On 15/10/2007 Giulio Genovese wrote:
> I would like to suggest an improvement for cryptsetup that would have saved
> me a lot of time (and so would probably save a lot of time to other
> people). It happened to me that I tried to use cryptsetup without root
> privileges. What happens in that case is that the command says:
> Command failed: Incompatible libdevmapper 1.02.08 (2006-07-17)(compat) and
> kernel driver
> I lost a lot of time before realizing that the real mistake was that I
> wasn't using the superuser. What the program says is completely unhelpful
> and made me not think about what the real problem is. It would be really
> nice if cryptsetup checked for what kind of privileges it has before trying
> to operate, outputting something like
> cryptsetup: only root can ... bla bla bla
> I hope this suggestion can help other people.
Hey Giulio,
At debian we already apply a simple patch which does exactly what you
suggested. It checks whether you are root, and exists with an error
otherwise:
$ /sbin/cryptsetup
You have to be root to use cryptsetup!
The attached patch should apply against cryptsetup 1.0.5.
...
jonas
--- cryptsetup-1.0.5/src/cryptsetup.c
+++ cryptsetup-1.0.5/src/cryptsetup.c
@@ -5,6 +5,8 @@
#include <inttypes.h>
#include <errno.h>
#include <assert.h>
+#include <unistd.h>
+#include <sys/types.h>
#include <libcryptsetup.h>
#include <popt.h>
@@ -365,6 +367,10 @@
int main(int argc, char **argv)
{
+ if (geteuid() != 0) {
+ fprintf(stderr, _("You have to be root to use cryptsetup!\n"));
+ return EXIT_FAILURE;
+ }
static char *popt_tmp;
static struct poptOption popt_help_options[] = {
{ NULL, '\0', POPT_ARG_CALLBACK, help, 0, NULL, NULL },
---------------------------------------------------------------------
dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
