Merge ~mwhudson/ubuntu/+source/cryptsetup:merge into ubuntu/+source/cryptsetup:debian/sid
- Git
- lp:~mwhudson/ubuntu/+source/cryptsetup
- merge
- Merge into debian/sid
Status: | Needs review | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Proposed branch: | ~mwhudson/ubuntu/+source/cryptsetup:merge | ||||||||||||
Merge into: | ubuntu/+source/cryptsetup:debian/sid | ||||||||||||
Diff against target: |
2287 lines (+1775/-33) 11 files modified
debian/changelog (+1603/-0) debian/control (+4/-3) debian/cryptsetup-initramfs.install (+1/-0) debian/functions (+11/-1) debian/initramfs/cryptroot-unlock (+12/-6) debian/initramfs/hooks/cryptroot (+5/-3) debian/initramfs/scripts/local-block/cryptroot (+4/-0) debian/initramfs/scripts/local-bottom/cryptroot (+23/-0) debian/initramfs/scripts/local-top/cryptroot (+56/-20) debian/patches/decrease_memlock_ulimit.patch (+55/-0) debian/patches/series (+1/-0) |
||||||||||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Guilherme G. Piccoli (community) | Approve | ||
git-ubuntu developers | Pending | ||
Review via email: mp+393521@code.launchpad.net |
Commit message
Description of the change
Guilherme G. Piccoli (gpiccoli) wrote : | # |
Thanks Michael, I've reviewed the MD/retry logic and the FTBFS fix, it's all fine / correctly backported!
Cheers,
Guilherme
Unmerged commits
- 730d330... by Michael Hudson-Doyle
-
update-maintainer
- 540f02c... by Michael Hudson-Doyle
-
reconstruct-
changelog - 434ed6d... by Michael Hudson-Doyle
-
merge-changelogs
- 71abcb1... by Michael Hudson-Doyle
-
- debian/rules:
- fix FTBFS on riscv64 adding --with-tmpfilesdir to ensure all archs, even
without systemd knows how to ship cryptsetup.conf - 5adf727... by Michael Hudson-Doyle
-
- included in Debian:
- debian/cryptsetup- bin.install:
- Fix FTBFS due to dh_missing detecting crypsetup.conf in debian/tmp where
it was installed from ./scripts/crypsetup. conf. - df18e43... by Michael Hudson-Doyle
-
* Dropped changes:
- Included in new upstream version:
- SECURITY UPDATE: Out-of-bounds write
- debian/patches/ CVE-2020- 14382-* .patch: check segment gaps regardless of
heap space in lib/luks2/luks2_json_ metadata. c.
- CVE-2020-14382 - f307b13... by Michael Hudson-Doyle
-
- Introduce retry logic for external invocations after mdadm (LP: #1879980)
- Currently, if an encrypted rootfs is configured on top of a MD RAID1
array and such array gets degraded (e.g., a member is removed/failed)
the cryptsetup scripts cannot mount the rootfs, and the boot fails.
We fix that issue here by allowing the cryptroot script to be re-run
by initramfs-tools/local- block stage, as mdadm can activate degraded
arrays at that stage.
There is an initramfs-tools counter-part for this fix, but alone the
cryptsetup portion is harmless.
- d/cryptsetup-initramfs. install: ship the new local-bottom script.
- d/functions: declare variables for local-top|block|bottom scripts
(flag that local-block is running and external invocation counter.)
- d/i/s/local-block/cryptroot : set flag that local-block is running.
- d/i/s/local-bottom/ cryptroot: clean up the flag and counter files.
- d/i/s/local-top/cryptroot: change the logic from just waiting 180
seconds to waiting 5 seconds first, then allowing initramfs-tools
to run mdadm (to activate degraded arrays) and call back at least
30 times/seconds more. - 951dc07... by Michael Hudson-Doyle
-
- debian/
patches/ decrease_ memlock_ ulimit. patch
Fixed FTBFS due a restrict environment in the new Bionic Builder (LP: #1891473)
tests/luks2-validatio n.test, tests/compat-test, tests/tcrypt- compat- test.
- Thanks Guilherme G. Piccoli. - 8a58330... by Michael Hudson-Doyle
-
- Fix warning and error when running on ZFS on root: (LP: #1830110)
- d/functions: Return an empty devno for ZFS devices as they don't have
major:minor device numbers.
- d/initramfs/hooks/cryptroot : Ignore and don't print an error message when
devices don't have a devno.
Submitted to debian upstream as bug #902449. - 3adacbd... by Michael Hudson-Doyle
-
- Fix cryptroot-unlock for busybox compatibility.
Preview Diff
1 | diff --git a/debian/changelog b/debian/changelog | |||
2 | index 96d015b..0a4dfba 100644 | |||
3 | --- a/debian/changelog | |||
4 | +++ b/debian/changelog | |||
5 | @@ -1,3 +1,54 @@ | |||
6 | 1 | cryptsetup (2:2.3.4-1ubuntu1) hirsute; urgency=medium | ||
7 | 2 | |||
8 | 3 | * Merge with Debian unstable. Remaining changes: | ||
9 | 4 | - debian/control: | ||
10 | 5 | + Recommend plymouth. | ||
11 | 6 | + Depend on busybox-initramfs instead of busybox | busybox-static. | ||
12 | 7 | - Fix cryptroot-unlock for busybox compatibility. | ||
13 | 8 | - Fix warning and error when running on ZFS on root: (LP #1830110) | ||
14 | 9 | - d/functions: Return an empty devno for ZFS devices as they don't have | ||
15 | 10 | major:minor device numbers. | ||
16 | 11 | - d/initramfs/hooks/cryptroot: Ignore and don't print an error message when | ||
17 | 12 | devices don't have a devno. | ||
18 | 13 | Submitted to debian upstream as bug #902449. | ||
19 | 14 | - debian/patches/decrease_memlock_ulimit.patch | ||
20 | 15 | Fixed FTBFS due a restrict environment in the new Bionic Builder (LP #1891473) | ||
21 | 16 | tests/luks2-validation.test, tests/compat-test, tests/tcrypt-compat-test. | ||
22 | 17 | - Thanks Guilherme G. Piccoli. | ||
23 | 18 | - Introduce retry logic for external invocations after mdadm (LP #1879980) | ||
24 | 19 | - Currently, if an encrypted rootfs is configured on top of a MD RAID1 | ||
25 | 20 | array and such array gets degraded (e.g., a member is removed/failed) | ||
26 | 21 | the cryptsetup scripts cannot mount the rootfs, and the boot fails. | ||
27 | 22 | We fix that issue here by allowing the cryptroot script to be re-run | ||
28 | 23 | by initramfs-tools/local-block stage, as mdadm can activate degraded | ||
29 | 24 | arrays at that stage. | ||
30 | 25 | There is an initramfs-tools counter-part for this fix, but alone the | ||
31 | 26 | cryptsetup portion is harmless. | ||
32 | 27 | - d/cryptsetup-initramfs.install: ship the new local-bottom script. | ||
33 | 28 | - d/functions: declare variables for local-top|block|bottom scripts | ||
34 | 29 | (flag that local-block is running and external invocation counter.) | ||
35 | 30 | - d/i/s/local-block/cryptroot: set flag that local-block is running. | ||
36 | 31 | - d/i/s/local-bottom/cryptroot: clean up the flag and counter files. | ||
37 | 32 | - d/i/s/local-top/cryptroot: change the logic from just waiting 180 | ||
38 | 33 | seconds to waiting 5 seconds first, then allowing initramfs-tools | ||
39 | 34 | to run mdadm (to activate degraded arrays) and call back at least | ||
40 | 35 | 30 times/seconds more. | ||
41 | 36 | * Dropped changes: | ||
42 | 37 | - Included in new upstream version: | ||
43 | 38 | - SECURITY UPDATE: Out-of-bounds write | ||
44 | 39 | - debian/patches/CVE-2020-14382-*.patch: check segment gaps regardless of | ||
45 | 40 | heap space in lib/luks2/luks2_json_metadata.c. | ||
46 | 41 | - CVE-2020-14382 | ||
47 | 42 | - included in Debian: | ||
48 | 43 | - debian/cryptsetup-bin.install: | ||
49 | 44 | - Fix FTBFS due to dh_missing detecting crypsetup.conf in debian/tmp where | ||
50 | 45 | it was installed from ./scripts/crypsetup.conf. | ||
51 | 46 | - debian/rules: | ||
52 | 47 | - fix FTBFS on riscv64 adding --with-tmpfilesdir to ensure all archs, even | ||
53 | 48 | without systemd knows how to ship cryptsetup.conf | ||
54 | 49 | |||
55 | 50 | -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Tue, 10 Nov 2020 10:37:25 +1300 | ||
56 | 51 | |||
57 | 1 | cryptsetup (2:2.3.4-1) unstable; urgency=high | 52 | cryptsetup (2:2.3.4-1) unstable; urgency=high |
58 | 2 | 53 | ||
59 | 3 | * New upstream bugfix release, including fix for CVE-2020-14382: | 54 | * New upstream bugfix release, including fix for CVE-2020-14382: |
60 | @@ -21,6 +72,80 @@ cryptsetup (2:2.3.3-2) unstable; urgency=medium | |||
61 | 21 | 72 | ||
62 | 22 | -- Guilhem Moulin <guilhem@debian.org> Wed, 12 Aug 2020 00:22:59 +0200 | 73 | -- Guilhem Moulin <guilhem@debian.org> Wed, 12 Aug 2020 00:22:59 +0200 |
63 | 23 | 74 | ||
64 | 75 | cryptsetup (2:2.3.3-1ubuntu6) groovy; urgency=medium | ||
65 | 76 | |||
66 | 77 | * Introduce retry logic for external invocations after mdadm (LP: #1879980) | ||
67 | 78 | - Currently, if an encrypted rootfs is configured on top of a MD RAID1 | ||
68 | 79 | array and such array gets degraded (e.g., a member is removed/failed) | ||
69 | 80 | the cryptsetup scripts cannot mount the rootfs, and the boot fails. | ||
70 | 81 | We fix that issue here by allowing the cryptroot script to be re-run | ||
71 | 82 | by initramfs-tools/local-block stage, as mdadm can activate degraded | ||
72 | 83 | arrays at that stage. | ||
73 | 84 | There is an initramfs-tools counter-part for this fix, but alone the | ||
74 | 85 | cryptsetup portion is harmless. | ||
75 | 86 | - d/cryptsetup-initramfs.install: ship the new local-bottom script. | ||
76 | 87 | - d/functions: declare variables for local-top|block|bottom scripts | ||
77 | 88 | (flag that local-block is running and external invocation counter.) | ||
78 | 89 | - d/i/s/local-block/cryptroot: set flag that local-block is running. | ||
79 | 90 | - d/i/s/local-bottom/cryptroot: clean up the flag and counter files. | ||
80 | 91 | - d/i/s/local-top/cryptroot: change the logic from just waiting 180 | ||
81 | 92 | seconds to waiting 5 seconds first, then allowing initramfs-tools | ||
82 | 93 | to run mdadm (to activate degraded arrays) and call back at least | ||
83 | 94 | 30 times/seconds more. | ||
84 | 95 | |||
85 | 96 | -- Guilherme G. Piccoli <gpiccoli@canonical.com> Wed, 16 Sep 2020 17:35:59 -0300 | ||
86 | 97 | |||
87 | 98 | cryptsetup (2:2.3.3-1ubuntu5) groovy; urgency=medium | ||
88 | 99 | |||
89 | 100 | * SECURITY UPDATE: Out-of-bounds write | ||
90 | 101 | - debian/patches/CVE-2020-14382-*.patch: check segment gaps regardless of | ||
91 | 102 | heap space in lib/luks2/luks2_json_metadata.c. | ||
92 | 103 | - CVE-2020-14382 | ||
93 | 104 | * debian/patches/decrease_memlock_ulimit.patch | ||
94 | 105 | Fixed FTBFS due a restrict environment in the new Bionic Builder (LP: #1891473) | ||
95 | 106 | tests/luks2-validation.test, tests/compat-test, tests/tcrypt-compat-test. | ||
96 | 107 | - Thanks Guilherme G. Piccoli. | ||
97 | 108 | |||
98 | 109 | -- Leonidas S. Barbosa <leo.barbosa@canonical.com> Wed, 09 Sep 2020 09:29:17 -0300 | ||
99 | 110 | |||
100 | 111 | cryptsetup (2:2.3.3-1ubuntu4) groovy; urgency=medium | ||
101 | 112 | |||
102 | 113 | * No change rebuild against new json-c ABI. | ||
103 | 114 | |||
104 | 115 | -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 28 Jul 2020 17:42:50 +0100 | ||
105 | 116 | |||
106 | 117 | cryptsetup (2:2.3.3-1ubuntu3) groovy; urgency=medium | ||
107 | 118 | |||
108 | 119 | * debian/rules: | ||
109 | 120 | - fix FTBFS on riscv64 adding --with-tmpfilesdir to ensure all archs, even | ||
110 | 121 | without systemd knows how to ship cryptsetup.conf | ||
111 | 122 | |||
112 | 123 | -- Didier Roche <didrocks@ubuntu.com> Thu, 18 Jun 2020 11:44:50 +0200 | ||
113 | 124 | |||
114 | 125 | cryptsetup (2:2.3.3-1ubuntu2) groovy; urgency=medium | ||
115 | 126 | |||
116 | 127 | * debian/cryptsetup-bin.install: | ||
117 | 128 | - Fix FTBFS due to dh_missing detecting crypsetup.conf in debian/tmp where | ||
118 | 129 | it was installed from ./scripts/crypsetup.conf. | ||
119 | 130 | * Fix warning and error when running on ZFS on root: (LP: #1830110) | ||
120 | 131 | - d/functions: Return an empty devno for ZFS devices as they don't have | ||
121 | 132 | major:minor device numbers. | ||
122 | 133 | - d/initramfs/hooks/cryptroot: Ignore and don't print an error message when | ||
123 | 134 | devices don't have a devno. | ||
124 | 135 | Submitted to debian upstream as bug #902449. | ||
125 | 136 | |||
126 | 137 | -- Didier Roche <didrocks@ubuntu.com> Thu, 18 Jun 2020 10:12:10 +0200 | ||
127 | 138 | |||
128 | 139 | cryptsetup (2:2.3.3-1ubuntu1) groovy; urgency=low | ||
129 | 140 | |||
130 | 141 | * Merge from Debian unstable. Remaining changes: | ||
131 | 142 | - debian/control: | ||
132 | 143 | + Recommend plymouth. | ||
133 | 144 | + Depend on busybox-initramfs instead of busybox | busybox-static. | ||
134 | 145 | - Fix cryptroot-unlock for busybox compatibility. | ||
135 | 146 | |||
136 | 147 | -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 09 Jun 2020 10:40:32 -0700 | ||
137 | 148 | |||
138 | 24 | cryptsetup (2:2.3.3-1) unstable; urgency=medium | 149 | cryptsetup (2:2.3.3-1) unstable; urgency=medium |
139 | 25 | 150 | ||
140 | 26 | [ Guilhem Moulin ] | 151 | [ Guilhem Moulin ] |
141 | @@ -49,6 +174,16 @@ cryptsetup (2:2.3.2-1) unstable; urgency=medium | |||
142 | 49 | 174 | ||
143 | 50 | -- Guilhem Moulin <guilhem@debian.org> Wed, 06 May 2020 16:22:01 +0200 | 175 | -- Guilhem Moulin <guilhem@debian.org> Wed, 06 May 2020 16:22:01 +0200 |
144 | 51 | 176 | ||
145 | 177 | cryptsetup (2:2.3.1-1ubuntu1) groovy; urgency=low | ||
146 | 178 | |||
147 | 179 | * Merge from Debian unstable. Remaining changes: | ||
148 | 180 | - debian/control: | ||
149 | 181 | + Recommend plymouth. | ||
150 | 182 | + Depend on busybox-initramfs instead of busybox | busybox-static. | ||
151 | 183 | - Fix cryptroot-unlock for busybox compatibility. | ||
152 | 184 | |||
153 | 185 | -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 01 May 2020 07:07:58 -0700 | ||
154 | 186 | |||
155 | 52 | cryptsetup (2:2.3.1-1) unstable; urgency=medium | 187 | cryptsetup (2:2.3.1-1) unstable; urgency=medium |
156 | 53 | 188 | ||
157 | 54 | * New upstream release. | 189 | * New upstream release. |
158 | @@ -84,6 +219,23 @@ cryptsetup (2:2.3.0-1) unstable; urgency=low | |||
159 | 84 | 219 | ||
160 | 85 | -- Guilhem Moulin <guilhem@debian.org> Wed, 04 Mar 2020 00:48:19 +0100 | 220 | -- Guilhem Moulin <guilhem@debian.org> Wed, 04 Mar 2020 00:48:19 +0100 |
161 | 86 | 221 | ||
162 | 222 | cryptsetup (2:2.2.2-3ubuntu2) focal; urgency=medium | ||
163 | 223 | |||
164 | 224 | * Depend on cryptsetup from cryptsetup-initramfs instead of the dummy | ||
165 | 225 | cryptsetup-run package. LP: #1864360. | ||
166 | 226 | |||
167 | 227 | -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 27 Feb 2020 00:16:14 -0600 | ||
168 | 228 | |||
169 | 229 | cryptsetup (2:2.2.2-3ubuntu1) focal; urgency=medium | ||
170 | 230 | |||
171 | 231 | * Merge from Debian unstable. Remaining changes: | ||
172 | 232 | - debian/control: | ||
173 | 233 | + Recommend plymouth. | ||
174 | 234 | + Depend on busybox-initramfs instead of busybox | busybox-static. | ||
175 | 235 | - Fix cryptroot-unlock for busybox compatibility. | ||
176 | 236 | |||
177 | 237 | -- Matthias Klose <doko@ubuntu.com> Mon, 10 Feb 2020 09:20:12 +0100 | ||
178 | 238 | |||
179 | 87 | cryptsetup (2:2.2.2-3) unstable; urgency=high | 239 | cryptsetup (2:2.2.2-3) unstable; urgency=high |
180 | 88 | 240 | ||
181 | 89 | * initramfs hook: Workaround fix for the libgcc_s's source location. | 241 | * initramfs hook: Workaround fix for the libgcc_s's source location. |
182 | @@ -92,6 +244,16 @@ cryptsetup (2:2.2.2-3) unstable; urgency=high | |||
183 | 92 | 244 | ||
184 | 93 | -- Guilhem Moulin <guilhem@debian.org> Tue, 04 Feb 2020 14:11:12 +0100 | 245 | -- Guilhem Moulin <guilhem@debian.org> Tue, 04 Feb 2020 14:11:12 +0100 |
185 | 94 | 246 | ||
186 | 247 | cryptsetup (2:2.2.2-2ubuntu1) focal; urgency=low | ||
187 | 248 | |||
188 | 249 | * Merge from Debian unstable. Remaining changes: | ||
189 | 250 | - debian/control: | ||
190 | 251 | + Recommend plymouth. | ||
191 | 252 | + Depend on busybox-initramfs instead of busybox | busybox-static. | ||
192 | 253 | - Fix cryptroot-unlock for busybox compatibility. | ||
193 | 254 | |||
194 | 255 | -- Steve Langasek <steve.langasek@ubuntu.com> Sat, 01 Feb 2020 22:11:22 -0800 | ||
195 | 256 | |||
196 | 95 | cryptsetup (2:2.2.2-2) unstable; urgency=medium | 257 | cryptsetup (2:2.2.2-2) unstable; urgency=medium |
197 | 96 | 258 | ||
198 | 97 | [ Guilhem Moulin ] | 259 | [ Guilhem Moulin ] |
199 | @@ -109,6 +271,16 @@ cryptsetup (2:2.2.2-2) unstable; urgency=medium | |||
200 | 109 | 271 | ||
201 | 110 | -- Guilhem Moulin <guilhem@debian.org> Sat, 18 Jan 2020 20:53:19 +0100 | 272 | -- Guilhem Moulin <guilhem@debian.org> Sat, 18 Jan 2020 20:53:19 +0100 |
202 | 111 | 273 | ||
203 | 274 | cryptsetup (2:2.2.2-1ubuntu1) focal; urgency=low | ||
204 | 275 | |||
205 | 276 | * Merge from Debian unstable. Remaining changes: | ||
206 | 277 | - debian/control: | ||
207 | 278 | + Recommend plymouth. | ||
208 | 279 | + Depend on busybox-initramfs instead of busybox | busybox-static. | ||
209 | 280 | - Fix cryptroot-unlock for busybox compatibility. | ||
210 | 281 | |||
211 | 282 | -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 11 Nov 2019 22:07:44 -0800 | ||
212 | 283 | |||
213 | 112 | cryptsetup (2:2.2.2-1) unstable; urgency=medium | 284 | cryptsetup (2:2.2.2-1) unstable; urgency=medium |
214 | 113 | 285 | ||
215 | 114 | * New upstream bugfix release. | 286 | * New upstream bugfix release. |
216 | @@ -119,6 +291,16 @@ cryptsetup (2:2.2.2-1) unstable; urgency=medium | |||
217 | 119 | 291 | ||
218 | 120 | -- Guilhem Moulin <guilhem@debian.org> Fri, 01 Nov 2019 19:32:36 +0100 | 292 | -- Guilhem Moulin <guilhem@debian.org> Fri, 01 Nov 2019 19:32:36 +0100 |
219 | 121 | 293 | ||
220 | 294 | cryptsetup (2:2.2.1-1ubuntu1) focal; urgency=low | ||
221 | 295 | |||
222 | 296 | * Merge from Debian unstable. Remaining changes: | ||
223 | 297 | - debian/control: | ||
224 | 298 | + Recommend plymouth. | ||
225 | 299 | + Depend on busybox-initramfs instead of busybox | busybox-static. | ||
226 | 300 | - Fix cryptroot-unlock for busybox compatibility. | ||
227 | 301 | |||
228 | 302 | -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 18 Oct 2019 15:14:29 -0700 | ||
229 | 303 | |||
