |
967 | + - Add missing symbols for new functions to debian/libcryptsetup12.symbols. |
968 | + * debian/copyright: update copyright years. |
969 | + * debian/patches: backport upstream's 8728ba08 to fix opening of loop-AES |
970 | + devices using --key-file=-. (Closes: #888162.) |
971 | + |
972 | + -- Julian Andres Klode <juliank@ubuntu.com> Mon, 29 Jan 2018 13:48:55 +0100 |
973 | + |
974 | cryptsetup (2:2.0.0-1) unstable; urgency=low |
975 | |
976 | [ Guilhem Moulin ] |
977 | @@ -1437,6 +2209,26 @@ cryptsetup (2:2.0.0~rc0-1) experimental; urgency=low |
978 | |
979 | -- Guilhem Moulin <guilhem@debian.org> Tue, 03 Oct 2017 03:37:36 +0200 |
980 | |
981 | +cryptsetup (2:1.7.5-1ubuntu1) bionic; urgency=low |
982 | + |
983 | + * Merge from Debian unstable. Remaining changes: |
984 | + - debian/control: |
985 | + + Depend on plymouth. |
986 | + + Invert the "busybox | busybox-static" Recommends, as the latter |
987 | + is the one we ship in main as part of the ubuntu-standard task. |
988 | + + Drop explicit libgcrypt20 dependency from libcryptsetup4. |
989 | + - Drop _BSD_SOURCE in favor of _DEFAULT_SOURCE |
990 | + - Drop c99 std, as the default is now higher than that |
991 | + - Drop upstart system jobs. |
992 | + - Add maintscript to drop removed upstart system jobs. |
993 | + * Merged upstream: |
994 | + - d/p/fips-fix-luksformat-with-recent-kernels -- fix luksFormat |
995 | + with recent FIPS enabled kernels. |
996 | + * Merged in Debian: |
997 | + - Use DEB_VERSION from dpkg/default.mk for pod2man release variable |
998 | + |
999 | + -- Julian Andres Klode <juliank@ubuntu.com> Wed, 17 Jan 2018 21:39:10 +0100 |
1000 | + |
1001 | cryptsetup (2:1.7.5-1) unstable; urgency=low |
1002 | |
1003 | * New upstream release 1.7.5. |
1004 | @@ -1459,6 +2251,25 @@ cryptsetup (2:1.7.5-1) unstable; urgency=low |
1005 | |
1006 | -- Guilhem Moulin <guilhem@debian.org> Thu, 14 Sep 2017 13:00:23 +0200 |
1007 | |
1008 | +cryptsetup (2:1.7.3-4ubuntu1) artful; urgency=low |
1009 | + |
1010 | + * New upstream release, merge from Debian unstable. Remaining |
1011 | + Ubuntu changes: |
1012 | + - debian/control: |
1013 | + + Depend on plymouth. |
1014 | + + Invert the "busybox | busybox-static" Recommends, as the latter |
1015 | + is the one we ship in main as part of the ubuntu-standard task. |
1016 | + + Drop explicit libgcrypt20 dependency from libcryptsetup4. |
1017 | + * d/p/fips-fix-luksformat-with-recent-kernels -- fix luksFormat |
1018 | + with recent FIPS enabled kernels. |
1019 | + * Drop _BSD_SOURCE in favor of _DEFAULT_SOURCE |
1020 | + * Drop c99 std, as the default is now higher than that |
1021 | + * Use DEB_VERSION from dpkg/default.mk for pod2man release variable |
1022 | + * Drop upstart system jobs. |
1023 | + * Add maintscript to drop removed upstart system jobs. |
1024 | + |
1025 | + -- Andy Whitcroft <apw@ubuntu.com> Thu, 10 Aug 2017 14:07:29 +0100 |
1026 | + |
1027 | cryptsetup (2:1.7.3-4) unstable; urgency=high |
1028 | |
1029 | [ Guilhem Moulin ] |
1030 | @@ -1671,6 +2482,40 @@ cryptsetup (2:1.7.2-1) unstable; urgency=medium |
1031 | |
1032 | -- Jonas Meurer <mejo@debian.org> Wed, 05 Oct 2016 20:53:09 +0200 |
1033 | |
1034 | +cryptsetup (2:1.7.2-0ubuntu4) artful; urgency=medium |
1035 | + |
1036 | + * Add maintscript to drop removed upstart system jobs. |
1037 | + |
1038 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 21 Aug 2017 11:36:04 +0100 |
1039 | + |
1040 | +cryptsetup (2:1.7.2-0ubuntu3) artful; urgency=medium |
1041 | + |
1042 | + * Drop _BSD_SOURCE in favor of _DEFAULT_SOURCe |
1043 | + * Drop c99 std, as the default is now higher than that |
1044 | + * Use DEB_VERSION from dpkg/default.mk for pod2man release variable |
1045 | + |
1046 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Sat, 19 Aug 2017 21:46:19 +0100 |
1047 | + |
1048 | +cryptsetup (2:1.7.2-0ubuntu2) artful; urgency=medium |
1049 | + |
1050 | + * Drop upstart system jobs. |
1051 | + |
1052 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Sat, 19 Aug 2017 20:57:17 +0100 |
1053 | + |
1054 | +cryptsetup (2:1.7.2-0ubuntu1) yakkety; urgency=medium |
1055 | + |
1056 | + * New upstream release, merge from Debian unstable (LP: #1548137). Remaining |
1057 | + Ubuntu changes: |
1058 | + - debian/control: |
1059 | + + Bump initramfs-tools Suggests to Depends: so system is not |
1060 | + potentially rendered unbootable. |
1061 | + + Depend on plymouth. |
1062 | + + Invert the "busybox | busybox-static" Recommends, as the latter |
1063 | + is the one we ship in main as part of the ubuntu-standard task. |
1064 | + + Drop explicit libgcrypt20 dependency from libcryptsetup4. |
1065 | + |
1066 | + -- Unit 193 <unit193@ubuntu.com> Wed, 22 Jun 2016 16:30:01 -0400 |
1067 | + |
1068 | cryptsetup (2:1.7.0-2) unstable; urgency=medium |
1069 | |
1070 | [ Guilhem Moulin ] |
1071 | @@ -1745,6 +2590,35 @@ cryptsetup (2:1.7.0-1) unstable; urgency=medium |
1072 | |
1073 | -- Jonas Meurer <mejo@debian.org> Thu, 07 Jan 2016 02:22:33 +0100 |
1074 | |
1075 | +cryptsetup (2:1.6.6-5ubuntu2) wily; urgency=medium |
1076 | + |
1077 | + * Fix stupid typo in Recommends "busybox | busybox-static" inversion. |
1078 | + Fixes binary moves for busybox into main. |
1079 | + |
1080 | + -- Andy Whitcroft <apw@ubuntu.com> Fri, 21 Aug 2015 08:56:34 +0100 |
1081 | + |
1082 | +cryptsetup (2:1.6.6-5ubuntu1) wily; urgency=low |
1083 | + |
1084 | + * Merge from Debian unstable. Remaining changes: |
1085 | + - debian/control: |
1086 | + + Bump initramfs-tools Suggests to Depends: so system is not |
1087 | + potentially rendered unbootable. |
1088 | + + Depend on plymouth. |
1089 | + + Invert the "busybox | busybox-static" Recommends, as the latter |
1090 | + is the one we ship in main as part of the ubuntu-standard task. |
1091 | + + Drop explicit libgcrypt11 dependency from libcryptsetup4. |
1092 | + * Dropped changes, now in Debian: |
1093 | + - Remove hardcoded paths to udevadm. |
1094 | + - debian/initramfs/cryptroot-hook: |
1095 | + + Do not unconditionally include cryptsetup utils in the initramfs. |
1096 | + + Do not include any modules or utils in the initramfs, unless |
1097 | + rootfs/resume devices are encrypted or CRYPTSETUP is set to 'y' in |
1098 | + the initramfs.conf configuration file. |
1099 | + - debian/cryptsetup.maintscripts: |
1100 | + + Migrate upstart jobs to new names. |
1101 | + |
1102 | + -- Andy Whitcroft <apw@ubuntu.com> Tue, 07 Jul 2015 16:58:45 +0100 |
1103 | + |
1104 | cryptsetup (2:1.6.6-5) unstable; urgency=high |
1105 | |
1106 | * debian/cryptdisks.functions: fix the precheck for ubuntu+upstart |
1107 | @@ -1897,6 +2771,71 @@ cryptsetup (2:1.6.4-1) unstable; urgency=low |
1108 | |
1109 | -- Jonas Meurer <mejo@debian.org> Fri, 28 Jun 2013 12:14:55 +0200 |
1110 | |
1111 | +cryptsetup (2:1.6.1-1ubuntu7) vivid; urgency=medium |
1112 | + |
1113 | + * Drop explicit libgcrypt11 dependency from libcryptsetup4. |
1114 | + |
1115 | + -- Adam Conrad <adconrad@ubuntu.com> Fri, 27 Mar 2015 18:24:38 -0600 |
1116 | + |
1117 | +cryptsetup (2:1.6.1-1ubuntu6) vivid; urgency=medium |
1118 | + |
1119 | + * No-change rebuild for the libgcrypt20 transition. |
1120 | + |
1121 | + -- Adam Conrad <adconrad@ubuntu.com> Fri, 27 Mar 2015 06:16:08 -0600 |
1122 | + |
1123 | +cryptsetup (2:1.6.1-1ubuntu5) vivid; urgency=medium |
1124 | + |
1125 | + * ./debian/scripts/luksformat: Drop luksFormat -s and --ciper options. They |
1126 | + aren't necessary any more, and aes-cbc-essiv:sha256 is obsolete. This will |
1127 | + now use aes-xts-plain64 by default. (LP: #1414719) |
1128 | + |
1129 | + -- Martin Pitt <martin.pitt@ubuntu.com> Fri, 27 Feb 2015 09:37:05 +0100 |
1130 | + |
1131 | +cryptsetup (2:1.6.1-1ubuntu4) vivid; urgency=medium |
1132 | + |
1133 | + * No change rebuild to get debug symbols for all architectures. |
1134 | + |
1135 | + -- Brian Murray <brian@ubuntu.com> Wed, 03 Dec 2014 08:03:31 -0800 |
1136 | + |
1137 | +cryptsetup (2:1.6.1-1ubuntu3) utopic; urgency=high |
1138 | + |
1139 | + * No change rebuild against new dh_installinit, to call update-rc.d at |
1140 | + postinst. |
1141 | + |
1142 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 28 May 2014 10:39:30 +0100 |
1143 | + |
1144 | +cryptsetup (2:1.6.1-1ubuntu2) utopic; urgency=medium |
1145 | + |
1146 | + * debian/askpass.c: |
1147 | + - Fix bug (LP: #1301086) where askpass fails to restore terminal |
1148 | + settings. |
1149 | + |
1150 | + -- Robert Barabas <dc@0xdc.org> Fri, 18 Apr 2014 14:08:51 -0400 |
1151 | + |
1152 | +cryptsetup (2:1.6.1-1ubuntu1) trusty; urgency=low |
1153 | + |
1154 | + * Merge from debian unstable, remaining changes: |
1155 | + - debian/control: |
1156 | + + Bump initramfs-tools Suggests to Depends: so system is not |
1157 | + potentially rendered unbootable. |
1158 | + + Depend on plymouth. |
1159 | + |
1160 | + - Invert the "busybox | busybox-static" Recommends, as the latter is |
1161 | + the one we ship in main as part of the ubuntu-standard task. |
1162 | + |
1163 | + - Remove hardcoded paths to udevadm (LP: #1184066). |
1164 | + |
1165 | + - debian/initramfs/cryptroot-hook: |
1166 | + + Do not unconditionally include cryptsetup utils in the initramfs. |
1167 | + + Do not include any modules or utils in the initramfs, unless |
1168 | + rootfs/resume devices are encrypted or CRYPTSETUP is set to 'y' in |
1169 | + the initramfs.conf configuration file. |
1170 | + |
1171 | + - debian/cryptsetup.maintscripts: |
1172 | + + Migrate upstart jobs to new names. |
1173 | + |
1174 | + -- Dmitrijs Ledkovs <dmitrij.ledkov@ubuntu.com> Fri, 01 Nov 2013 16:48:57 +0000 |
1175 | + |
1176 | cryptsetup (2:1.6.1-1) unstable; urgency=low |
1177 | |
1178 | [ Milan Broz ] |
1179 | @@ -1938,6 +2877,50 @@ cryptsetup (2:1.6.1-1) unstable; urgency=low |
1180 | |
1181 | -- Jonas Meurer <mejo@debian.org> Fri, 28 Jun 2013 12:10:41 +0200 |
1182 | |
1183 | +cryptsetup (2:1.4.3-4ubuntu4) saucy; urgency=low |
1184 | + |
1185 | + * debian/initramfs/cryptroot-hook: |
1186 | + - Do not unconditionally include cryptsetup utils in the initramfs. |
1187 | + - Do not include any modules or utils in the initramfs, unless |
1188 | + rootfs/resume devices are encrypted or CRYPTSETUP is set to 'y' in |
1189 | + the initramfs.conf configuration file. |
1190 | + |
1191 | + -- Dmitrijs Ledkovs <dmitrij.ledkov@ubuntu.com> Mon, 10 Jun 2013 16:25:46 +0100 |
1192 | + |
1193 | +cryptsetup (2:1.4.3-4ubuntu3) saucy; urgency=low |
1194 | + |
1195 | + * Remove hardcoded paths to udevadm (LP: #1184066). |
1196 | + |
1197 | + -- Colin Watson <cjwatson@ubuntu.com> Tue, 28 May 2013 11:27:27 +0100 |
1198 | + |
1199 | +cryptsetup (2:1.4.3-4ubuntu2) raring; urgency=low |
1200 | + |
1201 | + * Invert the "busybox | busybox-static" Recommends, as the latter |
1202 | + is the one we ship in main as part of the ubuntu-standard task. |
1203 | + |
