Debian Bug report logs - #648868
cryptsetup: Please add support for allow-discards option in crypttab

version graph

Package: cryptsetup; Maintainer for cryptsetup is Debian Cryptsetup Team <pkg-cryptsetup-devel@lists.alioth.debian.org>; Source for cryptsetup is src:cryptsetup.

Reported by: intrigeri@debian.org

Date: Tue, 15 Nov 2011 18:48:01 UTC

Severity: wishlist

Tags: patch

Fixed in version cryptsetup/2:1.4.1-1

Done: Jonas Meurer <mejo@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Cryptsetup Team <pkg-cryptsetup-devel@lists.alioth.debian.org>:
Bug#648868; Package cryptsetup. (Tue, 15 Nov 2011 18:48:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to intrigeri+debian@boum.org:
New Bug report received and forwarded. Copy sent to Debian Cryptsetup Team <pkg-cryptsetup-devel@lists.alioth.debian.org>. (Tue, 15 Nov 2011 18:48:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: intrigeri+debian@boum.org
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: cryptsetup: Please add support for allow-discards option in crypttab
Date: Tue, 15 Nov 2011 19:45:09 +0100
[Message part 1 (text/plain, inline)]
Package: cryptsetup
Severity: wishlist
Tags: patch

Hi,

cryptsetup 1.4.0 brings support for --allow-discards, which is useful
on SSD storage devices, although it comes with security risks that
must be assessed.

The attached patch, prepared and tested against the current packaging
SVN repo (rev. 897), adds support for an allow-discards option in
crypttab, that translates into passing --allow-discards to cryptsetup.
This patch also updates the documentation accordingly. Please review.

(I'll mark this bug as blocked by #647851 as soon as I get its number.)

Regards,
--
  intrigeri <intrigeri@boum.org>
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
  | Did you exchange a walk on part in the war
  | for a lead role in the cage?

[support_allow-discards_in_crypttab.diff (text/x-diff, attachment)]

Added blocking bug(s) of 648868: 647851 Request was from intrigeri <intrigeri+debian@boum.org> to control@bugs.debian.org. (Tue, 15 Nov 2011 18:54:06 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Cryptsetup Team <pkg-cryptsetup-devel@lists.alioth.debian.org>:
Bug#648868; Package cryptsetup. (Sun, 18 Dec 2011 23:57:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Peter Colberg <peter@colberg.org>:
Extra info received and forwarded to list. Copy sent to Debian Cryptsetup Team <pkg-cryptsetup-devel@lists.alioth.debian.org>. (Sun, 18 Dec 2011 23:57:06 GMT) Full text and rfc822 format available.

Message #12 received at 648868@bugs.debian.org (full text, mbox):

From: Peter Colberg <peter@colberg.org>
To: 648868@bugs.debian.org
Subject: Re: cryptsetup: Please add support for allow-discards option in crypttab
Date: Mon, 19 Dec 2011 00:55:09 +0100
[Message part 1 (text/plain, inline)]
Dear Maintainer,

I extended the patch for TRIM support in crypttab to include the
cryptroot initramfs script. Further the option “allow-discards” is
renamed to “discard”, which avoids a hyphen in the parameter name:

PARAM=allow-discards
VALUE=yes
eval export CRYPTTAB_OPTION_$PARAM="\"$VALUE\""
/bin/dash: 1: export: CRYPTTAB_OPTION_allow-discards: bad variable name

Besides avoiding a hyphen, this follows the style of crypttab options,
e.g. --key-size → size. e2fsprogs names the option “discard” as well.

Regards,
Peter
[crypttab_discard_option.patch (text/x-diff, attachment)]

Changed Bug submitter to 'intrigeri@debian.org' from 'intrigeri+debian@boum.org' Request was from intrigeri@debian.org to control@bugs.debian.org. (Sat, 07 Jan 2012 12:13:35 GMT) Full text and rfc822 format available.

