Created by James Westby on 2009-10-30 and last modified on 2010-03-29
Get this branch:
bzr branch lp:ubuntu/lucid/cryptsetup
Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

77. By Colin Watson on 2010-03-29

debian/initramfs/cryptroot-script: Don't leak /conf/conf.d/cryptroot
file descriptor to subprocesses.

76. By Steve Langasek on 2010-02-18

* debian/initramfs/cryptroot-hook: Properly anchor our regexps when
  grepping /etc/crypttab so that we don't incorrectly match device names
  that are substrings of one another.
* debian/cryptdisks-{enable,udev}.conf, debian/control: drop
  'console output' and add a hard dependency on plymouth instead of
  watershed, to avoid spitting extra messages to the console.

75. By Steve Langasek on 2010-01-25

* Set FRAMEBUFFER=y in the file that we actually ship.
* debian/cryptsetup.postrm: call update-initramfs on package removal.
  LP: #468228.

74. By Steve Langasek on 2010-01-21

* cryptdisks.functions: replace 'echo -e' bashism with 'printf'.
* cryptdisks.functions: when called by cryptdisks-enable, check that we
  don't already have a corresponding cryptdisks-udev job running (probably
  waiting for a passphrase); if there is, wait until it's finished before

73. By Steve Langasek on 2010-01-16

* Set FRAMEBUFFER=y in the hook config as well, to pull plymouth into the
* cryptdisks.functions, debian/initramfs/cryptroot-script: fix the
  invocation of plymouth, so that we actually get proper passphrase prompts
  (once bug #496765 is fixed).

72. By Steve Langasek on 2009-12-22

cryptdisks.functions: do_tmp should mount under /var/run/cryptsetup for
changing the permissions of the filesystem root, not directly on /tmp,
since mounting on /tmp a) is racy, b) confuses mountall something fierce.
LP: #475936.

71. By Steve Langasek on 2009-12-22

Depend on watershed.

70. By Martin Pitt on 2009-12-18

[ Steve Langasek ]
* Fix the LSB header in the init scripts, now that we don't install to

[ Martin Pitt ]
* debian/initramfs/cryptroot-script: Fix this to work with current
  - Source /scripts/functions after checking for prerequisites.
  - prereqs(): Do not assume we are running within initramfs, and calculate
    relative path correctly.

69. By Steve Langasek on 2009-12-16

Rename the upstart job introduced in the previous upload to
cryptdisks-udev and restore the previous version of the job as
cryptdisks-enable, to run at the end of udev coldplugging as before;
this isn't entirely race-free, but should nevertheless give us the
two passes needed to cover devices that are decrypted using keys stored
on other encrypted disks. LP: #443980.

68. By Steve Langasek on 2009-12-15

[ Steve Langasek ]
* debian/initramfs/cryptroot-script: if plymouth is present in the
  initramfs, use this directly, bypassing the cryptsetup askpass script;
  but keep support for these other frontends around on a transitional
* debian/cryptdisks.functions:
  - change interaction to use plymouth directly if present, and if not, to
    fall back to /lib/cryptsetup/askpass as before
  - wrap the call to /lib/cryptsetup/askpass with watershed, to make sure
    we only ever have one of these running at a time; otherwise multiple
    invocations could steal each other's input and/or write over each
    other's output
  - new function, crypttab_start_one_disk, to look for the named source
    device in /etc/crypttab (by device name, UUID, or label) and start it
    if configured to do so
* debian/cryptdisks-enable.upstart: run the upstart job once for each block
  device, using the new crypttab_start_one_disk function, triggered by udev;
  this doesn't eliminate the possibility of a race with gdm when the
  decrypted volume isn't a 'bootwait' mount point (since gdm kills
  plymouth), but it does eliminate the race between udev and cryptsetup.
  LP: #454898.
* debian/cryptdisks-enable.upstart: check that the package is installed
  and exit gracefully if it's not. LP: #435814
* debian/cryptdisk.functions: initially create the device under a temporary
  name and rename it only at the end using 'dmsetup rename', to ensure that
  upstart/mountall doesn't see our device before it's ready to go.
  LP: #475936.

[ Colin Watson ]
* Add ext4 support to passdev.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.