230 | 122 | cryptsetup (2:2.2.1-1) unstable; urgency=medium | 304 | cryptsetup (2:2.2.1-1) unstable; urgency=medium |
231 | 123 | 305 | ||
232 | 124 | * New upstream bugfix release. | 306 | * New upstream bugfix release. |
233 | @@ -126,6 +308,16 @@ cryptsetup (2:2.2.1-1) unstable; urgency=medium | |||
234 | 126 | 308 | ||
235 | 127 | -- Guilhem Moulin <guilhem@debian.org> Fri, 06 Sep 2019 13:28:55 +0200 | 309 | -- Guilhem Moulin <guilhem@debian.org> Fri, 06 Sep 2019 13:28:55 +0200 |
236 | 128 | 310 | ||
237 | 311 | cryptsetup (2:2.2.0-3ubuntu1) eoan; urgency=low | ||
238 | 312 | |||
239 | 313 | * Merge from Debian unstable. Remaining changes: | ||
240 | 314 | - debian/control: | ||
241 | 315 | + Recommend plymouth. | ||
242 | 316 | + Depend on busybox-initramfs instead of busybox | busybox-static. | ||
243 | 317 | - Fix cryptroot-unlock for busybox compatibility. | ||
244 | 318 | |||
245 | 319 | -- Steve Langasek <steve.langasek@ubuntu.com> Wed, 28 Aug 2019 16:13:22 -0700 | ||
246 | 320 | |||
247 | 129 | cryptsetup (2:2.2.0-3) unstable; urgency=medium | 321 | cryptsetup (2:2.2.0-3) unstable; urgency=medium |
248 | 130 | 322 | ||
249 | 131 | * Cherry pick upstream commit 8f8f0b32: Fix mapped segments overflow on | 323 | * Cherry pick upstream commit 8f8f0b32: Fix mapped segments overflow on |
250 | @@ -133,6 +325,16 @@ cryptsetup (2:2.2.0-3) unstable; urgency=medium | |||
251 | 133 | 325 | ||
252 | 134 | -- Guilhem Moulin <guilhem@debian.org> Mon, 26 Aug 2019 12:53:45 +0200 | 326 | -- Guilhem Moulin <guilhem@debian.org> Mon, 26 Aug 2019 12:53:45 +0200 |
253 | 135 | 327 | ||
254 | 328 | cryptsetup (2:2.2.0-2ubuntu1) eoan; urgency=low | ||
255 | 329 | |||
256 | 330 | * Merge from Debian unstable. Remaining changes: | ||
257 | 331 | - debian/control: | ||
258 | 332 | + Recommend plymouth. | ||
259 | 333 | + Depend on busybox-initramfs instead of busybox | busybox-static. | ||
260 | 334 | - Fix cryptroot-unlock for busybox compatibility. | ||
261 | 335 | |||
262 | 336 | -- Steve Langasek <steve.langasek@ubuntu.com> Sun, 25 Aug 2019 12:25:55 -0700 | ||
263 | 337 | |||
264 | 136 | cryptsetup (2:2.2.0-2) unstable; urgency=medium | 338 | cryptsetup (2:2.2.0-2) unstable; urgency=medium |
265 | 137 | 339 | ||
266 | 138 | * debian/control: Add 'Multi-Arch: foreign' tag to the transitional dummy | 340 | * debian/control: Add 'Multi-Arch: foreign' tag to the transitional dummy |
267 | @@ -144,6 +346,25 @@ cryptsetup (2:2.2.0-2) unstable; urgency=medium | |||
268 | 144 | 346 | ||
269 | 145 | -- Guilhem Moulin <guilhem@debian.org> Wed, 21 Aug 2019 22:45:12 +0200 | 347 | -- Guilhem Moulin <guilhem@debian.org> Wed, 21 Aug 2019 22:45:12 +0200 |
270 | 146 | 348 | ||
271 | 349 | cryptsetup (2:2.2.0-1ubuntu2) eoan; urgency=medium | ||
272 | 350 | |||
273 | 351 | * debian/initramfs/cryptroot-unlock: canonicalize executable paths. | ||
274 | 352 | Thanks to Paride Legovini <paride.legovini@canonical.com> for the patch. | ||
275 | 353 | LP: #1840752. | ||
276 | 354 | |||
277 | 355 | -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 20 Aug 2019 15:34:10 -0700 | ||
278 | 356 | |||
279 | 357 | cryptsetup (2:2.2.0-1ubuntu1) eoan; urgency=low | ||
280 | 358 | |||
281 | 359 | * Merge from Debian unstable. Remaining changes: | ||
282 | 360 | - debian/control: | ||
283 | 361 | + Recommend plymouth. | ||
284 | 362 | + Depend on busybox-initramfs instead of busybox | busybox-static. | ||
285 | 363 | - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox | ||
286 | 364 | compatibility. | ||
287 | 365 | |||
288 | 366 | -- Gianfranco Costamagna <locutusofborg@debian.org> Tue, 20 Aug 2019 14:21:34 +0200 | ||
289 | 367 | |||
290 | 147 | cryptsetup (2:2.2.0-1) unstable; urgency=medium | 368 | cryptsetup (2:2.2.0-1) unstable; urgency=medium |
291 | 148 | 369 | ||
292 | 149 | * New upstream release 2.2.0. Highlights include: | 370 | * New upstream release 2.2.0. Highlights include: |
293 | @@ -221,6 +442,23 @@ cryptsetup (2:2.1.0-6) unstable; urgency=low | |||
294 | 221 | 442 | ||
295 | 222 | -- Guilhem Moulin <guilhem@debian.org> Sat, 20 Jul 2019 22:15:04 -0300 | 443 | -- Guilhem Moulin <guilhem@debian.org> Sat, 20 Jul 2019 22:15:04 -0300 |
296 | 223 | 444 | ||
297 | 445 | cryptsetup (2:2.1.0-5ubuntu2) eoan; urgency=medium | ||
298 | 446 | |||
299 | 447 | * Rebuild against new libjson-c4. | ||
300 | 448 | |||
301 | 449 | -- Gianfranco Costamagna <locutusofborg@debian.org> Sat, 29 Jun 2019 13:48:37 +0200 | ||
302 | 450 | |||
303 | 451 | cryptsetup (2:2.1.0-5ubuntu1) eoan; urgency=low | ||
304 | 452 | |||
305 | 453 | * Merge from Debian unstable. Remaining changes: | ||
306 | 454 | - debian/control: | ||
307 | 455 | + Recommend plymouth. | ||
308 | 456 | + Depend on busybox-initramfs instead of busybox | busybox-static. | ||
309 | 457 | - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox | ||
310 | 458 | compatibility. | ||
311 | 459 | |||
312 | 460 | -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 14 Jun 2019 14:09:31 -0700 | ||
313 | 461 | |||
314 | 224 | cryptsetup (2:2.1.0-5) unstable; urgency=medium | 462 | cryptsetup (2:2.1.0-5) unstable; urgency=medium |
315 | 225 | 463 | ||
316 | 226 | [ Jonas Meurer ] | 464 | [ Jonas Meurer ] |
317 | @@ -233,6 +471,17 @@ cryptsetup (2:2.1.0-5) unstable; urgency=medium | |||
318 | 233 | 471 | ||
319 | 234 | -- Guilhem Moulin <guilhem@debian.org> Mon, 10 Jun 2019 14:51:15 +0200 | 472 | -- Guilhem Moulin <guilhem@debian.org> Mon, 10 Jun 2019 14:51:15 +0200 |
320 | 235 | 473 | ||
321 | 474 | cryptsetup (2:2.1.0-4ubuntu1) eoan; urgency=low | ||
322 | 475 | |||
323 | 476 | * Merge from Debian unstable. Remaining changes: | ||
324 | 477 | - debian/control: | ||
325 | 478 | + Recommend plymouth. | ||
326 | 479 | + Depend on busybox-initramfs instead of busybox | busybox-static. | ||
327 | 480 | - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox | ||
328 | 481 | compatibility. | ||
329 | 482 | |||
330 | 483 | -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 28 May 2019 18:32:08 -0700 | ||
331 | 484 | |||
332 | 236 | cryptsetup (2:2.1.0-4) unstable; urgency=medium | 485 | cryptsetup (2:2.1.0-4) unstable; urgency=medium |
333 | 237 | 486 | ||
334 | 238 | [Guilhem Moulin] | 487 | [Guilhem Moulin] |
335 | @@ -252,6 +501,26 @@ cryptsetup (2:2.1.0-4) unstable; urgency=medium | |||
336 | 252 | 501 | ||
337 | 253 | -- Guilhem Moulin <guilhem@debian.org> Tue, 28 May 2019 17:04:16 +0200 | 502 | -- Guilhem Moulin <guilhem@debian.org> Tue, 28 May 2019 17:04:16 +0200 |
338 | 254 | 503 | ||
339 | 504 | cryptsetup (2:2.1.0-3ubuntu2) eoan; urgency=medium | ||
340 | 505 | |||
341 | 506 | * Depend on busybox-initramfs, which is the implementation we actually use | ||
342 | 507 | for the initramfs and is guaranteed to always be present, instead of | ||
343 | 508 | busybox-static. | ||
344 | 509 | |||
345 | 510 | -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 09 May 2019 14:47:04 -0700 | ||
346 | 511 | |||
347 | 512 | cryptsetup (2:2.1.0-3ubuntu1) eoan; urgency=low | ||
348 | 513 | |||
349 | 514 | * Merge from Debian unstable. Remaining changes: | ||
350 | 515 | - debian/control: | ||
351 | 516 | + Recommend plymouth. | ||
352 | 517 | + Invert the "busybox | busybox-static" Recommends, as the latter | ||
353 | 518 | is the one we ship in main as part of the ubuntu-standard task. | ||
354 | 519 | - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox | ||
355 | 520 | compatibility. LP: #1651818 | ||
356 | 521 | |||
357 | 522 | -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 03 May 2019 16:22:03 -0700 | ||
358 | 523 | |||
359 | 255 | cryptsetup (2:2.1.0-3) unstable; urgency=medium | 524 | cryptsetup (2:2.1.0-3) unstable; urgency=medium |
360 | 256 | 525 | ||
361 | 257 | * d/scripts/decrypt_opensc: Fix standard output poisoning. Thanks to Nils | 526 | * d/scripts/decrypt_opensc: Fix standard output poisoning. Thanks to Nils |
362 | @@ -275,6 +544,19 @@ cryptsetup (2:2.1.0-2) unstable; urgency=medium | |||
363 | 275 | 544 | ||
364 | 276 | -- Guilhem Moulin <guilhem@debian.org> Thu, 28 Feb 2019 22:32:43 +0100 | 545 | -- Guilhem Moulin <guilhem@debian.org> Thu, 28 Feb 2019 22:32:43 +0100 |
365 | 277 | 546 | ||
366 | 547 | cryptsetup (2:2.1.0-1ubuntu1) disco; urgency=medium | ||
367 | 548 | |||
368 | 549 | * Merge from Debian unstable. LP: #1815484 | ||
369 | 550 | * Remaining changes: | ||
370 | 551 | - debian/control: | ||
371 | 552 | + Recommend plymouth. | ||
372 | 553 | + Invert the "busybox | busybox-static" Recommends, as the latter | ||
373 | 554 | is the one we ship in main as part of the ubuntu-standard task. | ||
374 | 555 | - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox | ||
375 | 556 | compatibility. LP: #1651818 | ||
376 | 557 | |||
377 | 558 | -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 13 Feb 2019 21:28:23 +0000 | ||
378 | 559 | |||
379 | 278 | cryptsetup (2:2.1.0-1) unstable; urgency=medium | 560 | cryptsetup (2:2.1.0-1) unstable; urgency=medium |
380 | 279 | 561 | ||
381 | 280 | * New upstream release. Highlights include: | 562 | * New upstream release. Highlights include: |
382 | @@ -317,6 +599,20 @@ cryptsetup (2:2.1.0-1) unstable; urgency=medium | |||
383 | 317 | 599 | ||
384 | 318 | -- Guilhem Moulin <guilhem@debian.org> Sat, 09 Feb 2019 00:40:17 +0100 | 600 | -- Guilhem Moulin <guilhem@debian.org> Sat, 09 Feb 2019 00:40:17 +0100 |
385 | 319 | 601 | ||
386 | 602 | cryptsetup (2:2.0.6-1ubuntu1) disco; urgency=medium | ||
387 | 603 | |||
388 | 604 | * Merge from Debian unstable. | ||
389 | 605 | * Remaining changes: | ||
390 | 606 | - debian/control: | ||
391 | 607 | + Recommend plymouth. | ||
392 | 608 | + Invert the "busybox | busybox-static" Recommends, as the latter | ||
393 | 609 | is the one we ship in main as part of the ubuntu-standard task. | ||
394 | 610 | - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox | ||
395 | 611 | compatibility. LP: #1651818 | ||
396 | 612 | * Dropped delta sector_size support, merged in Debian. | ||
397 | 613 | |||
398 | 614 | -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 05 Feb 2019 13:43:25 +0000 | ||
399 | 615 | |||
400 | 320 | cryptsetup (2:2.0.6-1) unstable; urgency=medium | 616 | cryptsetup (2:2.0.6-1) unstable; urgency=medium |
401 | 321 | 617 | ||
402 | 322 | * New upstream bugfix release. Highlights include: | 618 | * New upstream bugfix release. Highlights include: |
403 | @@ -381,6 +677,27 @@ cryptsetup (2:2.0.4-3) unstable; urgency=medium | |||
404 | 381 | 677 | ||
405 | 382 | -- Guilhem Moulin <guilhem@debian.org> Mon, 22 Oct 2018 17:45:35 +0200 | 678 | -- Guilhem Moulin <guilhem@debian.org> Mon, 22 Oct 2018 17:45:35 +0200 |
406 | 383 | 679 | ||
407 | 680 | cryptsetup (2:2.0.4-2ubuntu2) cosmic; urgency=medium | ||
408 | 681 | |||
409 | 682 | * Implement support for --sector-size cryptsetup plain mode option in | ||
410 | 683 | crypttab. Matching support is also proposed to systemd-cryptsetup as | ||
411 | 684 | well. LP: #1776626 | ||
412 | 685 | |||
413 | 686 | -- Dimitri John Ledkov <xnox@ubuntu.com> Fri, 31 Aug 2018 17:00:07 +0100 | ||
414 | 687 | |||
415 | 688 | cryptsetup (2:2.0.4-2ubuntu1) cosmic; urgency=low | ||
416 | 689 | |||
417 | 690 | * Merge from Debian unstable. LP: #1785610. | ||
418 | 691 | * Remaining changes: | ||
419 | 692 | - debian/control: | ||
420 | 693 | + Recommend plymouth. | ||
421 | 694 | + Invert the "busybox | busybox-static" Recommends, as the latter | ||
422 | 695 | is the one we ship in main as part of the ubuntu-standard task. | ||
423 | 696 | - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox | ||
424 | 697 | compatibility. LP: #1651818 | ||
425 | 698 | |||
426 | 699 | -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 22 Aug 2018 22:51:47 +0100 | ||
427 | 700 | |||
428 | 384 | cryptsetup (2:2.0.4-2) unstable; urgency=medium | 701 | cryptsetup (2:2.0.4-2) unstable; urgency=medium |
429 | 385 | 702 | ||
430 | 386 | * debian/cryptsetup-initramfs.preinst: Don't try to overwrite | 703 | * debian/cryptsetup-initramfs.preinst: Don't try to overwrite |
431 | @@ -413,6 +730,28 @@ cryptsetup (2:2.0.3-7) unstable; urgency=medium | |||
432 | 413 | 730 | ||
433 | 414 | -- Guilhem Moulin <guilhem@debian.org> Mon, 30 Jul 2018 16:32:07 +0800 | 731 | -- Guilhem Moulin <guilhem@debian.org> Mon, 30 Jul 2018 16:32:07 +0800 |
434 | 415 | 732 | ||
435 | 733 | cryptsetup (2:2.0.3-6ubuntu1) cosmic; urgency=low | ||
436 | 734 | |||
437 | 735 | * Merge from Debian unstable. LP: #1781912. | ||
438 | 736 | * Remaining changes: | ||
439 | 737 | - debian/control: | ||
440 | 738 | + Recommend plymouth. | ||
441 | 739 | + Invert the "busybox | busybox-static" Recommends, as the latter | ||
442 | 740 | is the one we ship in main as part of the ubuntu-standard task. | ||
443 | 741 | - Apply patch from Trent Nelson to fix cryptroot-unlock for busybox | ||
444 | 742 | compatibility. LP: #1651818 | ||
445 | 743 | * Dropped changes, included in Debian: | ||
446 | 744 | - Drop explicit libgcrypt20 dependency from libcryptsetup4. | ||
447 | 745 | - Drop the CRYPTSETUP variable warning from the initramfs hook, as | ||
448 | 746 | overlayroot package ships a dropin in conf-hooks.d triggering false | ||
449 | 747 | warnings. | ||
450 | 748 | - Drop _BSD_SOURCE in favor of _DEFAULT_SOURCE | ||
451 | 749 | - Drop c99 std, as the default is now higher than that | ||
452 | 750 | * Dropped changes, no longer needed: | ||
453 | 751 | - Add maintscript to drop removed upstart system jobs. | ||
454 | 752 | |||
455 | 753 | -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 16 Jul 2018 08:27:58 -0400 | ||
456 | 754 | |||
457 | 416 | cryptsetup (2:2.0.3-6) unstable; urgency=medium | 755 | cryptsetup (2:2.0.3-6) unstable; urgency=medium |
458 | 417 | 756 | ||
459 | 418 | * debian/TODO.md: Remove mention of parent device detection for mdadm | 757 | * debian/TODO.md: Remove mention of parent device detection for mdadm |
460 | @@ -697,6 +1036,45 @@ cryptsetup (2:2.0.3-1) unstable; urgency=medium | |||
461 | 697 | 1036 | ||
462 | 698 | -- Jonas Meurer <jonas@freesources.org> Fri, 15 Jun 2018 15:32:16 +0200 | 1037 | -- Jonas Meurer <jonas@freesources.org> Fri, 15 Jun 2018 15:32:16 +0200 |
463 | 699 | 1038 | ||
464 | 1039 | cryptsetup (2:2.0.2-1ubuntu3) cosmic; urgency=medium | ||
465 | 1040 | |||
466 | 1041 | * No-change rebuild against libargon2-1 | ||
467 | 1042 | |||
468 | 1043 | -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 10 Jul 2018 17:01:23 +0000 | ||
469 | 1044 | |||
470 | 1045 | cryptsetup (2:2.0.2-1ubuntu2) cosmic; urgency=medium | ||
471 | 1046 | |||
472 | 1047 | * Apply patch from Trent Nelson to fix cryptroot-unlock for busybox | ||
473 | 1048 | compatibility. LP: #1651818 | ||
474 | 1049 | |||
475 | 1050 | -- Dimitri John Ledkov 🌈 <xnox@ubuntu.com> Thu, 21 Jun 2018 16:38:31 +0100 | ||
476 | 1051 | |||
477 | 1052 | cryptsetup (2:2.0.2-1ubuntu1) bionic; urgency=low | ||
478 | 1053 | |||
479 | 1054 | * Merge from Debian unstable. | ||
480 | 1055 | - bugfix upstream release, which solves problems with luks2 format | ||
481 | 1056 | disks not unlocking. LP: #1755322. | ||
482 | 1057 | * Remaining changes: | ||
483 | 1058 | - debian/control: | ||
484 | 1059 | + Depend on plymouth. | ||
485 | 1060 | + Invert the "busybox | busybox-static" Recommends, as the latter | ||
486 | 1061 | is the one we ship in main as part of the ubuntu-standard task. | ||
487 | 1062 | + Drop explicit libgcrypt20 dependency from libcryptsetup4. | ||
488 | 1063 | - Drop _BSD_SOURCE in favor of _DEFAULT_SOURCE | ||
489 | 1064 | - Drop c99 std, as the default is now higher than that | ||
490 | 1065 | - Drop upstart system jobs. | ||
491 | 1066 | - Add maintscript to drop removed upstart system jobs. | ||
492 | 1067 | - debian has its own now, but we have different version numbers. | ||
493 | 1068 | this delta can be dropped after 18.04 release. | ||
494 | 1069 | - Drop the CRYPTSETUP variable warning from the initramfs hook, as | ||
495 | 1070 | overlayroot package ships a dropin in conf-hooks.d triggering false | ||
496 | 1071 | warnings. | ||
497 | 1072 | * Dropped changes: | ||
498 | 1073 | - debian/cryptdisks{,-udev}.maintscript: drop, there is no package named | ||
499 | 1074 | 'cryptdisks' or 'cryptdisks-udev'. | ||
500 | 1075 | |||
501 | 1076 | -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 06 Apr 2018 10:23:53 -0700 | ||
502 | 1077 | |||
503 | 700 | cryptsetup (2:2.0.2-1) unstable; urgency=low | 1078 | cryptsetup (2:2.0.2-1) unstable; urgency=low |
504 | 701 | 1079 | ||
505 | 702 | * New upstream release 2.0.2 | 1080 | * New upstream release 2.0.2 |
506 | @@ -726,6 +1104,40 @@ cryptsetup (2:2.0.1-1) unstable; urgency=low | |||
507 | 726 | 1104 | ||
508 | 727 | -- Guilhem Moulin <guilhem@debian.org> Sun, 11 Feb 2018 00:02:05 +0100 | 1105 | -- Guilhem Moulin <guilhem@debian.org> Sun, 11 Feb 2018 00:02:05 +0100 |
509 | 728 | 1106 | ||
510 | 1107 | cryptsetup (2:2.0.1-0ubuntu2) bionic; urgency=medium | ||
511 | 1108 | |||
512 | 1109 | * Drop the CRYPTSETUP variable warning from the initramfs hook, as | ||
513 | 1110 | overlayroot package ships a dropin in conf-hooks.d triggering false | ||
514 | 1111 | warnings. | ||
515 | 1112 | |||
516 | 1113 | -- Dimitri John Ledkov <xnox@ubuntu.com> Thu, 22 Feb 2018 14:49:16 +0000 | ||
517 | 1114 | |||
518 | 1115 | cryptsetup (2:2.0.1-0ubuntu1) bionic; urgency=medium | ||
519 | 1116 | |||
520 | 1117 | * Merge from Debian unstable. Remaining changes: | ||
521 | 1118 | - debian/control: | ||
522 | 1119 | + Depend on plymouth. | ||
523 | 1120 | + Invert the "busybox | busybox-static" Recommends, as the latter | ||
524 | 1121 | is the one we ship in main as part of the ubuntu-standard task. | ||
525 | 1122 | + Drop explicit libgcrypt20 dependency from libcryptsetup4. | ||
526 | 1123 | - Drop _BSD_SOURCE in favor of _DEFAULT_SOURCE | ||
527 | 1124 | - Drop c99 std, as the default is now higher than that | ||