Added tag(s) pending. Request was from Jonas Meurer <mejo@debian.org> to control@bugs.debian.org. (Sat, 04 Feb 2012 03:21:03 GMT) Full text and rfc822 format available.

Reply sent to Jonas Meurer <mejo@debian.org>:
You have taken responsibility. (Tue, 07 Feb 2012 21:37:30 GMT) Full text and rfc822 format available.

Notification sent to intrigeri@debian.org:
Bug acknowledged by developer. (Tue, 07 Feb 2012 21:37:31 GMT) Full text and rfc822 format available.

Message #21 received at 648868-close@bugs.debian.org (full text, mbox):

From: Jonas Meurer <mejo@debian.org>
To: 648868-close@bugs.debian.org
Subject: Bug#648868: fixed in cryptsetup 2:1.4.1-1
Date: Tue, 07 Feb 2012 21:32:18 +0000
Source: cryptsetup
Source-Version: 2:1.4.1-1

We believe that the bug you reported is fixed in the latest version of
cryptsetup, which is due to be installed in the Debian FTP archive:

cryptsetup-udeb_1.4.1-1_amd64.udeb
  to main/c/cryptsetup/cryptsetup-udeb_1.4.1-1_amd64.udeb
cryptsetup_1.4.1-1.debian.tar.gz
  to main/c/cryptsetup/cryptsetup_1.4.1-1.debian.tar.gz
cryptsetup_1.4.1-1.dsc
  to main/c/cryptsetup/cryptsetup_1.4.1-1.dsc
cryptsetup_1.4.1-1_amd64.deb
  to main/c/cryptsetup/cryptsetup_1.4.1-1_amd64.deb
cryptsetup_1.4.1.orig.tar.bz2
  to main/c/cryptsetup/cryptsetup_1.4.1.orig.tar.bz2
libcryptsetup-dev_1.4.1-1_amd64.deb
  to main/c/cryptsetup/libcryptsetup-dev_1.4.1-1_amd64.deb
libcryptsetup4-udeb_1.4.1-1_amd64.udeb
  to main/c/cryptsetup/libcryptsetup4-udeb_1.4.1-1_amd64.udeb
libcryptsetup4_1.4.1-1_amd64.deb
  to main/c/cryptsetup/libcryptsetup4_1.4.1-1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 648868@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonas Meurer <mejo@debian.org> (supplier of updated cryptsetup package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 05 Feb 2012 03:17:59 +0100
Source: cryptsetup
Binary: cryptsetup libcryptsetup4 libcryptsetup-dev cryptsetup-udeb libcryptsetup4-udeb
Architecture: source amd64
Version: 2:1.4.1-1
Distribution: unstable
Urgency: low
Maintainer: Debian Cryptsetup Team <pkg-cryptsetup-devel@lists.alioth.debian.org>
Changed-By: Jonas Meurer <mejo@debian.org>
Description: 
 cryptsetup - disk encryption support - commandline tools
 cryptsetup-udeb - disk encryption support - commandline tools (udeb) (udeb)
 libcryptsetup-dev - disk encryption support - development files
 libcryptsetup4 - disk encryption support - shared library
 libcryptsetup4-udeb - disk encryption support - shared library (udeb) (udeb)
Closes: 591853 597583 633105 634017 634109 638257 638317 640056 641719 641839 641947 642147 642470 642540 643633 643962 644853 645528 646083 647851 648192 648868 654676 656933 658360
Changes: 
 cryptsetup (2:1.4.1-1) unstable; urgency=low
 .
   * new upstream release (1.4.0 + 1.4.1) (closes: #647851)
     - fixes typo in german translation. (closes: #645528)
     - remove patches, all incorporated upstream.
