This is considerably more serious for me than just encrypted swap/tmpfs. It seriously compromises the security of my pam-mounted, luks-encrypted, lvm home partitions.
When a user logs in, everything mounts correctly. The encrypted volume is decrypted in /dev/mapper, and is also symlinked to, e.g., /dev/dm-7. /dev/dm-7 mounts as, e.g., /home/chris. At logout, pam_mount calls umount.crypt to unmount the home partition and close the encrypted luks volume. The home partition umounts successfully, but umount.crypt fails to close the luks volume with the error: Command failed: dm_task_set_name: Device /dev/dm-7 not found Yet /dev/dm-7 certainly exists. My data is left unencrypted in /dev/mapper/_dev_mapper_chris symlinked to /dev/dm-7. This is obviously bad from a security standpoint if multiple users share a machine. Furthermore, if I log out, and then attempt to log in again, pam_mount is unable to initialize the luks volume, because it was never closed during the log out. So I have go back to a console, log in as another user, and manually close the luks volume from the previous session before I can log in again. Argh! Colin, can you explain your workaround a little more thoroughly? How do you turn the symlinks off in the libdevmapper udeb? That sounds a bit, uh, complicated. Any other workarounds, or ETA for a fix in the gutsy repos? -- /dev/mapper/* -> /dev/dm-* symlink scheme breaks partman-crypto https://bugs.launchpad.net/bugs/126379 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