528 | 1125 | - Drop upstart system jobs. | ||
529 | 1126 | - Add maintscript to drop removed upstart system jobs. | ||
530 | 1127 | - debian has its own now, but we have different version numbers | ||
531 | 1128 | * New upstream release | ||
532 | 1129 | * Cherry-pick Guilhem Moulin's changes below from Debian git | ||
533 | 1130 | |||
534 | 1131 | [ Guilhem Moulin ] | ||
535 | 1132 | * New upstream release 2.0.1: | ||
536 | 1133 | - Use /run/cryptsetup as default for cryptsetup locking dir. | ||
537 | 1134 | - Add missing symbols for new functions to debian/libcryptsetup12.symbols. | ||
538 | 1135 | * debian/copyright: update copyright years. | ||
539 | 1136 | * debian/patches: backport upstream's 8728ba08 to fix opening of loop-AES | ||
540 | 1137 | devices using --key-file=-. (Closes: #888162.) | ||
541 | 1138 | |||
542 | 1139 | -- Julian Andres Klode <juliank@ubuntu.com> Mon, 29 Jan 2018 13:48:55 +0100 | ||
543 | 1140 | |||
544 | 729 | cryptsetup (2:2.0.0-1) unstable; urgency=low | 1141 | cryptsetup (2:2.0.0-1) unstable; urgency=low |
545 | 730 | 1142 | ||
546 | 731 | [ Guilhem Moulin ] | 1143 | [ Guilhem Moulin ] |
547 | @@ -775,6 +1187,26 @@ cryptsetup (2:2.0.0~rc0-1) experimental; urgency=low | |||
548 | 775 | 1187 | ||
549 | 776 | -- Guilhem Moulin <guilhem@debian.org> Tue, 03 Oct 2017 03:37:36 +0200 | 1188 | -- Guilhem Moulin <guilhem@debian.org> Tue, 03 Oct 2017 03:37:36 +0200 |
550 | 777 | 1189 | ||
551 | 1190 | cryptsetup (2:1.7.5-1ubuntu1) bionic; urgency=low | ||
552 | 1191 | |||
553 | 1192 | * Merge from Debian unstable. Remaining changes: | ||
554 | 1193 | - debian/control: | ||
555 | 1194 | + Depend on plymouth. | ||
556 | 1195 | + Invert the "busybox | busybox-static" Recommends, as the latter | ||
557 | 1196 | is the one we ship in main as part of the ubuntu-standard task. | ||
558 | 1197 | + Drop explicit libgcrypt20 dependency from libcryptsetup4. | ||
559 | 1198 | - Drop _BSD_SOURCE in favor of _DEFAULT_SOURCE | ||
560 | 1199 | - Drop c99 std, as the default is now higher than that | ||
561 | 1200 | - Drop upstart system jobs. | ||
562 | 1201 | - Add maintscript to drop removed upstart system jobs. | ||
563 | 1202 | * Merged upstream: | ||
564 | 1203 | - d/p/fips-fix-luksformat-with-recent-kernels -- fix luksFormat | ||
565 | 1204 | with recent FIPS enabled kernels. | ||
566 | 1205 | * Merged in Debian: | ||
567 | 1206 | - Use DEB_VERSION from dpkg/default.mk for pod2man release variable | ||
568 | 1207 | |||
569 | 1208 | -- Julian Andres Klode <juliank@ubuntu.com> Wed, 17 Jan 2018 21:39:10 +0100 | ||
570 | 1209 | |||
571 | 778 | cryptsetup (2:1.7.5-1) unstable; urgency=low | 1210 | cryptsetup (2:1.7.5-1) unstable; urgency=low |
572 | 779 | 1211 | ||
573 | 780 | * New upstream release 1.7.5. | 1212 | * New upstream release 1.7.5. |
574 | @@ -797,6 +1229,25 @@ cryptsetup (2:1.7.5-1) unstable; urgency=low | |||
575 | 797 | 1229 | ||
576 | 798 | -- Guilhem Moulin <guilhem@debian.org> Thu, 14 Sep 2017 13:00:23 +0200 | 1230 | -- Guilhem Moulin <guilhem@debian.org> Thu, 14 Sep 2017 13:00:23 +0200 |
577 | 799 | 1231 | ||
578 | 1232 | cryptsetup (2:1.7.3-4ubuntu1) artful; urgency=low | ||
579 | 1233 | |||
580 | 1234 | * New upstream release, merge from Debian unstable. Remaining | ||
581 | 1235 | Ubuntu changes: | ||
582 | 1236 | - debian/control: | ||
583 | 1237 | + Depend on plymouth. | ||
584 | 1238 | + Invert the "busybox | busybox-static" Recommends, as the latter | ||
585 | 1239 | is the one we ship in main as part of the ubuntu-standard task. | ||
586 | 1240 | + Drop explicit libgcrypt20 dependency from libcryptsetup4. | ||
587 | 1241 | * d/p/fips-fix-luksformat-with-recent-kernels -- fix luksFormat | ||
588 | 1242 | with recent FIPS enabled kernels. | ||
589 | 1243 | * Drop _BSD_SOURCE in favor of _DEFAULT_SOURCE | ||
590 | 1244 | * Drop c99 std, as the default is now higher than that | ||
591 | 1245 | * Use DEB_VERSION from dpkg/default.mk for pod2man release variable | ||
592 | 1246 | * Drop upstart system jobs. | ||
593 | 1247 | * Add maintscript to drop removed upstart system jobs. | ||
594 | 1248 | |||
595 | 1249 | -- Andy Whitcroft <apw@ubuntu.com> Thu, 10 Aug 2017 14:07:29 +0100 | ||
596 | 1250 | |||
597 | 800 | cryptsetup (2:1.7.3-4) unstable; urgency=high | 1251 | cryptsetup (2:1.7.3-4) unstable; urgency=high |
598 | 801 | 1252 | ||
599 | 802 | [ Guilhem Moulin ] | 1253 | [ Guilhem Moulin ] |
600 | @@ -1009,6 +1460,40 @@ cryptsetup (2:1.7.2-1) unstable; urgency=medium | |||
601 | 1009 | 1460 | ||
602 | 1010 | -- Jonas Meurer <mejo@debian.org> Wed, 05 Oct 2016 20:53:09 +0200 | 1461 | -- Jonas Meurer <mejo@debian.org> Wed, 05 Oct 2016 20:53:09 +0200 |
603 | 1011 | 1462 | ||
604 | 1463 | cryptsetup (2:1.7.2-0ubuntu4) artful; urgency=medium | ||
605 | 1464 | |||
606 | 1465 | * Add maintscript to drop removed upstart system jobs. | ||
607 | 1466 | |||
608 | 1467 | -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 21 Aug 2017 11:36:04 +0100 | ||
609 | 1468 | |||
610 | 1469 | cryptsetup (2:1.7.2-0ubuntu3) artful; urgency=medium | ||
611 | 1470 | |||
612 | 1471 | * Drop _BSD_SOURCE in favor of _DEFAULT_SOURCe | ||
613 | 1472 | * Drop c99 std, as the default is now higher than that | ||
614 | 1473 | * Use DEB_VERSION from dpkg/default.mk for pod2man release variable | ||
615 | 1474 | |||
616 | 1475 | -- Dimitri John Ledkov <xnox@ubuntu.com> Sat, 19 Aug 2017 21:46:19 +0100 | ||
617 | 1476 | |||
618 | 1477 | cryptsetup (2:1.7.2-0ubuntu2) artful; urgency=medium | ||
619 | 1478 | |||
620 | 1479 | * Drop upstart system jobs. | ||
621 | 1480 | |||
622 | 1481 | -- Dimitri John Ledkov <xnox@ubuntu.com> Sat, 19 Aug 2017 20:57:17 +0100 | ||
623 | 1482 | |||
624 | 1483 | cryptsetup (2:1.7.2-0ubuntu1) yakkety; urgency=medium | ||
625 | 1484 | |||
626 | 1485 | * New upstream release, merge from Debian unstable (LP: #1548137). Remaining | ||
627 | 1486 | Ubuntu changes: | ||
628 | 1487 | - debian/control: | ||
629 | 1488 | + Bump initramfs-tools Suggests to Depends: so system is not | ||
630 | 1489 | potentially rendered unbootable. | ||
631 | 1490 | + Depend on plymouth. | ||
632 | 1491 | + Invert the "busybox | busybox-static" Recommends, as the latter | ||
633 | 1492 | is the one we ship in main as part of the ubuntu-standard task. | ||
634 | 1493 | + Drop explicit libgcrypt20 dependency from libcryptsetup4. | ||
635 | 1494 | |||
636 | 1495 | -- Unit 193 <unit193@ubuntu.com> Wed, 22 Jun 2016 16:30:01 -0400 | ||
637 | 1496 | |||
638 | 1012 | cryptsetup (2:1.7.0-2) unstable; urgency=medium | 1497 | cryptsetup (2:1.7.0-2) unstable; urgency=medium |
639 | 1013 | 1498 | ||
640 | 1014 | [ Guilhem Moulin ] | 1499 | [ Guilhem Moulin ] |
641 | @@ -1083,6 +1568,35 @@ cryptsetup (2:1.7.0-1) unstable; urgency=medium | |||
642 | 1083 | 1568 | ||
643 | 1084 | -- Jonas Meurer <mejo@debian.org> Thu, 07 Jan 2016 02:22:33 +0100 | 1569 | -- Jonas Meurer <mejo@debian.org> Thu, 07 Jan 2016 02:22:33 +0100 |
644 | 1085 | 1570 | ||
645 | 1571 | cryptsetup (2:1.6.6-5ubuntu2) wily; urgency=medium | ||
646 | 1572 | |||
647 | 1573 | * Fix stupid typo in Recommends "busybox | busybox-static" inversion. | ||
648 | 1574 | Fixes binary moves for busybox into main. | ||
649 | 1575 | |||
650 | 1576 | -- Andy Whitcroft <apw@ubuntu.com> Fri, 21 Aug 2015 08:56:34 +0100 | ||
651 | 1577 | |||
652 | 1578 | cryptsetup (2:1.6.6-5ubuntu1) wily; urgency=low | ||
653 | 1579 | |||
654 | 1580 | * Merge from Debian unstable. Remaining changes: | ||
655 | 1581 | - debian/control: | ||
656 | 1582 | + Bump initramfs-tools Suggests to Depends: so system is not | ||
657 | 1583 | potentially rendered unbootable. | ||
658 | 1584 | + Depend on plymouth. | ||
659 | 1585 | + Invert the "busybox | busybox-static" Recommends, as the latter | ||
660 | 1586 | is the one we ship in main as part of the ubuntu-standard task. | ||
661 | 1587 | + Drop explicit libgcrypt11 dependency from libcryptsetup4. | ||
662 | 1588 | * Dropped changes, now in Debian: | ||
663 | 1589 | - Remove hardcoded paths to udevadm. | ||
664 | 1590 | - debian/initramfs/cryptroot-hook: | ||
665 | 1591 | + Do not unconditionally include cryptsetup utils in the initramfs. | ||
666 | 1592 | + Do not include any modules or utils in the initramfs, unless | ||
667 | 1593 | rootfs/resume devices are encrypted or CRYPTSETUP is set to 'y' in | ||
668 | 1594 | the initramfs.conf configuration file. | ||
669 | 1595 | - debian/cryptsetup.maintscripts: | ||
670 | 1596 | + Migrate upstart jobs to new names. | ||
671 | 1597 | |||
672 | 1598 | -- Andy Whitcroft <apw@ubuntu.com> Tue, 07 Jul 2015 16:58:45 +0100 | ||
673 | 1599 | |||
674 | 1086 | cryptsetup (2:1.6.6-5) unstable; urgency=high | 1600 | cryptsetup (2:1.6.6-5) unstable; urgency=high |
675 | 1087 | 1601 | ||
676 | 1088 | * debian/cryptdisks.functions: fix the precheck for ubuntu+upstart | 1602 | * debian/cryptdisks.functions: fix the precheck for ubuntu+upstart |
677 | @@ -1235,6 +1749,71 @@ cryptsetup (2:1.6.4-1) unstable; urgency=low | |||
678 | 1235 | 1749 | ||
679 | 1236 | -- Jonas Meurer <mejo@debian.org> Fri, 28 Jun 2013 12:14:55 +0200 | 1750 | -- Jonas Meurer <mejo@debian.org> Fri, 28 Jun 2013 12:14:55 +0200 |
680 | 1237 | 1751 | ||
681 | 1752 | cryptsetup (2:1.6.1-1ubuntu7) vivid; urgency=medium | ||
682 | 1753 | |||
683 | 1754 | * Drop explicit libgcrypt11 dependency from libcryptsetup4. | ||
684 | 1755 | |||
685 | 1756 | -- Adam Conrad <adconrad@ubuntu.com> Fri, 27 Mar 2015 18:24:38 -0600 | ||
686 | 1757 | |||
687 | 1758 | cryptsetup (2:1.6.1-1ubuntu6) vivid; urgency=medium | ||
688 | 1759 | |||
689 | 1760 | * No-change rebuild for the libgcrypt20 transition. | ||
690 | 1761 | |||
691 | 1762 | -- Adam Conrad <adconrad@ubuntu.com> Fri, 27 Mar 2015 06:16:08 -0600 | ||
692 | 1763 | |||
693 | 1764 | cryptsetup (2:1.6.1-1ubuntu5) vivid; urgency=medium | ||
694 | 1765 | |||
695 | 1766 | * ./debian/scripts/luksformat: Drop luksFormat -s and --ciper options. They | ||
696 | 1767 | aren't necessary any more, and aes-cbc-essiv:sha256 is obsolete. This will | ||
697 | 1768 | now use aes-xts-plain64 by default. (LP: #1414719) | ||
698 | 1769 | |||
699 | 1770 | -- Martin Pitt <martin.pitt@ubuntu.com> Fri, 27 Feb 2015 09:37:05 +0100 | ||
700 | 1771 | |||
701 | 1772 | cryptsetup (2:1.6.1-1ubuntu4) vivid; urgency=medium | ||
702 | 1773 | |||
703 | 1774 | * No change rebuild to get debug symbols for all architectures. | ||
704 | 1775 | |||
705 | 1776 | -- Brian Murray <brian@ubuntu.com> Wed, 03 Dec 2014 08:03:31 -0800 | ||
706 | 1777 | |||
707 | 1778 | cryptsetup (2:1.6.1-1ubuntu3) utopic; urgency=high | ||
708 | 1779 | |||
709 | 1780 | * No change rebuild against new dh_installinit, to call update-rc.d at | ||
710 | 1781 | postinst. | ||
711 | 1782 | |||
712 | 1783 | -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 28 May 2014 10:39:30 +0100 | ||
713 | 1784 | |||
714 | 1785 | cryptsetup (2:1.6.1-1ubuntu2) utopic; urgency=medium | ||
715 | 1786 | |||
716 | 1787 | * debian/askpass.c: | ||
717 | 1788 | - Fix bug (LP: #1301086) where askpass fails to restore terminal | ||
718 | 1789 | settings. | ||
719 | 1790 | |||
720 | 1791 | -- Robert Barabas <dc@0xdc.org> Fri, 18 Apr 2014 14:08:51 -0400 | ||
721 | 1792 | |||
722 | 1793 | cryptsetup (2:1.6.1-1ubuntu1) trusty; urgency=low | ||
723 | 1794 | |||
724 | 1795 | * Merge from debian unstable, remaining changes: | ||
725 | 1796 | - debian/control: | ||
726 | 1797 | + Bump initramfs-tools Suggests to Depends: so system is not | ||
727 | 1798 | potentially rendered unbootable. | ||
728 | 1799 | + Depend on plymouth. | ||
729 | 1800 | |||
730 | 1801 | - Invert the "busybox | busybox-static" Recommends, as the latter is | ||
731 | 1802 | the one we ship in main as part of the ubuntu-standard task. | ||
732 | 1803 | |||
733 | 1804 | - Remove hardcoded paths to udevadm (LP: #1184066). | ||
734 | 1805 | |||
735 | 1806 | - debian/initramfs/cryptroot-hook: | ||
736 | 1807 | + Do not unconditionally include cryptsetup utils in the initramfs. | ||
737 | 1808 | + Do not include any modules or utils in the initramfs, unless | ||
738 | 1809 | rootfs/resume devices are encrypted or CRYPTSETUP is set to 'y' in | ||
739 | 1810 | the initramfs.conf configuration file. | ||
740 | 1811 | |||
741 | 1812 | - debian/cryptsetup.maintscripts: | ||
742 | 1813 | + Migrate upstart jobs to new names. | ||
743 | 1814 | |||
744 | 1815 | -- Dmitrijs Ledkovs <dmitrij.ledkov@ubuntu.com> Fri, 01 Nov 2013 16:48:57 +0000 | ||
745 | 1816 | |||
746 | 1238 | cryptsetup (2:1.6.1-1) unstable; urgency=low | 1817 | cryptsetup (2:1.6.1-1) unstable; urgency=low |
747 | 1239 | 1818 | ||
748 | 1240 | [ Milan Broz ] | 1819 | [ Milan Broz ] |
749 | @@ -1276,6 +1855,50 @@ cryptsetup (2:1.6.1-1) unstable; urgency=low | |||
750 | 1276 | 1855 | ||
751 | 1277 | -- Jonas Meurer <mejo@debian.org> Fri, 28 Jun 2013 12:10:41 +0200 | 1856 | -- Jonas Meurer <mejo@debian.org> Fri, 28 Jun 2013 12:10:41 +0200 |
752 | 1278 | 1857 | ||
753 | 1858 | cryptsetup (2:1.4.3-4ubuntu4) saucy; urgency=low | ||
754 | 1859 | |||
755 | 1860 | * debian/initramfs/cryptroot-hook: | ||
756 | 1861 | - Do not unconditionally include cryptsetup utils in the initramfs. | ||
757 | 1862 | - Do not include any modules or utils in the initramfs, unless | ||
758 | 1863 | rootfs/resume devices are encrypted or CRYPTSETUP is set to 'y' in | ||
759 | 1864 | the initramfs.conf configuration file. | ||
760 | 1865 | |||
761 | 1866 | -- Dmitrijs Ledkovs <dmitrij.ledkov@ubuntu.com> Mon, 10 Jun 2013 16:25:46 +0100 | ||
762 | 1867 | |||
763 | 1868 | cryptsetup (2:1.4.3-4ubuntu3) saucy; urgency=low | ||
764 | 1869 | |||
765 | 1870 | * Remove hardcoded paths to udevadm (LP: #1184066). | ||
766 | 1871 | |||
767 | 1872 | -- Colin Watson <cjwatson@ubuntu.com> Tue, 28 May 2013 11:27:27 +0100 | ||
768 | 1873 | |||
769 | 1874 | cryptsetup (2:1.4.3-4ubuntu2) raring; urgency=low | ||
770 | 1875 | |||
771 | 1876 | * Invert the "busybox | busybox-static" Recommends, as the latter | ||
772 | 1877 | is the one we ship in main as part of the ubuntu-standard task. | ||
773 | 1878 | |||
774 | 1879 | -- Adam Conrad <adconrad@ubuntu.com> Fri, 16 Nov 2012 01:14:35 -0700 | ||
775 | 1880 | |||
776 | 1881 | cryptsetup (2:1.4.3-4ubuntu1) raring; urgency=low | ||
777 | 1882 | |||
778 | 1883 | * Merge from debian unstable, remaining changes: | ||
779 | 1884 | - debian/control: | ||
780 | 1885 | + Bump initramfs-tools Suggests to Depends: so system is not | ||
781 | 1886 | potentially rendered unbootable. | ||
782 | 1887 | + Depend on plymouth. | ||
783 | 1888 | |||
784 | 1889 | - init/upstart jobs: | ||
785 | 1890 | + Rename cryptddisks{,-early}.upstart jobs to | ||
786 | 1891 | cryptdisks-{enable,udev}.upstart, as we need both init & upstart jobs | ||
787 | 1892 | for now. | ||
788 | 1893 | + debian/cryptdisks{,-early}.init: Make the 'start' action of the init | ||
789 | 1894 | script a no-op, this should be handled entirely by the upstart job; | ||
790 | 1895 | and fix the LSB header to not declare this should be started in | ||
791 | 1896 | runlevel 'S'. | ||
792 | 1897 | + Do not install start symlinks for init scripts | ||
793 | 1898 | + NB! shutdown is still handled by the SystemV init scripts | ||
794 | 1899 | |||
795 | 1900 | -- Dmitrijs Ledkovs <dmitrij.ledkov@ubuntu.com> Tue, 13 Nov 2012 11:17:57 +0000 | ||
796 | 1901 | |||
797 | 1279 | cryptsetup (2:1.4.3-4) unstable; urgency=medium | 1902 | cryptsetup (2:1.4.3-4) unstable; urgency=medium |
798 | 1280 | 1903 | ||
799 | 1281 | * change recommends for busybox to busybox | busybox-static. Thanks to | 1904 | * change recommends for busybox to busybox | busybox-static. Thanks to |
800 | @@ -1308,6 +1931,50 @@ cryptsetup (2:1.4.3-3) unstable; urgency=medium | |||
801 | 1308 | 1931 | ||
802 | 1309 | -- Jonas Meurer <mejo@debian.org> Thu, 01 Nov 2012 15:34:09 +0100 | 1932 | -- Jonas Meurer <mejo@debian.org> Thu, 01 Nov 2012 15:34:09 +0100 |
803 | 1310 | 1933 | ||
804 | 1934 | cryptsetup (2:1.4.3-2ubuntu1) quantal; urgency=low | ||
805 | 1935 | |||
806 | 1936 | * Merge from debian unstable (LP: #1015753), remaining changes: | ||
807 | 1937 | - debian/control: | ||
808 | 1938 | + Bump initramfs-tools Suggests to Depends: so system is not | ||
809 | 1939 | potentially rendered unbootable. | ||
810 | 1940 | + Depend on plymouth. | ||
811 | 1941 | |||
812 | 1942 | - init/upstart jobs: | ||
813 | 1943 | + Add debian/cryptdisks-{enable,udev}.upstart for bootup. | ||
814 | 1944 | + debian/cryptdisks{,-early}.init: Make the 'start' action of the init | ||
815 | 1945 | script a no-op, this should be handled entirely by the upstart job; | ||
816 | 1946 | and fix the LSB header to not declare this should be started in | ||
817 | 1947 | runlevel 'S'. | ||
818 | 1948 | + Do not install start symlinks for init scripts | ||
819 | 1949 | + NB! shutdown is still handled by the SystemV init scripts | ||
820 | 1950 | |||
821 | 1951 | * Rename cryptddisks{,-early}.upstart jobs back to | ||
822 | 1952 | cryptdisks-{enable,udev}.upstart, as we need both init & upstart jobs | ||
823 | 1953 | for now. | ||
824 | 1954 | |||
825 | 1955 | * Dropped Changes, included in Debian: | ||
826 | 1956 | - debian/control: | ||
827 | 1957 | + Split up package in cryptsetup and cryptsetup-bin. (LP: #343363). | ||
828 | 1958 | |||
829 | 1959 | - debian/cryptdisks.functions: | ||
830 | 1960 | + Do not overwrite existing filesystems when creating swap (LP: #474258). | ||
831 | 1961 | + Add aesni module when we have hardware encryption. | ||
832 | 1962 | + Call 'udevadm settle' before 'dmsetup rename' http://pad.lv/874774 | ||
833 | 1963 | + Suppress "Starting init crypto disks" message in "init" phase, to | ||
834 | 1964 | avoid writing over fsck progress text. | ||
835 | 1965 | + new function, crypttab_start_one_disk, to look for the named source | ||
836 | 1966 | device in /etc/crypttab (by device name, UUID, or label) and start it | ||
