-
cryptsetup (2:1.0.6+20090405.svn49-1ubuntu7.3) karmic-proposed; urgency=medium
* /lib/cryptsetup/checks/{un_,}vol_id should fail if vol_id from udev
is not available. LP: #474327.
-- Rafal Maj <email address hidden> Thu, 04 Feb 2010 14:31:15 +0100
-
cryptsetup (2:1.0.6+20090405.svn49-1ubuntu7.2) karmic-proposed; urgency=low
* Depend on watershed.
* cryptdisks.functions: do_tmp should mount under /var/run/cryptsetup for
changing the permissions of the filesystem root, not directly on /tmp,
since mounting on /tmp a) is racy, b) confuses mountall something fierce.
LP: #475936.
cryptsetup (2:1.0.6+20090405.svn49-1ubuntu7.1) karmic-proposed; urgency=low
* debian/cryptdisks.functions:
- wrap the call to /lib/cryptsetup/askpass with watershed, to make sure
we only ever have one of these running at a time; otherwise multiple
invocations could steal each other's input and/or write over each
other's output
- new function, crypttab_start_one_disk, to look for the named source
device in /etc/crypttab (by device name, UUID, or label) and start it
if configured to do so
* debian/cryptdisks-udev.upstart: new, additional upstart job run once for
each block device, using the new crypttab_start_one_disk function,
triggered by udev; this doesn't eliminate the possibility of a race with
gdm when the decrypted volume isn't a 'bootwait' mount point (since gdm
kills usplash), but it does eliminate the race between udev and
cryptsetup. LP: #454898.
The other cryptdisks-enable job is still needed as well, to give us the
second pass needed to cover devices that are decrypted using keys stored
on other encrypted disks. LP: #443980.
* debian/cryptdisk.functions: initially create the device under a temporary
name and rename it only at the end using 'dmsetup rename', to ensure that
upstart/mountall doesn't see our device before it's ready to go.
LP: #475936.
* Make the 'start' action of the init script a no-op, this should be
handled entirely by the upstart job now; ad remove any symlinks from
/etc/rcS.d on upgrade. LP: #473615.
-- Steve Langasek <email address hidden> Tue, 22 Dec 2009 23:29:32 +0000
-
cryptsetup (2:1.0.6+20090405.svn49-1ubuntu7.1) karmic-proposed; urgency=low
* debian/cryptdisks.functions:
- wrap the call to /lib/cryptsetup/askpass with watershed, to make sure
we only ever have one of these running at a time; otherwise multiple
invocations could steal each other's input and/or write over each
other's output
- new function, crypttab_start_one_disk, to look for the named source
device in /etc/crypttab (by device name, UUID, or label) and start it
if configured to do so
* debian/cryptdisks-udev.upstart: new, additional upstart job run once for
each block device, using the new crypttab_start_one_disk function,
triggered by udev; this doesn't eliminate the possibility of a race with
gdm when the decrypted volume isn't a 'bootwait' mount point (since gdm
kills usplash), but it does eliminate the race between udev and
cryptsetup. LP: #454898.
The other cryptdisks-enable job is still needed as well, to give us the
second pass needed to cover devices that are decrypted using keys stored
on other encrypted disks. LP: #443980.
* debian/cryptdisk.functions: initially create the device under a temporary
name and rename it only at the end using 'dmsetup rename', to ensure that
upstart/mountall doesn't see our device before it's ready to go.
LP: #475936.
* Make the 'start' action of the init script a no-op, this should be
handled entirely by the upstart job now; ad remove any symlinks from
/etc/rcS.d on upgrade. LP: #473615.
-- Steve Langasek <email address hidden> Wed, 04 Nov 2009 02:51:37 -0800
-
cryptsetup (2:1.0.6+20090405.svn49-1ubuntu7) karmic; urgency=low
* Reupload previous version, siretart had left changes in bzr which
weren't documented in the changelog and caused FTBFS.
-- Scott James Remnant <email address hidden> Wed, 14 Oct 2009 13:57:59 +0100
-
cryptsetup (2:1.0.6+20090405.svn49-1ubuntu6) karmic; urgency=low
[ Steve Langasek ]
* Move the Debian Vcs- fields aside.
[ Scott James Remnant ]
* debian/cryptdisks-enable.upstart: Don't overcompensate for my idiocy,
cryptsetup should not need a controlling terminal, just a terminal
is fine. May fix LP: #439138.