1204 | + -- Adam Conrad <adconrad@ubuntu.com> Fri, 16 Nov 2012 01:14:35 -0700 |
1205 | + |
1206 | +cryptsetup (2:1.4.3-4ubuntu1) raring; urgency=low |
1207 | + |
1208 | + * Merge from debian unstable, remaining changes: |
1209 | + - debian/control: |
1210 | + + Bump initramfs-tools Suggests to Depends: so system is not |
1211 | + potentially rendered unbootable. |
1212 | + + Depend on plymouth. |
1213 | + |
1214 | + - init/upstart jobs: |
1215 | + + Rename cryptddisks{,-early}.upstart jobs to |
1216 | + cryptdisks-{enable,udev}.upstart, as we need both init & upstart jobs |
1217 | + for now. |
1218 | + + debian/cryptdisks{,-early}.init: Make the 'start' action of the init |
1219 | + script a no-op, this should be handled entirely by the upstart job; |
1220 | + and fix the LSB header to not declare this should be started in |
1221 | + runlevel 'S'. |
1222 | + + Do not install start symlinks for init scripts |
1223 | + + NB! shutdown is still handled by the SystemV init scripts |
1224 | + |
1225 | + -- Dmitrijs Ledkovs <dmitrij.ledkov@ubuntu.com> Tue, 13 Nov 2012 11:17:57 +0000 |
1226 | + |
1227 | cryptsetup (2:1.4.3-4) unstable; urgency=medium |
1228 | |
1229 | * change recommends for busybox to busybox | busybox-static. Thanks to |
1230 | @@ -1970,6 +2953,50 @@ cryptsetup (2:1.4.3-3) unstable; urgency=medium |
1231 | |
1232 | -- Jonas Meurer <mejo@debian.org> Thu, 01 Nov 2012 15:34:09 +0100 |
1233 | |
1234 | +cryptsetup (2:1.4.3-2ubuntu1) quantal; urgency=low |
1235 | + |
1236 | + * Merge from debian unstable (LP: #1015753), remaining changes: |
1237 | + - debian/control: |
1238 | + + Bump initramfs-tools Suggests to Depends: so system is not |
1239 | + potentially rendered unbootable. |
1240 | + + Depend on plymouth. |
1241 | + |
1242 | + - init/upstart jobs: |
1243 | + + Add debian/cryptdisks-{enable,udev}.upstart for bootup. |
1244 | + + debian/cryptdisks{,-early}.init: Make the 'start' action of the init |
1245 | + script a no-op, this should be handled entirely by the upstart job; |
1246 | + and fix the LSB header to not declare this should be started in |
1247 | + runlevel 'S'. |
1248 | + + Do not install start symlinks for init scripts |
1249 | + + NB! shutdown is still handled by the SystemV init scripts |
1250 | + |
1251 | + * Rename cryptddisks{,-early}.upstart jobs back to |
1252 | + cryptdisks-{enable,udev}.upstart, as we need both init & upstart jobs |
1253 | + for now. |
1254 | + |
1255 | + * Dropped Changes, included in Debian: |
1256 | + - debian/control: |
1257 | + + Split up package in cryptsetup and cryptsetup-bin. (LP: #343363). |
1258 | + |
1259 | + - debian/cryptdisks.functions: |
1260 | + + Do not overwrite existing filesystems when creating swap (LP: #474258). |
1261 | + + Add aesni module when we have hardware encryption. |
1262 | + + Call 'udevadm settle' before 'dmsetup rename' http://pad.lv/874774 |
1263 | + + Suppress "Starting init crypto disks" message in "init" phase, to |
1264 | + avoid writing over fsck progress text. |
1265 | + + new function, crypttab_start_one_disk, to look for the named source |
1266 | + device in /etc/crypttab (by device name, UUID, or label) and start it |
1267 | + if configured to do so |
1268 | + + handle the case where crypttab contains a name for the source |
1269 | + device that is not the kernel's preferred name for it (as is the case |
1270 | + for LVs). |
1271 | + |
1272 | + - debian/initramfs/cryptroot-hook: |
1273 | + + Quiet warnings from find on arches that don't have all the |
1274 | + kernel/{arch,crypto} bits we're testing for. |
1275 | + |
1276 | + -- Dmitrijs Ledkovs <dmitrij.ledkov@ubuntu.com> Tue, 21 Aug 2012 11:57:28 +0100 |
1277 | + |
1278 | cryptsetup (2:1.4.3-2) unstable; urgency=medium |
1279 | |
1280 | * fix the shared library symbols magic: so far, the symbols file for |
1281 | @@ -2045,6 +3072,64 @@ cryptsetup (2:1.4.1-3) unstable; urgency=low |
1282 | |
1283 | -- Jonas Meurer <mejo@debian.org> Wed, 11 Apr 2012 23:55:35 +0200 |
1284 | |
1285 | +cryptsetup (2:1.4.1-2ubuntu4) precise; urgency=low |
1286 | + |
1287 | + * Our swap creation can trigger udev change events, which means udev may be |
1288 | + holding the device open at the time we try to call 'dmsetup rename' and |
1289 | + cause the /subsequent/ events to be missed because of dmsetup creating |
1290 | + device nodes by hand. So call 'udevadm settle' before 'dmsetup rename', |
1291 | + to ensure blkid is out of the way first. This should ensure swap |
1292 | + partitions are found by mountall in a non-racy manner. LP: #874774. |
1293 | + |
1294 | + -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 13 Apr 2012 20:23:21 -0700 |
1295 | + |
1296 | +cryptsetup (2:1.4.1-2ubuntu3) precise; urgency=low |
1297 | + |
1298 | + * Start cryptdisks-enable upstart job on 'or container', to let us |
1299 | + simplify the udevtrigger job. |
1300 | + |
1301 | + -- Steve Langasek <steve.langasek@ubuntu.com> Wed, 04 Apr 2012 17:02:00 -0700 |
1302 | + |
1303 | +cryptsetup (2:1.4.1-2ubuntu2) precise; urgency=low |
1304 | + |
1305 | + * Split up package in cryptsetup and cryptsetup-bin. (LP: #343363). |
1306 | + * Do not overwrite existing filesystems when creating swap (LP: #474258). |
1307 | + * Add aesni module when we have hardware encryption. |
1308 | + |
1309 | + -- Jean-Louis Dupond <jean-louis@dupond.be> Mon, 12 Mar 2012 10:14:30 +0100 |
1310 | + |
1311 | +cryptsetup (2:1.4.1-2ubuntu1) precise; urgency=low |
1312 | + |
1313 | + [ Jean-Louis Dupond ] |
1314 | + * Merge from debian unstable (LP: #776264), remaining changes: |
1315 | + - debian/cryptdisks.functions: Suppress "Starting init crypto disks" message |
1316 | + in "init" phase, to avoid writing over fsck progress text. |
1317 | + - debian/cryptroot-hook: Quiet warnings from find on arches that |
1318 | + don't have all the kernel/{arch,crypto} bits we're testing for. |
1319 | + - debian/control: |
1320 | + + Bump initramfs-tools Suggests to Depends: so system is not |
1321 | + potentially rendered unbootable. |
1322 | + + Depend on plymouth. |
1323 | + - Add debian/cryptdisks-{enable,udev}.upstart. |
1324 | + - debian/cryptdisks.functions: |
1325 | + + new function, crypttab_start_one_disk, to look for the named source |
1326 | + device in /etc/crypttab (by device name, UUID, or label) and start it |
1327 | + if configured to do so |
1328 | + - debian/cryptdisks{,-early}.init: Make the 'start' action of the init |
1329 | + script a no-op, this should be handled entirely by the upstart job; |
1330 | + and fix the LSB header to not declare this should be started in |
1331 | + runlevel 'S' |
1332 | + - debian/rules: |
1333 | + + Do not install start symlinks for init scripts, and |
1334 | + install debian/cryptdisks-{enable,udev}.upstart scripts. |
1335 | + |
1336 | + [ Steve Langasek ] |
1337 | + * debian/cryptdisks.functions: handle the case where crypttab contains a |
1338 | + name for the source device that is not the kernel's preferred name for |
1339 | + it (as is the case for LVs). |
1340 | + |
1341 | + -- Jean-Louis Dupond <jean-louis@dupond.be> Thu, 08 Mar 2012 07:32:40 +0100 |
1342 | + |
1343 | cryptsetup (2:1.4.1-2) unstable; urgency=low |
1344 | |
1345 | * acknowledge NMU. Thanks to Michael Biebl. (closes: #659182) |
1346 | @@ -2254,6 +3339,56 @@ cryptsetup (2:1.2.0-1) experimental; urgency=low |
1347 | |
1348 | -- Jonas Meurer <mejo@debian.org> Sun, 16 Jan 2011 01:01:03 +0100 |
1349 | |
1350 | +cryptsetup (2:1.1.3-4ubuntu3) precise; urgency=low |
1351 | + |
1352 | + [ Pali Rohar ] |
1353 | + * debian/cryptdisks.functions: Suppress "Starting init crypto disks" message |
1354 | + in "init" phase, to avoid writing over fsck progress text. |
1355 | + |
1356 | + -- Martin Pitt <martin.pitt@ubuntu.com> Wed, 26 Oct 2011 09:16:15 +0200 |
1357 | + |
1358 | +cryptsetup (2:1.1.3-4ubuntu2) oneiric; urgency=low |
1359 | + |
1360 | + * debian/cryptroot-hook: Quiet warnings from find on arches that |
1361 | + don't have all the kernel/{arch,crypto} bits we're testing for. |
1362 | + |
1363 | + -- Adam Conrad <adconrad@ubuntu.com> Sat, 01 Oct 2011 00:33:00 -0600 |
1364 | + |
1365 | +cryptsetup (2:1.1.3-4ubuntu1) natty; urgency=low |
1366 | + |
1367 | + * Merge from debian unstable (LP: #682177), remaining changes: |
1368 | + - debian/control: |
1369 | + + Bump initramfs-tools Suggests to Depends: so system is not |
1370 | + potentially rendered unbootable. |
1371 | + + Depend on plymouth. |
1372 | + - Add debian/cryptdisks-{enable,udev}.upstart. |
1373 | + - debian/cryptdisks.functions: |
1374 | + + new function, crypttab_start_one_disk, to look for the named source |
1375 | + device in /etc/crypttab (by device name, UUID, or label) and start it |
1376 | + if configured to do so |
1377 | + + wrap the call to /lib/cryptsetup/askpass with watershed, to make sure |
1378 | + we only ever have one of these running at a time; otherwise multiple |
1379 | + invocations could steal each other's input and/or write over each |
1380 | + other's output |
1381 | + + when called by cryptdisks-enable, check that we don't already have a |
1382 | + corresponding cryptdisks-udev job running (probably waiting for a |
1383 | + passphrase); if there is, wait until it's finished before continuing. |
1384 | + - debian/cryptdisks{,-early}.init: Make the 'start' action of the init |
1385 | + script a no-op, this should be handled entirely by the upstart job; |
1386 | + and fix the LSB header to not declare this should be started in |
1387 | + runlevel 'S' |
1388 | + - debian/cryptsetup.postinst: Remove any symlinks from /etc/rcS.d on |
1389 | + upgrade. |
1390 | + - debian/rules: |
1391 | + + Do not install start symlinks for init scripts, and |
1392 | + install debian/cryptdisks-{enable,udev}.upstart scripts. |
1393 | + + link dynamically against libgcrypt and libgpg-error. |
1394 | + - Add debian/cryptsetup.apport: Apport package hook. Install in |
1395 | + debian/rules and create dir in debian/cryptsetup.dirs. |
1396 | + - debian/cryptsetup.postrm: call update-initramfs on package removal. |
1397 | + |
1398 | + -- Lorenzo De Liso <blackz@ubuntu.com> Sat, 27 Nov 2010 17:37:43 +0100 |
1399 | + |
1400 | cryptsetup (2:1.1.3-4) unstable; urgency=high |
1401 | |
1402 | * bump standards-version to 3.9.1, no changes required |
1403 | @@ -2359,6 +3494,69 @@ cryptsetup (2:1.1.3-1) unstable; urgency=low |
1404 | |
1405 | -- Jonas Meurer <mejo@debian.org> Sat, 10 Jul 2010 14:32:40 +0200 |
1406 | |
1407 | +cryptsetup (2:1.1.2-1ubuntu1) maverick; urgency=low |
1408 | + |
1409 | + * Merge from Debian unstable (LP: #594365). Remaining changes: |
1410 | + - debian/control: |
1411 | + + Bump initramfs-tools Suggests to Depends: so system is not |
1412 | + potentially rendered unbootable. |
1413 | + + Depend on plymouth. |
1414 | + - Add debian/cryptdisks-{enable,udev}.upstart. |
1415 | + - debian/cryptdisks.functions: |