837 | 1967 | if configured to do so | ||
838 | 1968 | + handle the case where crypttab contains a name for the source | ||
839 | 1969 | device that is not the kernel's preferred name for it (as is the case | ||
840 | 1970 | for LVs). | ||
841 | 1971 | |||
842 | 1972 | - debian/initramfs/cryptroot-hook: | ||
843 | 1973 | + Quiet warnings from find on arches that don't have all the | ||
844 | 1974 | kernel/{arch,crypto} bits we're testing for. | ||
845 | 1975 | |||
846 | 1976 | -- Dmitrijs Ledkovs <dmitrij.ledkov@ubuntu.com> Tue, 21 Aug 2012 11:57:28 +0100 | ||
847 | 1977 | |||
848 | 1311 | cryptsetup (2:1.4.3-2) unstable; urgency=medium | 1978 | cryptsetup (2:1.4.3-2) unstable; urgency=medium |
849 | 1312 | 1979 | ||
850 | 1313 | * fix the shared library symbols magic: so far, the symbols file for | 1980 | * fix the shared library symbols magic: so far, the symbols file for |
851 | @@ -1383,6 +2050,64 @@ cryptsetup (2:1.4.1-3) unstable; urgency=low | |||
852 | 1383 | 2050 | ||
853 | 1384 | -- Jonas Meurer <mejo@debian.org> Wed, 11 Apr 2012 23:55:35 +0200 | 2051 | -- Jonas Meurer <mejo@debian.org> Wed, 11 Apr 2012 23:55:35 +0200 |
854 | 1385 | 2052 | ||
855 | 2053 | cryptsetup (2:1.4.1-2ubuntu4) precise; urgency=low | ||
856 | 2054 | |||
857 | 2055 | * Our swap creation can trigger udev change events, which means udev may be | ||
858 | 2056 | holding the device open at the time we try to call 'dmsetup rename' and | ||
859 | 2057 | cause the /subsequent/ events to be missed because of dmsetup creating | ||
860 | 2058 | device nodes by hand. So call 'udevadm settle' before 'dmsetup rename', | ||
861 | 2059 | to ensure blkid is out of the way first. This should ensure swap | ||
862 | 2060 | partitions are found by mountall in a non-racy manner. LP: #874774. | ||
863 | 2061 | |||
864 | 2062 | -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 13 Apr 2012 20:23:21 -0700 | ||
865 | 2063 | |||
866 | 2064 | cryptsetup (2:1.4.1-2ubuntu3) precise; urgency=low | ||
867 | 2065 | |||
868 | 2066 | * Start cryptdisks-enable upstart job on 'or container', to let us | ||
869 | 2067 | simplify the udevtrigger job. | ||
870 | 2068 | |||
871 | 2069 | -- Steve Langasek <steve.langasek@ubuntu.com> Wed, 04 Apr 2012 17:02:00 -0700 | ||
872 | 2070 | |||
873 | 2071 | cryptsetup (2:1.4.1-2ubuntu2) precise; urgency=low | ||
874 | 2072 | |||
875 | 2073 | * Split up package in cryptsetup and cryptsetup-bin. (LP: #343363). | ||
876 | 2074 | * Do not overwrite existing filesystems when creating swap (LP: #474258). | ||
877 | 2075 | * Add aesni module when we have hardware encryption. | ||
878 | 2076 | |||
879 | 2077 | -- Jean-Louis Dupond <jean-louis@dupond.be> Mon, 12 Mar 2012 10:14:30 +0100 | ||
880 | 2078 | |||
881 | 2079 | cryptsetup (2:1.4.1-2ubuntu1) precise; urgency=low | ||
882 | 2080 | |||
883 | 2081 | [ Jean-Louis Dupond ] | ||
884 | 2082 | * Merge from debian unstable (LP: #776264), remaining changes: | ||
885 | 2083 | - debian/cryptdisks.functions: Suppress "Starting init crypto disks" message | ||
886 | 2084 | in "init" phase, to avoid writing over fsck progress text. | ||
887 | 2085 | - debian/cryptroot-hook: Quiet warnings from find on arches that | ||
888 | 2086 | don't have all the kernel/{arch,crypto} bits we're testing for. | ||
889 | 2087 | - debian/control: | ||
890 | 2088 | + Bump initramfs-tools Suggests to Depends: so system is not | ||
891 | 2089 | potentially rendered unbootable. | ||
892 | 2090 | + Depend on plymouth. | ||
893 | 2091 | - Add debian/cryptdisks-{enable,udev}.upstart. | ||
894 | 2092 | - debian/cryptdisks.functions: | ||
895 | 2093 | + new function, crypttab_start_one_disk, to look for the named source | ||
896 | 2094 | device in /etc/crypttab (by device name, UUID, or label) and start it | ||
897 | 2095 | if configured to do so | ||
898 | 2096 | - debian/cryptdisks{,-early}.init: Make the 'start' action of the init | ||
899 | 2097 | script a no-op, this should be handled entirely by the upstart job; | ||
900 | 2098 | and fix the LSB header to not declare this should be started in | ||
901 | 2099 | runlevel 'S' | ||
902 | 2100 | - debian/rules: | ||
903 | 2101 | + Do not install start symlinks for init scripts, and | ||
904 | 2102 | install debian/cryptdisks-{enable,udev}.upstart scripts. | ||
905 | 2103 | |||
906 | 2104 | [ Steve Langasek ] | ||
907 | 2105 | * debian/cryptdisks.functions: handle the case where crypttab contains a | ||
908 | 2106 | name for the source device that is not the kernel's preferred name for | ||
909 | 2107 | it (as is the case for LVs). | ||
910 | 2108 | |||
911 | 2109 | -- Jean-Louis Dupond <jean-louis@dupond.be> Thu, 08 Mar 2012 07:32:40 +0100 | ||
912 | 2110 | |||
913 | 1386 | cryptsetup (2:1.4.1-2) unstable; urgency=low | 2111 | cryptsetup (2:1.4.1-2) unstable; urgency=low |
914 | 1387 | 2112 | ||
915 | 1388 | * acknowledge NMU. Thanks to Michael Biebl. (closes: #659182) | 2113 | * acknowledge NMU. Thanks to Michael Biebl. (closes: #659182) |
916 | @@ -1592,6 +2317,56 @@ cryptsetup (2:1.2.0-1) experimental; urgency=low | |||
917 | 1592 | 2317 | ||
918 | 1593 | -- Jonas Meurer <mejo@debian.org> Sun, 16 Jan 2011 01:01:03 +0100 | 2318 | -- Jonas Meurer <mejo@debian.org> Sun, 16 Jan 2011 01:01:03 +0100 |
919 | 1594 | 2319 | ||
920 | 2320 | cryptsetup (2:1.1.3-4ubuntu3) precise; urgency=low | ||
921 | 2321 | |||
922 | 2322 | [ Pali Rohar ] | ||
923 | 2323 | * debian/cryptdisks.functions: Suppress "Starting init crypto disks" message | ||
924 | 2324 | in "init" phase, to avoid writing over fsck progress text. | ||
925 | 2325 | |||
926 | 2326 | -- Martin Pitt <martin.pitt@ubuntu.com> Wed, 26 Oct 2011 09:16:15 +0200 | ||
927 | 2327 | |||
928 | 2328 | cryptsetup (2:1.1.3-4ubuntu2) oneiric; urgency=low | ||
929 | 2329 | |||
930 | 2330 | * debian/cryptroot-hook: Quiet warnings from find on arches that | ||
931 | 2331 | don't have all the kernel/{arch,crypto} bits we're testing for. | ||
932 | 2332 | |||
933 | 2333 | -- Adam Conrad <adconrad@ubuntu.com> Sat, 01 Oct 2011 00:33:00 -0600 | ||
934 | 2334 | |||
935 | 2335 | cryptsetup (2:1.1.3-4ubuntu1) natty; urgency=low | ||
936 | 2336 | |||
937 | 2337 | * Merge from debian unstable (LP: #682177), remaining changes: | ||
938 | 2338 | - debian/control: | ||
939 | 2339 | + Bump initramfs-tools Suggests to Depends: so system is not | ||
940 | 2340 | potentially rendered unbootable. | ||
941 | 2341 | + Depend on plymouth. | ||
942 | 2342 | - Add debian/cryptdisks-{enable,udev}.upstart. | ||
943 | 2343 | - debian/cryptdisks.functions: | ||
944 | 2344 | + new function, crypttab_start_one_disk, to look for the named source | ||
945 | 2345 | device in /etc/crypttab (by device name, UUID, or label) and start it | ||
946 | 2346 | if configured to do so | ||
947 | 2347 | + wrap the call to /lib/cryptsetup/askpass with watershed, to make sure | ||
948 | 2348 | we only ever have one of these running at a time; otherwise multiple | ||
949 | 2349 | invocations could steal each other's input and/or write over each | ||
950 | 2350 | other's output | ||
951 | 2351 | + when called by cryptdisks-enable, check that we don't already have a | ||
952 | 2352 | corresponding cryptdisks-udev job running (probably waiting for a | ||
953 | 2353 | passphrase); if there is, wait until it's finished before continuing. | ||
954 | 2354 | - debian/cryptdisks{,-early}.init: Make the 'start' action of the init | ||
955 | 2355 | script a no-op, this should be handled entirely by the upstart job; | ||
956 | 2356 | and fix the LSB header to not declare this should be started in | ||
957 | 2357 | runlevel 'S' | ||
958 | 2358 | - debian/cryptsetup.postinst: Remove any symlinks from /etc/rcS.d on | ||
959 | 2359 | upgrade. | ||
960 | 2360 | - debian/rules: | ||
961 | 2361 | + Do not install start symlinks for init scripts, and | ||
962 | 2362 | install debian/cryptdisks-{enable,udev}.upstart scripts. | ||
963 | 2363 | + link dynamically against libgcrypt and libgpg-error. | ||
964 | 2364 | - Add debian/cryptsetup.apport: Apport package hook. Install in | ||
965 | 2365 | debian/rules and create dir in debian/cryptsetup.dirs. | ||
966 | 2366 | - debian/cryptsetup.postrm: call update-initramfs on package removal. | ||
967 | 2367 | |||
968 | 2368 | -- Lorenzo De Liso <blackz@ubuntu.com> Sat, 27 Nov 2010 17:37:43 +0100 | ||
969 | 2369 | |||
970 | 1595 | cryptsetup (2:1.1.3-4) unstable; urgency=high | 2370 | cryptsetup (2:1.1.3-4) unstable; urgency=high |
971 | 1596 | 2371 | ||
972 | 1597 | * bump standards-version to 3.9.1, no changes required | 2372 | * bump standards-version to 3.9.1, no changes required |
973 | @@ -1697,6 +2472,69 @@ cryptsetup (2:1.1.3-1) unstable; urgency=low | |||
974 | 1697 | 2472 | ||
975 | 1698 | -- Jonas Meurer <mejo@debian.org> Sat, 10 Jul 2010 14:32:40 +0200 | 2473 | -- Jonas Meurer <mejo@debian.org> Sat, 10 Jul 2010 14:32:40 +0200 |
976 | 1699 | 2474 | ||
977 | 2475 | cryptsetup (2:1.1.2-1ubuntu1) maverick; urgency=low | ||
978 | 2476 | |||
979 | 2477 | * Merge from Debian unstable (LP: #594365). Remaining changes: | ||
980 | 2478 | - debian/control: | ||
981 | 2479 | + Bump initramfs-tools Suggests to Depends: so system is not | ||
982 | 2480 | potentially rendered unbootable. | ||
983 | 2481 | + Depend on plymouth. | ||
984 | 2482 | - Add debian/cryptdisks-{enable,udev}.upstart. | ||
985 | 2483 | - debian/cryptdisks.functions: | ||
986 | 2484 | + new function, crypttab_start_one_disk, to look for the named source | ||
987 | 2485 | device in /etc/crypttab (by device name, UUID, or label) and start it | ||
988 | 2486 | if configured to do so | ||
989 | 2487 | + wrap the call to /lib/cryptsetup/askpass with watershed, to make sure | ||
990 | 2488 | we only ever have one of these running at a time; otherwise multiple | ||
991 | 2489 | invocations could steal each other's input and/or write over each | ||
992 | 2490 | other's output | ||
993 | 2491 | + initially create the device under a temporary name and rename it only | ||
994 | 2492 | at the end using 'dmsetup rename', to ensure that upstart/mountall | ||
995 | 2493 | doesn't see our device before it's ready to go. | ||
996 | 2494 | + do_tmp should mount under /var/run/cryptsetup for changing the | ||
997 | 2495 | permissions of the filesystem root, not directly on /tmp, since | ||
998 | 2496 | mounting on /tmp a) is racy, b) confuses mountall something fierce. | ||
999 | 2497 | + when called by cryptdisks-enable, check that we don't already have a | ||
1000 | 2498 | corresponding cryptdisks-udev job running (probably waiting for a | ||
1001 | 2499 | passphrase); if there is, wait until it's finished before continuing. | ||
1002 | 2500 | - debian/cryptdisks{,-early}.init: Make the 'start' action of the init | ||
1003 | 2501 | script a no-op, this should be handled entirely by the upstart job; | ||
1004 | 2502 | and fix the LSB header to not declare this should be started in | ||
1005 | 2503 | runlevel 'S' | ||
1006 | 2504 | - debian/cryptsetup.postinst: Remove any symlinks from /etc/rcS.d on | ||
1007 | 2505 | upgrade. | ||
1008 | 2506 | - debian/rules: Do not install start symlinks for init scripts, and | ||
1009 | 2507 | install debian/cryptdisks-{enable,udev}.upstart scripts. | ||
1010 | 2508 | - Add debian/cryptsetup.apport: Apport package hook. Install in | ||
1011 | 2509 | debian/rules and create dir in debian/cryptsetup.dirs. | ||
1012 | 2510 | - debian/rules: link dynamically against libgcrypt and libgpg-error. | ||
1013 | 2511 | - debian/cryptsetup.postrm: call update-initramfs on package removal. | ||
1014 | 2512 | * Dropped changes, merged/superseded in Debian: | ||
1015 | 2513 | - Add ext4 support to passdev. | ||
1016 | 2514 | - cryptroot-hook: don't call copy_modules_dir with empty arguments when | ||
1017 | 2515 | archcrypto isn't found | ||
1018 | 2516 | - Set USPLASH=y and FRAMEBUFFER=y in the hook config to pull plymouth into | ||
1019 | 2517 | the initramfs. | ||
1020 | 2518 | - change interaction to use plymouth directly if present, and if not, to | ||
1021 | 2519 | fall back to /lib/cryptsetup/askpass as before | ||
1022 | 2520 | - cryptdisks.functions: replace 'echo -e' bashism with 'printf'. | ||
1023 | 2521 | - debian/initramfs/cryptroot-script: if plymouth is present in the | ||
1024 | 2522 | initramfs, use this directly, bypassing the cryptsetup askpass script | ||
1025 | 2523 | - debian/initramfs/cryptroot-hook: Properly anchor our regexps when | ||
1026 | 2524 | grepping /etc/crypttab so that we don't incorrectly match device names | ||
1027 | 2525 | that are substrings of one another. | ||
1028 | 2526 | - debian/initramfs/cryptroot-script: Don't leak /conf/conf.d/cryptroot | ||
1029 | 2527 | file descriptor to subprocesses. | ||
1030 | 2528 | - Fix grammar error in debian/initramfs/cryptroot-script | ||
1031 | 2529 | ("setup" -> "set up") | ||
1032 | 2530 | - debian/initramfs/cryptroot-script: Fix this to work with current | ||
1033 | 2531 | initramfs-tools: | ||
1034 | 2532 | + Source /scripts/functions after checking for prerequisites. | ||
1035 | 2533 | + prereqs(): Do not assume we are running within initramfs, and | ||
1036 | 2534 | calculate relative path correctly. | ||
1037 | 2535 | |||
1038 | 2536 | -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 14 Jun 2010 21:47:28 -0700 | ||
1039 | 2537 | |||
1040 | 1700 | cryptsetup (2:1.1.2-1) unstable; urgency=low | 2538 | cryptsetup (2:1.1.2-1) unstable; urgency=low |
1041 | 1701 | 2539 | ||
1042 | 1702 | * new upstream release, changes include: | 2540 | * new upstream release, changes include: |
1043 | @@ -1814,6 +2652,171 @@ cryptsetup (2:1.1.0-1) unstable; urgency=low | |||
1044 | 1814 | 2652 | ||
1045 | 1815 | -- Jonas Meurer <mejo@debian.org> Mon, 08 Mar 2010 14:15:35 +0100 | 2653 | -- Jonas Meurer <mejo@debian.org> Mon, 08 Mar 2010 14:15:35 +0100 |
1046 | 1816 | 2654 | ||
1047 | 2655 | cryptsetup (2:1.1.0~rc2-1ubuntu14) maverick; urgency=low | ||
1048 | 2656 | |||
1049 | 2657 | [ David Stansby ] | ||
1050 | 2658 | * Fix grammar error in debian/initramfs/cryptroot-script | ||
1051 | 2659 | ("setup" -> "set up") (LP: #578896) | ||
1052 | 2660 | |||
1053 | 2661 | -- James Westby <james.westby@ubuntu.com> Mon, 17 May 2010 13:33:40 +0100 | ||
1054 | 2662 | |||
1055 | 2663 | cryptsetup (2:1.1.0~rc2-1ubuntu13) lucid; urgency=low | ||
1056 | 2664 | |||
1057 | 2665 | * debian/initramfs/cryptroot-script: Don't leak /conf/conf.d/cryptroot | ||
1058 | 2666 | file descriptor to subprocesses. | ||
1059 | 2667 | |||
1060 | 2668 | -- Colin Watson <cjwatson@ubuntu.com> Mon, 29 Mar 2010 22:18:36 +0100 | ||
1061 | 2669 | |||
1062 | 2670 | cryptsetup (2:1.1.0~rc2-1ubuntu12) lucid; urgency=low | ||
1063 | 2671 | |||
1064 | 2672 | * debian/initramfs/cryptroot-hook: Properly anchor our regexps when | ||
1065 | 2673 | grepping /etc/crypttab so that we don't incorrectly match device names | ||
1066 | 2674 | that are substrings of one another. | ||
1067 | 2675 | * debian/cryptdisks-{enable,udev}.conf, debian/control: drop | ||
1068 | 2676 | 'console output' and add a hard dependency on plymouth instead of | ||
1069 | 2677 | watershed, to avoid spitting extra messages to the console. | ||
1070 | 2678 | |||
1071 | 2679 | -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 18 Feb 2010 06:19:19 -0800 | ||
1072 | 2680 | |||
1073 | 2681 | cryptsetup (2:1.1.0~rc2-1ubuntu11) lucid; urgency=low | ||
1074 | 2682 | |||
1075 | 2683 | * Set FRAMEBUFFER=y in the file that we actually ship. | ||
1076 | 2684 | * debian/cryptsetup.postrm: call update-initramfs on package removal. | ||
1077 | 2685 | LP: #468228. | ||
1078 | 2686 | |||
1079 | 2687 | -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 25 Jan 2010 03:07:52 -0800 | ||
1080 | 2688 | |||
1081 | 2689 | cryptsetup (2:1.1.0~rc2-1ubuntu10) lucid; urgency=low | ||
1082 | 2690 | |||
1083 | 2691 | * cryptdisks.functions: replace 'echo -e' bashism with 'printf'. | ||
1084 | 2692 | * cryptdisks.functions: when called by cryptdisks-enable, check that we | ||
1085 | 2693 | don't already have a corresponding cryptdisks-udev job running (probably | ||
1086 | 2694 | waiting for a passphrase); if there is, wait until it's finished before | ||
1087 | 2695 | continuing. | ||
1088 | 2696 | |||
1089 | 2697 | -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 21 Jan 2010 14:57:21 +0000 | ||
1090 | 2698 | |||
1091 | 2699 | cryptsetup (2:1.1.0~rc2-1ubuntu9) lucid; urgency=low | ||
1092 | 2700 | |||
1093 | 2701 | * Set FRAMEBUFFER=y in the hook config as well, to pull plymouth into the | ||
1094 | 2702 | initramfs. | ||
1095 | 2703 | * cryptdisks.functions, debian/initramfs/cryptroot-script: fix the | ||
1096 | 2704 | invocation of plymouth, so that we actually get proper passphrase prompts | ||
1097 | 2705 | (once bug #496765 is fixed). | ||
1098 | 2706 | |||
1099 | 2707 | -- Steve Langasek <steve.langasek@ubuntu.com> Sat, 16 Jan 2010 02:32:41 -0800 | ||
1100 | 2708 | |||
1101 | 2709 | cryptsetup (2:1.1.0~rc2-1ubuntu8) lucid; urgency=low | ||
1102 | 2710 | |||
1103 | 2711 | * cryptdisks.functions: do_tmp should mount under /var/run/cryptsetup for | ||
1104 | 2712 | changing the permissions of the filesystem root, not directly on /tmp, | ||
1105 | 2713 | since mounting on /tmp a) is racy, b) confuses mountall something fierce. | ||
1106 | 2714 | LP: #475936. | ||
1107 | 2715 | |||
1108 | 2716 | -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 22 Dec 2009 20:24:28 +0000 | ||
1109 | 2717 | |||
1110 | 2718 | cryptsetup (2:1.1.0~rc2-1ubuntu7) lucid; urgency=low | ||
1111 | 2719 | |||
1112 | 2720 | * Depend on watershed. | ||
1113 | 2721 | |||
1114 | 2722 | -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 22 Dec 2009 01:37:36 +0000 | ||
1115 | 2723 | |||
1116 | 2724 | cryptsetup (2:1.1.0~rc2-1ubuntu6) lucid; urgency=low | ||
1117 | 2725 | |||
1118 | 2726 | [ Steve Langasek ] | ||
