On Sat, Oct 20, 2007 at 05:20:23PM +0200, Clemens Fruhwirth wrote:
Hello Jonas,
First of all thanks for maintaining the list of patches! Please make
liberal use of your commit privileges to the SVN repo. These are all
reasonable and small fixes, just Cc me and commit if you feel like.
Done, comments below
Desc: Improve the upstream manpage
Should be merged.
Done
Desc: detect read-only devices automatically
In SVN.
It is? I couldn't find it...
Desc: stop cryptsetup from segfaulting with invalid device
In SVN.
Yes
Desc: check for UID == 0 before actually doing anything
As others pointed out, I'm not sure if that's really neccessary.
I don't agree. The warning that is printed right now:
$ cryptsetup luksOpen /dev/sdd2 fff
mlockall failed: Cannot allocate memory
WARNING!!! Possibly insecure memory. Are you root?
Command failed: Can't get device information.
Is just a side effect of mlockall failing. However, mlockall does not
fail for a non-root user who has the CAP_IPC_LOCK capability or if the
RLIMIT_MEMLOCK resource limit is set high enough.
I still think something like:
if (geteuid() != 0)
fprintf(stderr, _("NOTE: You do not seem to be root, cryptsetup might fail!\n");
would be helpful.
Desc: rename luksInit to luksFormat in libcrytsetup.h
In SVN.
No it wasn't...but it is now :)
Desc: run udevsettle after dm device creation
Should be merged.
Done...still needs fixes in libdevmapper though (after which this can be
removed again).
Desc: fix some gcc warnings about unused or unitialized variables
Should be merged.
Done
Desc: fix implicit function declarations
Should be merged.
Done
Desc: fix segfault when trying to open a non existing device
I think that's fixed in SVN. Have to check.
It was fixed in SVN
Desc: use set_error instead of printf in library to report errors
Should be merged.
Done...with a lot of fuzzing and manual changes though. Not sure I
caught everything.
The cryptsetup SVN changes slightly refactoring a bit of stuff. If
some patch fails to apply or something else seems wrong, feel free to ask.
Feel free to take a closer look at the round of patches I applied.
Hopefully Jonas can push a new cryptsetup version based on the SVN
version to Debian Unstable soon so that the changes can have some wider
testing.
Thanks to all contributors.
Agreed :)
--
David Härdeman
---------------------------------------------------------------------
dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