1416 | + + new function, crypttab_start_one_disk, to look for the named source |
1417 | + device in /etc/crypttab (by device name, UUID, or label) and start it |
1418 | + if configured to do so |
1419 | + + wrap the call to /lib/cryptsetup/askpass with watershed, to make sure |
1420 | + we only ever have one of these running at a time; otherwise multiple |
1421 | + invocations could steal each other's input and/or write over each |
1422 | + other's output |
1423 | + + initially create the device under a temporary name and rename it only |
1424 | + at the end using 'dmsetup rename', to ensure that upstart/mountall |
1425 | + doesn't see our device before it's ready to go. |
1426 | + + do_tmp should mount under /var/run/cryptsetup for changing the |
1427 | + permissions of the filesystem root, not directly on /tmp, since |
1428 | + mounting on /tmp a) is racy, b) confuses mountall something fierce. |
1429 | + + when called by cryptdisks-enable, check that we don't already have a |
1430 | + corresponding cryptdisks-udev job running (probably waiting for a |
1431 | + passphrase); if there is, wait until it's finished before continuing. |
1432 | + - debian/cryptdisks{,-early}.init: Make the 'start' action of the init |
1433 | + script a no-op, this should be handled entirely by the upstart job; |
1434 | + and fix the LSB header to not declare this should be started in |
1435 | + runlevel 'S' |
1436 | + - debian/cryptsetup.postinst: Remove any symlinks from /etc/rcS.d on |
1437 | + upgrade. |
1438 | + - debian/rules: Do not install start symlinks for init scripts, and |
1439 | + install debian/cryptdisks-{enable,udev}.upstart scripts. |
1440 | + - Add debian/cryptsetup.apport: Apport package hook. Install in |
1441 | + debian/rules and create dir in debian/cryptsetup.dirs. |
1442 | + - debian/rules: link dynamically against libgcrypt and libgpg-error. |
1443 | + - debian/cryptsetup.postrm: call update-initramfs on package removal. |
1444 | + * Dropped changes, merged/superseded in Debian: |
1445 | + - Add ext4 support to passdev. |
1446 | + - cryptroot-hook: don't call copy_modules_dir with empty arguments when |
1447 | + archcrypto isn't found |
1448 | + - Set USPLASH=y and FRAMEBUFFER=y in the hook config to pull plymouth into |
1449 | + the initramfs. |
1450 | + - change interaction to use plymouth directly if present, and if not, to |
1451 | + fall back to /lib/cryptsetup/askpass as before |
1452 | + - cryptdisks.functions: replace 'echo -e' bashism with 'printf'. |
1453 | + - debian/initramfs/cryptroot-script: if plymouth is present in the |
1454 | + initramfs, use this directly, bypassing the cryptsetup askpass script |
1455 | + - debian/initramfs/cryptroot-hook: Properly anchor our regexps when |
1456 | + grepping /etc/crypttab so that we don't incorrectly match device names |
1457 | + that are substrings of one another. |
1458 | + - debian/initramfs/cryptroot-script: Don't leak /conf/conf.d/cryptroot |
1459 | + file descriptor to subprocesses. |
1460 | + - Fix grammar error in debian/initramfs/cryptroot-script |
1461 | + ("setup" -> "set up") |
1462 | + - debian/initramfs/cryptroot-script: Fix this to work with current |
1463 | + initramfs-tools: |
1464 | + + Source /scripts/functions after checking for prerequisites. |
1465 | + + prereqs(): Do not assume we are running within initramfs, and |
1466 | + calculate relative path correctly. |
1467 | + |
1468 | + -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 14 Jun 2010 21:47:28 -0700 |
1469 | + |
1470 | cryptsetup (2:1.1.2-1) unstable; urgency=low |
1471 | |
1472 | * new upstream release, changes include: |
1473 | @@ -2476,6 +3674,171 @@ cryptsetup (2:1.1.0-1) unstable; urgency=low |
1474 | |
1475 | -- Jonas Meurer <mejo@debian.org> Mon, 08 Mar 2010 14:15:35 +0100 |
1476 | |
1477 | +cryptsetup (2:1.1.0~rc2-1ubuntu14) maverick; urgency=low |
1478 | + |
1479 | + [ David Stansby ] |
1480 | + * Fix grammar error in debian/initramfs/cryptroot-script |
1481 | + ("setup" -> "set up") (LP: #578896) |
1482 | + |
1483 | + -- James Westby <james.westby@ubuntu.com> Mon, 17 May 2010 13:33:40 +0100 |
1484 | + |
1485 | +cryptsetup (2:1.1.0~rc2-1ubuntu13) lucid; urgency=low |
1486 | + |
1487 | + * debian/initramfs/cryptroot-script: Don't leak /conf/conf.d/cryptroot |
1488 | + file descriptor to subprocesses. |
1489 | + |
1490 | + -- Colin Watson <cjwatson@ubuntu.com> Mon, 29 Mar 2010 22:18:36 +0100 |
1491 | + |
1492 | +cryptsetup (2:1.1.0~rc2-1ubuntu12) lucid; urgency=low |
1493 | + |
1494 | + * debian/initramfs/cryptroot-hook: Properly anchor our regexps when |
1495 | + grepping /etc/crypttab so that we don't incorrectly match device names |
1496 | + that are substrings of one another. |
1497 | + * debian/cryptdisks-{enable,udev}.conf, debian/control: drop |
1498 | + 'console output' and add a hard dependency on plymouth instead of |
1499 | + watershed, to avoid spitting extra messages to the console. |
1500 | + |
1501 | + -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 18 Feb 2010 06:19:19 -0800 |
1502 | + |
1503 | +cryptsetup (2:1.1.0~rc2-1ubuntu11) lucid; urgency=low |
1504 | + |
1505 | + * Set FRAMEBUFFER=y in the file that we actually ship. |
1506 | + * debian/cryptsetup.postrm: call update-initramfs on package removal. |
1507 | + LP: #468228. |
1508 | + |
1509 | + -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 25 Jan 2010 03:07:52 -0800 |
1510 | + |
1511 | +cryptsetup (2:1.1.0~rc2-1ubuntu10) lucid; urgency=low |
1512 | + |
1513 | + * cryptdisks.functions: replace 'echo -e' bashism with 'printf'. |
1514 | + * cryptdisks.functions: when called by cryptdisks-enable, check that we |
1515 | + don't already have a corresponding cryptdisks-udev job running (probably |
1516 | + waiting for a passphrase); if there is, wait until it's finished before |
1517 | + continuing. |
1518 | + |
1519 | + -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 21 Jan 2010 14:57:21 +0000 |
1520 | + |
1521 | +cryptsetup (2:1.1.0~rc2-1ubuntu9) lucid; urgency=low |
1522 | + |
1523 | + * Set FRAMEBUFFER=y in the hook config as well, to pull plymouth into the |
1524 | + initramfs. |
1525 | + * cryptdisks.functions, debian/initramfs/cryptroot-script: fix the |
1526 | + invocation of plymouth, so that we actually get proper passphrase prompts |
1527 | + (once bug #496765 is fixed). |
1528 | + |
1529 | + -- Steve Langasek <steve.langasek@ubuntu.com> Sat, 16 Jan 2010 02:32:41 -0800 |
1530 | + |
1531 | +cryptsetup (2:1.1.0~rc2-1ubuntu8) lucid; urgency=low |
1532 | + |
1533 | + * cryptdisks.functions: do_tmp should mount under /var/run/cryptsetup for |
1534 | + changing the permissions of the filesystem root, not directly on /tmp, |
1535 | + since mounting on /tmp a) is racy, b) confuses mountall something fierce. |
1536 | + LP: #475936. |
1537 | + |
1538 | + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 22 Dec 2009 20:24:28 +0000 |
1539 | + |
1540 | +cryptsetup (2:1.1.0~rc2-1ubuntu7) lucid; urgency=low |
1541 | + |
1542 | + * Depend on watershed. |
1543 | + |
1544 | + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 22 Dec 2009 01:37:36 +0000 |
1545 | + |
1546 | +cryptsetup (2:1.1.0~rc2-1ubuntu6) lucid; urgency=low |
1547 | + |
1548 | + [ Steve Langasek ] |
1549 | + * Fix the LSB header in the init scripts, now that we don't install to |
1550 | + rcS.d. |
1551 | + |
1552 | + [ Martin Pitt ] |
1553 | + * debian/initramfs/cryptroot-script: Fix this to work with current |
1554 | + initramfs-tools: |
1555 | + - Source /scripts/functions after checking for prerequisites. |
1556 | + - prereqs(): Do not assume we are running within initramfs, and calculate |
1557 | + relative path correctly. |
1558 | + |
1559 | + -- Martin Pitt <martin.pitt@ubuntu.com> Fri, 18 Dec 2009 17:07:07 +0100 |
1560 | + |
1561 | +cryptsetup (2:1.1.0~rc2-1ubuntu5) lucid; urgency=low |
1562 | + |
1563 | + * Rename the upstart job introduced in the previous upload to |
1564 | + cryptdisks-udev and restore the previous version of the job as |
1565 | + cryptdisks-enable, to run at the end of udev coldplugging as before; |
1566 | + this isn't entirely race-free, but should nevertheless give us the |
1567 | + two passes needed to cover devices that are decrypted using keys stored |
1568 | + on other encrypted disks. LP: #443980. |
1569 | + |
1570 | + -- Steve Langasek <steve.langasek@ubuntu.com> Wed, 16 Dec 2009 06:41:30 +0000 |
1571 | + |
1572 | +cryptsetup (2:1.1.0~rc2-1ubuntu4) lucid; urgency=low |
1573 | + |
1574 | + [ Steve Langasek ] |
1575 | + * debian/initramfs/cryptroot-script: if plymouth is present in the |
1576 | + initramfs, use this directly, bypassing the cryptsetup askpass script; |
1577 | + but keep support for these other frontends around on a transitional |
1578 | + basis. |
1579 | + * debian/cryptdisks.functions: |
1580 | + - change interaction to use plymouth directly if present, and if not, to |
1581 | + fall back to /lib/cryptsetup/askpass as before |
1582 | + - wrap the call to /lib/cryptsetup/askpass with watershed, to make sure |
1583 | + we only ever have one of these running at a time; otherwise multiple |
1584 | + invocations could steal each other's input and/or write over each |
1585 | + other's output |
1586 | + - new function, crypttab_start_one_disk, to look for the named source |
1587 | + device in /etc/crypttab (by device name, UUID, or label) and start it |
1588 | + if configured to do so |
1589 | + * debian/cryptdisks-enable.upstart: run the upstart job once for each block |
1590 | + device, using the new crypttab_start_one_disk function, triggered by udev; |
1591 | + this doesn't eliminate the possibility of a race with gdm when the |
1592 | + decrypted volume isn't a 'bootwait' mount point (since gdm kills |
1593 | + plymouth), but it does eliminate the race between udev and cryptsetup. |
1594 | + LP: #454898. |
1595 | + * debian/cryptdisks-enable.upstart: check that the package is installed |
1596 | + and exit gracefully if it's not. LP: #435814 |
1597 | + * debian/cryptdisk.functions: initially create the device under a temporary |
1598 | + name and rename it only at the end using 'dmsetup rename', to ensure that |
1599 | + upstart/mountall doesn't see our device before it's ready to go. |
1600 | + LP: #475936. |
1601 | + |
1602 | + [ Colin Watson ] |
1603 | + * Add ext4 support to passdev. |
1604 | + |
1605 | + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 15 Dec 2009 18:05:45 -0800 |
1606 | + |
1607 | +cryptsetup (2:1.1.0~rc2-1ubuntu3) lucid; urgency=low |
1608 | + |
1609 | + * cryptroot-hook: Use if [ -n … ] instead of if ! test -z …. |
1610 | + |
1611 | + -- Loïc Minier <loic.minier@ubuntu.com> Sat, 12 Dec 2009 11:32:52 +0100 |
1612 | + |
1613 | +cryptsetup (2:1.1.0~rc2-1ubuntu2) lucid; urgency=low |
1614 | + |
1615 | + * cryptroot-hook: dont call copy_modules_dir with empty arguments when |