1119 | 2727 | * Fix the LSB header in the init scripts, now that we don't install to | ||
1120 | 2728 | rcS.d. | ||
1121 | 2729 | |||
1122 | 2730 | [ Martin Pitt ] | ||
1123 | 2731 | * debian/initramfs/cryptroot-script: Fix this to work with current | ||
1124 | 2732 | initramfs-tools: | ||
1125 | 2733 | - Source /scripts/functions after checking for prerequisites. | ||
1126 | 2734 | - prereqs(): Do not assume we are running within initramfs, and calculate | ||
1127 | 2735 | relative path correctly. | ||
1128 | 2736 | |||
1129 | 2737 | -- Martin Pitt <martin.pitt@ubuntu.com> Fri, 18 Dec 2009 17:07:07 +0100 | ||
1130 | 2738 | |||
1131 | 2739 | cryptsetup (2:1.1.0~rc2-1ubuntu5) lucid; urgency=low | ||
1132 | 2740 | |||
1133 | 2741 | * Rename the upstart job introduced in the previous upload to | ||
1134 | 2742 | cryptdisks-udev and restore the previous version of the job as | ||
1135 | 2743 | cryptdisks-enable, to run at the end of udev coldplugging as before; | ||
1136 | 2744 | this isn't entirely race-free, but should nevertheless give us the | ||
1137 | 2745 | two passes needed to cover devices that are decrypted using keys stored | ||
1138 | 2746 | on other encrypted disks. LP: #443980. | ||
1139 | 2747 | |||
1140 | 2748 | -- Steve Langasek <steve.langasek@ubuntu.com> Wed, 16 Dec 2009 06:41:30 +0000 | ||
1141 | 2749 | |||
1142 | 2750 | cryptsetup (2:1.1.0~rc2-1ubuntu4) lucid; urgency=low | ||
1143 | 2751 | |||
1144 | 2752 | [ Steve Langasek ] | ||
1145 | 2753 | * debian/initramfs/cryptroot-script: if plymouth is present in the | ||
1146 | 2754 | initramfs, use this directly, bypassing the cryptsetup askpass script; | ||
1147 | 2755 | but keep support for these other frontends around on a transitional | ||
1148 | 2756 | basis. | ||
1149 | 2757 | * debian/cryptdisks.functions: | ||
1150 | 2758 | - change interaction to use plymouth directly if present, and if not, to | ||
1151 | 2759 | fall back to /lib/cryptsetup/askpass as before | ||
1152 | 2760 | - wrap the call to /lib/cryptsetup/askpass with watershed, to make sure | ||
1153 | 2761 | we only ever have one of these running at a time; otherwise multiple | ||
1154 | 2762 | invocations could steal each other's input and/or write over each | ||
1155 | 2763 | other's output | ||
1156 | 2764 | - new function, crypttab_start_one_disk, to look for the named source | ||
1157 | 2765 | device in /etc/crypttab (by device name, UUID, or label) and start it | ||
1158 | 2766 | if configured to do so | ||
1159 | 2767 | * debian/cryptdisks-enable.upstart: run the upstart job once for each block | ||
1160 | 2768 | device, using the new crypttab_start_one_disk function, triggered by udev; | ||
1161 | 2769 | this doesn't eliminate the possibility of a race with gdm when the | ||
1162 | 2770 | decrypted volume isn't a 'bootwait' mount point (since gdm kills | ||
1163 | 2771 | plymouth), but it does eliminate the race between udev and cryptsetup. | ||
1164 | 2772 | LP: #454898. | ||
1165 | 2773 | * debian/cryptdisks-enable.upstart: check that the package is installed | ||
1166 | 2774 | and exit gracefully if it's not. LP: #435814 | ||
1167 | 2775 | * debian/cryptdisk.functions: initially create the device under a temporary | ||
1168 | 2776 | name and rename it only at the end using 'dmsetup rename', to ensure that | ||
1169 | 2777 | upstart/mountall doesn't see our device before it's ready to go. | ||
1170 | 2778 | LP: #475936. | ||
1171 | 2779 | |||
1172 | 2780 | [ Colin Watson ] | ||
1173 | 2781 | * Add ext4 support to passdev. | ||
1174 | 2782 | |||
1175 | 2783 | -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 15 Dec 2009 18:05:45 -0800 | ||
1176 | 2784 | |||
1177 | 2785 | cryptsetup (2:1.1.0~rc2-1ubuntu3) lucid; urgency=low | ||
1178 | 2786 | |||
1179 | 2787 | * cryptroot-hook: Use if [ -n … ] instead of if ! test -z …. | ||
1180 | 2788 | |||
1181 | 2789 | -- Loïc Minier <loic.minier@ubuntu.com> Sat, 12 Dec 2009 11:32:52 +0100 | ||
1182 | 2790 | |||
1183 | 2791 | cryptsetup (2:1.1.0~rc2-1ubuntu2) lucid; urgency=low | ||
1184 | 2792 | |||
1185 | 2793 | * cryptroot-hook: dont call copy_modules_dir with empty arguments when | ||
1186 | 2794 | archcrypto isnt found (LP: #495161) | ||
1187 | 2795 | |||
1188 | 2796 | -- Oliver Grawert <ogra@ubuntu.com> Fri, 11 Dec 2009 14:39:00 +0100 | ||
1189 | 2797 | |||
1190 | 2798 | cryptsetup (2:1.1.0~rc2-1ubuntu1) lucid; urgency=low | ||
1191 | 2799 | |||
1192 | 2800 | * Merge with Debian testing. Remaining Ubuntu changes: | ||
1193 | 2801 | - debian/rules: cryptsetup is linked dynamically against libgcrypt and | ||
1194 | 2802 | libgpg-error. | ||
1195 | 2803 | - Upstart migration: | ||
1196 | 2804 | + Add debian/cryptdisks-enable.upstart. | ||
1197 | 2805 | + debian/cryptdisks{,-early}.init: Make the 'start' action of the init | ||
1198 | 2806 | script a no-op, this should be handled entirely by the upstart job. | ||
1199 | 2807 | (LP #473615) | ||
1200 | 2808 | + debian/cryptsetup.postinst: Remove any symlinks from /etc/rcS.d on | ||
1201 | 2809 | upgrade. | ||
1202 | 2810 | + debian/rules: Do not install start symlinks for those two, and install | ||
1203 | 2811 | debian/cryptdisks-enable.upstart scripts. | ||
1204 | 2812 | - Add debian/cryptsetup.apport: Apport package hook. Install in | ||
1205 | 2813 | debian/rules, and create dir in debian/cryptsetup.dirs. | ||
1206 | 2814 | - Start usplash in initramfs, since we need it for fancy passphrase input: | ||
1207 | 2815 | + debian/initramfs/cryptroot-conf, debian/initramfs-conf.d: USPLASH=y | ||
1208 | 2816 | + debian/control: Bump initramfs-tools Suggests to Depends:. | ||
1209 | 2817 | |||
1210 | 2818 | -- Martin Pitt <martin.pitt@ubuntu.com> Wed, 11 Nov 2009 15:04:27 +0100 | ||
1211 | 2819 | |||
1212 | 1817 | cryptsetup (2:1.1.0~rc2-1) unstable; urgency=low | 2820 | cryptsetup (2:1.1.0~rc2-1) unstable; urgency=low |
1213 | 1818 | 2821 | ||
1214 | 1819 | * new upstream release candidate (1.1.0-rc2), highlights include: | 2822 | * new upstream release candidate (1.1.0-rc2), highlights include: |
1215 | @@ -1987,6 +2990,80 @@ cryptsetup (2:1.0.7~rc1-1) unstable; urgency=low | |||
1216 | 1987 | 2990 | ||
1217 | 1988 | -- Jonas Meurer <mejo@debian.org> Sat, 04 Jul 2009 15:52:06 +0200 | 2991 | -- Jonas Meurer <mejo@debian.org> Sat, 04 Jul 2009 15:52:06 +0200 |
1218 | 1989 | 2992 | ||
1219 | 2993 | cryptsetup (2:1.0.6+20090405.svn49-1ubuntu8) lucid; urgency=low | ||
1220 | 2994 | |||
1221 | 2995 | [ Steve Langasek ] | ||
1222 | 2996 | * Make the 'start' action of the init script a no-op, this should be | ||
1223 | 2997 | handled entirely by the upstart job now; and remove any symlinks from | ||
1224 | 2998 | /etc/rcS.d on upgrade. LP: #473615. | ||
1225 | 2999 | |||
1226 | 3000 | [ Reinhard Tartler ] | ||
1227 | 3001 | * Add an apport hook | ||
1228 | 3002 | * import the blkid and un_blkid from debian, LP: #446517 | ||
1229 | 3003 | * also use this script by default (setting in /etc/default/cryptdisks) | ||
1230 | 3004 | |||
1231 | 3005 | -- Steve Langasek <steve.langasek@ubuntu.com> Wed, 04 Nov 2009 12:06:47 +0000 | ||
1232 | 3006 | |||
1233 | 3007 | cryptsetup (2:1.0.6+20090405.svn49-1ubuntu7) karmic; urgency=low | ||
1234 | 3008 | |||
1235 | 3009 | * Reupload previous version, siretart had left changes in bzr which | ||
1236 | 3010 | weren't documented in the changelog and caused FTBFS. | ||
1237 | 3011 | |||
1238 | 3012 | -- Scott James Remnant <scott@ubuntu.com> Wed, 14 Oct 2009 13:57:59 +0100 | ||
1239 | 3013 | |||
1240 | 3014 | cryptsetup (2:1.0.6+20090405.svn49-1ubuntu6) karmic; urgency=low | ||
1241 | 3015 | |||
1242 | 3016 | [ Steve Langasek ] | ||
1243 | 3017 | * Move the Debian Vcs- fields aside. | ||
1244 | 3018 | |||
1245 | 3019 | [ Scott James Remnant ] | ||
1246 | 3020 | * debian/cryptdisks-enable.upstart: Don't overcompensate for my idiocy, | ||
1247 | 3021 | cryptsetup should not need a controlling terminal, just a terminal | ||
1248 | 3022 | is fine. May fix LP: #439138. | ||
1249 | 3023 | |||
1250 | 3024 | -- Scott James Remnant <scott@ubuntu.com> Wed, 14 Oct 2009 04:52:16 +0100 | ||
1251 | 3025 | |||
1252 | 3026 | cryptsetup (2:1.0.6+20090405.svn49-1ubuntu4) karmic; urgency=low | ||
1253 | 3027 | |||
1254 | 3028 | * debian/cryptdisks-enable.upstart: Things that often help include | ||
1255 | 3029 | not setting stdin/out to /dev/null, so you can actually type the | ||
1256 | 3030 | passphrase. I am an idiot. LP: #430496. | ||
1257 | 3031 | |||
1258 | 3032 | -- Scott James Remnant <scott@ubuntu.com> Thu, 17 Sep 2009 17:58:01 +0100 | ||
1259 | 3033 | |||
1260 | 3034 | cryptsetup (2:1.0.6+20090405.svn49-1ubuntu3) karmic; urgency=low | ||
1261 | 3035 | |||
1262 | 3036 | * debian/cryptdisks-enable.upstart: add upstart job to enable encrypted | ||
1263 | 3037 | disks once we've finished probing for udev devices, so that mountall | ||
1264 | 3038 | can use them. LP: #430496. | ||
1265 | 3039 | |||
1266 | 3040 | -- Scott James Remnant <scott@ubuntu.com> Thu, 17 Sep 2009 00:04:00 +0100 | ||
1267 | 3041 | |||
1268 | 3042 | cryptsetup (2:1.0.6+20090405.svn49-1ubuntu2) karmic; urgency=low | ||
1269 | 3043 | |||
1270 | 3044 | * debian/initramfs/cryptroot-conf: declare that we want usplash included | ||
1271 | 3045 | in the initramfs whenever this package is installed. LP: #427356. | ||
1272 | 3046 | |||
1273 | 3047 | -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 15 Sep 2009 08:43:15 -0700 | ||
1274 | 3048 | |||
1275 | 3049 | cryptsetup (2:1.0.6+20090405.svn49-1ubuntu1) karmic; urgency=low | ||
1276 | 3050 | |||
1277 | 3051 | * Merge from debian unstable, remaining changes: | ||
1278 | 3052 | - Ubuntu specific: | ||
1279 | 3053 | + debian/rules: link dynamically for better security supportability and | ||
1280 | 3054 | smaller packages. | ||
1281 | 3055 | + debian/control: Depend on initramfs-tools so system is not potentially | ||
1282 | 3056 | rendered unbootable. | ||
1283 | 3057 | - debian/initramfs/cryptroot-script wait for encrypted device to appear, | ||
1284 | 3058 | report with log_*_msg (debian bug 488271). | ||
1285 | 3059 | - debian/initramfs/cryptroot-hook: fix support for UUID and LABEL | ||
1286 | 3060 | correlation between fstab and crypttab (debian bug 522041). | ||
1287 | 3061 | - debian/askpass.c, debian/initramfs/cryptroot-script: using newline | ||
1288 | 3062 | escape in passphrase prompt to avoid line-wrapping (debian bug 528133). | ||
1289 | 3063 | * Drop 04_fix_udevsettle_call.patch: fixed upstream differently. | ||
1290 | 3064 | |||
1291 | 3065 | -- Kees Cook <kees@ubuntu.com> Sun, 10 May 2009 17:29:32 -0700 | ||
1292 | 3066 | |||
1293 | 1990 | cryptsetup (2:1.0.6+20090405.svn49-1) unstable; urgency=low | 3067 | cryptsetup (2:1.0.6+20090405.svn49-1) unstable; urgency=low |
1294 | 1991 | 3068 | ||
1295 | 1992 | * New upstream svn snapshot. Highlights include: | 3069 | * New upstream svn snapshot. Highlights include: |
1296 | @@ -2028,6 +3105,67 @@ cryptsetup (2:1.0.6+20090405.svn49-1) unstable; urgency=low | |||
1297 | 2028 | 3105 | ||
1298 | 2029 | -- Jonas Meurer <mejo@debian.org> Mon, 06 Apr 2009 08:49:14 +0200 | 3106 | -- Jonas Meurer <mejo@debian.org> Mon, 06 Apr 2009 08:49:14 +0200 |
1299 | 2030 | 3107 | ||
1300 | 3108 | cryptsetup (2:1.0.6-7ubuntu7) jaunty; urgency=low | ||
1301 | 3109 | |||
1302 | 3110 | * debian/control: Depend on initramfs-tools so system is not potentially | ||
1303 | 3111 | rendered unbootable (LP: #358654). | ||
1304 | 3112 | |||
1305 | 3113 | -- Kees Cook <kees@ubuntu.com> Thu, 09 Apr 2009 12:29:31 -0700 | ||
1306 | 3114 | |||
1307 | 3115 | cryptsetup (2:1.0.6-7ubuntu6) jaunty; urgency=low | ||
1308 | 3116 | |||
1309 | 3117 | * debian/initramfs/cryptroot-script: we don't require vol_id to understand | ||
1310 | 3118 | the encrypted device, but we should check the device is fully up first | ||
1311 | 3119 | before continuing by calling udevadm settle. LP: #291752. | ||
1312 | 3120 | |||
1313 | 3121 | -- Steve Langasek <steve.langasek@ubuntu.com> Sat, 07 Mar 2009 21:39:14 -0800 | ||
1314 | 3122 | |||
1315 | 3123 | cryptsetup (2:1.0.6-7ubuntu5) jaunty; urgency=low | ||
1316 | 3124 | |||
1317 | 3125 | * debian/initramfs/cryptroot-hook: fix support for UUID and LABEL correlation | ||
1318 | 3126 | between fstab and crypttab (LP: #287879). | ||
1319 | 3127 | |||
1320 | 3128 | -- TJ <ubuntu@tjworld.net> Mon, 16 Feb 2009 23:00:00 +0000 | ||
1321 | 3129 | |||
1322 | 3130 | cryptsetup (2:1.0.6-7ubuntu4) jaunty; urgency=low | ||
1323 | 3131 | |||
1324 | 3132 | * debian/askpass.c: also handle newline escape code in console prompt. | ||
1325 | 3133 | |||
1326 | 3134 | -- Kees Cook <kees@ubuntu.com> Sun, 15 Feb 2009 08:57:05 -0800 | ||
1327 | 3135 | |||
1328 | 3136 | cryptsetup (2:1.0.6-7ubuntu3) jaunty; urgency=low | ||
1329 | 3137 | |||
1330 | 3138 | [ https://launchpad.net/~svenkata ] | ||
1331 | 3139 | * debian/checks/un_vol_id: dynamically build the "unknown volume type" | ||
1332 | 3140 | string, to allow for encrypted swap, LP: #316607 | ||
1333 | 3141 | |||
1334 | 3142 | -- Dustin Kirkland <kirkland@ubuntu.com> Thu, 12 Feb 2009 16:57:30 -0600 | ||
1335 | 3143 | |||
1336 | 3144 | cryptsetup (2:1.0.6-7ubuntu2) jaunty; urgency=low | ||
1337 | 3145 | |||
1338 | 3146 | * debian/askpass.c: handle newline escape code in password prompt. | ||
1339 | 3147 | * debian/initramfs/cryptroot-script: add newline to split cryptroot | ||
1340 | 3148 | password prompt onto two lines for readability (LP: #326900). | ||
1341 | 3149 | |||
1342 | 3150 | -- Kees Cook <kees@ubuntu.com> Sun, 08 Feb 2009 07:26:01 -0800 | ||
1343 | 3151 | |||
1344 | 3152 | cryptsetup (2:1.0.6-7ubuntu1) jaunty; urgency=low | ||
1345 | 3153 | |||
1346 | 3154 | * Merge from debian unstable, remaining changes: | ||
1347 | 3155 | - debian/initramfs/cryptroot-script: | ||
1348 | 3156 | - must source /scripts/functions to get the log_*_msg() functions. | ||
1349 | 3157 | - wait for encrypted device to show up (LP 164044, 291752). | ||
1350 | 3158 | - disable error message 'failed to setup lvm device' (LP 151532). | ||
1351 | 3159 | - debian/rules: | ||
1352 | 3160 | - fix location of ltmain.sh (Ubuntu-specific until libtool 2.2.x is | ||
1353 | 3161 | in Debian unstable). | ||
1354 | 3162 | - link dynamically (LP 62751). | ||
1355 | 3163 | - add 04_fix_udevsettle_call.patch: fix path to binary for udevsettle. | ||
1356 | 3164 | * Revert versioned build-depency on libdevmapper-dev, since Ubuntu's | ||
1357 | 3165 | version is higher now. | ||
1358 | 3166 | |||
1359 | 3167 | -- Kees Cook <kees@ubuntu.com> Tue, 06 Jan 2009 13:00:16 -0800 | ||
1360 | 3168 | |||
1361 | 2031 | cryptsetup (2:1.0.6-7) unstable; urgency=medium | 3169 | cryptsetup (2:1.0.6-7) unstable; urgency=medium |
1362 | 2032 | 3170 | ||
1363 | 2033 | * Add patches/01_gettext_package.patch: Remove -luks from GETTEXT_PACKAGE | 3171 | * Add patches/01_gettext_package.patch: Remove -luks from GETTEXT_PACKAGE |
1364 | @@ -2072,6 +3210,38 @@ cryptsetup (2:1.0.6-7) unstable; urgency=medium | |||
1365 | 2072 | 3210 | ||
1366 | 2073 | -- Jonas Meurer <mejo@debian.org> Wed, 17 Dec 2008 21:25:45 +0100 | 3211 | -- Jonas Meurer <mejo@debian.org> Wed, 17 Dec 2008 21:25:45 +0100 |
1367 | 2074 | 3212 | ||
1368 | 3213 | cryptsetup (2:1.0.6-6ubuntu2.1) intrepid-proposed; urgency=low | ||
1369 | 3214 | |||
1370 | 3215 | * debian/initramfs/cryptroot-script: do not require that vol_id | ||
1371 | 3216 | can parse the encrypted device as valid (LP: #291752). | ||
1372 | 3217 | |||
1373 | 3218 | -- Kees Cook <kees@ubuntu.com> Fri, 31 Oct 2008 13:10:06 -0700 | ||
1374 | 3219 | |||
1375 | 3220 | cryptsetup (2:1.0.6-6ubuntu2) intrepid; urgency=low | ||
1376 | 3221 | |||
1377 | 3222 | * Fixes for (LP: #272301) | ||
1378 | 3223 | * debian/initramfs/cryptroot-script: must source /scripts/functions to get | ||
1379 | 3224 | the log_*_msg() functions | ||
1380 | 3225 | * 04_fix_udevsettle_call.patch: fix path to binary for udevsettle | ||
1381 | 3226 | |||
1382 | 3227 | -- Dustin Kirkland <kirkland@ubuntu.com> Fri, 19 Sep 2008 18:03:28 -0500 | ||
1383 | 3228 | |||
1384 | 3229 | cryptsetup (2:1.0.6-6ubuntu1) intrepid; urgency=low | ||
1385 | 3230 | |||
1386 | 3231 | * drop almost all ubuntu specific changes from the cryptsetup package, | ||
1387 | 3232 | because they have been merged in debian. Thanks a lot! | ||
1388 | 3233 | * merge from debian, remaining changes: | ||
1389 | 3234 | - remove versioned build-depency on libdevmapper-dev, we are using a | ||
1390 | 3235 | rather sophisticated loop for making sure the root filesystem appears. | ||
1391 | 3236 | * debian/rules: fix location of ltmain.sh | ||
1392 | 3237 | * don't exit usplash anymore in the init script. LP: #110970, #139363 | ||
1393 | 3238 | * Disable error message 'failed to setup lvm device'. It is harmless, and | ||
1394 | 3239 | caused by the fact that the udev rules provided by lvm2 are setting up | ||
1395 | 3240 | the lvm on their own. In debian the scripts here are responsible for this | ||
1396 | 3241 | but obviously fail in ubuntu. LP: #151532 | ||
1397 | 3242 | |||
1398 | 3243 | -- Reinhard Tartler <siretart@tauware.de> Sat, 30 Aug 2008 17:52:16 +0200 | ||
1399 | 3244 | |||
1400 | 2075 | cryptsetup (2:1.0.6-6) unstable; urgency=high | 3245 | cryptsetup (2:1.0.6-6) unstable; urgency=high |
1401 | 2076 | 3246 | ||
1402 | 2077 | * Don't cat keyfile into pipe for do_noluks(). cryptsetup handles | 3247 | * Don't cat keyfile into pipe for do_noluks(). cryptsetup handles |
1403 | @@ -2173,6 +3343,79 @@ cryptsetup (2:1.0.6-3) unstable; urgency=low | |||
1404 | 2173 | 3343 | ||
1405 | 2174 | -- Jonas Meurer <mejo@debian.org> Mon, 07 Jul 2008 00:30:07 +0200 | 3344 | -- Jonas Meurer <mejo@debian.org> Mon, 07 Jul 2008 00:30:07 +0200 |
1406 | 2175 | 3345 | ||
1407 | 3346 | cryptsetup (2:1.0.6-2ubuntu7) intrepid; urgency=low | ||
1408 | 3347 | |||
1409 | 3348 | * reintroduce changes from 2:1.0.6-2ubuntu5 that have been accidentally | ||
