[Bug 1968636] Re: cryptroot-unlock doesn't work at all when terminal width is below 51

Adam Vodopjan 1968636 at bugs.launchpad.net
Sun May 19 15:17:18 UTC 2024 

Commenting on #2:

When building busybox, there is a number of config switches. For your binary to support "ps -w" you need this in the config:
- CONFIG_DESKTOP is not set
- CONFIG_FEATURE_PS_WIDE=y

On my 22.04 systems I've got 2 busybox binaries: /usr/bin/busybox (2.1M)
from busybox-static package and /usr/lib/initramfs-tools/bin/busybox
(311K) from busybox-initramfs package. The former was built using
debian/config/pkg/static from the source package (CONFIG_DESKTOP=y), it
does not support "ps -w". The latter was built with
debian/config/pkg/initramfs from the source package (no CONFIG_DESKTOP,
CONFIG_FEATURE_PS_WIDE=y), it supports "ps -w" and, evidently, it is the
one that gets packaged into initramfs.

If your non-desktop busybox was built without CONFIG_FEATURE_PS_WIDE=y,
there should be no problem described in this bug report. In the case,
terminal width would be assumed 79 [1]

To make it work no matter if "ps -w" is supported or not, there are two
options, both based on [2]

1. "ps </dev/null". In this case, ioctl TIOCGWINSZ would be fruitless and the hardcoded "80" value will be used.
2. "COLUMNS=80 ps". wh_helper() [3] looks into env vars first.

The former is more like a dirty trick. The latter should be preferred.
In both cases, 80 gets decremented to 79, the hardcoded value when "ps
-w" is not supported.

So, with "COLUMNS=80 ps":
- if "ps -w" is not supported, the hardcoded terminal width 79 is used
- otherwise, the width gets set to getenv("COLUMNS")-1, which is 79 as well

[1] https://git.launchpad.net/ubuntu/+source/busybox/tree/procps/ps.c?h=applied/ubuntu/jammy#n650
[2] https://git.launchpad.net/ubuntu/+source/busybox/tree/libbb/xfuncs.c?h=applied/ubuntu/jammy#n292
[3] https://git.launchpad.net/ubuntu/+source/busybox/tree/libbb/xfuncs.c?h=applied/ubuntu/jammy#n235

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1968636

Title:
  cryptroot-unlock doesn't work at all when terminal width is below 51

Status in cryptsetup package in Ubuntu:
  Confirmed

Bug description:
  I'm speaking about ubuntu 20.04.4 with cryptsetup 2:2.2.2-3ubuntu2.4.
  The behaviour is the same in ubuntu 22.04. I havent tried 18.04 and
  older LTS, probably the same problem there as well.

  So I have your usual setup with luks encrypted root. I've installed
  dropbear-initramfs to make it remotely unlockable, set everything up
  and tried to unlock it connecting from termux with my phone. When I
  ran cryptroot-unlock it kept silent (not even the prompt) for some
  secs and quit with such error:

      Error: Timeout reached while waiting for askpass.

  Long story short: if I rotated the phone everything worked as
  supposed.

  I tracked it down to this piece in cryptroot-unlock:

      # Print the list of PIDs the executed command of which is $exe.
      pgrep_exe() {
          local exe pid
          exe="$(readlink -f -- "$1" 2>/dev/null)" && [ -f "$exe" ] || return 0
          ps | awk '{print $1, $5}' | while read LINE; do
              set $LINE
              local pid=$1
              local cmd=$(readlink -f -- "$2")
              if [ "$cmd" == "$exe" ]; then
                  echo $pid
                  break
              fi
          done
      }

  Notice it walks through "ps" (busybox one) lines which adapts its
  output to the terminal width. Check out this shell session:

      > stty size
      40 115
      > /usr/lib/initramfs-tools/bin/busybox ps | grep '[b]usybox'
      18944 account   2804 R    /usr/lib/initramfs-tools/bin/busybox ps
      ## resize the terminal width to 50
      > stty size
      40 50
      > /usr/lib/initramfs-tools/bin/busybox ps | grep '[b]usybox'
      18947 account   2804 R    {busybox} /usr/lib/ini

  Look at the last line above. "ps" ensures one terminal line per
  process, no wrapping. If a line is too long, cut it. If the full
  binary path is to be cut, prepend the binary basename in curly braces.

  Here is a shell session over dropbear connection:

      > stty size
      40 115
      > ps | grep '[a]skpass'
        285 root      2364 S    /lib/cryptsetup/askpass Please unlock disk dm_crypt-0:
      ## resize the terminal width to 50
      > stty size
      40 50
      > ps | grep '[a]skpass'
        285 root      2364 S    {askpass} /lib/cryptse

  As you can see askpass cmdline is a total mess now and because of that
  pgrep_exe cant find askpass PID.

  
  A quick fix could be "ps -w" instead of just "ps" in pgrep_exe. It would make ps assume the terminal width 132 which is enough for askpass line to be printed pristine.

  
  Currently one cant unlock encrypted root with terminal width up to and including 50.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1968636/+subscriptions

More information about the foundations-bugs mailing list