Update: I've been experimenting with losetup and cryptsetup luks... commands interactively (not scripted) and they all seem to work or else fail in an understandable way. So I must have left out something essential in my original posting (quoted below). I'm sorry about that. I'll post again when I can pin down what sequence of commands leads to the confusing state. I did again see the state where "luksClose secret" says "Device secret is not active" but "losetup -d /dev/loop0" says the device is busy. Unfortunately on that occasion I couldn't trace back to the commands that had preceded it. Also, at that time I didn't think to do "luksDump /dev/loop0". Probably more later. On Fri, Jul 2, 2010 at 11:25 AM, Robert Lummis <robert.lummis@xxxxxxxxx> wrote: > I'm writing some python and bash scripts that do cryptsetup luksOpen > and luksClose on a /dev/loop-mounted file. The user enters the > passphrase at the keyboard and the script passes it to cryptsetup. > > When the user enters the wrong passphrase the file gets into a state > that I can't get out of except by rebooting. losetup thinks the device > is attached (losetup -f returns /dev/loop1) but I can't detach it > (losetup -d /dev/loop1 says 'the device is busy' or something like > that). /dev/mapper contains no names and "cryptsetup luksClose <name>" > says 'no such name' or something like that (<name> is the name on the > failed luksOpen). > > Question 1) What is going on here and how can I avoid it or get out of > it? Rebooting is not a good answer. When the user gives the correct > passphrase everything works as expected. > > Question 2) A related question: is there a way to verify the > passphrase without actually opening (or failing to open) the > partition? I would like to collect the passphrase from the user at the > beginning of the script but not use it until later, and be sure it > will work at that time. > > Question 3) Are the exit codes from cryptsetup documented somewhere? > I've seen 0 and 255. Are there others? > > I am currently using ubuntu 10.04 with the pre-installed cryptsetup > and losetup. cryptsetup is 1.1.0-rc2. losetup doesn't give it's > version number. > > -- > Robert Lummis > -- Robert Lummis _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