1410 | 3349 | dropped in version 2:1.0.6-2ubuntu6. | ||
1411 | 3350 | |||
1412 | 3351 | -- Reinhard Tartler <siretart@tauware.de> Fri, 20 Jun 2008 15:15:54 +0200 | ||
1413 | 3352 | |||
1414 | 3353 | cryptsetup (2:1.0.6-2ubuntu6) intrepid; urgency=low | ||
1415 | 3354 | |||
1416 | 3355 | [ Kjell Braden ] | ||
1417 | 3356 | * load scripts/functions for log_{begin,end}_msg | ||
1418 | 3357 | * debian/initramfs/cryptroot-script: wait for the cryptsource, not the resulting mapped root device | ||
1419 | 3358 | * debian/initramfs/cryptroot-hook: copy binaries to the right directory | ||
1420 | 3359 | |||
1421 | 3360 | [ Reinhard Tartler ] | ||
1422 | 3361 | * remove versioned build-depency on libdevmapper-dev, we are using a | ||
1423 | 3362 | rather sophisticated loop for making sure the root filesystem appears. | ||
1424 | 3363 | |||
1425 | 3364 | -- Reinhard Tartler <siretart@tauware.de> Wed, 18 Jun 2008 00:26:43 +0200 | ||
1426 | 3365 | |||
1427 | 3366 | cryptsetup (2:1.0.6-2ubuntu5) intrepid; urgency=low | ||
1428 | 3367 | |||
1429 | 3368 | * Okay, I give up. include preprocessed manpages and adapt | ||
1430 | 3369 | debian/rules to easily produce those. | ||
1431 | 3370 | ATTENTION: on subsequent uploads, make sure that the manpages are | ||
1432 | 3371 | available and up-to-date. | ||
1433 | 3372 | |||
1434 | 3373 | -- Reinhard Tartler <siretart@tauware.de> Sun, 15 Jun 2008 13:33:07 +0200 | ||
1435 | 3374 | |||
1436 | 3375 | cryptsetup (2:1.0.6-2ubuntu4) intrepid; urgency=low | ||
1437 | 3376 | |||
1438 | 3377 | * also use local dtd in debian/doc/variables.xml.in. | ||
1439 | 3378 | |||
1440 | 3379 | -- Reinhard Tartler <siretart@tauware.de> Sun, 15 Jun 2008 12:55:42 +0200 | ||
1441 | 3380 | |||
1442 | 3381 | cryptsetup (2:1.0.6-2ubuntu3) intrepid; urgency=low | ||
1443 | 3382 | |||
1444 | 3383 | * try harder to fix FTBFS. | ||
1445 | 3384 | |||
1446 | 3385 | -- Reinhard Tartler <siretart@tauware.de> Sun, 15 Jun 2008 11:42:54 +0200 | ||
1447 | 3386 | |||
1448 | 3387 | cryptsetup (2:1.0.6-2ubuntu2) intrepid; urgency=low | ||
1449 | 3388 | |||
1450 | 3389 | * build docbook documentation using local dtds instead of trying to | ||
1451 | 3390 | download them at buildtime. Fixes FTBFS. | ||
1452 | 3391 | |||
1453 | 3392 | -- Reinhard Tartler <siretart@tauware.de> Sun, 15 Jun 2008 11:12:28 +0200 | ||
1454 | 3393 | |||
1455 | 3394 | cryptsetup (2:1.0.6-2ubuntu1) intrepid; urgency=low | ||
1456 | 3395 | |||
1457 | 3396 | * Merge new debian version. Remaining changes: | ||
1458 | 3397 | - Add XSBC-Vcs-Bzr tag to indicate that this package is managed using | ||
1459 | 3398 | bzr on launchpad. | ||
1460 | 3399 | - debian/rules: cryptsetup is linked dynamically against libgcrypt and | ||
1461 | 3400 | libgpg-error. | ||
1462 | 3401 | - cryptdisks.functions: stop usplash on user input. LP #62751 | ||
1463 | 3402 | - Parse comments in lines not starting with '#', LP #185380 | ||
1464 | 3403 | - If the encrypted source device hasn't shown up yet, give it a | ||
1465 | 3404 | little while to deal with removable devices. LP #164044 | ||
1466 | 3405 | * Depend on race-free version of libdevmapper, thus making udevsettle | ||
1467 | 3406 | call from cryptsetup binary unnecessary. Dropping patch | ||
1468 | 3407 | debian/patches/06_run_udevsettle.patch | ||
1469 | 3408 | * remove patch from LP #73862, loading optimized modules has been solved | ||
1470 | 3409 | in debian in another way. | ||
1471 | 3410 | * cryptdisk.functions: remove spurious call to load_optimized_module. | ||
1472 | 3411 | LP: #239946 | ||
1473 | 3412 | * bugfix: make regex work if keyfile has extended attributes. LP: #231339. | ||
1474 | 3413 | * remove patch in cryptdisks.functions for rexecing the script itself for | ||
1475 | 3414 | ensuring that a tty is always available. (See LP #58794.) According to | ||
1476 | 3415 | Scott, this is not necessary anymore. | ||
1477 | 3416 | |||
1478 | 3417 | -- Reinhard Tartler <siretart@tauware.de> Sat, 14 Jun 2008 23:28:51 +0200 | ||
1479 | 3418 | |||
1480 | 2176 | cryptsetup (2:1.0.6-2) unstable; urgency=low | 3419 | cryptsetup (2:1.0.6-2) unstable; urgency=low |
1481 | 2177 | 3420 | ||
1482 | 2178 | [ Jonas Meurer ] | 3421 | [ Jonas Meurer ] |
1483 | @@ -2198,6 +3441,54 @@ cryptsetup (2:1.0.6-2) unstable; urgency=low | |||
1484 | 2198 | 3441 | ||
1485 | 2199 | -- David Härdeman <david@hardeman.nu> Mon, 26 May 2008 08:12:32 +0200 | 3442 | -- David Härdeman <david@hardeman.nu> Mon, 26 May 2008 08:12:32 +0200 |
1486 | 2200 | 3443 | ||
1487 | 3444 | cryptsetup (2:1.0.6-1ubuntu4) intrepid; urgency=low | ||
1488 | 3445 | |||
1489 | 3446 | [ Kjell Braden ] | ||
1490 | 3447 | * Fix configuration parsing (LP: #239808) | ||
1491 | 3448 | |||
1492 | 3449 | [ Reinhard Tartler ] | ||
1493 | 3450 | * cryptroot-script: use 'echo' instead of 'log_begin_msg' (LP: #237723) | ||
1494 | 3451 | |||
1495 | 3452 | -- Reinhard Tartler <siretart@tauware.de> Fri, 13 Jun 2008 21:26:17 +0200 | ||
1496 | 3453 | |||
1497 | 3454 | cryptsetup (2:1.0.6-1ubuntu3) intrepid; urgency=low | ||
1498 | 3455 | |||
1499 | 3456 | * Parse comments in lines not starting with '#', LP: #185380 | ||
1500 | 3457 | * in cryptroot hook, don't rely on 'udevadm settle' to wait long enough | ||
1501 | 3458 | for the cryptdevice to appear. Reimplement the busy waiting loop found | ||
1502 | 3459 | while waiting for the root file system. Patch based on work by Swâmi | ||
1503 | 3460 | Petaramesh. LP: #164044 | ||
1504 | 3461 | * debian/crypdisks.functions: call 'env' with full path. LP: #178829. | ||
1505 | 3462 | |||
1506 | 3463 | -- Reinhard Tartler <siretart@tauware.de> Mon, 26 May 2008 22:12:32 +0200 | ||
1507 | 3464 | |||
1508 | 3465 | cryptsetup (2:1.0.6-1ubuntu2) intrepid; urgency=low | ||
1509 | 3466 | |||
1510 | 3467 | * Simplify the patch in debian/cryptdisks.functions that stops usplash | ||
1511 | 3468 | before asking for a passphrase. | ||
1512 | 3469 | |||
1513 | 3470 | -- Reinhard Tartler <siretart@tauware.de> Mon, 26 May 2008 20:18:14 +0200 | ||
1514 | 3471 | |||
1515 | 3472 | cryptsetup (2:1.0.6-1ubuntu1) intrepid; urgency=low | ||
1516 | 3473 | |||
1517 | 3474 | * Merge new debian version. Remaining changes: | ||
1518 | 3475 | - cryptsetup is linked dynamically against libgcrypt and libgpg-error. | ||
1519 | 3476 | - stop usplash on user input. LP #62751 | ||
1520 | 3477 | - debian/cryptdisks.functions: Always output and read from the console. | ||
1521 | 3478 | LP #58794. | ||
1522 | 3479 | - Add XSBC-Vcs-Bzr tag to indicate that this package is managed using | ||
1523 | 3480 | bzr on launchpad. | ||
1524 | 3481 | - debian/initramfs/cryptroot-hook: LP #73862 | ||
1525 | 3482 | Added patch to install aes optimized cypher module | ||
1526 | 3483 | - try to load optimized cypher module in cryptsetup.functions as well, | ||
1527 | 3484 | because cryptroot-hook is only executed when we really have a | ||
1528 | 3485 | cryptoroot. | ||
1529 | 3486 | * other ubuntu changes have been merged into debian. Please report bugs | ||
1530 | 3487 | if you believe some patches have been dropped. | ||
1531 | 3488 | * removed 07_typos_fix.patch, has been reviewed and applied upstream. | ||
1532 | 3489 | |||
1533 | 3490 | -- Reinhard Tartler <siretart@tauware.de> Sun, 25 May 2008 22:52:30 +0200 | ||
1534 | 3491 | |||
1535 | 2201 | cryptsetup (2:1.0.6-1) unstable; urgency=low | 3492 | cryptsetup (2:1.0.6-1) unstable; urgency=low |
1536 | 2202 | 3493 | ||
1537 | 2203 | [ Jonas Meurer ] | 3494 | [ Jonas Meurer ] |
1538 | @@ -2329,6 +3620,138 @@ cryptsetup (2:1.0.6~pre1-1) unstable; urgency=low | |||
1539 | 2329 | 3620 | ||
1540 | 2330 | -- Jonas Meurer <mejo@debian.org> Thu, 06 Dec 2007 15:56:05 +0100 | 3621 | -- Jonas Meurer <mejo@debian.org> Thu, 06 Dec 2007 15:56:05 +0100 |
1541 | 2331 | 3622 | ||
1542 | 3623 | cryptsetup (2:1.0.5-2ubuntu12) hardy; urgency=low | ||
1543 | 3624 | |||
1544 | 3625 | * added debian/patches/07_typos_fix.dpatch: fixed typos in man pages. (LP: #164181) | ||
1545 | 3626 | |||
1546 | 3627 | -- Bruno Barrera Yever <bbyever@gmail.com> Mon, 07 Apr 2008 18:43:05 -0500 | ||
1547 | 3628 | |||
1548 | 3629 | cryptsetup (2:1.0.5-2ubuntu11) hardy; urgency=low | ||
1549 | 3630 | |||
1550 | 3631 | * debian/initramfs/cryptroot-script: Do show the disk name after all, since | ||
1551 | 3632 | some people use multiple encrypted partitions as LVM PVs. (LP: #201413) | ||
1552 | 3633 | |||
1553 | 3634 | -- Martin Pitt <martin.pitt@ubuntu.com> Sun, 06 Apr 2008 11:54:41 -0600 | ||
1554 | 3635 | |||
1555 | 3636 | cryptsetup (2:1.0.5-2ubuntu10) hardy; urgency=low | ||
1556 | 3637 | |||
1557 | 3638 | * debian/initramfs/cryptroot-script: Do not mention the name of the | ||
1558 | 3639 | encrypted device. It is just technobabble anyway (sda4_crypt), and there | ||
1559 | 3640 | is just one root partition ever, so it is not needed to tell apart | ||
1560 | 3641 | different partitions. From a security POV, someone who can change your | ||
1561 | 3642 | initramfs to boot a different root partition can just as well change the | ||
1562 | 3643 | strings, too. (LP: #201413) | ||
1563 | 3644 | |||
1564 | 3645 | -- Martin Pitt <martin.pitt@ubuntu.com> Wed, 02 Apr 2008 15:51:53 +0200 | ||
1565 | 3646 | |||
1566 | 3647 | cryptsetup (2:1.0.5-2ubuntu9) hardy; urgency=low | ||
1567 | 3648 | |||
1568 | 3649 | * debian/scripts/luksformat: Use 256 bit key size by default. | ||
1569 | 3650 | (LP: #78508) | ||
1570 | 3651 | * debian/patches/02_manpage.dpatch: Clarify default key sizes (128 for | ||
1571 | 3652 | luksFormat and 256 for create) in cryptsetup.8. (side-note in LP #78508) | ||
1572 | 3653 | |||
1573 | 3654 | -- Martin Pitt <martin.pitt@ubuntu.com> Wed, 27 Feb 2008 17:43:46 +0100 | ||
1574 | 3655 | |||
1575 | 3656 | cryptsetup (2:1.0.5-2ubuntu8) hardy; urgency=low | ||
1576 | 3657 | |||
1577 | 3658 | * Fix -x calls and access() call. | ||
1578 | 3659 | |||
1579 | 3660 | -- Scott James Remnant <scott@ubuntu.com> Fri, 14 Dec 2007 16:54:53 +0000 | ||
1580 | 3661 | |||
1581 | 3662 | cryptsetup (2:1.0.5-2ubuntu7) hardy; urgency=low | ||
1582 | 3663 | |||
1583 | 3664 | * debian/initramfs/cryptroot-script: call udevadm instead of udevsettle | ||
1584 | 3665 | * debian/patches/06_call_udevsettle.dpatch: likewise | ||
1585 | 3666 | |||
1586 | 3667 | -- Scott James Remnant <scott@ubuntu.com> Fri, 14 Dec 2007 16:11:36 +0000 | ||
1587 | 3668 | |||
1588 | 3669 | cryptsetup (2:1.0.5-2ubuntu6) hardy; urgency=low | ||
1589 | 3670 | |||
1590 | 3671 | * Make cryptsetup understand devices specified by UUID=... or LABEL= | ||
1591 | 3672 | in crypttab. (LP: #153597) | ||
1592 | 3673 | |||
1593 | 3674 | -- Andrea Colangelo <warp10@libero.it> Mon, 29 Oct 2007 18:22:51 +0100 | ||
1594 | 3675 | |||
1595 | 3676 | cryptsetup (2:1.0.5-2ubuntu5) hardy; urgency=low | ||
1596 | 3677 | |||
1597 | 3678 | * reenable additional udevsettle calls in cryptroot hook from | ||
1598 | 3679 | https://launchpad.net/bugs/85640, LP: #132373. | ||
1599 | 3680 | * change maintainer to ubuntu-core-dev. | ||
1600 | 3681 | * use Vcs-Bzr instead of XSCB-Vcs-Bzr header in debian/control. | ||
1601 | 3682 | |||
1602 | 3683 | -- Reinhard Tartler <siretart@tauware.de> Thu, 08 Nov 2007 23:52:19 +0100 | ||
1603 | 3684 | |||
1604 | 3685 | cryptsetup (2:1.0.5-2ubuntu4) hardy; urgency=low | ||
1605 | 3686 | |||
1606 | 3687 | * reapply changes from version 2:1.0.5-2ubuntu2, got dropped with last | ||
1607 | 3688 | upload. Sorry, pitti. | ||
1608 | 3689 | * convert patch to lib/libdevmapper.c to a dpatch. | ||
1609 | 3690 | |||
1610 | 3691 | -- Reinhard Tartler <siretart@tauware.de> Sun, 04 Nov 2007 21:42:43 +0100 | ||
1611 | 3692 | |||
1612 | 3693 | cryptsetup (2:1.0.5-2ubuntu3) hardy; urgency=low | ||
1613 | 3694 | |||
1614 | 3695 | * RELIABILY FIX: lib/libdevmapper.c: Ensure that pending device creation | ||
1615 | 3696 | events are being processed by calling /sbin/udevsettle. Patch based on | ||
1616 | 3697 | OpenSUSE bug #285478, LP: #132373. | ||
1617 | 3698 | * Based on the change above, the patch from LP #85640 is no longer needed. | ||
1618 | 3699 | dropping the relevant parts. | ||
1619 | 3700 | * Fix debian/rules to not fail to build if autom4te.cache is left behind | ||
1620 | 3701 | from a previous incomplete build. | ||
1621 | 3702 | |||
1622 | 3703 | -- Reinhard Tartler <siretart@tauware.de> Fri, 02 Nov 2007 20:53:31 +0100 | ||
1623 | 3704 | |||
1624 | 3705 | cryptsetup (2:1.0.5-2ubuntu2) gutsy; urgency=low | ||
1625 | 3706 | |||
1626 | 3707 | * debian/initramfs/cryptroot-script: | ||
1627 | 3708 | - If the supplied password worked, remove the prompt from usplash again, | ||
1628 | 3709 | so that the user has some visual feedback that everything is alright. | ||
1629 | 3710 | (LP: #151305) | ||
1630 | 3711 | - Do not show the UUID device node of the outer physical device. It is | ||
1631 | 3712 | scary ("/dev/disk/by-uuid/1234yadayada") and displaying it does not | ||
1632 | 3713 | improve security at all: If attackers can tamper with your initramfs, | ||
1633 | 3714 | they can also change the prompt, and if the UUID of the physical device | ||
1634 | 3715 | changes, then booting will not even get that far. Now it is a much more | ||
1635 | 3716 | friendly "Enter passphrase for sda5_crypt:" which is still technical, | ||
1636 | 3717 | but it's necessary to point out which device will be unlocked in case | ||
1637 | 3718 | there are several. | ||
1638 | 3719 | |||
1639 | 3720 | -- Martin Pitt <martin.pitt@ubuntu.com> Thu, 11 Oct 2007 19:51:58 +0200 | ||
1640 | 3721 | |||
1641 | 3722 | cryptsetup (2:1.0.5-2ubuntu1) gutsy; urgency=low | ||
1642 | 3723 | |||
1643 | 3724 | * Merge new debian version. Remaining changes: | ||
1644 | 3725 | - cryptsetup is linked dynamically against libgcrypt and libgpg-error. | ||
1645 | 3726 | This will break systems where /usr is a separate encrypted filesystem | ||
1646 | 3727 | but not have other bad consequences (in particular, systems with | ||
1647 | 3728 | encrypted root are still fine). The upsides include better | ||
1648 | 3729 | security supportability and smaller packages. | ||
1649 | 3730 | - libcryptsetup.so et al removed from the binary packages. They have | ||
1650 | 3731 | no stable ABI and are not suitable for use by other packages, and | ||
1651 | 3732 | were in violation of library policies etc. They're not needed since | ||
1652 | 3733 | the cryptsetup executable statically contains the relevant parts of | ||
1653 | 3734 | libcryptsetup. | ||
1654 | 3735 | - cryptdisks.functions: remove #!/bin/bash as it isn't a script | ||
1655 | 3736 | by itself; it's only sourced by other scripts. This gets rid | ||
1656 | 3737 | of the lintian warning `script-not-executable' for this file. | ||
1657 | 3738 | - stop usplash on user input. LP #62751 | ||
1658 | 3739 | - Always output and read from the console. LP #58794. | ||
1659 | 3740 | - Add XSBC-Vcs-Bzr tag to indicate that this package is managed using | ||
1660 | 3741 | bzr on launchpad. | ||
1661 | 3742 | - Bump libgcrypt11 build-dependency again to 1.2.4-2ubuntu2 to eliminate | ||
1662 | 3743 | libnsl linkage; | ||
1663 | 3744 | - debian/initramfs/cryptroot-hook: (LP: #73862) | ||
1664 | 3745 | Added patch to install aes optimized cypher module | ||
1665 | 3746 | - try to load optimized cypher module in cryptsetup.functions as well, | ||
1666 | 3747 | because cryptroot-hook is only executed when we really have a | ||
1667 | 3748 | cryptoroot. | ||
1668 | 3749 | - apply patch from pitti for allowing UUIDs in /etc/crypttab. | ||
1669 | 3750 | This allowes crypted PVs! LP: #144390. | ||
1670 | 3751 | - remove README.ubuntu, since it contains old and obsolete information. | ||
1671 | 3752 | |||
1672 | 3753 | -- Reinhard Tartler <siretart@tauware.de> Tue, 02 Oct 2007 21:31:28 +0200 | ||
1673 | 3754 | |||
1674 | 2332 | cryptsetup (2:1.0.5-2) unstable; urgency=low | 3755 | cryptsetup (2:1.0.5-2) unstable; urgency=low |
1675 | 2333 | 3756 | ||
1676 | 2334 | [ Jonas Meurer ] | 3757 | [ Jonas Meurer ] |
1677 | @@ -2377,6 +3800,68 @@ cryptsetup (2:1.0.5-2) unstable; urgency=low | |||
1678 | 2377 | 3800 | ||
1679 | 2378 | -- Jonas Meurer <mejo@debian.org> Mon, 24 Sep 2007 15:42:06 +0200 | 3801 | -- Jonas Meurer <mejo@debian.org> Mon, 24 Sep 2007 15:42:06 +0200 |
1680 | 2379 | 3802 | ||
1681 | 3803 | cryptsetup (2:1.0.5-1ubuntu5) UNRELEASED; urgency=low | ||
1682 | 3804 | |||
1683 | 3805 | * apply patch from pitti for allowing UUIDs in /etc/crypttab. | ||
1684 | 3806 | This allowes crypted PVs! LP: #144390. | ||
1685 | 3807 | * remove README.ubuntu, since it contains old and obsolete information. | ||
1686 | 3808 | |||
1687 | 3809 | -- Reinhard Tartler <siretart@tauware.de> Tue, 02 Oct 2007 19:59:24 +0200 | ||
1688 | 3810 | |||
1689 | 3811 | cryptsetup (2:1.0.5-1ubuntu4) gutsy; urgency=low | ||
1690 | 3812 | |||
1691 | 3813 | [ Stephan Hermann ] | ||
1692 | 3814 | * debian/initramfs/cryptroot-hook: (LP: #73862) | ||
1693 | 3815 | - Added patch to install aes optimized cypher module | ||
1694 | 3816 | |||
1695 | 3817 | [ Reinhard Tartler ] | ||
1696 | 3818 | * re-applying old patch to new package version | ||
1697 | 3819 | * try to load optimized cypher module in cryptsetup.functions as well, | ||
1698 | 3820 | because cryptroot-hook is only executed when we really have a | ||
1699 | 3821 | cryptoroot. | ||
1700 | 3822 | |||
1701 | 3823 | -- Reinhard Tartler <siretart@tauware.de> Thu, 27 Sep 2007 19:38:48 +0200 | ||
1702 | 3824 | |||
1703 | 3825 | cryptsetup (2:1.0.5-1ubuntu3) gutsy; urgency=low | ||
1704 | 3826 | |||
1705 | 3827 | * Bump libgcrypt11 build-dependency again to 1.2.4-2ubuntu2 to eliminate | ||
1706 | 3828 | libnsl linkage; should finally produce a usable cryptsetup binary for | ||
1707 | 3829 | the udeb. | ||
1708 | 3830 | |||
1709 | 3831 | -- Colin Watson <cjwatson@ubuntu.com> Wed, 19 Sep 2007 15:28:52 +0100 | ||