1616 | + archcrypto isnt found (LP: #495161) |
1617 | + |
1618 | + -- Oliver Grawert <ogra@ubuntu.com> Fri, 11 Dec 2009 14:39:00 +0100 |
1619 | + |
1620 | +cryptsetup (2:1.1.0~rc2-1ubuntu1) lucid; urgency=low |
1621 | + |
1622 | + * Merge with Debian testing. Remaining Ubuntu changes: |
1623 | + - debian/rules: cryptsetup is linked dynamically against libgcrypt and |
1624 | + libgpg-error. |
1625 | + - Upstart migration: |
1626 | + + Add debian/cryptdisks-enable.upstart. |
1627 | + + debian/cryptdisks{,-early}.init: Make the 'start' action of the init |
1628 | + script a no-op, this should be handled entirely by the upstart job. |
1629 | + (LP #473615) |
1630 | + + debian/cryptsetup.postinst: Remove any symlinks from /etc/rcS.d on |
1631 | + upgrade. |
1632 | + + debian/rules: Do not install start symlinks for those two, and install |
1633 | + debian/cryptdisks-enable.upstart scripts. |
1634 | + - Add debian/cryptsetup.apport: Apport package hook. Install in |
1635 | + debian/rules, and create dir in debian/cryptsetup.dirs. |
1636 | + - Start usplash in initramfs, since we need it for fancy passphrase input: |
1637 | + + debian/initramfs/cryptroot-conf, debian/initramfs-conf.d: USPLASH=y |
1638 | + + debian/control: Bump initramfs-tools Suggests to Depends:. |
1639 | + |
1640 | + -- Martin Pitt <martin.pitt@ubuntu.com> Wed, 11 Nov 2009 15:04:27 +0100 |
1641 | + |
1642 | cryptsetup (2:1.1.0~rc2-1) unstable; urgency=low |
1643 | |
1644 | * new upstream release candidate (1.1.0-rc2), highlights include: |
1645 | @@ -2649,6 +4012,80 @@ cryptsetup (2:1.0.7~rc1-1) unstable; urgency=low |
1646 | |
1647 | -- Jonas Meurer <mejo@debian.org> Sat, 04 Jul 2009 15:52:06 +0200 |
1648 | |
1649 | +cryptsetup (2:1.0.6+20090405.svn49-1ubuntu8) lucid; urgency=low |
1650 | + |
1651 | + [ Steve Langasek ] |
1652 | + * Make the 'start' action of the init script a no-op, this should be |
1653 | + handled entirely by the upstart job now; and remove any symlinks from |
1654 | + /etc/rcS.d on upgrade. LP: #473615. |
1655 | + |
1656 | + [ Reinhard Tartler ] |
1657 | + * Add an apport hook |
1658 | + * import the blkid and un_blkid from debian, LP: #446517 |
1659 | + * also use this script by default (setting in /etc/default/cryptdisks) |
1660 | + |
1661 | + -- Steve Langasek <steve.langasek@ubuntu.com> Wed, 04 Nov 2009 12:06:47 +0000 |
1662 | + |
1663 | +cryptsetup (2:1.0.6+20090405.svn49-1ubuntu7) karmic; urgency=low |
1664 | + |
1665 | + * Reupload previous version, siretart had left changes in bzr which |
1666 | + weren't documented in the changelog and caused FTBFS. |
1667 | + |
1668 | + -- Scott James Remnant <scott@ubuntu.com> Wed, 14 Oct 2009 13:57:59 +0100 |
1669 | + |
1670 | +cryptsetup (2:1.0.6+20090405.svn49-1ubuntu6) karmic; urgency=low |
1671 | + |
1672 | + [ Steve Langasek ] |
1673 | + * Move the Debian Vcs- fields aside. |
1674 | + |
1675 | + [ Scott James Remnant ] |
1676 | + * debian/cryptdisks-enable.upstart: Don't overcompensate for my idiocy, |
1677 | + cryptsetup should not need a controlling terminal, just a terminal |
1678 | + is fine. May fix LP: #439138. |
1679 | + |
1680 | + -- Scott James Remnant <scott@ubuntu.com> Wed, 14 Oct 2009 04:52:16 +0100 |
1681 | + |
1682 | +cryptsetup (2:1.0.6+20090405.svn49-1ubuntu4) karmic; urgency=low |
1683 | + |
1684 | + * debian/cryptdisks-enable.upstart: Things that often help include |
1685 | + not setting stdin/out to /dev/null, so you can actually type the |
1686 | + passphrase. I am an idiot. LP: #430496. |
1687 | + |
1688 | + -- Scott James Remnant <scott@ubuntu.com> Thu, 17 Sep 2009 17:58:01 +0100 |
1689 | + |
1690 | +cryptsetup (2:1.0.6+20090405.svn49-1ubuntu3) karmic; urgency=low |
1691 | + |
1692 | + * debian/cryptdisks-enable.upstart: add upstart job to enable encrypted |
1693 | + disks once we've finished probing for udev devices, so that mountall |
1694 | + can use them. LP: #430496. |
1695 | + |
1696 | + -- Scott James Remnant <scott@ubuntu.com> Thu, 17 Sep 2009 00:04:00 +0100 |
1697 | + |
1698 | +cryptsetup (2:1.0.6+20090405.svn49-1ubuntu2) karmic; urgency=low |
1699 | + |
1700 | + * debian/initramfs/cryptroot-conf: declare that we want usplash included |
1701 | + in the initramfs whenever this package is installed. LP: #427356. |
1702 | + |
1703 | + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 15 Sep 2009 08:43:15 -0700 |
1704 | + |
1705 | +cryptsetup (2:1.0.6+20090405.svn49-1ubuntu1) karmic; urgency=low |
1706 | + |
1707 | + * Merge from debian unstable, remaining changes: |
1708 | + - Ubuntu specific: |
1709 | + + debian/rules: link dynamically for better security supportability and |
1710 | + smaller packages. |
1711 | + + debian/control: Depend on initramfs-tools so system is not potentially |
1712 | + rendered unbootable. |
1713 | + - debian/initramfs/cryptroot-script wait for encrypted device to appear, |
1714 | + report with log_*_msg (debian bug 488271). |
1715 | + - debian/initramfs/cryptroot-hook: fix support for UUID and LABEL |
1716 | + correlation between fstab and crypttab (debian bug 522041). |
1717 | + - debian/askpass.c, debian/initramfs/cryptroot-script: using newline |
1718 | + escape in passphrase prompt to avoid line-wrapping (debian bug 528133). |
1719 | + * Drop 04_fix_udevsettle_call.patch: fixed upstream differently. |
1720 | + |
1721 | + -- Kees Cook <kees@ubuntu.com> Sun, 10 May 2009 17:29:32 -0700 |
1722 | + |
1723 | cryptsetup (2:1.0.6+20090405.svn49-1) unstable; urgency=low |
1724 | |
1725 | * New upstream svn snapshot. Highlights include: |
1726 | @@ -2690,6 +4127,67 @@ cryptsetup (2:1.0.6+20090405.svn49-1) unstable; urgency=low |
1727 | |
1728 | -- Jonas Meurer <mejo@debian.org> Mon, 06 Apr 2009 08:49:14 +0200 |
1729 | |
1730 | +cryptsetup (2:1.0.6-7ubuntu7) jaunty; urgency=low |
1731 | + |
1732 | + * debian/control: Depend on initramfs-tools so system is not potentially |
1733 | + rendered unbootable (LP: #358654). |
1734 | + |
1735 | + -- Kees Cook <kees@ubuntu.com> Thu, 09 Apr 2009 12:29:31 -0700 |
1736 | + |
1737 | +cryptsetup (2:1.0.6-7ubuntu6) jaunty; urgency=low |
1738 | + |
1739 | + * debian/initramfs/cryptroot-script: we don't require vol_id to understand |
1740 | + the encrypted device, but we should check the device is fully up first |
1741 | + before continuing by calling udevadm settle. LP: #291752. |
1742 | + |
1743 | + -- Steve Langasek <steve.langasek@ubuntu.com> Sat, 07 Mar 2009 21:39:14 -0800 |
1744 | + |
1745 | +cryptsetup (2:1.0.6-7ubuntu5) jaunty; urgency=low |
1746 | + |
1747 | + * debian/initramfs/cryptroot-hook: fix support for UUID and LABEL correlation |
1748 | + between fstab and crypttab (LP: #287879). |
1749 | + |
1750 | + -- TJ <ubuntu@tjworld.net> Mon, 16 Feb 2009 23:00:00 +0000 |
1751 | + |
1752 | +cryptsetup (2:1.0.6-7ubuntu4) jaunty; urgency=low |
1753 | + |
1754 | + * debian/askpass.c: also handle newline escape code in console prompt. |
1755 | + |
1756 | + -- Kees Cook <kees@ubuntu.com> Sun, 15 Feb 2009 08:57:05 -0800 |
1757 | + |
1758 | +cryptsetup (2:1.0.6-7ubuntu3) jaunty; urgency=low |
1759 | + |
1760 | + [ https://launchpad.net/~svenkata ] |
1761 | + * debian/checks/un_vol_id: dynamically build the "unknown volume type" |
1762 | + string, to allow for encrypted swap, LP: #316607 |
1763 | + |
1764 | + -- Dustin Kirkland <kirkland@ubuntu.com> Thu, 12 Feb 2009 16:57:30 -0600 |
1765 | + |
1766 | +cryptsetup (2:1.0.6-7ubuntu2) jaunty; urgency=low |
1767 | + |
1768 | + * debian/askpass.c: handle newline escape code in password prompt. |
1769 | + * debian/initramfs/cryptroot-script: add newline to split cryptroot |
1770 | + password prompt onto two lines for readability (LP: #326900). |
1771 | + |
1772 | + -- Kees Cook <kees@ubuntu.com> Sun, 08 Feb 2009 07:26:01 -0800 |
1773 | + |
1774 | +cryptsetup (2:1.0.6-7ubuntu1) jaunty; urgency=low |
1775 | + |
1776 | + * Merge from debian unstable, remaining changes: |
1777 | + - debian/initramfs/cryptroot-script: |
1778 | + - must source /scripts/functions to get the log_*_msg() functions. |
1779 | + - wait for encrypted device to show up (LP 164044, 291752). |
1780 | + - disable error message 'failed to setup lvm device' (LP 151532). |
1781 | + - debian/rules: |
1782 | + - fix location of ltmain.sh (Ubuntu-specific until libtool 2.2.x is |
1783 | + in Debian unstable). |
1784 | + - link dynamically (LP 62751). |
1785 | + - add 04_fix_udevsettle_call.patch: fix path to binary for udevsettle. |
1786 | + * Revert versioned build-depency on libdevmapper-dev, since Ubuntu's |
1787 | + version is higher now. |
1788 | + |
1789 | + -- Kees Cook <kees@ubuntu.com> Tue, 06 Jan 2009 13:00:16 -0800 |
1790 | + |
1791 | cryptsetup (2:1.0.6-7) unstable; urgency=medium |
1792 | |
1793 | * Add patches/01_gettext_package.patch: Remove -luks from GETTEXT_PACKAGE |
1794 | @@ -2734,6 +4232,38 @@ cryptsetup (2:1.0.6-7) unstable; urgency=medium |
1795 | |
1796 | -- Jonas Meurer <mejo@debian.org> Wed, 17 Dec 2008 21:25:45 +0100 |
1797 | |
1798 | +cryptsetup (2:1.0.6-6ubuntu2.1) intrepid-proposed; urgency=low |
1799 | + |
1800 | + * debian/initramfs/cryptroot-script: do not require that vol_id |
1801 | + can parse the encrypted device as valid (LP: #291752). |
1802 | + |
1803 | + -- Kees Cook <kees@ubuntu.com> Fri, 31 Oct 2008 13:10:06 -0700 |
1804 | + |
1805 | +cryptsetup (2:1.0.6-6ubuntu2) intrepid; urgency=low |
1806 | + |
1807 | + * Fixes for (LP: #272301) |
1808 | + * debian/initramfs/cryptroot-script: must source /scripts/functions to get |
1809 | + the log_*_msg() functions |
1810 | + * 04_fix_udevsettle_call.patch: fix path to binary for udevsettle |
1811 | + |
1812 | + -- Dustin Kirkland <kirkland@ubuntu.com> Fri, 19 Sep 2008 18:03:28 -0500 |
1813 | + |
1814 | +cryptsetup (2:1.0.6-6ubuntu1) intrepid; urgency=low |
1815 | + |
1816 | + * drop almost all ubuntu specific changes from the cryptsetup package, |
1817 | + because they have been merged in debian. Thanks a lot! |
1818 | + * merge from debian, remaining changes: |
1819 | + - remove versioned build-depency on libdevmapper-dev, we are using a |
1820 | + rather sophisticated loop for making sure the root filesystem appears. |
1821 | + * debian/rules: fix location of ltmain.sh |
1822 | + * don't exit usplash anymore in the init script. LP: #110970, #139363 |
1823 | + * Disable error message 'failed to setup lvm device'. It is harmless, and |
1824 | + caused by the fact that the udev rules provided by lvm2 are setting up |
1825 | + the lvm on their own. In debian the scripts here are responsible for this |
1826 | + but obviously fail in ubuntu. LP: #151532 |
1827 | + |
1828 | + -- Reinhard Tartler <siretart@tauware.de> Sat, 30 Aug 2008 17:52:16 +0200 |
1829 | + |
1830 | cryptsetup (2:1.0.6-6) unstable; urgency=high |
1831 | |
1832 | * Don't cat keyfile into pipe for do_noluks(). cryptsetup handles |
