[Bug 1840752] [NEW] cryptroot-unlock fails to find the askpass process

Paride Legovini paride.legovini at canonical.com
Tue Aug 20 09:01:16 UTC 2019 

Public bug reported:

This bug deserves some attention because it's caused by an Ubuntu
specific patch not being in sync with upstream.

The debian/initramfs/cryptroot-unlock script can be used with dropbear-
initramfs to remotely unlock an encrypted root partition via SSH. This
functionality has been broken since version 2:2.0.4-2ubuntu1. The reason
is that upstream (Debian) in version 2:2.0.3-7 started normalizing
paths to allow the script to work on UsrMerged installs:

https://salsa.debian.org/cryptsetup-
team/cryptsetup/commit/f1c56c19fea6dc988c1f29fb

however the Ubuntu patch introduced to fix LP: 1651818 was brought on to
newer versions without introducing the required normalization. The fix
is adding a "readlink" where required (patch attached).

** Affects: cryptsetup (Ubuntu)
     Importance: Undecided
         Status: New

** Patch added: "cryptroot-unlock-path-normalization.patch"
   https://bugs.launchpad.net/bugs/1840752/+attachment/5283423/+files/cryptroot-unlock-path-normalization.patch

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1840752

Title:
  cryptroot-unlock fails to find the askpass process

Status in cryptsetup package in Ubuntu:
  New

Bug description:
  This bug deserves some attention because it's caused by an Ubuntu
  specific patch not being in sync with upstream.

  The debian/initramfs/cryptroot-unlock script can be used with
  dropbear-initramfs to remotely unlock an encrypted root partition via
  SSH. This functionality has been broken since version
  2:2.0.4-2ubuntu1. The reason is that upstream (Debian) in version
  2:2.0.3-7 started normalizing  paths to allow the script to work on
  UsrMerged installs:

  https://salsa.debian.org/cryptsetup-
  team/cryptsetup/commit/f1c56c19fea6dc988c1f29fb

  however the Ubuntu patch introduced to fix LP: 1651818 was brought on
  to newer versions without introducing the required normalization. The
  fix is adding a "readlink" where required (patch attached).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1840752/+subscriptions

More information about the foundations-bugs mailing list