-- Scott James Remnant <email address hidden> Wed, 14 Oct 2009 04:52:16 +0100
-
cryptsetup (2:1.0.6+20090405.svn49-1ubuntu4) karmic; urgency=low
* debian/cryptdisks-enable.upstart: Things that often help include
not setting stdin/out to /dev/null, so you can actually type the
passphrase. I am an idiot. LP: #430496.
-- Scott James Remnant <email address hidden> Thu, 17 Sep 2009 17:58:01 +0100
-
cryptsetup (2:1.0.6+20090405.svn49-1ubuntu3) karmic; urgency=low
* debian/cryptdisks-enable.upstart: add upstart job to enable encrypted
disks once we've finished probing for udev devices, so that mountall
can use them. LP: #430496.
-- Scott James Remnant <email address hidden> Thu, 17 Sep 2009 00:04:00 +0100
-
cryptsetup (2:1.0.6+20090405.svn49-1ubuntu2) karmic; urgency=low
* debian/initramfs/cryptroot-conf: declare that we want usplash included
in the initramfs whenever this package is installed. LP: #427356.
-- Steve Langasek <email address hidden> Tue, 15 Sep 2009 08:43:15 -0700
-
cryptsetup (2:1.0.6+20090405.svn49-1ubuntu1) karmic; urgency=low
* Merge from debian unstable, remaining changes:
- Ubuntu specific:
+ debian/rules: link dynamically for better security supportability and
smaller packages.
+ debian/control: Depend on initramfs-tools so system is not potentially
rendered unbootable.
- debian/initramfs/cryptroot-script wait for encrypted device to appear,
report with log_*_msg (debian bug 488271).
- debian/initramfs/cryptroot-hook: fix support for UUID and LABEL
correlation between fstab and crypttab (debian bug 522041).
- debian/askpass.c, debian/initramfs/cryptroot-script: using newline
escape in passphrase prompt to avoid line-wrapping (debian bug 528133).
* Drop 04_fix_udevsettle_call.patch: fixed upstream differently.
cryptsetup (2:1.0.6+20090405.svn49-1) unstable; urgency=low
* New upstream svn snapshot. Highlights include:
- Uses remapping to error target instead of calling udevsettle for
temporary crypt device. (closes: #514729, #498964, #521547)
- Removes lots of autoconf stuff as it's generated by autogen.sh anyway.
- Uses autopoint in build process, thus needs to Build-Depend on cvs.
- Fixes signal handler to proper close device.
- Wipes start of device before LUKS-formatting.
- Allows deletion of key slot with it's own key. (closes: #513596)
- Checks device mapper communication and gives proper error message in
case the communication fails. (closes: #507727)
* Update debian patches accordingly:
- Remove obsolete patches 01_gettext_package and 03_check_for_root
- Update patch 02_manpage
* Add missing newlines to some error messages in passdev.c. Thanks to
Christoph Anton Mitterer for bugreport and patch. (closes: #509067)
* Move keyscripts in initramfs from /keyscripts to /lib/cryptsetup/scripts
for the sake of consistency between initramfs and normal system. Document
this change in NEWS.Debian. (closes: #509066)
* Fix $LOUD in cryptdisks.init and cryptdisks.functions to take effect. Add
LOUD="yes" to cryptdisks_start. (closes: #513149)
* cryptdisks_{start,stop}: print error message if no entry is found in
crypttab for the given name.
* Actually fix watchfile to work with code.google.com.
* Update Homepage field to code.google.com URL. (closes: #516236)
* Fix location of ltmain.sh, build-depend on versioned libtool.
(closes: #521673, #522338)
* Some minor changes to make lintian happy:
- use set -e instead of /bin/sh -e in preinst.
- link to GPL v2 in debian/copyright
* Bump standards-version to 3.8.1, no changes needed.
* Fix a typo in NEWS.Debian. (closes: #522387)
* Taken from ubuntu:
- debian/checks/un_vol_id: dynamically build the "unknown volume type"
string, to allow for encrypted swap, (closes: #521789, #521469). Fix
sed to replace '/' with '\/' instead of '\\/' in device names.
- disable error message 'failed to setup lvm device' (LP 151532).
-- Kees Cook <email address hidden> Sun, 10 May 2009 17:29:32 -0700
-
cryptsetup (2:1.0.6-7ubuntu7) jaunty; urgency=low
* debian/control: Depend on initramfs-tools so system is not potentially
rendered unbootable (LP: #358654).
-- Kees Cook <email address hidden> Thu, 09 Apr 2009 12:29:31 -0700