1710 | 3832 | |||
1711 | 3833 | cryptsetup (2:1.0.5-1ubuntu2) gutsy; urgency=low | ||
1712 | 3834 | |||
1713 | 3835 | * Bump libgcrypt11 build-dependency to 1.2.4-2ubuntu1 and rebuild for | ||
1714 | 3836 | proper udeb dependencies. | ||
1715 | 3837 | |||
1716 | 3838 | -- Colin Watson <cjwatson@ubuntu.com> Wed, 19 Sep 2007 01:37:02 +0100 | ||
1717 | 3839 | |||
1718 | 3840 | cryptsetup (2:1.0.5-1ubuntu1) gutsy; urgency=low | ||
1719 | 3841 | |||
1720 | 3842 | * Merge new debian version. Remaining changes: | ||
1721 | 3843 | - cryptsetup is linked dynamically against libgcrypt and libgpg-error. | ||
1722 | 3844 | This will break systems where /usr is a separate encrypted filesystem | ||
1723 | 3845 | but not have other bad consequences (in particular, systems with | ||
1724 | 3846 | encrypted root are still fine). The upsides include better | ||
1725 | 3847 | security supportability and smaller packages. | ||
1726 | 3848 | - libcryptsetup.so et al removed from the binary packages. They have | ||
1727 | 3849 | no stable ABI and are not suitable for use by other packages, and | ||
1728 | 3850 | were in violation of library policies etc. They're not needed since | ||
1729 | 3851 | the cryptsetup executable statically contains the relevant parts of | ||
1730 | 3852 | libcryptsetup. | ||
1731 | 3853 | - cryptdisks.functions: remove #!/bin/bash as it isn't a script | ||
1732 | 3854 | by itself; it's only sourced by other scripts. This gets rid | ||
1733 | 3855 | of the lintian warning `script-not-executable' for this file. | ||
1734 | 3856 | - stop usplash on user input. LP #62751 | ||
1735 | 3857 | - Always output and read from the console. LP #58794. | ||
1736 | 3858 | * Add XSBC-Vcs-Bzr tag to indicate that this package is managed using | ||
1737 | 3859 | bzr on launchpad. | ||
1738 | 3860 | * UVF exception request granted by Scott Kitterman and Chuck Short | ||
1739 | 3861 | LP: #138295 | ||
1740 | 3862 | |||
1741 | 3863 | -- Reinhard Tartler <siretart@tauware.de> Sat, 08 Sep 2007 19:04:54 +0200 | ||
1742 | 3864 | |||
1743 | 2380 | cryptsetup (2:1.0.5-1) unstable; urgency=low | 3865 | cryptsetup (2:1.0.5-1) unstable; urgency=low |
1744 | 2381 | 3866 | ||
1745 | 2382 | [ Jonas Meurer ] | 3867 | [ Jonas Meurer ] |
1746 | @@ -2397,6 +3882,66 @@ cryptsetup (2:1.0.5-1) unstable; urgency=low | |||
1747 | 2397 | 3882 | ||
1748 | 2398 | -- Jonas Meurer <mejo@debian.org> Fri, 27 Jul 2007 04:59:33 +0200 | 3883 | -- Jonas Meurer <mejo@debian.org> Fri, 27 Jul 2007 04:59:33 +0200 |
1749 | 2399 | 3884 | ||
1750 | 3885 | cryptsetup (2:1.0.4+svn29-1ubuntu6) gutsy; urgency=low | ||
1751 | 3886 | |||
1752 | 3887 | * Add notes by Ilkka Tuohela in a new file debian/README.ubuntu | ||
1753 | 3888 | |||
1754 | 3889 | -- Reinhard Tartler <siretart@tauware.de> Sat, 08 Sep 2007 18:43:56 +0200 | ||
1755 | 3890 | |||
1756 | 3891 | cryptsetup (2:1.0.4+svn29-1ubuntu5) gutsy; urgency=low | ||
1757 | 3892 | |||
1758 | 3893 | * cryptsetup is linked dynamically against libgcrypt and libgpg-error. | ||
1759 | 3894 | This will break systems where /usr is a separate encrypted filesystem | ||
1760 | 3895 | but not have other bad consequences (in particular, systems with | ||
1761 | 3896 | encrypted root are still fine). The upsides include better | ||
1762 | 3897 | security supportability and smaller packages. | ||
1763 | 3898 | * libcryptsetup.so et al removed from the binary packages. They have | ||
1764 | 3899 | no stable ABI and are not suitable for use by other packages, and | ||
1765 | 3900 | were in violation of library policies etc. They're not needed since | ||
1766 | 3901 | the cryptsetup executable statically contains the relevant parts of | ||
1767 | 3902 | libcryptsetup. | ||
1768 | 3903 | * cryptdisks.functions: remove #!/bin/bash as it isn't a script | ||
1769 | 3904 | by itself; it's only sourced by other scripts. This gets rid | ||
1770 | 3905 | of the lintian warning `script-not-executable' for this file. | ||
1771 | 3906 | |||
1772 | 3907 | -- Ian Jackson <iwj@ubuntu.com> Fri, 31 Aug 2007 12:05:33 +0100 | ||
1773 | 3908 | |||
1774 | 3909 | cryptsetup (2:1.0.4+svn29-1ubuntu4) gutsy; urgency=low | ||
1775 | 3910 | |||
1776 | 3911 | * s/$CRYPTCMD/cryptsetup/ in debian/cryptdisks.functions | ||
1777 | 3912 | (LP: #115617) | ||
1778 | 3913 | |||
1779 | 3914 | -- Reinhard Tartler <siretart@ubuntu.com> Tue, 29 May 2007 17:04:05 +0200 | ||
1780 | 3915 | |||
1781 | 3916 | cryptsetup (2:1.0.4+svn29-1ubuntu3) gutsy; urgency=low | ||
1782 | 3917 | |||
1783 | 3918 | * make luksformat check if filesystem is already mounted to prevent a | ||
1784 | 3919 | strange error message. thanks to mvo for the patch (LP: #116633) | ||
1785 | 3920 | * remove file debian/initramfs-cryptroot-script from source. it is not | ||
1786 | 3921 | installed anywhere, and a leftover from the last merge. | ||
1787 | 3922 | * add missing hunk of cryptsetup.functions compared to debian package. | ||
1788 | 3923 | * reapply http://librarian.launchpad.net/7329604/bug85640.debdiff to | ||
1789 | 3924 | debian/initramfs/cryptroot-script, since stgraber's patch has been | ||
1790 | 3925 | lost in the last merge. (LP: #85640) | ||
1791 | 3926 | |||
1792 | 3927 | -- Reinhard Tartler <siretart@ubuntu.com> Tue, 29 May 2007 15:02:57 +0200 | ||
1793 | 3928 | |||
1794 | 3929 | cryptsetup (2:1.0.4+svn29-1ubuntu2) gutsy; urgency=low | ||
1795 | 3930 | |||
1796 | 3931 | * modprobe dm-mod from cryptsetup.functions. (LP: #64625, #91405) | ||
1797 | 3932 | |||
1798 | 3933 | -- Reinhard Tartler <siretart@ubuntu.com> Tue, 29 May 2007 13:31:39 +0200 | ||
1799 | 3934 | |||
1800 | 3935 | cryptsetup (2:1.0.4+svn29-1ubuntu1) gutsy; urgency=low | ||
1801 | 3936 | |||
1802 | 3937 | * Merge from Debian unstable. Remaining Ubuntu changes: | ||
1803 | 3938 | - stop usplash on user input. Ubuntu: #62751 | ||
1804 | 3939 | - Always output and read from the console. Ubuntu: #58794. | ||
1805 | 3940 | - Wait for Udev to be ready to avoid partition non-detection. (LP: #85640) | ||
1806 | 3941 | * Modify Maintainer value to match Debian-Maintainer-Field Spec | ||
1807 | 3942 | |||
1808 | 3943 | -- Andrea Veri <bluekuja@ubuntu.com> Sun, 6 May 2007 22:33:25 +0200 | ||
1809 | 3944 | |||
1810 | 2400 | cryptsetup (2:1.0.4+svn29-1) unstable; urgency=low | 3945 | cryptsetup (2:1.0.4+svn29-1) unstable; urgency=low |
1811 | 2401 | 3946 | ||
1812 | 2402 | * New upstream svn snapshot with several bugfixes | 3947 | * New upstream svn snapshot with several bugfixes |
1813 | @@ -2449,6 +3994,20 @@ cryptsetup (2:1.0.4+svn26-2) unstable; urgency=low | |||
1814 | 2449 | 3994 | ||
1815 | 2450 | -- Jonas Meurer <mejo@debian.org> Sat, 28 Apr 2007 20:45:50 +0200 | 3995 | -- Jonas Meurer <mejo@debian.org> Sat, 28 Apr 2007 20:45:50 +0200 |
1816 | 2451 | 3996 | ||
1817 | 3997 | cryptsetup (2:1.0.4+svn26-1ubuntu2) feisty; urgency=low | ||
1818 | 3998 | |||
1819 | 3999 | * Wait for Udev to be ready to avoid partition non-detection. (LP: #85640) | ||
1820 | 4000 | |||
1821 | 4001 | -- Stéphane Graber <stgraber@ubuntu.com> Thu, 14 Apr 2007 10:03:41 +0200 | ||
1822 | 4002 | |||
1823 | 4003 | cryptsetup (2:1.0.4+svn26-1ubuntu1) feisty; urgency=low | ||
1824 | 4004 | |||
1825 | 4005 | * merge debian changes. Remaining ubuntu changes: | ||
1826 | 4006 | - stop usplash on user input. Ubuntu: #62751 | ||
1827 | 4007 | - Always output and read from the console. Ubuntu: #58794. | ||
1828 | 4008 | |||
1829 | 4009 | -- Reinhard Tartler <siretart@tauware.de> Sat, 3 Feb 2007 21:30:03 +0100 | ||
1830 | 4010 | |||
1831 | 2452 | cryptsetup (2:1.0.4+svn26-1) unstable; urgency=high | 4011 | cryptsetup (2:1.0.4+svn26-1) unstable; urgency=high |
1832 | 2453 | 4012 | ||
1833 | 2454 | [ Jonas Meurer ] | 4013 | [ Jonas Meurer ] |
1834 | @@ -2498,6 +4057,28 @@ cryptsetup (2:1.0.4+svn16-1) unstable; urgency=medium | |||
1835 | 2498 | 4057 | ||
1836 | 2499 | -- Jonas Meurer <mejo@debian.org> Tue, 28 Nov 2006 18:17:12 +0100 | 4058 | -- Jonas Meurer <mejo@debian.org> Tue, 28 Nov 2006 18:17:12 +0100 |
1837 | 2500 | 4059 | ||
1838 | 4060 | cryptsetup (2:1.0.4-8ubuntu2) feisty; urgency=low | ||
1839 | 4061 | |||
1840 | 4062 | * fix and improve initramfs hook: terminate usplash if running, since | ||
1841 | 4063 | adequate secure text input is not possible with usplash ATM | ||
1842 | 4064 | * usplash support: Terminate usplash before asking a password. | ||
1843 | 4065 | Closes https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/62751 | ||
1844 | 4066 | |||
1845 | 4067 | -- Reinhard Tartler <siretart@tauware.de> Wed, 24 Jan 2007 22:43:28 +0100 | ||
1846 | 4068 | |||
1847 | 4069 | cryptsetup (2:1.0.4-8ubuntu1) feisty; urgency=low | ||
1848 | 4070 | |||
1849 | 4071 | * merge debian changes, remaining patches: | ||
1850 | 4072 | - Always output and read from the console. Ubuntu: #58794. | ||
1851 | 4073 | * other changes have been merged or do noy apply anymore | ||
1852 | 4074 | * read password via usplash if available in initramfs for rootfs. based on a patch from | ||
1853 | 4075 | Swen Thümmler (Thanks for that!) Ubuntu #62751 | ||
1854 | 4076 | * read password from initscript via usplash if running. should fix the | ||
1855 | 4077 | rest of Ubuntu #62751. Only problem with that patch: It asks only once | ||
1856 | 4078 | for the password! improvements welcome! | ||
1857 | 4079 | |||
1858 | 4080 | -- Reinhard Tartler <siretart@tauware.de> Sun, 19 Nov 2006 20:04:19 +0100 | ||
1859 | 4081 | |||
1860 | 2501 | cryptsetup (2:1.0.4-8) unstable; urgency=high | 4082 | cryptsetup (2:1.0.4-8) unstable; urgency=high |
1861 | 2502 | 4083 | ||
1862 | 2503 | [ Jonas Meurer ] | 4084 | [ Jonas Meurer ] |
1863 | @@ -2655,6 +4236,27 @@ cryptsetup (2:1.0.4~rc2-1) unstable; urgency=low | |||
1864 | 2655 | 4236 | ||
1865 | 2656 | -- Jonas Meurer <mejo@debian.org> Mon, 4 Sep 2006 03:55:35 +0200 | 4237 | -- Jonas Meurer <mejo@debian.org> Mon, 4 Sep 2006 03:55:35 +0200 |
1866 | 2657 | 4238 | ||
1867 | 4239 | cryptsetup (2:1.0.3-3ubuntu3) edgy; urgency=low | ||
1868 | 4240 | |||
1869 | 4241 | * Always output and read from the console. Ubuntu: #58794. | ||
1870 | 4242 | |||
1871 | 4243 | -- Scott James Remnant <scott@ubuntu.com> Thu, 21 Sep 2006 03:05:18 +0100 | ||
1872 | 4244 | |||
1873 | 4245 | cryptsetup (2:1.0.3-3ubuntu2) edgy; urgency=low | ||
1874 | 4246 | |||
1875 | 4247 | * Load the dm-crypt module on startup. Ubuntu: #53475. | ||
1876 | 4248 | |||
1877 | 4249 | -- Scott James Remnant <scott@ubuntu.com> Wed, 23 Aug 2006 11:53:49 +0200 | ||
1878 | 4250 | |||
1879 | 4251 | cryptsetup (2:1.0.3-3ubuntu1) edgy; urgency=low | ||
1880 | 4252 | |||
1881 | 4253 | * Sync with Debian: | ||
1882 | 4254 | Remaining Ubuntu Changes | ||
1883 | 4255 | + debian/cryptdisks.functions: | ||
1884 | 4256 | - Tell usplash to quit if we ask for a passphrase | ||
1885 | 4257 | |||
1886 | 4258 | -- Sebastian Dröge <slomo@ubuntu.com> Tue, 11 Jul 2006 20:03:27 +0200 | ||
1887 | 4259 | |||
1888 | 2658 | cryptsetup (2:1.0.3-3) unstable; urgency=low | 4260 | cryptsetup (2:1.0.3-3) unstable; urgency=low |
1889 | 2659 | 4261 | ||
1890 | 2660 | [ Jonas Meurer ] | 4262 | [ Jonas Meurer ] |
1891 | @@ -3074,3 +4676,4 @@ cryptsetup-luks (0.992-1) unstable; urgency=low | |||
1892 | 3074 | * "integrated LUKS" support (very messy hack) | 4676 | * "integrated LUKS" support (very messy hack) |
1893 | 3075 | 4677 | ||
1894 | 3076 | -- Michael Gebetsroither <michael.geb@gmx.at> Thu, 10 Feb 2005 18:16:21 +0100 | 4678 | -- Michael Gebetsroither <michael.geb@gmx.at> Thu, 10 Feb 2005 18:16:21 +0100 |
1895 | 4679 | |||
1896 | diff --git a/debian/control b/debian/control | |||
1897 | index 3ea0be1..7d73f5f 100644 | |||
1898 | --- a/debian/control | |||
1899 | +++ b/debian/control | |||
1900 | @@ -1,7 +1,8 @@ | |||
1901 | 1 | Source: cryptsetup | 1 | Source: cryptsetup |
1902 | 2 | Section: admin | 2 | Section: admin |
1903 | 3 | Priority: optional | 3 | Priority: optional |
1905 | 4 | Maintainer: Debian Cryptsetup Team <pkg-cryptsetup-devel@alioth-lists.debian.net> | 4 | Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
1906 | 5 | XSBC-Original-Maintainer: Debian Cryptsetup Team <pkg-cryptsetup-devel@alioth-lists.debian.net> | ||
1907 | 5 | Uploaders: Jonas Meurer <jonas@freesources.org>, | 6 | Uploaders: Jonas Meurer <jonas@freesources.org>, |
1908 | 6 | Guilhem Moulin <guilhem@debian.org> | 7 | Guilhem Moulin <guilhem@debian.org> |
1909 | 7 | Rules-Requires-Root: no | 8 | Rules-Requires-Root: no |
1910 | @@ -76,11 +77,11 @@ Description: disk encryption support - command line tools | |||
1911 | 76 | 77 | ||
1912 | 77 | Package: cryptsetup-initramfs | 78 | Package: cryptsetup-initramfs |
1913 | 78 | Architecture: all | 79 | Architecture: all |
1915 | 79 | Depends: busybox | busybox-static, | 80 | Depends: busybox-initramfs, |
1916 | 80 | cryptsetup (>= ${source:Version}), | 81 | cryptsetup (>= ${source:Version}), |
1917 | 81 | initramfs-tools (>= 0.129) | linux-initramfs-tool, | 82 | initramfs-tools (>= 0.129) | linux-initramfs-tool, |
1918 | 82 | ${misc:Depends} | 83 | ${misc:Depends} |
1920 | 83 | Recommends: console-setup, kbd | 84 | Recommends: console-setup, kbd, plymouth |
1921 | 84 | Breaks: cryptsetup (<< 2:2.0.3-1) | 85 | Breaks: cryptsetup (<< 2:2.0.3-1) |
1922 | 85 | Replaces: cryptsetup (<< 2:2.0.3-1) | 86 | Replaces: cryptsetup (<< 2:2.0.3-1) |
1923 | 86 | Description: disk encryption support - initramfs integration | 87 | Description: disk encryption support - initramfs integration |
1924 | diff --git a/debian/cryptsetup-initramfs.install b/debian/cryptsetup-initramfs.install | |||
1925 | index 026ea37..6780893 100644 | |||
1926 | --- a/debian/cryptsetup-initramfs.install | |||
1927 | +++ b/debian/cryptsetup-initramfs.install | |||
1928 | @@ -5,5 +5,6 @@ debian/initramfs/hooks/* /usr/share/initramfs-tools/h | |||
1929 | 5 | debian/initramfs/scripts/local-block/cryptroot /usr/share/initramfs-tools/scripts/local-block/ | 5 | debian/initramfs/scripts/local-block/cryptroot /usr/share/initramfs-tools/scripts/local-block/ |
1930 | 6 | debian/initramfs/scripts/local-bottom/cryptgnupg-sc /usr/share/initramfs-tools/scripts/local-bottom/ | 6 | debian/initramfs/scripts/local-bottom/cryptgnupg-sc /usr/share/initramfs-tools/scripts/local-bottom/ |
1931 | 7 | debian/initramfs/scripts/local-bottom/cryptopensc /usr/share/initramfs-tools/scripts/local-bottom/ | 7 | debian/initramfs/scripts/local-bottom/cryptopensc /usr/share/initramfs-tools/scripts/local-bottom/ |
1932 | 8 | debian/initramfs/scripts/local-bottom/cryptroot /usr/share/initramfs-tools/scripts/local-bottom/ | ||
1933 | 8 | debian/initramfs/scripts/local-top/cryptopensc /usr/share/initramfs-tools/scripts/local-top/ | 9 | debian/initramfs/scripts/local-top/cryptopensc /usr/share/initramfs-tools/scripts/local-top/ |
1934 | 9 | debian/initramfs/scripts/local-top/cryptroot /usr/share/initramfs-tools/scripts/local-top/ | 10 | debian/initramfs/scripts/local-top/cryptroot /usr/share/initramfs-tools/scripts/local-top/ |
1935 | diff --git a/debian/functions b/debian/functions | |||
1936 | index 3eaf1a4..3189939 100644 | |||
1937 | --- a/debian/functions | |||
1938 | +++ b/debian/functions | |||
1939 | @@ -9,6 +9,8 @@ else | |||
1940 | 9 | TABFILE="${TABFILE-/etc/crypttab}" | 9 | TABFILE="${TABFILE-/etc/crypttab}" |
1941 | 10 | fi | 10 | fi |
1942 | 11 | export DM_DEFAULT_NAME_MANGLING_MODE=hex # for dmsetup(8) | 11 | export DM_DEFAULT_NAME_MANGLING_MODE=hex # for dmsetup(8) |
1943 | 12 | export CRYPTR_LOCAL_BLOCK="/run/cryptroot.local-block" | ||
1944 | 13 | export CRYPTR_CNT_FILE="/run/cryptroot.initrd.cnt" | ||
1945 | 12 | 14 | ||
1946 | 13 | # Logging helpers. Send the argument list to plymouth(1), or fold it | 15 | # Logging helpers. Send the argument list to plymouth(1), or fold it |
1947 | 14 | # and print it to the standard error. | 16 | # and print it to the standard error. |
1948 | @@ -587,6 +589,7 @@ _resolve_device() { | |||
1949 | 587 | # Print the major:minor device ID(s) holding the file system currently | 589 | # Print the major:minor device ID(s) holding the file system currently |
1950 | 588 | # mounted currenty mounted on $mountpoint. | 590 | # mounted currenty mounted on $mountpoint. |
1951 | 589 | # Return 0 on success, 1 on error (if $mountpoint is not a mountpoint). | 591 | # Return 0 on success, 1 on error (if $mountpoint is not a mountpoint). |
1952 | 592 | # devno will be empty if the filesystem must be excluded. | ||
1953 | 590 | get_mnt_devno() { | 593 | get_mnt_devno() { |
1954 | 591 | local wantmount="$1" devnos="" uuid dev IFS | 594 | local wantmount="$1" devnos="" uuid dev IFS |
1955 | 592 | local spec mountpoint fstype _ DEV MAJ MIN | 595 | local spec mountpoint fstype _ DEV MAJ MIN |
1956 | @@ -600,8 +603,15 @@ get_mnt_devno() { | |||
1957 | 600 | # take the last mountpoint if used several times (shadowed) | 603 | # take the last mountpoint if used several times (shadowed) |
1958 | 601 | unset -v devnos | 604 | unset -v devnos |
1959 | 602 | spec="$(printf '%b' "$spec")" | 605 | spec="$(printf '%b' "$spec")" |
1960 | 603 | _resolve_device "$spec" || continue # _resolve_device() already warns on error | ||
1961 | 604 | fstype="$(printf '%b' "$fstype")" | 606 | fstype="$(printf '%b' "$fstype")" |
1962 | 607 | if [ "$fstype" = "zfs" ]; then | ||
1963 | 608 | # Ignore ZFS entries as they don't have a major/minor and won't | ||
1964 | 609 | # be imported when local-top cryptroot script will ran. | ||
1965 | 610 | # Returns success with empty devno | ||
1966 | 611 | printf '' | ||
1967 | 612 | return 0 | ||
1968 | 613 | fi | ||
1969 | 614 | _resolve_device "$spec" || continue # _resolve_device() already warns on error | ||
1970 | 605 | if [ "$fstype" = "btrfs" ]; then | 615 | if [ "$fstype" = "btrfs" ]; then |
1971 | 606 | # btrfs can span over multiple devices | 616 | # btrfs can span over multiple devices |