1833 | @@ -2835,6 +4365,79 @@ cryptsetup (2:1.0.6-3) unstable; urgency=low |
1834 | |
1835 | -- Jonas Meurer <mejo@debian.org> Mon, 07 Jul 2008 00:30:07 +0200 |
1836 | |
1837 | +cryptsetup (2:1.0.6-2ubuntu7) intrepid; urgency=low |
1838 | + |
1839 | + * reintroduce changes from 2:1.0.6-2ubuntu5 that have been accidentally |
1840 | + dropped in version 2:1.0.6-2ubuntu6. |
1841 | + |
1842 | + -- Reinhard Tartler <siretart@tauware.de> Fri, 20 Jun 2008 15:15:54 +0200 |
1843 | + |
1844 | +cryptsetup (2:1.0.6-2ubuntu6) intrepid; urgency=low |
1845 | + |
1846 | + [ Kjell Braden ] |
1847 | + * load scripts/functions for log_{begin,end}_msg |
1848 | + * debian/initramfs/cryptroot-script: wait for the cryptsource, not the resulting mapped root device |
1849 | + * debian/initramfs/cryptroot-hook: copy binaries to the right directory |
1850 | + |
1851 | + [ Reinhard Tartler ] |
1852 | + * remove versioned build-depency on libdevmapper-dev, we are using a |
1853 | + rather sophisticated loop for making sure the root filesystem appears. |
1854 | + |
1855 | + -- Reinhard Tartler <siretart@tauware.de> Wed, 18 Jun 2008 00:26:43 +0200 |
1856 | + |
1857 | +cryptsetup (2:1.0.6-2ubuntu5) intrepid; urgency=low |
1858 | + |
1859 | + * Okay, I give up. include preprocessed manpages and adapt |
1860 | + debian/rules to easily produce those. |
1861 | + ATTENTION: on subsequent uploads, make sure that the manpages are |
1862 | + available and up-to-date. |
1863 | + |
1864 | + -- Reinhard Tartler <siretart@tauware.de> Sun, 15 Jun 2008 13:33:07 +0200 |
1865 | + |
1866 | +cryptsetup (2:1.0.6-2ubuntu4) intrepid; urgency=low |
1867 | + |
1868 | + * also use local dtd in debian/doc/variables.xml.in. |
1869 | + |
1870 | + -- Reinhard Tartler <siretart@tauware.de> Sun, 15 Jun 2008 12:55:42 +0200 |
1871 | + |
1872 | +cryptsetup (2:1.0.6-2ubuntu3) intrepid; urgency=low |
1873 | + |
1874 | + * try harder to fix FTBFS. |
1875 | + |
1876 | + -- Reinhard Tartler <siretart@tauware.de> Sun, 15 Jun 2008 11:42:54 +0200 |
1877 | + |
1878 | +cryptsetup (2:1.0.6-2ubuntu2) intrepid; urgency=low |
1879 | + |
1880 | + * build docbook documentation using local dtds instead of trying to |
1881 | + download them at buildtime. Fixes FTBFS. |
1882 | + |
1883 | + -- Reinhard Tartler <siretart@tauware.de> Sun, 15 Jun 2008 11:12:28 +0200 |
1884 | + |
1885 | +cryptsetup (2:1.0.6-2ubuntu1) intrepid; urgency=low |
1886 | + |
1887 | + * Merge new debian version. Remaining changes: |
1888 | + - Add XSBC-Vcs-Bzr tag to indicate that this package is managed using |
1889 | + bzr on launchpad. |
1890 | + - debian/rules: cryptsetup is linked dynamically against libgcrypt and |
1891 | + libgpg-error. |
1892 | + - cryptdisks.functions: stop usplash on user input. LP #62751 |
1893 | + - Parse comments in lines not starting with '#', LP #185380 |
1894 | + - If the encrypted source device hasn't shown up yet, give it a |
1895 | + little while to deal with removable devices. LP #164044 |
1896 | + * Depend on race-free version of libdevmapper, thus making udevsettle |
1897 | + call from cryptsetup binary unnecessary. Dropping patch |
1898 | + debian/patches/06_run_udevsettle.patch |
1899 | + * remove patch from LP #73862, loading optimized modules has been solved |
1900 | + in debian in another way. |
1901 | + * cryptdisk.functions: remove spurious call to load_optimized_module. |
1902 | + LP: #239946 |
1903 | + * bugfix: make regex work if keyfile has extended attributes. LP: #231339. |
1904 | + * remove patch in cryptdisks.functions for rexecing the script itself for |
1905 | + ensuring that a tty is always available. (See LP #58794.) According to |
1906 | + Scott, this is not necessary anymore. |
1907 | + |
1908 | + -- Reinhard Tartler <siretart@tauware.de> Sat, 14 Jun 2008 23:28:51 +0200 |
1909 | + |
1910 | cryptsetup (2:1.0.6-2) unstable; urgency=low |
1911 | |
1912 | [ Jonas Meurer ] |
1913 | @@ -2860,6 +4463,54 @@ cryptsetup (2:1.0.6-2) unstable; urgency=low |
1914 | |
1915 | -- David Härdeman <david@hardeman.nu> Mon, 26 May 2008 08:12:32 +0200 |
1916 | |
1917 | +cryptsetup (2:1.0.6-1ubuntu4) intrepid; urgency=low |
1918 | + |
1919 | + [ Kjell Braden ] |
1920 | + * Fix configuration parsing (LP: #239808) |
1921 | + |
1922 | + [ Reinhard Tartler ] |
1923 | + * cryptroot-script: use 'echo' instead of 'log_begin_msg' (LP: #237723) |
1924 | + |
1925 | + -- Reinhard Tartler <siretart@tauware.de> Fri, 13 Jun 2008 21:26:17 +0200 |
1926 | + |
1927 | +cryptsetup (2:1.0.6-1ubuntu3) intrepid; urgency=low |
1928 | + |
1929 | + * Parse comments in lines not starting with '#', LP: #185380 |
1930 | + * in cryptroot hook, don't rely on 'udevadm settle' to wait long enough |
1931 | + for the cryptdevice to appear. Reimplement the busy waiting loop found |
1932 | + while waiting for the root file system. Patch based on work by Swâmi |
1933 | + Petaramesh. LP: #164044 |
1934 | + * debian/crypdisks.functions: call 'env' with full path. LP: #178829. |
1935 | + |
1936 | + -- Reinhard Tartler <siretart@tauware.de> Mon, 26 May 2008 22:12:32 +0200 |
1937 | + |
1938 | +cryptsetup (2:1.0.6-1ubuntu2) intrepid; urgency=low |
1939 | + |
1940 | + * Simplify the patch in debian/cryptdisks.functions that stops usplash |
1941 | + before asking for a passphrase. |
1942 | + |
1943 | + -- Reinhard Tartler <siretart@tauware.de> Mon, 26 May 2008 20:18:14 +0200 |
1944 | + |
1945 | +cryptsetup (2:1.0.6-1ubuntu1) intrepid; urgency=low |
1946 | + |
1947 | + * Merge new debian version. Remaining changes: |
1948 | + - cryptsetup is linked dynamically against libgcrypt and libgpg-error. |
1949 | + - stop usplash on user input. LP #62751 |
1950 | + - debian/cryptdisks.functions: Always output and read from the console. |
1951 | + LP #58794. |
1952 | + - Add XSBC-Vcs-Bzr tag to indicate that this package is managed using |
1953 | + bzr on launchpad. |
1954 | + - debian/initramfs/cryptroot-hook: LP #73862 |
1955 | + Added patch to install aes optimized cypher module |
1956 | + - try to load optimized cypher module in cryptsetup.functions as well, |
1957 | + because cryptroot-hook is only executed when we really have a |
1958 | + cryptoroot. |
1959 | + * other ubuntu changes have been merged into debian. Please report bugs |
1960 | + if you believe some patches have been dropped. |
1961 | + * removed 07_typos_fix.patch, has been reviewed and applied upstream. |
1962 | + |
1963 | + -- Reinhard Tartler <siretart@tauware.de> Sun, 25 May 2008 22:52:30 +0200 |
1964 | + |
1965 | cryptsetup (2:1.0.6-1) unstable; urgency=low |
1966 | |
1967 | [ Jonas Meurer ] |
1968 | @@ -2991,6 +4642,138 @@ cryptsetup (2:1.0.6~pre1-1) unstable; urgency=low |
1969 | |
1970 | -- Jonas Meurer <mejo@debian.org> Thu, 06 Dec 2007 15:56:05 +0100 |
1971 | |
1972 | +cryptsetup (2:1.0.5-2ubuntu12) hardy; urgency=low |
1973 | + |
1974 | + * added debian/patches/07_typos_fix.dpatch: fixed typos in man pages. (LP: #164181) |
1975 | + |
1976 | + -- Bruno Barrera Yever <bbyever@gmail.com> Mon, 07 Apr 2008 18:43:05 -0500 |
1977 | + |
1978 | +cryptsetup (2:1.0.5-2ubuntu11) hardy; urgency=low |
1979 | + |
1980 | + * debian/initramfs/cryptroot-script: Do show the disk name after all, since |
1981 | + some people use multiple encrypted partitions as LVM PVs. (LP: #201413) |
1982 | + |
1983 | + -- Martin Pitt <martin.pitt@ubuntu.com> Sun, 06 Apr 2008 11:54:41 -0600 |
1984 | + |
1985 | +cryptsetup (2:1.0.5-2ubuntu10) hardy; urgency=low |
1986 | + |
1987 | + * debian/initramfs/cryptroot-script: Do not mention the name of the |
1988 | + encrypted device. It is just technobabble anyway (sda4_crypt), and there |
1989 | + is just one root partition ever, so it is not needed to tell apart |
1990 | + different partitions. From a security POV, someone who can change your |
1991 | + initramfs to boot a different root partition can just as well change the |
1992 | + strings, too. (LP: #201413) |
1993 | + |
1994 | + -- Martin Pitt <martin.pitt@ubuntu.com> Wed, 02 Apr 2008 15:51:53 +0200 |
1995 | + |
1996 | +cryptsetup (2:1.0.5-2ubuntu9) hardy; urgency=low |
1997 | + |
1998 | + * debian/scripts/luksformat: Use 256 bit key size by default. |
1999 | + (LP: #78508) |
2000 | + * debian/patches/02_manpage.dpatch: Clarify default key sizes (128 for |
2001 | + luksFormat and 256 for create) in cryptsetup.8. (side-note in LP #78508) |
2002 | + |
2003 | + -- Martin Pitt <martin.pitt@ubuntu.com> Wed, 27 Feb 2008 17:43:46 +0100 |
2004 | + |
2005 | +cryptsetup (2:1.0.5-2ubuntu8) hardy; urgency=low |
2006 | + |
2007 | + * Fix -x calls and access() call. |
2008 | + |
2009 | + -- Scott James Remnant <scott@ubuntu.com> Fri, 14 Dec 2007 16:54:53 +0000 |
2010 | + |
2011 | +cryptsetup (2:1.0.5-2ubuntu7) hardy; urgency=low |
2012 | + |
2013 | + * debian/initramfs/cryptroot-script: call udevadm instead of udevsettle |
2014 | + * debian/patches/06_call_udevsettle.dpatch: likewise |
2015 | + |
2016 | + -- Scott James Remnant <scott@ubuntu.com> Fri, 14 Dec 2007 16:11:36 +0000 |
2017 | + |
2018 | +cryptsetup (2:1.0.5-2ubuntu6) hardy; urgency=low |
2019 | + |
2020 | + * Make cryptsetup understand devices specified by UUID=... or LABEL= |
2021 | + in crypttab. (LP: #153597) |
2022 | + |
2023 | + -- Andrea Colangelo <warp10@libero.it> Mon, 29 Oct 2007 18:22:51 +0100 |
2024 | + |
2025 | +cryptsetup (2:1.0.5-2ubuntu5) hardy; urgency=low |
2026 | + |
2027 | + * reenable additional udevsettle calls in cryptroot hook from |
2028 | + https://launchpad.net/bugs/85640, LP: #132373. |
2029 | + * change maintainer to ubuntu-core-dev. |
2030 | + * use Vcs-Bzr instead of XSCB-Vcs-Bzr header in debian/control. |
2031 | + |
2032 | + -- Reinhard Tartler <siretart@tauware.de> Thu, 08 Nov 2007 23:52:19 +0100 |
2033 | + |
2034 | +cryptsetup (2:1.0.5-2ubuntu4) hardy; urgency=low |
2035 | + |
2036 | + * reapply changes from version 2:1.0.5-2ubuntu2, got dropped with last |
2037 | + upload. Sorry, pitti. |
2038 | + * convert patch to lib/libdevmapper.c to a dpatch. |
2039 | + |
2040 | + -- Reinhard Tartler <siretart@tauware.de> Sun, 04 Nov 2007 21:42:43 +0100 |
2041 | + |
2042 | +cryptsetup (2:1.0.5-2ubuntu3) hardy; urgency=low |
2043 | + |
2044 | + * RELIABILY FIX: lib/libdevmapper.c: Ensure that pending device creation |
2045 | + events are being processed by calling /sbin/udevsettle. Patch based on |
2046 | + OpenSUSE bug #285478, LP: #132373. |
2047 | + * Based on the change above, the patch from LP #85640 is no longer needed. |
2048 | + dropping the relevant parts. |
2049 | + * Fix debian/rules to not fail to build if autom4te.cache is left behind |
2050 | + from a previous incomplete build. |
2051 | + |
2052 | + -- Reinhard Tartler <siretart@tauware.de> Fri, 02 Nov 2007 20:53:31 +0100 |
2053 | + |
2054 | +cryptsetup (2:1.0.5-2ubuntu2) gutsy; urgency=low |
2055 | + |
2056 | + * debian/initramfs/cryptroot-script: |
2057 | + - If the supplied password worked, remove the prompt from usplash again, |