     - soname bump, rename library package to libcryptsetup4
   * check for busybox in initramfs cryptroot hook, and install the sed binary
     in case it's either not installed or not activated. (closes: #591853)
   * add checks for 'type $KEYSCRIPT' to initscripts cryptdisks.functions, and
     to cryptroot initramfs script/hook. this adds support for keyscripts inside
     $PATH. thanks to Ian Jackson for the suggestion. (closes: #597583)
   * use argument '--sysinit' for vgchange in cryptroot initramfs script. Thanks
     to Christoph Anton Mitterer for the suggestion.
   * add option for discard/trim features to crypttab and initramfs scripts.
     Thanks to intrigeri and Peter Colberg for patches. (closes: #648868)
   * print $target on error in initramfs hook. Thanks to Daniel Hahler for the
     bugreport. (closes: #648192)
   * add a warning about using decrypt_derived keyscript for devices with
     persistent data. Thanks to Arno Wagner for pointing this out.
   * remove quotes from resume device candidates at get_resume_devs() in
     initramfs hook script. Thanks to Johannes Rohr. (closes: #634017)
   * support custom $TABFILE, thanks to Douglas Huff. (closes: #638317)
   * fix get_lvm_deps() in initramfs cryptroot hook to add all physical volumes
     of lvm volume group that contains the rootfs logical volume, even if the
     rootfs is lv is not spread over all physical volumes. Thanks to Christian
     Pernegger for bugreport and patch. (closes: #634109)
   * debian/initramfs/cryptroot-script: Move check for maximum number of tries
     behind the while loop, to make the warning appear in case that maximum
     number of tries is reached. Thanks to Chistian Lamparter for bugreport and
     patch. (closes: #646083)
   * incorporate changes to package descriptions and debconf templates that
     suggested by debian-l10n-english people. Special thanks go to Justin B Rye.
   * acknowledge NMU, thanks a lot to Christian Perrier for his great work on
     the i18n front. (closes: #633105, #641719, #641839, #641947, #642470,
     #640056, #642540, #643633, #643962, #644853)
   * add and update debconf translations:
     - italian, thanks to Milo Casagrande, Francesca Ciceri. (closes: #656933)
     - german, thanks to Erik Pfannenstein. (closes: #642147)
     - spanish, thanks to Camaleón. (closes: #658360)
     - russian, thanks to Yuri Kuzlov (closes: #654676)
   * set architecture to linux-any, depends on linux kernel anyway. Thanks to
     Christoph Egger. (closes: #638257)
   * small updates to the copyright file.
   * add targets build-indep and build-arch to debian/rules, thanks to lintian.
Checksums-Sha1: 
 d8aa53c16c60d5f392232b12af16c20b736c92d1 2483 cryptsetup_1.4.1-1.dsc
 32608be5b146a7bd3999129b086bad8b66c085b9 772971 cryptsetup_1.4.1.orig.tar.bz2
 f29a9c8c45ee38fe7c498699a94d85e4c4126d27 89477 cryptsetup_1.4.1-1.debian.tar.gz
 ad540d0fb5a235e7135db19e1bf1a3a37beb6d40 210348 cryptsetup_1.4.1-1_amd64.deb