1972 | 607 | if uuid="$(_device_uuid "$DEV")"; then | 617 | if uuid="$(_device_uuid "$DEV")"; then |
1973 | diff --git a/debian/initramfs/cryptroot-unlock b/debian/initramfs/cryptroot-unlock | |||
1974 | index d31b6f4..960e3a8 100644 | |||
1975 | --- a/debian/initramfs/cryptroot-unlock | |||
1976 | +++ b/debian/initramfs/cryptroot-unlock | |||
1977 | @@ -40,8 +40,14 @@ fi | |||
1978 | 40 | pgrep_exe() { | 40 | pgrep_exe() { |
1979 | 41 | local exe pid | 41 | local exe pid |
1980 | 42 | exe="$(readlink -f -- "$1" 2>/dev/null)" && [ -f "$exe" ] || return 0 | 42 | exe="$(readlink -f -- "$1" 2>/dev/null)" && [ -f "$exe" ] || return 0 |
1983 | 43 | ps -eo pid= | while read pid; do | 43 | ps | awk '{print $1, $5}' | while read LINE; do |
1984 | 44 | [ "$(readlink -f "/proc/$pid/exe")" != "$exe" ] || printf '%d\n' "$pid" | 44 | set $LINE |
1985 | 45 | local pid=$1 | ||
1986 | 46 | local cmd=$(readlink -f -- "$2") | ||
1987 | 47 | if [ "$cmd" == "$exe" ]; then | ||
1988 | 48 | echo $pid | ||
1989 | 49 | break | ||
1990 | 50 | fi | ||
1991 | 45 | done | 51 | done |
1992 | 46 | } | 52 | } |
1993 | 47 | 53 | ||
1994 | @@ -101,7 +107,7 @@ wait_for_prompt() { | |||
1995 | 101 | break | 107 | break |
1996 | 102 | fi | 108 | fi |
1997 | 103 | 109 | ||
1999 | 104 | usleep 100000 | 110 | sleep 0.1 |
2000 | 105 | timer=$(( $timer - 1 )) | 111 | timer=$(( $timer - 1 )) |
2001 | 106 | if [ $timer -le 0 ]; then | 112 | if [ $timer -le 0 ]; then |
2002 | 107 | echo "Error: Timeout reached while waiting for askpass." >&2 | 113 | echo "Error: Timeout reached while waiting for askpass." >&2 |
2003 | @@ -112,7 +118,7 @@ wait_for_prompt() { | |||
2004 | 112 | # find the cryptsetup process with same $CRYPTTAB_NAME | 118 | # find the cryptsetup process with same $CRYPTTAB_NAME |
2005 | 113 | local o v | 119 | local o v |
2006 | 114 | for o in NAME TRIED OPTION_tries; do | 120 | for o in NAME TRIED OPTION_tries; do |
2008 | 115 | if v="$(grep -z -m1 "^CRYPTTAB_$o=" "/proc/$pid/environ")"; then | 121 | if v="$(tr '\0' '\n' < "/proc/$pid/environ" | grep -m1 "^CRYPTTAB_$o=")"; then |
2009 | 116 | eval "CRYPTTAB_$o"="\${v#CRYPTTAB_$o=}" | 122 | eval "CRYPTTAB_$o"="\${v#CRYPTTAB_$o=}" |
2010 | 117 | else | 123 | else |
2011 | 118 | eval unset -v "CRYPTTAB_$o" | 124 | eval unset -v "CRYPTTAB_$o" |
2012 | @@ -128,7 +134,7 @@ wait_for_prompt() { | |||
2013 | 128 | fi | 134 | fi |
2014 | 129 | 135 | ||
2015 | 130 | for pid in $(pgrep_exe "/sbin/cryptsetup"); do | 136 | for pid in $(pgrep_exe "/sbin/cryptsetup"); do |
2017 | 131 | if grep -Fxqz "CRYPTTAB_NAME=$CRYPTTAB_NAME" "/proc/$pid/environ"; then | 137 | if tr '\0' '\n' < "/proc/$pid/environ" | grep -Fxq "CRYPTTAB_NAME=$CRYPTTAB_NAME"; then |
2018 | 132 | PID=$pid | 138 | PID=$pid |
2019 | 133 | BIRTH=$(stat -c"%Z" "/proc/$PID" 2>/dev/null) || break | 139 | BIRTH=$(stat -c"%Z" "/proc/$PID" 2>/dev/null) || break |
2020 | 134 | return 0 | 140 | return 0 |
2021 | @@ -148,7 +154,7 @@ wait_for_prompt() { | |||
2022 | 148 | wait_for_answer() { | 154 | wait_for_answer() { |
2023 | 149 | local timer=$(( 10 * $TIMEOUT )) b | 155 | local timer=$(( 10 * $TIMEOUT )) b |
2024 | 150 | while [ -d "/proc/$PID" ] && b=$(stat -c"%Z" "/proc/$PID" 2>/dev/null) && [ $b -le $BIRTH ]; do | 156 | while [ -d "/proc/$PID" ] && b=$(stat -c"%Z" "/proc/$PID" 2>/dev/null) && [ $b -le $BIRTH ]; do |
2026 | 151 | usleep 100000 | 157 | sleep 0.1 |
2027 | 152 | timer=$(( $timer - 1 )) | 158 | timer=$(( $timer - 1 )) |
2028 | 153 | if [ $timer -le 0 ]; then | 159 | if [ $timer -le 0 ]; then |
2029 | 154 | echo "Error: Timeout reached while waiting for PID $PID." >&2 | 160 | echo "Error: Timeout reached while waiting for PID $PID." >&2 |
2030 | diff --git a/debian/initramfs/hooks/cryptroot b/debian/initramfs/hooks/cryptroot | |||
2031 | index 7d88148..67dc6dd 100644 | |||
2032 | --- a/debian/initramfs/hooks/cryptroot | |||
2033 | +++ b/debian/initramfs/hooks/cryptroot | |||
2034 | @@ -179,16 +179,18 @@ generate_initrd_crypttab() { | |||
2035 | 179 | 179 | ||
2036 | 180 | { | 180 | { |
2037 | 181 | if devnos="$(get_mnt_devno /)"; then | 181 | if devnos="$(get_mnt_devno /)"; then |
2039 | 182 | usage=rootfs foreach_cryptdev crypttab_find_and_print_entry $devnos | 182 | if [ -n "$devnos" ]; then |
2040 | 183 | usage=rootfs foreach_cryptdev crypttab_find_and_print_entry $devnos | ||
2041 | 184 | fi | ||
2042 | 183 | else | 185 | else |
2043 | 184 | cryptsetup_message "WARNING: Couldn't determine root device" | 186 | cryptsetup_message "WARNING: Couldn't determine root device" |
2044 | 185 | fi | 187 | fi |
2045 | 186 | 188 | ||
2047 | 187 | if devnos="$(get_resume_devno)"; then | 189 | if devnos="$(get_resume_devno)" && [ -n "$devnos" ]; then |
2048 | 188 | usage=resume foreach_cryptdev crypttab_find_and_print_entry $devnos | 190 | usage=resume foreach_cryptdev crypttab_find_and_print_entry $devnos |
2049 | 189 | fi | 191 | fi |
2050 | 190 | 192 | ||
2052 | 191 | if devnos="$(get_mnt_devno /usr)"; then | 193 | if devnos="$(get_mnt_devno /usr)" && [ -n "$devnos" ]; then |
2053 | 192 | usage="" foreach_cryptdev crypttab_find_and_print_entry $devnos | 194 | usage="" foreach_cryptdev crypttab_find_and_print_entry $devnos |
2054 | 193 | fi | 195 | fi |
2055 | 194 | 196 | ||
2056 | diff --git a/debian/initramfs/scripts/local-block/cryptroot b/debian/initramfs/scripts/local-block/cryptroot | |||
2057 | index 8a9b4c0..8719fb6 100644 | |||
2058 | --- a/debian/initramfs/scripts/local-block/cryptroot | |||
2059 | +++ b/debian/initramfs/scripts/local-block/cryptroot | |||
2060 | @@ -15,6 +15,10 @@ prereqs) | |||
2061 | 15 | ;; | 15 | ;; |
2062 | 16 | esac | 16 | esac |
2063 | 17 | 17 | ||
2064 | 18 | [ -f /lib/cryptsetup/functions ] || return 0 | ||
2065 | 19 | . /lib/cryptsetup/functions | ||
2066 | 20 | |||
2067 | 18 | if [ -x /scripts/local-top/cryptroot ]; then | 21 | if [ -x /scripts/local-top/cryptroot ]; then |
2068 | 22 | touch ${CRYPTR_LOCAL_BLOCK} | ||
2069 | 19 | exec /scripts/local-top/cryptroot | 23 | exec /scripts/local-top/cryptroot |
2070 | 20 | fi | 24 | fi |
2071 | diff --git a/debian/initramfs/scripts/local-bottom/cryptroot b/debian/initramfs/scripts/local-bottom/cryptroot | |||
2072 | 21 | new file mode 100644 | 25 | new file mode 100644 |
2073 | index 0000000..4f44d38 | |||
2074 | --- /dev/null | |||
2075 | +++ b/debian/initramfs/scripts/local-bottom/cryptroot | |||
2076 | @@ -0,0 +1,23 @@ | |||
2077 | 1 | #!/bin/sh | ||
2078 | 2 | set +x | ||
2079 | 3 | PREREQ="" | ||
2080 | 4 | |||
2081 | 5 | prereqs() | ||
2082 | 6 | { | ||
2083 | 7 | echo "$PREREQ" | ||
2084 | 8 | } | ||
2085 | 9 | |||
2086 | 10 | case $1 in | ||
2087 | 11 | prereqs) | ||
2088 | 12 | prereqs | ||
2089 | 13 | exit 0 | ||
2090 | 14 | ;; | ||
2091 | 15 | esac | ||
2092 | 16 | |||
2093 | 17 | # If we reached this stage, we do have a rootfs mounted | ||
2094 | 18 | # so let's clean-up cryptroot setup mess... | ||
2095 | 19 | [ -f /lib/cryptsetup/functions ] || return 0 | ||
2096 | 20 | . /lib/cryptsetup/functions | ||
2097 | 21 | |||
2098 | 22 | rm -f ${CRYPTR_LOCAL_BLOCK} | ||
2099 | 23 | rm -f ${CRYPTR_CNT_FILE} | ||
2100 | diff --git a/debian/initramfs/scripts/local-top/cryptroot b/debian/initramfs/scripts/local-top/cryptroot | |||
2101 | index 4f36259..5a9ea60 100644 | |||
2102 | --- a/debian/initramfs/scripts/local-top/cryptroot | |||
2103 | +++ b/debian/initramfs/scripts/local-top/cryptroot | |||
2104 | @@ -31,8 +31,8 @@ esac | |||
2105 | 31 | 31 | ||
2106 | 32 | 32 | ||
2107 | 33 | # wait_for_source() | 33 | # wait_for_source() |
2110 | 34 | # Wait for encrypted $CRYPTTAB_SOURCE for up to 180s. Set | 34 | # Wait for encrypted $CRYPTTAB_SOURCE . Set $CRYPTTAB_SOURCE |
2111 | 35 | # $CRYPTTAB_SOURCE to its normalized device name when it shows up; | 35 | # to its normalized device name when it shows up; |
2112 | 36 | # return 1 if timeout. | 36 | # return 1 if timeout. |
2113 | 37 | wait_for_source() { | 37 | wait_for_source() { |
2114 | 38 | wait_for_udev 10 | 38 | wait_for_udev 10 |
2115 | @@ -42,17 +42,27 @@ wait_for_source() { | |||
2116 | 42 | return 0 | 42 | return 0 |
2117 | 43 | fi | 43 | fi |
2118 | 44 | 44 | ||
2119 | 45 | # The lines below has been taken from | ||
2120 | 46 | # /usr/share/initramfs-tools/scripts/local's local_device_setup(), | ||
2121 | 47 | # as suggested per https://launchpad.net/bugs/164044 | ||
2122 | 48 | |||
2123 | 49 | # If the source device hasn't shown up yet, give it a little while | 45 | # If the source device hasn't shown up yet, give it a little while |
2124 | 50 | # to allow for asynchronous device discovery (e.g. USB). | 46 | # to allow for asynchronous device discovery (e.g. USB). |
2125 | 47 | # | ||
2126 | 48 | # We also need to take into account RAID or other devices that may | ||
2127 | 49 | # only be available on local-block stage. So, wait 5 seconds upfront, | ||
2128 | 50 | # in local-top; if that fails, end execution relying on local-block | ||
2129 | 51 | # invocations. Allow $ROOTDELAY/3 invocations with 1s sleep times (with | ||
2130 | 52 | # a minimum of 30 invocations), and if after that we still fail, then it's | ||
2131 | 53 | # really time to give-up. Variable $initrd_cnt tracks the re-invocations. | ||
2132 | 54 | # | ||
2133 | 55 | # Part of the lines below has been taken from initramfs-tools | ||
2134 | 56 | # scripts/local's local_device_setup(), as suggested per | ||
2135 | 57 | # https://launchpad.net/bugs/164044 . | ||
2136 | 58 | |||
2137 | 59 | local slumber=1 | ||
2138 | 60 | if [ ! -f "${CRYPTR_LOCAL_BLOCK}" ]; then # we are running on local-top | ||
2139 | 61 | slumber=5 | ||
2140 | 62 | fi | ||
2141 | 51 | 63 | ||
2142 | 52 | cryptsetup_message "Waiting for encrypted source device $CRYPTTAB_SOURCE..." | 64 | cryptsetup_message "Waiting for encrypted source device $CRYPTTAB_SOURCE..." |
2143 | 53 | 65 | ||
2144 | 54 | # Default delay is 180s, cf. initramfs-tools(8) | ||
2145 | 55 | local slumber="${ROOTDELAY:-180}" | ||
2146 | 56 | while [ $slumber -gt 0 ]; do | 66 | while [ $slumber -gt 0 ]; do |
2147 | 57 | sleep 1 | 67 | sleep 1 |
2148 | 58 | 68 | ||
2149 | @@ -75,7 +85,23 @@ wait_for_source() { | |||
2150 | 75 | # Set up a crypttab(5) mapping defined by $CRYPTTAB_NAME, | 85 | # Set up a crypttab(5) mapping defined by $CRYPTTAB_NAME, |
2151 | 76 | # $CRYPTTAB_SOURCE, $CRYPTTAB_KEY, $CRYPTTAB_OPTIONS. | 86 | # $CRYPTTAB_SOURCE, $CRYPTTAB_KEY, $CRYPTTAB_OPTIONS. |
2152 | 77 | setup_mapping() { | 87 | setup_mapping() { |
2154 | 78 | local dev | 88 | local dev initrd_cnt |
2155 | 89 | |||
2156 | 90 | # We control here the number of re-invocations of this script from | ||
2157 | 91 | # local-block - the heuristic is $ROOTDELAY/3, with a minimum of 30. | ||
2158 | 92 | # This number is somewhat dictated by mdadm, we want to run more times | ||
2159 | 93 | # than that script, to allow decrypting volumes on top of arrays. | ||
2160 | 94 | |||
2161 | 95 | if [ -f "${CRYPTR_CNT_FILE}" ]; then | ||
2162 | 96 | initrd_cnt=$(cat ${CRYPTR_CNT_FILE}) | ||
2163 | 97 | else | ||
2164 | 98 | initrd_cnt=${ROOTDELAY:-90} | ||
2165 | 99 | initrd_cnt=$((initrd_cnt/3)) | ||
2166 | 100 | if [ "${initrd_cnt}" -lt 30 ]; then | ||
2167 | 101 | initrd_cnt=30 | ||
2168 | 102 | fi | ||
2169 | 103 | echo ${initrd_cnt} > "${CRYPTR_CNT_FILE}" | ||
2170 | 104 | fi | ||
2171 | 79 | 105 | ||
2172 | 80 | # The same target can be specified multiple times | 106 | # The same target can be specified multiple times |
2173 | 81 | # e.g. root and resume lvs-on-lvm-on-crypto | 107 | # e.g. root and resume lvs-on-lvm-on-crypto |
2174 | @@ -86,17 +112,23 @@ setup_mapping() { | |||
2175 | 86 | crypttab_parse_options --export --missing-path=fail || return 1 | 112 | crypttab_parse_options --export --missing-path=fail || return 1 |
2176 | 87 | 113 | ||
2177 | 88 | if ! wait_for_source; then | 114 | if ! wait_for_source; then |
2189 | 89 | # we've given up | 115 | if [ ${initrd_cnt} -le 0 ]; then |
2190 | 90 | if [ -n "$panic" ]; then | 116 | # we've given up |
2191 | 91 | panic "ALERT! encrypted source device $CRYPTTAB_SOURCE does not exist, can't unlock $CRYPTTAB_NAME." | 117 | if [ -n "$panic" ]; then |
2192 | 92 | else | 118 | panic "ALERT! encrypted source device $CRYPTTAB_SOURCE does not exist, can't unlock $CRYPTTAB_NAME." |
2193 | 93 | # let the user fix matters if they can | 119 | else |
2194 | 94 | echo " ALERT! encrypted source device $CRYPTTAB_SOURCE does not exist, can't unlock $CRYPTTAB_NAME." | 120 | # let the user fix matters if they can |
2195 | 95 | echo " Check cryptopts=source= bootarg: cat /proc/cmdline" | 121 | echo " ALERT! encrypted source device $CRYPTTAB_SOURCE does not exist, can't unlock $CRYPTTAB_NAME." |
2196 | 96 | echo " or missing modules, devices: cat /proc/modules; ls /dev" | 122 | echo " Check cryptopts=source= bootarg: cat /proc/cmdline" |
2197 | 97 | panic "Dropping to a shell." | 123 | echo " or missing modules, devices: cat /proc/modules; ls /dev" |
2198 | 98 | fi | 124 | panic "Dropping to a shell." |
2199 | 99 | return 1 # can't continue because environment is lost | 125 | fi |
2200 | 126 | return 1 # can't continue because environment is lost | ||
2201 | 127 | else | ||
2202 | 128 | initrd_cnt=$((initrd_cnt - 1)) | ||
2203 | 129 | echo ${initrd_cnt} > "${CRYPTR_CNT_FILE}" | ||
2204 | 130 | return 0 # allow some attempts on local-block stage | ||
2205 | 131 | fi | ||
2206 | 100 | fi | 132 | fi |
2207 | 101 | 133 | ||
2208 | 102 | # our `cryptroot-unlock` script searches for cryptsetup processes | 134 | # our `cryptroot-unlock` script searches for cryptsetup processes |
2209 | @@ -169,6 +201,10 @@ setup_mapping() { | |||
2210 | 169 | done | 201 | done |
2211 | 170 | 202 | ||
2212 | 171 | cryptsetup_message "ERROR: $CRYPTTAB_NAME: maximum number of tries exceeded" | 203 | cryptsetup_message "ERROR: $CRYPTTAB_NAME: maximum number of tries exceeded" |
2213 | 204 | |||
2214 | 205 | if [ -f "${CRYPTR_CNT_FILE}" ]; then | ||
2215 | 206 | echo 0 > "${CRYPTR_CNT_FILE}" | ||
2216 | 207 | fi | ||
2217 | 172 | exit 1 | 208 | exit 1 |
2218 | 173 | } | 209 | } |
2219 | 174 | 210 | ||
2220 | diff --git a/debian/patches/decrease_memlock_ulimit.patch b/debian/patches/decrease_memlock_ulimit.patch | |||
2221 | 175 | new file mode 100644 | 211 | new file mode 100644 |
2222 | index 0000000..be9b6ab | |||
2223 | --- /dev/null | |||
2224 | +++ b/debian/patches/decrease_memlock_ulimit.patch | |||
2225 | @@ -0,0 +1,55 @@ | |||
2226 | 1 | Description: Decrease memlock limit to mimic Xenial builder behavior. | ||
2227 | 2 | This approach prevents cryptsetup to FTBFS, since the PPA builders were | ||
2228 | 3 | upgraded to Bionic, which has a bigger memlock limit (but not enough). | ||
2229 | 4 | With this quirk, cryptsetup won't mlock() its memory allocationss, hence | ||
2230 | 5 | it behaves exactly as the Xenial builders. Meanwhile, we pursue the | ||
2231 | 6 | proper fix (systemd patch to bump memlock to a higher limit on Bionic). | ||
2232 | 7 | Author: Guilherme G. Piccoli <gpiccoli@canonical.com> | ||
2233 | 8 | Bug-Ubuntu: https://bugs.launchpad.net/bugs/1891473 | ||
2234 | 9 | Last-Update: 2020-09-09 | ||
2235 | 10 | |||
2236 | 11 | Index: cryptsetup-2.3.3/tests/compat-test | ||
2237 | 12 | =================================================================== | ||
2238 | 13 | --- cryptsetup-2.3.3.orig/tests/compat-test | ||
2239 | 14 | +++ cryptsetup-2.3.3/tests/compat-test | ||
2240 | 15 | @@ -45,6 +45,10 @@ TEST_UUID="12345678-1234-1234-1234-12345 | ||
2241 | 16 | LOOPDEV=$(losetup -f 2>/dev/null) | ||
2242 | 17 | [ -f /etc/system-fips ] && FIPS_MODE=$(cat /proc/sys/crypto/fips_enabled 2>/dev/null) | ||
2243 | 18 | |||
2244 | 19 | +# Circumvent test failure due to Bionic builder; we need to decrease | ||
2245 | 20 | +# the memlock limit here to mimic Xenial builder (see LP #1891473). | ||
2246 | 21 | +ulimit -l 0 | ||
2247 | 22 | + | ||
2248 | 23 | function remove_mapping() | ||
2249 | 24 | { | ||
2250 | 25 | [ -b /dev/mapper/$DEV_NAME3 ] && dmsetup remove --retry $DEV_NAME3 >/dev/null 2>&1 | ||
2251 | 26 | Index: cryptsetup-2.3.3/tests/luks2-validation-test | ||
2252 | 27 | =================================================================== | ||
2253 | 28 | --- cryptsetup-2.3.3.orig/tests/luks2-validation-test | ||
2254 | 29 | +++ cryptsetup-2.3.3/tests/luks2-validation-test | ||
2255 | 30 | @@ -21,6 +21,10 @@ FAILS=0 | ||
2256 | 31 | |||
2257 | 32 | [ -z "$srcdir" ] && srcdir="." | ||
2258 | 33 | |||
2259 | 34 | +# Circumvent test failure due to Bionic builder; we need to decrease | ||
2260 | 35 | +# the memlock limit here to mimic Xenial builder (see LP #1891473). | ||
2261 | 36 | +ulimit -l 0 | ||
2262 | 37 | + | ||
2263 | 38 | function remove_mapping() | ||
2264 | 39 | { | ||
2265 | 40 | rm -rf $IMG $TST_IMGS >/dev/null 2>&1 | ||
2266 | 41 | Index: cryptsetup-2.3.3/tests/tcrypt-compat-test | ||
2267 | 42 | =================================================================== | ||
2268 | 43 | --- cryptsetup-2.3.3.orig/tests/tcrypt-compat-test | ||
2269 | 44 | +++ cryptsetup-2.3.3/tests/tcrypt-compat-test | ||
2270 | 45 | @@ -13,6 +13,10 @@ PIM=1234 | ||
2271 | 46 | |||
2272 | 47 | [ -z "$srcdir" ] && srcdir="." | ||
2273 | 48 | |||
2274 | 49 | +# Circumvent test failure due to Bionic builder; we need to decrease | ||
2275 | 50 | +# the memlock limit here to mimic Xenial builder (see LP #1891473). | ||
2276 | 51 | +ulimit -l 0 | ||
2277 | 52 | + | ||
2278 | 53 | function remove_mapping() | ||
2279 | 54 | { | ||
2280 | 55 | [ -b /dev/mapper/$MAP ] && dmsetup remove --retry $MAP | ||
2281 | diff --git a/debian/patches/series b/debian/patches/series | |||
2282 | 0 | new file mode 100644 | 56 | new file mode 100644 |
2283 | index 0000000..270d874 | |||
2284 | --- /dev/null | |||
2285 | +++ b/debian/patches/series | |||
2286 | @@ -0,0 +1 @@ | |||
2287 | 1 | decrease_memlock_ulimit.patch |
diff of debian dir against current ubuntu is https:/ /paste. ubuntu. com/p/QXFm3Q8SB t/