2058 | + so that the user has some visual feedback that everything is alright. |
2059 | + (LP: #151305) |
2060 | + - Do not show the UUID device node of the outer physical device. It is |
2061 | + scary ("/dev/disk/by-uuid/1234yadayada") and displaying it does not |
2062 | + improve security at all: If attackers can tamper with your initramfs, |
2063 | + they can also change the prompt, and if the UUID of the physical device |
2064 | + changes, then booting will not even get that far. Now it is a much more |
2065 | + friendly "Enter passphrase for sda5_crypt:" which is still technical, |
2066 | + but it's necessary to point out which device will be unlocked in case |
2067 | + there are several. |
2068 | + |
2069 | + -- Martin Pitt <martin.pitt@ubuntu.com> Thu, 11 Oct 2007 19:51:58 +0200 |
2070 | + |
2071 | +cryptsetup (2:1.0.5-2ubuntu1) gutsy; urgency=low |
2072 | + |
2073 | + * Merge new debian version. Remaining changes: |
2074 | + - cryptsetup is linked dynamically against libgcrypt and libgpg-error. |
2075 | + This will break systems where /usr is a separate encrypted filesystem |
2076 | + but not have other bad consequences (in particular, systems with |
2077 | + encrypted root are still fine). The upsides include better |
2078 | + security supportability and smaller packages. |
2079 | + - libcryptsetup.so et al removed from the binary packages. They have |
2080 | + no stable ABI and are not suitable for use by other packages, and |
2081 | + were in violation of library policies etc. They're not needed since |
2082 | + the cryptsetup executable statically contains the relevant parts of |
2083 | + libcryptsetup. |
2084 | + - cryptdisks.functions: remove #!/bin/bash as it isn't a script |
2085 | + by itself; it's only sourced by other scripts. This gets rid |
2086 | + of the lintian warning `script-not-executable' for this file. |
2087 | + - stop usplash on user input. LP #62751 |
2088 | + - Always output and read from the console. LP #58794. |
2089 | + - Add XSBC-Vcs-Bzr tag to indicate that this package is managed using |
2090 | + bzr on launchpad. |
2091 | + - Bump libgcrypt11 build-dependency again to 1.2.4-2ubuntu2 to eliminate |
2092 | + libnsl linkage; |
2093 | + - debian/initramfs/cryptroot-hook: (LP: #73862) |
2094 | + Added patch to install aes optimized cypher module |
2095 | + - try to load optimized cypher module in cryptsetup.functions as well, |
2096 | + because cryptroot-hook is only executed when we really have a |
2097 | + cryptoroot. |
2098 | + - apply patch from pitti for allowing UUIDs in /etc/crypttab. |
2099 | + This allowes crypted PVs! LP: #144390. |
2100 | + - remove README.ubuntu, since it contains old and obsolete information. |
2101 | + |
2102 | + -- Reinhard Tartler <siretart@tauware.de> Tue, 02 Oct 2007 21:31:28 +0200 |
2103 | + |
2104 | cryptsetup (2:1.0.5-2) unstable; urgency=low |
2105 | |
2106 | [ Jonas Meurer ] |
2107 | @@ -3039,6 +4822,68 @@ cryptsetup (2:1.0.5-2) unstable; urgency=low |
2108 | |
2109 | -- Jonas Meurer <mejo@debian.org> Mon, 24 Sep 2007 15:42:06 +0200 |
2110 | |
2111 | +cryptsetup (2:1.0.5-1ubuntu5) UNRELEASED; urgency=low |
2112 | + |
2113 | + * apply patch from pitti for allowing UUIDs in /etc/crypttab. |
2114 | + This allowes crypted PVs! LP: #144390. |
2115 | + * remove README.ubuntu, since it contains old and obsolete information. |
2116 | + |
2117 | + -- Reinhard Tartler <siretart@tauware.de> Tue, 02 Oct 2007 19:59:24 +0200 |
2118 | + |
2119 | +cryptsetup (2:1.0.5-1ubuntu4) gutsy; urgency=low |
2120 | + |
2121 | + [ Stephan Hermann ] |
2122 | + * debian/initramfs/cryptroot-hook: (LP: #73862) |
2123 | + - Added patch to install aes optimized cypher module |
2124 | + |
2125 | + [ Reinhard Tartler ] |
2126 | + * re-applying old patch to new package version |
2127 | + * try to load optimized cypher module in cryptsetup.functions as well, |
2128 | + because cryptroot-hook is only executed when we really have a |
2129 | + cryptoroot. |
2130 | + |
2131 | + -- Reinhard Tartler <siretart@tauware.de> Thu, 27 Sep 2007 19:38:48 +0200 |
2132 | + |
2133 | +cryptsetup (2:1.0.5-1ubuntu3) gutsy; urgency=low |
2134 | + |
2135 | + * Bump libgcrypt11 build-dependency again to 1.2.4-2ubuntu2 to eliminate |
2136 | + libnsl linkage; should finally produce a usable cryptsetup binary for |
2137 | + the udeb. |
2138 | + |
2139 | + -- Colin Watson <cjwatson@ubuntu.com> Wed, 19 Sep 2007 15:28:52 +0100 |
2140 | + |
2141 | +cryptsetup (2:1.0.5-1ubuntu2) gutsy; urgency=low |
2142 | + |
2143 | + * Bump libgcrypt11 build-dependency to 1.2.4-2ubuntu1 and rebuild for |
2144 | + proper udeb dependencies. |
2145 | + |
2146 | + -- Colin Watson <cjwatson@ubuntu.com> Wed, 19 Sep 2007 01:37:02 +0100 |
2147 | + |
2148 | +cryptsetup (2:1.0.5-1ubuntu1) gutsy; urgency=low |
2149 | + |
2150 | + * Merge new debian version. Remaining changes: |
2151 | + - cryptsetup is linked dynamically against libgcrypt and libgpg-error. |
2152 | + This will break systems where /usr is a separate encrypted filesystem |
2153 | + but not have other bad consequences (in particular, systems with |
2154 | + encrypted root are still fine). The upsides include better |
2155 | + security supportability and smaller packages. |
2156 | + - libcryptsetup.so et al removed from the binary packages. They have |
2157 | + no stable ABI and are not suitable for use by other packages, and |
2158 | + were in violation of library policies etc. They're not needed since |
2159 | + the cryptsetup executable statically contains the relevant parts of |
2160 | + libcryptsetup. |
2161 | + - cryptdisks.functions: remove #!/bin/bash as it isn't a script |
2162 | + by itself; it's only sourced by other scripts. This gets rid |
2163 | + of the lintian warning `script-not-executable' for this file. |
2164 | + - stop usplash on user input. LP #62751 |
2165 | + - Always output and read from the console. LP #58794. |
2166 | + * Add XSBC-Vcs-Bzr tag to indicate that this package is managed using |
2167 | + bzr on launchpad. |
2168 | + * UVF exception request granted by Scott Kitterman and Chuck Short |
2169 | + LP: #138295 |
2170 | + |
2171 | + -- Reinhard Tartler <siretart@tauware.de> Sat, 08 Sep 2007 19:04:54 +0200 |
2172 | + |
2173 | cryptsetup (2:1.0.5-1) unstable; urgency=low |
2174 | |
2175 | [ Jonas Meurer ] |
2176 | @@ -3059,6 +4904,66 @@ cryptsetup (2:1.0.5-1) unstable; urgency=low |
2177 | |
2178 | -- Jonas Meurer <mejo@debian.org> Fri, 27 Jul 2007 04:59:33 +0200 |
2179 | |
2180 | +cryptsetup (2:1.0.4+svn29-1ubuntu6) gutsy; urgency=low |
2181 | + |
2182 | + * Add notes by Ilkka Tuohela in a new file debian/README.ubuntu |
2183 | + |
2184 | + -- Reinhard Tartler <siretart@tauware.de> Sat, 08 Sep 2007 18:43:56 +0200 |
2185 | + |
2186 | +cryptsetup (2:1.0.4+svn29-1ubuntu5) gutsy; urgency=low |
2187 | + |
2188 | + * cryptsetup is linked dynamically against libgcrypt and libgpg-error. |
2189 | + This will break systems where /usr is a separate encrypted filesystem |
2190 | + but not have other bad consequences (in particular, systems with |
2191 | + encrypted root are still fine). The upsides include better |
2192 | + security supportability and smaller packages. |
2193 | + * libcryptsetup.so et al removed from the binary packages. They have |
2194 | + no stable ABI and are not suitable for use by other packages, and |
2195 | + were in violation of library policies etc. They're not needed since |
2196 | + the cryptsetup executable statically contains the relevant parts of |
2197 | + libcryptsetup. |
2198 | + * cryptdisks.functions: remove #!/bin/bash as it isn't a script |
2199 | + by itself; it's only sourced by other scripts. This gets rid |
2200 | + of the lintian warning `script-not-executable' for this file. |
2201 | + |
2202 | + -- Ian Jackson <iwj@ubuntu.com> Fri, 31 Aug 2007 12:05:33 +0100 |
2203 | + |
2204 | +cryptsetup (2:1.0.4+svn29-1ubuntu4) gutsy; urgency=low |
2205 | + |
2206 | + * s/$CRYPTCMD/cryptsetup/ in debian/cryptdisks.functions |
2207 | + (LP: #115617) |
2208 | + |
2209 | + -- Reinhard Tartler <siretart@ubuntu.com> Tue, 29 May 2007 17:04:05 +0200 |
2210 | + |
2211 | +cryptsetup (2:1.0.4+svn29-1ubuntu3) gutsy; urgency=low |
2212 | + |
2213 | + * make luksformat check if filesystem is already mounted to prevent a |
2214 | + strange error message. thanks to mvo for the patch (LP: #116633) |
2215 | + * remove file debian/initramfs-cryptroot-script from source. it is not |
2216 | + installed anywhere, and a leftover from the last merge. |
2217 | + * add missing hunk of cryptsetup.functions compared to debian package. |
2218 | + * reapply http://librarian.launchpad.net/7329604/bug85640.debdiff to |
2219 | + debian/initramfs/cryptroot-script, since stgraber's patch has been |
2220 | + lost in the last merge. (LP: #85640) |
2221 | + |
2222 | + -- Reinhard Tartler <siretart@ubuntu.com> Tue, 29 May 2007 15:02:57 +0200 |
2223 | + |
2224 | +cryptsetup (2:1.0.4+svn29-1ubuntu2) gutsy; urgency=low |
2225 | + |
2226 | + * modprobe dm-mod from cryptsetup.functions. (LP: #64625, #91405) |
2227 | + |
2228 | + -- Reinhard Tartler <siretart@ubuntu.com> Tue, 29 May 2007 13:31:39 +0200 |
2229 | + |
2230 | +cryptsetup (2:1.0.4+svn29-1ubuntu1) gutsy; urgency=low |
2231 | + |
2232 | + * Merge from Debian unstable. Remaining Ubuntu changes: |
2233 | + - stop usplash on user input. Ubuntu: #62751 |
2234 | + - Always output and read from the console. Ubuntu: #58794. |
2235 | + - Wait for Udev to be ready to avoid partition non-detection. (LP: #85640) |
2236 | + * Modify Maintainer value to match Debian-Maintainer-Field Spec |
2237 | + |
2238 | + -- Andrea Veri <bluekuja@ubuntu.com> Sun, 6 May 2007 22:33:25 +0200 |
2239 | + |
2240 | cryptsetup (2:1.0.4+svn29-1) unstable; urgency=low |
2241 | |
2242 | * New upstream svn snapshot with several bugfixes |
2243 | @@ -3111,6 +5016,20 @@ cryptsetup (2:1.0.4+svn26-2) unstable; urgency=low |
2244 | |
2245 | -- Jonas Meurer <mejo@debian.org> Sat, 28 Apr 2007 20:45:50 +0200 |
2246 | |
2247 | +cryptsetup (2:1.0.4+svn26-1ubuntu2) feisty; urgency=low |
2248 | + |
2249 | + * Wait for Udev to be ready to avoid partition non-detection. (LP: #85640) |
2250 | + |
2251 | + -- Stéphane Graber <stgraber@ubuntu.com> Thu, 14 Apr 2007 10:03:41 +0200 |
2252 | + |
2253 | +cryptsetup (2:1.0.4+svn26-1ubuntu1) feisty; urgency=low |
2254 | + |
2255 | + * merge debian changes. Remaining ubuntu changes: |
2256 | + - stop usplash on user input. Ubuntu: #62751 |
2257 | + - Always output and read from the console. Ubuntu: #58794. |
2258 | + |
2259 | + -- Reinhard Tartler <siretart@tauware.de> Sat, 3 Feb 2007 21:30:03 +0100 |
2260 | + |
2261 | cryptsetup (2:1.0.4+svn26-1) unstable; urgency=high |
2262 | |
2263 | [ Jonas Meurer ] |
2264 | @@ -3160,6 +5079,28 @@ cryptsetup (2:1.0.4+svn16-1) unstable; urgency=medium |
2265 | |