 817571c240288d4f8360595c57a253cf4de42cbd 89538 libcryptsetup4_1.4.1-1_amd64.deb
 b2eed63ed581b24a55560121a0babc8e20dd94f6 49366 libcryptsetup-dev_1.4.1-1_amd64.deb
 ec85722f4c27bcac95057e97e8a8816d7bd7c7fd 35952 cryptsetup-udeb_1.4.1-1_amd64.udeb
 2b9834bbadab2c06a51f8af72d6f5a76aa30a3e0 47360 libcryptsetup4-udeb_1.4.1-1_amd64.udeb
Checksums-Sha256: 
 edc3177f0b88ca1b8817e9089a81caa7378cfea8e45741d5c8c3ee167f06c136 2483 cryptsetup_1.4.1-1.dsc
 82b143328c2b427ef2b89fb76c701d311c95b54093c21bbf22342f7b393bddcb 772971 cryptsetup_1.4.1.orig.tar.bz2
 84fd7fcf2328d515677744baf7d3993c4bddc2ea43ec3c22d6d1419ed170f1ca 89477 cryptsetup_1.4.1-1.debian.tar.gz
 08e24d874abcca6d70f1b0bb7170d049430ea75d0cead65967621cba1bbdfe94 210348 cryptsetup_1.4.1-1_amd64.deb
 28a0d19d9e8d7e602eae6a91fbc6776bafd6028ebdcf1f093cedc7006a18afc5 89538 libcryptsetup4_1.4.1-1_amd64.deb
 cad3b8b4377169be7d086c4f2cf1e9f9b0955e47083768113c93f5e1a3af5124 49366 libcryptsetup-dev_1.4.1-1_amd64.deb
 90c140170b76a4c6bb26ae6daf5ba2f3fae4d6c639976bd346491f90c120c02a 35952 cryptsetup-udeb_1.4.1-1_amd64.udeb
 e295fac16c1f5c79672479c28716721eb5991c81127995a89704941bd79171de 47360 libcryptsetup4-udeb_1.4.1-1_amd64.udeb
Files: 
 14602ebf03e68346433f3119c40ed978 2483 admin optional cryptsetup_1.4.1-1.dsc
 9253b3f29abf5c6f333eb74128b0df1c 772971 admin optional cryptsetup_1.4.1.orig.tar.bz2
 13e029d1aba33ff343b2b5295a3f6145 89477 admin optional cryptsetup_1.4.1-1.debian.tar.gz
 bd9ce6dd3d82e79fc14be85883a75545 210348 admin optional cryptsetup_1.4.1-1_amd64.deb
 5deafd2ce02e33d8aac3136eecfe77fd 89538 libs optional libcryptsetup4_1.4.1-1_amd64.deb
 6abab27749a5f47543cc40ec46136597 49366 libdevel optional libcryptsetup-dev_1.4.1-1_amd64.deb
 bb9f39a198e385e3445fd38b71e1b6a2 35952 debian-installer optional cryptsetup-udeb_1.4.1-1_amd64.udeb
 616ed17b60621a69bdeec4d2e53ee3be 47360 debian-installer optional libcryptsetup4-udeb_1.4.1-1_amd64.udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJPLej7AAoJEFJi5/9JEEn+RywP/jb8EKRNK6kBcRPvlrT4NeCM
gC2VimsY1/06y8tFBTgKhdSOy/YOF4a22yCRZUHOmCzVgS1kwi7fIx3cYaYw9yIU
cK70b0m8RjpU7VnEdRCd7//4BaWff+uDag6oq03YNUmyRJbb+EE9757JyEEnmS4c
uU+aDCy+bOyVJEeXXafRvjUHwS69brBT9+6QifYVR2wMa/1Aitxs+QqQRn88BNhM
dzyusE1W4N368RWQBjwtKTUc3vf7l6d+6jM6Jyh1ARZjG4drFccZFb1lFAY+9+8f
eI3F2r7YkPIVUcWmDKRJlwBPzG+7t+YgSgCTaygbo3pQEx7mIQsjBUnnynbtoGmQ
yHBlyY5NXt0DTlS0iaoCdtreziiGk81Dg3hs3z+6Oj3WnJwbtZEx3xQAMGmNVgOS
JVvhFqi8C7mU3TX0I7j2nm+Qs14b7JrGUAnLQXT4LtsPhtrorj7WYtxj4tRPQDYU
D8QqNFehCl9zUmk9f1EqT+vFfWEBE9B+yyEe0rzc+xRDAn6A5zI/WRqxRG1cbqoN
xndYzpWx6M2QzcZ8/5QnTsA9nkPO6UB9ui/Zpjml2I9CBtTubkj+q8CRPF0MPKpx
9fvKNje0//g+sbSMUEHSRdPbZfQiVlSEYs0KjInb6RoXFKru0dz3IDsz96F9TX54
coIDmtayOQdiLdriWH6V
=OMpo
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Thu, 08 Mar 2012 07:39:54 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Apr 23 13:16:30 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.