Bug#516003: segfault caused by umount.crypt after libpam-mount update

Fri, 20 Feb 2009 09:55:57 -0800

I think i have identified the cause of my unmount problem. The mount option keybits implies the loop option. This causes the LUKS partition again to be mounted as a loop device. At the moment mount.crypt only filters the loop option but not the keybits option.
Usualy this is no problem because the regular mount command writes the newly created loop device (the second one) to /etc/mtab (e.g. loop=/dev/loop1) and /proc/mounts. With the help of the -d option of umount the loop device is properly detached. 


But at the moment mount.crypt (up from version 1.16) does not use 
/etc/mtab and /proc/mounts or at least is not able to detach the loop 
device. A simple insertion of umount_args[argk++] = "-d"; to the 
function mtcr_umount(...) in mtcrypt.c is not enough. The result of this 
shortcoming is that the LUKS partition is successfully unmounted but 
cannot be closed because there is still a open loop device left 
(/dev/loop1).



Because of that i can think of two solutions. The first one is to ignore 
the keybits option as we do with the loop option. The following patch 
for version 1.18 does this:


--- src/mtcrypt.c.old   2009-02-07 12:42:49.000000000 +0100
+++ src/mtcrypt.c       2009-02-20 18:28:23.000000000 +0100
@@ -158,6 +158,8 @@
                       l0g("keysize mount option ignored\n");
               else if (strcmp(key, "fsck") == 0)
                       mo->fsck = true;
+               else if (strcmp(key, "keybits") == 0)
+                       l0g("keybits mount option ignored\n");
               else if (strcmp(key, "loop") == 0)
                       /* automatically detected anyway */
                       l0g("loop mount option ignored\n");


The second way is to save any mount option to /etc/cmtab (in particular 
the loop=/dev/loop1 option) and then to properly detach the second loop 
device before luksClosing the LUKS partition. But this requires a little 
bit more work and should be done by someone with more linux and c 
development experience.



Of course the easiest solution would be not to use the keybits option at 
all. But nowhere is any hint that the user may not select this option, 
so nobody knows. Besides that i informed the developer of pam-mount 
(jengelh) about this bug report.


It would be very nice if someone could give me some feedback on this.

Best regards,
WANA



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org























					Reply via email to