2266 | -- Jonas Meurer <mejo@debian.org> Tue, 28 Nov 2006 18:17:12 +0100 |
2267 | |
2268 | +cryptsetup (2:1.0.4-8ubuntu2) feisty; urgency=low |
2269 | + |
2270 | + * fix and improve initramfs hook: terminate usplash if running, since |
2271 | + adequate secure text input is not possible with usplash ATM |
2272 | + * usplash support: Terminate usplash before asking a password. |
2273 | + Closes https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/62751 |
2274 | + |
2275 | + -- Reinhard Tartler <siretart@tauware.de> Wed, 24 Jan 2007 22:43:28 +0100 |
2276 | + |
2277 | +cryptsetup (2:1.0.4-8ubuntu1) feisty; urgency=low |
2278 | + |
2279 | + * merge debian changes, remaining patches: |
2280 | + - Always output and read from the console. Ubuntu: #58794. |
2281 | + * other changes have been merged or do noy apply anymore |
2282 | + * read password via usplash if available in initramfs for rootfs. based on a patch from |
2283 | + Swen Thümmler (Thanks for that!) Ubuntu #62751 |
2284 | + * read password from initscript via usplash if running. should fix the |
2285 | + rest of Ubuntu #62751. Only problem with that patch: It asks only once |
2286 | + for the password! improvements welcome! |
2287 | + |
2288 | + -- Reinhard Tartler <siretart@tauware.de> Sun, 19 Nov 2006 20:04:19 +0100 |
2289 | + |
2290 | cryptsetup (2:1.0.4-8) unstable; urgency=high |
2291 | |
2292 | [ Jonas Meurer ] |
2293 | @@ -3317,6 +5258,27 @@ cryptsetup (2:1.0.4~rc2-1) unstable; urgency=low |
2294 | |
2295 | -- Jonas Meurer <mejo@debian.org> Mon, 4 Sep 2006 03:55:35 +0200 |
2296 | |
2297 | +cryptsetup (2:1.0.3-3ubuntu3) edgy; urgency=low |
2298 | + |
2299 | + * Always output and read from the console. Ubuntu: #58794. |
2300 | + |
2301 | + -- Scott James Remnant <scott@ubuntu.com> Thu, 21 Sep 2006 03:05:18 +0100 |
2302 | + |
2303 | +cryptsetup (2:1.0.3-3ubuntu2) edgy; urgency=low |
2304 | + |
2305 | + * Load the dm-crypt module on startup. Ubuntu: #53475. |
2306 | + |
2307 | + -- Scott James Remnant <scott@ubuntu.com> Wed, 23 Aug 2006 11:53:49 +0200 |
2308 | + |
2309 | +cryptsetup (2:1.0.3-3ubuntu1) edgy; urgency=low |
2310 | + |
2311 | + * Sync with Debian: |
2312 | + Remaining Ubuntu Changes |
2313 | + + debian/cryptdisks.functions: |
2314 | + - Tell usplash to quit if we ask for a passphrase |
2315 | + |
2316 | + -- Sebastian Dröge <slomo@ubuntu.com> Tue, 11 Jul 2006 20:03:27 +0200 |
2317 | + |
2318 | cryptsetup (2:1.0.3-3) unstable; urgency=low |
2319 | |
2320 | [ Jonas Meurer ] |
2321 | diff --git a/debian/control b/debian/control |
2322 | index 5bd5486..7244443 100644 |
2323 | --- a/debian/control |
2324 | +++ b/debian/control |
2325 | @@ -1,7 +1,8 @@ |
2326 | Source: cryptsetup |
2327 | Section: admin |
2328 | Priority: optional |
2329 | -Maintainer: Debian Cryptsetup Team <pkg-cryptsetup-devel@alioth-lists.debian.net> |
2330 | +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
2331 | +XSBC-Original-Maintainer: Debian Cryptsetup Team <pkg-cryptsetup-devel@alioth-lists.debian.net> |
2332 | Uploaders: Jonas Meurer <jonas@freesources.org>, |
2333 | Guilhem Moulin <guilhem@debian.org> |
2334 | Rules-Requires-Root: no |
2335 | @@ -43,7 +44,8 @@ Depends: cryptsetup-bin (>= 2:1.6.0), |
2336 | dmsetup, |
2337 | ${misc:Depends}, |
2338 | ${shlibs:Depends} |
2339 | -Suggests: cryptsetup-initramfs, dosfstools, keyutils, liblocale-gettext-perl |
2340 | +Recommends: cryptsetup-initramfs |
2341 | +Suggests: dosfstools, keyutils, liblocale-gettext-perl |
2342 | Description: disk encryption support - startup scripts |
2343 | Cryptsetup provides an interface for configuring encryption on block |
2344 | devices (such as /home or swap partitions), using the Linux kernel |
2345 | @@ -92,11 +94,11 @@ Description: disk encryption support - experimental SSH token handler |
2346 | |
2347 | Package: cryptsetup-initramfs |
2348 | Architecture: all |
2349 | -Depends: busybox | busybox-static, |
2350 | +Depends: busybox-initramfs, |
2351 | cryptsetup (>= ${source:Version}), |
2352 | initramfs-tools (>= 0.137) | linux-initramfs-tool, |
2353 | ${misc:Depends} |
2354 | -Recommends: console-setup, kbd |
2355 | +Recommends: console-setup, kbd, plymouth |
2356 | Breaks: cryptsetup (<< 2:2.0.3-1) |
2357 | Replaces: cryptsetup (<< 2:2.0.3-1) |
2358 | Conflicts: lvm2 (<< 2.03.15-1) |
2359 | @@ -109,7 +111,7 @@ Description: disk encryption support - initramfs integration |
2360 | This package provides initramfs integration for cryptsetup. |
2361 | |
2362 | Package: cryptsetup-suspend |
2363 | -Architecture: linux-any |
2364 | +Architecture: amd64 arm64 armhf ppc64el riscv64 s390x |
2365 | Multi-Arch: foreign |
2366 | Depends: cryptsetup-initramfs (>= ${source:Version}), |
2367 | initramfs-tools-core, |
2368 | diff --git a/debian/functions b/debian/functions |
2369 | index 917abad..73f5f2a 100644 |
2370 | --- a/debian/functions |
2371 | +++ b/debian/functions |
2372 | @@ -603,6 +603,7 @@ _resolve_device() { |
2373 | # Print the major:minor device ID(s) holding the file system currently |
2374 | # mounted currenty mounted on $mountpoint. |
2375 | # Return 0 on success, 1 on error (if $mountpoint is not a mountpoint). |
2376 | +# devno will be empty if the filesystem must be excluded. |
2377 | get_mnt_devno() { |
2378 | local wantmount="$1" devnos="" uuid dev IFS |
2379 | local spec mountpoint fstype _ DEV MAJ MIN |
2380 | @@ -616,8 +617,15 @@ get_mnt_devno() { |
2381 | # take the last mountpoint if used several times (shadowed) |
2382 | unset -v devnos |
2383 | spec="$(printf '%b' "$spec")" |
2384 | - _resolve_device "$spec" || continue # _resolve_device() already warns on error |
2385 | fstype="$(printf '%b' "$fstype")" |
2386 | + if [ "$fstype" = "zfs" ]; then |
2387 | + # Ignore ZFS entries as they don't have a major/minor and won't |
2388 | + # be imported when local-top cryptroot script will ran. |
2389 | + # Returns success with empty devno |
2390 | + printf '' |
2391 | + return 0 |
2392 | + fi |
2393 | + _resolve_device "$spec" || continue # _resolve_device() already warns on error |
2394 | if [ "$fstype" = "btrfs" ]; then |
2395 | # btrfs can span over multiple devices |
2396 | if uuid="$(_device_uuid "$DEV")"; then |
2397 | diff --git a/debian/initramfs/cryptroot-unlock b/debian/initramfs/cryptroot-unlock |
2398 | index dbc2ad0..0e91701 100644 |
2399 | --- a/debian/initramfs/cryptroot-unlock |
2400 | +++ b/debian/initramfs/cryptroot-unlock |
2401 | @@ -40,8 +40,14 @@ fi |
2402 | pgrep_exe() { |
2403 | local exe pid |
2404 | exe="$(readlink -f -- "$1" 2>/dev/null)" && [ -f "$exe" ] || return 0 |
2405 | - ps -eo pid= | while read pid; do |
2406 | - [ "$(readlink -f "/proc/$pid/exe")" != "$exe" ] || printf '%d\n' "$pid" |
2407 | + ps | awk '{print $1, $5}' | while read LINE; do |
2408 | + set $LINE |
2409 | + local pid=$1 |
2410 | + local cmd=$(readlink -f -- "$2") |
2411 | + if [ "$cmd" == "$exe" ]; then |
2412 | + echo $pid |
2413 | + break |
2414 | + fi |
2415 | done |
2416 | } |
2417 | |
2418 | @@ -101,7 +107,7 @@ wait_for_prompt() { |
2419 | break |
2420 | fi |
2421 | |
2422 | - usleep 100000 |
2423 | + sleep 0.1 |
2424 | timer=$(( $timer - 1 )) |
2425 | if [ $timer -le 0 ]; then |
2426 | echo "Error: Timeout reached while waiting for askpass." >&2 |
2427 | @@ -112,7 +118,7 @@ wait_for_prompt() { |
2428 | # find the cryptsetup process with same $CRYPTTAB_NAME |
2429 | local o v |
2430 | for o in NAME TRIED OPTION_tries; do |
2431 | - if v="$(grep -z -m1 "^CRYPTTAB_$o=" "/proc/$pid/environ")"; then |
2432 | + if v="$(tr '\0' '\n' < "/proc/$pid/environ" | grep -m1 "^CRYPTTAB_$o=")"; then |
2433 | eval "CRYPTTAB_$o"="\${v#CRYPTTAB_$o=}" |
2434 | else |
2435 | eval unset -v "CRYPTTAB_$o" |
2436 | @@ -128,7 +134,7 @@ wait_for_prompt() { |
2437 | fi |
2438 | |
2439 | for pid in $(pgrep_exe "/sbin/cryptsetup"); do |
2440 | - if grep -Fxqz "CRYPTTAB_NAME=$CRYPTTAB_NAME" "/proc/$pid/environ"; then |
2441 | + if tr '\0' '\n' < "/proc/$pid/environ" | grep -Fxq "CRYPTTAB_NAME=$CRYPTTAB_NAME"; then |
2442 | PID=$pid |
2443 | BIRTH=$(stat -c"%Z" "/proc/$PID" 2>/dev/null) || break |
2444 | return 0 |
2445 | @@ -148,7 +154,7 @@ wait_for_prompt() { |
2446 | wait_for_answer() { |
2447 | local timer=$(( 10 * $TIMEOUT )) b |
2448 | while [ -d "/proc/$PID" ] && b=$(stat -c"%Z" "/proc/$PID" 2>/dev/null) && [ $b -le $BIRTH ]; do |
2449 | - usleep 100000 |
2450 | + sleep 0.1 |
2451 | timer=$(( $timer - 1 )) |
2452 | if [ $timer -le 0 ]; then |
2453 | echo "Error: Timeout reached while waiting for PID $PID." >&2 |
2454 | diff --git a/debian/initramfs/hooks/cryptroot b/debian/initramfs/hooks/cryptroot |
2455 | index 83d29fd..f91bd0c 100644 |
2456 | --- a/debian/initramfs/hooks/cryptroot |
2457 | +++ b/debian/initramfs/hooks/cryptroot |
2458 | @@ -178,16 +178,18 @@ generate_initrd_crypttab() { |
2459 | |
2460 | { |
2461 | if devnos="$(get_mnt_devno /)"; then |
2462 | - usage=rootfs foreach_cryptdev crypttab_find_and_print_entry $devnos |
2463 | + if [ -n "$devnos" ]; then |
2464 | + usage=rootfs foreach_cryptdev crypttab_find_and_print_entry $devnos |
2465 | + fi |
2466 | else |
2467 | cryptsetup_message "WARNING: Couldn't determine root device" |
2468 | fi |
2469 | |
2470 | - if devnos="$(get_resume_devno)"; then |
2471 | + if devnos="$(get_resume_devno)" && [ -n "$devnos" ]; then |
2472 | usage=resume foreach_cryptdev crypttab_find_and_print_entry $devnos |
2473 | fi |
2474 | |
2475 | - if devnos="$(get_mnt_devno /usr)"; then |
2476 | + if devnos="$(get_mnt_devno /usr)" && [ -n "$devnos" ]; then |
2477 | usage="" foreach_cryptdev crypttab_find_and_print_entry $devnos |
2478 | fi |
2479 | |
2480 | diff --git a/debian/rules b/debian/rules |
2481 | index 757085c..461e844 100755 |
2482 | --- a/debian/rules |
2483 | +++ b/debian/rules |
2484 | @@ -29,6 +29,7 @@ override_dh_auto_configure: |
2485 | --with-tmpfilesdir=/usr/lib/tmpfiles.d \ |
2486 | --enable-libargon2 \ |
2487 | --enable-shared \ |
2488 | + --enable-fips \ |
2489 | --enable-cryptsetup-reencrypt |
2490 | |
2491 | execute_after_dh_auto_build: |
2492 | @@ -87,8 +88,10 @@ override_dh_bugfiles: |
2493 | execute_after_dh_fixperms-arch: |
2494 | chmod 0755 debian/cryptsetup/lib/cryptsetup/checks/* |
2495 | chmod 0755 debian/cryptsetup/lib/cryptsetup/scripts/decrypt_* |
2496 | +ifneq ($(DEB_HOST_ARCH),i386) |
2497 | chmod 0755 debian/cryptsetup-suspend/lib/cryptsetup/scripts/suspend/cryptsetup-suspend-wrapper |
2498 | chmod 0755 debian/cryptsetup-suspend/lib/systemd/system-shutdown/cryptsetup-suspend.shutdown |
2499 | +endif |
2500 | ifeq (,$(filter noudeb, $(DEB_BUILD_PROFILES))) |
2501 | chmod 0755 debian/cryptsetup-udeb/lib/cryptsetup/checks/* |
2502 | chmod 0755 debian/cryptsetup-udeb/lib/cryptsetup/scripts/decrypt_* |
2503 | diff --git a/debian/tests/control b/debian/tests/control |
2504 | index 193d0f0..3b8bcb7 100644 |
2505 | --- a/debian/tests/control |
