Michael Böhm wrote: > merkur:~# ls -l /dev/tty > crw-rw-rw- 1 root tty 5, 0 2004-11-23 23:57 /dev/tty Michael, you didn't do anything wrong. It was *me* who goofed. I found the cause of this problem. Util-linux patches in loop-AES-v2.2c and loop-AES-v2.2d have a bug. Earlier loop-AES versions are not affected. Problem is that when gpg home directory is on read-only mounted file system and gpg is unable to create lock files for keyring files there, gpg considers that an error severe enough to return nonzero exit status. Mount and losetup programs from loop-AES-v2.2c and loop-AES-v2.2d include gpg exit status check and that of course fails. The fix is to remove that check and ignore gpg exit value. Below is a patch for loop-AES-v2.2d util-linux patch. Same patch is also available from http://loop-aes.sourceforge.net/updates/ So why didn't I catch this bug? Because my encrypted root test setup used losetup binary that was compled in February 2004, and as such it lacked this gpg exit value test bug. My fault, sorry. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD --- ../loop-AES-v2.2d/util-linux-2.12h.diff Tue Oct 26 17:54:47 2004 +++ util-linux-2.12h.diff Thu Nov 25 21:25:45 2004 @@ -1034,7 +1034,7 @@ + close(pfdo[0]); + waitpid(gpid, &x, 0); + if(!multiKeyPass[0]) goto nomem1; -+ if(!WIFEXITED(x) || (WEXITSTATUS(x) != 0)) multiKeyPass[0] = ""; ++// if(!WIFEXITED(x) || (WEXITSTATUS(x) != 0)) multiKeyPass[0] = ""; + return multiKeyPass[0]; } - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