2506 | +++ b/debian/tests/control |
2507 | @@ -42,8 +42,9 @@ Depends: cryptsetup-bin, |
2508 | sshpass |
2509 | Restrictions: needs-root, isolation-machine |
2510 | |
2511 | - |
2512 | -Tests: cryptdisks, cryptdisks.init |
2513 | +# cryptdisks test is disabled - it fails to open /dev/tty in CI |
2514 | +#Tests: cryptdisks, cryptdisks.init |
2515 | +Tests: cryptdisks.init |
2516 | Depends: cryptsetup, xxd |
2517 | Restrictions: allow-stderr, needs-root, isolation-machine |
2518 | |
2519 | diff --git a/debian/tests/cryptroot-lvm.d/mock b/debian/tests/cryptroot-lvm.d/mock |
2520 | index f57e42f..f777763 100755 |
2521 | --- a/debian/tests/cryptroot-lvm.d/mock |
2522 | +++ b/debian/tests/cryptroot-lvm.d/mock |
2523 | @@ -36,8 +36,13 @@ else { |
2524 | expect($SERIAL => qr/(?:^|\s)?PM: suspend exit\r\n/m); |
2525 | unlock_disk("topsecret"); |
2526 | |
2527 | - # consume PS1 to make sure we're at a shell prompt |
2528 | - expect($CONSOLE => qr/\A $PS1 \z/aamsx); |
2529 | + # suspend() leaves clutter in the console due to the retries |
2530 | + # that prevents test from succeeding. |
2531 | + consume($CONSOLE); |
2532 | + |
2533 | + # ensure that shell is available |
2534 | + shell(q{echo ready}, rv => 0); |
2535 | + |
2536 | my $out = shell(q{dmsetup info -c --noheadings -omangled_name,suspended --separator ' '}); |
2537 | die if grep !/[:[:blank:]]Active$/i, split(/\r?\n/, $out); |
2538 | |
2539 | diff --git a/debian/tests/cryptroot-nested.d/config b/debian/tests/cryptroot-nested.d/config |
2540 | index 995200c..fcfba32 100644 |
2541 | --- a/debian/tests/cryptroot-nested.d/config |
2542 | +++ b/debian/tests/cryptroot-nested.d/config |
2543 | @@ -1,6 +1,13 @@ |
2544 | PKGS_EXTRA+=( btrfs-progs lvm2 mdadm ) |
2545 | PKGS_EXTRA+=( cryptsetup-initramfs ) |
2546 | |
2547 | +# "$DISTRIBUTOR_ID" is defined in ../utils/cryptroot-common |
2548 | +# Workaround for LP1831747 https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1831747 |
2549 | +# Add implicit dependency of cryptsetup-initramfs |
2550 | +if [ "$DISTRIBUTOR_ID" = "ubuntu" ]; then |
2551 | + PKGS_EXTRA+=( e2fsprogs ) |
2552 | +fi |
2553 | + |
2554 | # /dev/mapper/testvg-lv1_crypt and /dev/vdc are both 1G and used in RAID1 mode |
2555 | DRIVE_SIZES=( "1G" "264M" "1G" "512M" ) |
2556 | |
2557 | diff --git a/debian/tests/cryptroot-sysvinit.d/config b/debian/tests/cryptroot-sysvinit.d/config |
2558 | index f6b7392..1d41c24 100644 |
2559 | --- a/debian/tests/cryptroot-sysvinit.d/config |
2560 | +++ b/debian/tests/cryptroot-sysvinit.d/config |
2561 | @@ -1,5 +1,10 @@ |
2562 | PKGS_EXTRA+=( e2fsprogs ) # for fsck.ext4 |
2563 | PKGS_EXTRA+=( cryptsetup-initramfs cryptsetup ) |
2564 | -PKG_INIT="sysvinit-core" |
2565 | - |
2566 | +# "$DISTRIBUTOR_ID" is defined in ../utils/cryptroot-common |
2567 | +case "$DISTRIBUTOR_ID" in |
2568 | + debian) PKG_INIT="sysvinit-core";; |
2569 | + ubuntu) PKG_INIT="systemd-sysv";; |
2570 | + *) echo "ERROR: Unknown distributor ID '$DISTRIBUTOR_ID', can't determine default init package" >&2; |
2571 | + exit 1;; |
2572 | +esac |
2573 | # vim: set filetype=bash : |
2574 | diff --git a/debian/tests/initramfs-hook b/debian/tests/initramfs-hook |
2575 | index 4171102..f58e6f5 100755 |
2576 | --- a/debian/tests/initramfs-hook |
2577 | +++ b/debian/tests/initramfs-hook |
2578 | @@ -63,6 +63,20 @@ mkinitramfs() { |
2579 | # `mkinitramfs -k` would be better but we can't set $DESTDIR in advance |
2580 | cleanup_initrd_dir |
2581 | command unmkinitramfs "$INITRD_IMG" "$INITRD_DIR" |
2582 | + |
2583 | + # find subdirectory with the root file system relative to the cryptsetup location |
2584 | + CRYPTSETUP_PATH=sbin/cryptsetup |
2585 | + ROOTFS_DIR=`find "$INITRD_DIR" -name cryptsetup | grep "/usr/$CRYPTSETUP_PATH" | sed -e "s|/usr/$CRYPTSETUP_PATH||"` |
2586 | + |
2587 | + if [[ -z "$ROOTFS_DIR" ]]; then |
2588 | + ROOTFS_DIR=`find "$INITRD_DIR" -name cryptsetup | grep "/$CRYPTSETUP_PATH" | sed -e "s|/$CRYPTSETUP_PATH||"` |
2589 | + fi |
2590 | + |
2591 | + if [[ ! -z "$ROOTFS_DIR" ]] && [[ "$ROOTFS_DIR" != "$INITRD_DIR" ]] && [[ -d "$ROOTFS_DIR" ]]; then |
2592 | + echo move root filesystem from "$ROOTFS_DIR" to "$INITRD_DIR" |
2593 | + mv "$ROOTFS_DIR"/* "$INITRD_DIR" |
2594 | + fi |
2595 | + |
2596 | for d in dev proc sys; do |
2597 | mkdir -p "$INITRD_DIR/$d" |
2598 | mount --bind "/$d" "$INITRD_DIR/$d" |
2599 | @@ -190,9 +204,9 @@ cryptsetup close test3_crypt |
2600 | # plain, blowfish + ripemd160 (ignored due to keyfile) |
2601 | disk_setup |
2602 | head -c32 /dev/urandom >"$TMPDIR/keyfile" |
2603 | -cryptsetup open --type=plain --cipher="blowfish" --key-file="$TMPDIR/keyfile" --size=256 --hash="ripemd160" "$CRYPT_DEV" test3_crypt |
2604 | +cryptsetup open --type=plain --cipher="blowfish" --key-file="$TMPDIR/keyfile" --hash="ripemd160" "$CRYPT_DEV" test3_crypt |
2605 | mkfs.ext2 -m0 /dev/mapper/test3_crypt |
2606 | -echo "test3_crypt $CRYPT_DEV $TMPDIR/keyfile plain,cipher=blowfish,hash=ripemd160,size=256,initramfs" >/etc/crypttab |
2607 | +echo "test3_crypt $CRYPT_DEV $TMPDIR/keyfile plain,cipher=blowfish,hash=ripemd160,initramfs" >/etc/crypttab |
2608 | mkinitramfs |
2609 | legacy_so="$(find "$INITRD_DIR" -xdev -type f -path "*/ossl-modules/legacy.so")" |
2610 | test -z "$legacy_so" || exit 1 # don't need legacy.so here |
2611 | diff --git a/debian/tests/utils/cryptroot-common b/debian/tests/utils/cryptroot-common |
2612 | index a7df37f..8cedda0 100755 |
2613 | --- a/debian/tests/utils/cryptroot-common |
2614 | +++ b/debian/tests/utils/cryptroot-common |
2615 | @@ -81,6 +81,7 @@ load_os_release() { |
2616 | } |
2617 | case "${DISTRIBUTOR_ID:="$(load_os_release && printf "%s" "${ID,,[A-Z]}")"}" in |
2618 | debian) APT_REPO_ORIGIN="Debian"; APT_REPO_URI="http://deb.debian.org/debian";; |
2619 | + ubuntu) APT_REPO_ORIGIN="Ubuntu"; APT_REPO_URI="http://archive.ubuntu.com/ubuntu";; |
2620 | # suitable values for derivative can be added here |
2621 | *) echo "ERROR: Unknown distributor ID '$DISTRIBUTOR_ID', can't extract APT origin" >&2; |
2622 | exit 1;; |
2623 | @@ -164,6 +165,12 @@ case "$BOOT" in |
2624 | efi) PKG_BOOTLOADER="grub-efi";; |
2625 | *) echo "ERROR unknown boot method '$BOOT'" >&2; exit 1;; |
2626 | esac |
2627 | + |
2628 | +if [ "$DISTRIBUTOR_ID" = "ubuntu" ]; then |
2629 | + echo "Overriding kernel arch to generic" |
2630 | + KERNEL_ARCH="generic" |
2631 | +fi |
2632 | + |
2633 | PKG_KERNEL="linux-image-$KERNEL_ARCH" |
2634 | PKG_INIT="systemd-sysv" # default pid1 |
2635 | MERGED_USR="" # use default layout for the target version |
2636 | @@ -301,6 +308,12 @@ setup_apt() { |
2637 | esac >"$TEMPDIR/apt/sources.list" |
2638 | fi |
2639 | |
2640 | + # ubuntu CI populates sources.list.d with PPA source, append them to the list |
2641 | + if [ "$DISTRIBUTOR_ID" = "ubuntu" -a -d /etc/apt/sources.list.d ]; then |
2642 | + echo "Append contents of /etc/apt/sources.list.d to $TEMPDIR/apt/sources.list" |
2643 | + find /etc/apt/sources.list.d -type f | xargs cat >> "$TEMPDIR/apt/sources.list" |
2644 | + fi |
2645 | + |
2646 | local apt_repo |
2647 | for apt_repo in "${EXTRA_REPOS[@]}"; do |
2648 | printf "%s\\n" "$apt_repo" >>"$TEMPDIR/apt/sources.list" |
2649 | @@ -416,9 +429,20 @@ extract_kernel() { |
2650 | fi |
2651 | |
2652 | mkdir "$destdir" |
2653 | - dpkg-deb --fsys-tarfile "$APT_CACHE/archives/$KERNEL_DEB" | tar -C "$destdir" -xf- \ |
2654 | - "./boot/vmlinuz-$KERNEL_VERSION" \ |
2655 | - "./lib/modules/$KERNEL_VERSION" |
2656 | + if [ "$DISTRIBUTOR_ID" == "debian" ]; then |
2657 | + dpkg-deb --fsys-tarfile "$APT_CACHE/archives/$KERNEL_DEB" | tar -C "$destdir" -xf- \ |
2658 | + "./boot/vmlinuz-$KERNEL_VERSION" \ |
2659 | + "./lib/modules/$KERNEL_VERSION" |
2660 | + elif [ "$DISTRIBUTOR_ID" == "ubuntu" ]; then |
2661 | + dpkg-deb --fsys-tarfile "$APT_CACHE/archives/$KERNEL_DEB" | tar -C "$destdir" -xf- \ |
2662 | + "./boot/vmlinuz-$KERNEL_VERSION"; MODULES_DEB="$(echo $KERNEL_DEB | sed s/-image-/-modules-/)"; \ |
2663 | + dpkg-deb --fsys-tarfile "$APT_CACHE/archives/$MODULES_DEB" | tar -C "$destdir" -xf- \ |
2664 | + "./lib/modules/$KERNEL_VERSION" |
2665 | + else |
2666 | + echo "ERROR: Unknown distributor ID '$DISTRIBUTOR_ID', can't extract kernel" >&2 |
2667 | + exit 1 |
2668 | + fi |
2669 | + |
2670 | ln -T -- "$destdir/boot/vmlinuz-$KERNEL_VERSION" "$TEMPDIR/vmlinuz-$KERNEL_VERSION" |
2671 | } |
2672 | |
2673 | diff --git a/debian/tests/utils/mkinitramfs b/debian/tests/utils/mkinitramfs |
2674 | index 6bc70f4..84eeb4b 100755 |
2675 | --- a/debian/tests/utils/mkinitramfs |
2676 | +++ b/debian/tests/utils/mkinitramfs |
2677 | @@ -65,6 +65,8 @@ if [ "$BOOT" = "efi" ]; then |
2678 | MODULES="$MODULES efivarfs nls_ascii nls_cp437 vfat" |
2679 | fi |
2680 | |
2681 | +find "$EXTRACT_DIR" -name '*.zst' -exec zstd -d {} \; |
2682 | + |
2683 | depmod -ab "$EXTRACT_DIR" "$KERNEL_VERSION" |
2684 | for kmod in virtio_console virtio_blk virtio_pci virtio_rng \ |
2685 | "$EXTRACT_DIR/lib/modules/$KERNEL_VERSION"/kernel/arch/*/crypto/*.ko* \ |
2686 | diff --git a/debian/tests/utils/mock.pm b/debian/tests/utils/mock.pm |
2687 | index 8bddfa0..20ac375 100644 |
2688 | --- a/debian/tests/utils/mock.pm |
2689 | +++ b/debian/tests/utils/mock.pm |
2690 | @@ -98,6 +98,26 @@ sub expect(;$$) { |
2691 | #print STDERR "INFO done reading\n"; |
2692 | } |
2693 | |
2694 | +sub consume($) { |
2695 | + my $chan = shift; |
2696 | + my $buffer = defined $chan ? \$BUFFER{$chan} : undef; |
2697 | + if (! defined $buffer) { |
2698 | + return; |
2699 | + } |
2700 | + |
2701 | + while(unpack("b*", $RBITS) != 0) { |
2702 | + my $rout = $RBITS; |
2703 | + if (select($rout, undef, undef, 1) == -1) { |
2704 | + return; |
2705 | + } |
2706 | + read_data($rout); |
2707 | + if (length($$buffer) == 0) { |
2708 | + return; |
2709 | + } |
2710 | + $$buffer = ""; |
2711 | + } |
2712 | +} |
2713 | + |
2714 | sub write_data($$%) { |
2715 | my $chan = shift; |
2716 | my $data = shift; |
2717 | @@ -168,11 +188,13 @@ BEGIN { |
2718 | hibernate |
2719 | poweroff |
2720 | expect |
2721 | + consume |
2722 | /; |
2723 | } |
2724 | |
2725 | *expect = \&CryptrootTest::Utils::expect; |
2726 | *write_data = \&CryptrootTest::Utils::write_data; |
2727 | +*consume = \&CryptrootTest::Utils::consume; |
2728 | |
2729 | sub unlock_disk($) { |
2730 | my $passphrase = shift; |
2731 | @@ -231,7 +253,9 @@ sub shell($%) { |
2732 | sub suspend() { |
2733 | @QMP::EVENTS = (); # flush the event queue |
2734 | |
2735 | - write_data($CONSOLE => q{systemctl suspend}); |
2736 | + # there is a race condition that causes suspend to fail. |
2737 | + # retry until success. Note, this may leave clutter in the console |
2738 | + write_data($CONSOLE => q{until systemctl suspend; do sleep 1; done}); |
2739 | # while the command is asynchronous the system might suspend before |
2740 | # we have a chance to read the next $PS1 |
2741 |