Debian Bug report logs - #690267
ltsp-client: nbd swap files are not removed from the server if swap encryption is enabled

version graph

Package: ltsp-client; Maintainer for ltsp-client is Debian LTSP Maintainers <team+ltsp@tracker.debian.org>; Source for ltsp-client is src:ltsp (PTS, buildd, popcon).

Reported by: George Kiagiadakis <kiagiadakis.george@gmail.com>

Date: Thu, 11 Oct 2012 19:45:02 UTC

Severity: important

Tags: confirmed

Found in version ltsp/5.4.2-2

Fixed in version ltsp/5.4.2-4

Done: Vagrant Cascadian <vagrant@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, LTSP Debian Maintainers <pkg-ltsp-devel@lists.alioth.debian.org>:
Bug#690267; Package ltsp-client. (Thu, 11 Oct 2012 19:45:04 GMT) (full text, mbox, link).

Acknowledgement sent to George Kiagiadakis <kiagiadakis.george@gmail.com>:
New Bug report received and forwarded. Copy sent to LTSP Debian Maintainers <pkg-ltsp-devel@lists.alioth.debian.org>. (Thu, 11 Oct 2012 19:45:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: George Kiagiadakis <kiagiadakis.george@gmail.com>
To: submit@bugs.debian.org
Subject: ltsp-client: nbd swap files are not removed from the server if swap encryption is enabled
Date: Thu, 11 Oct 2012 22:41:16 +0300
Package: ltsp-client
Version: 5.4.2-2
Severity: normal

Dear Maintainer,

NBD swap files seem to be encrypted by default (if no encryption
option is specified).
However, the nbd-disconnect script does not handle encrypted swap files.
Specifically, it tries to do "swapoff /dev/nbd1" where it should actually
be doing swapoff on /dev/mapper/swap0 and removing the dm-crypt mapping with
cryptsetup.

The problem is that since nbd-disconnect fails, the swap file is not
properly removed from the server.

As a workaround, setting ENCRYPT_SWAP=False in lts.conf solves the issue.

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (100, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-3-486
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages ltsp-client depends on:
ii  alsa-utils                   1.0.25-3
ii  cron                         3.0pl1-124
ii  cryptsetup                   2:1.4.3-2
ii  cups-bsd                     1.5.3-1
ii  freerdp-x11                  1.0.1-1.1
ii  inputattach                  1:1.4.3-1
ii  ldm                          2:2.2.11-2
ii  libasound2-plugins           1.0.25-2
ii  ltsp-client-core             5.4.2-2
ii  ltspfsd                      1.1-2
ii  mdetect                      0.5.2.3
ii  netcat-traditional [netcat]  1.10-40
ii  ntpdate                      1:4.2.6.p5+dfsg-2
ii  numlockx                     1.2-4
ii  pulseaudio                   2.0-6
ii  python-daemon                1.5.5-1
ii  python-serial                2.5-2.1
ii  rdesktop                     1.7.1-1
ii  rsyslog [system-log-daemon]  5.8.11-2
ii  sane-utils                   1.0.22-7.4
ii  sshfs                        2.4-1
ii  x11-xserver-utils            7.7~3
ii  xorg                         1:7.7+1

ltsp-client recommends no packages.

ltsp-client suggests no packages.

-- no debconf information

Information forwarded to debian-bugs-dist@lists.debian.org, LTSP Debian Maintainers <pkg-ltsp-devel@lists.alioth.debian.org>:
Bug#690267; Package ltsp-client. (Mon, 19 Nov 2012 20:24:05 GMT) (full text, mbox, link).

Acknowledgement sent to Vagrant Cascadian <vagrant@freegeek.org>:
Extra info received and forwarded to list. Copy sent to LTSP Debian Maintainers <pkg-ltsp-devel@lists.alioth.debian.org>. (Mon, 19 Nov 2012 20:24:05 GMT) (full text, mbox, link).

Message #10 received at 690267@bugs.debian.org (full text, mbox, reply):

From: Vagrant Cascadian <vagrant@freegeek.org>
To: George Kiagiadakis <kiagiadakis.george@gmail.com>, 690267@bugs.debian.org
Subject: Re: Bug#690267: ltsp-client: nbd swap files are not removed from the server if swap encryption is enabled
Date: Mon, 19 Nov 2012 12:22:44 -0800
Control: tags 690267 confirmed
Control: severity 690267 important

On Thu, Oct 11, 2012 at 10:41:16PM +0300, George Kiagiadakis wrote:
> NBD swap files seem to be encrypted by default (if no encryption
> option is specified).
> However, the nbd-disconnect script does not handle encrypted swap files.
> Specifically, it tries to do "swapoff /dev/nbd1" where it should actually
> be doing swapoff on /dev/mapper/swap0 and removing the dm-crypt mapping with
> cryptsetup.
> 
> The problem is that since nbd-disconnect fails, the swap file is not
> properly removed from the server.
> 
> As a workaround, setting ENCRYPT_SWAP=False in lts.conf solves the issue.

Thanks for the report.

I've been trying to debug this, but it seems elusive to me. I can reproduce the
problem, but my attempted fix fails:

=== modified file 'client/share/ltsp/nbd-disconnect'
*** client/share/ltsp/nbd-disconnect	2012-05-14 19:23:51 +0000
--- client/share/ltsp/nbd-disconnect	2012-11-19 20:15:47 +0000
***************
*** 30,39 ****
--- 30,47 ----
      case "$device" in
          /dev/nbd[1-9])
              swapoff "$device"
              nbd-client -d "$device"
              ;;
+         /dev/mapper/swap[0-9])
+             nbd_device=$(cryptsetup status "$device" | egrep 'device:.*/dev/nbd[0-9]' | cut -d : -f 2)
+             if [ -n "$nbd_device" ]; then
+                 swapoff "$device"
+                 cryptsetup remove "$device"
+                 nbd-client -d "$nbd_device"
+             fi
+             ;;
      esac
  done < /proc/swaps
  
  # If we're not using an nbd root, exit
  grep -qw "nbdroot" /proc/cmdline || exit 0


For some reason I can't figure out, the swapoff and "cryptsetup remove"
sucessfully removes the crypted disk, but then the "nbd-client -d" fails... the
nbd module is unloaded at that point.

live well,
  vagrant

Added tag(s) confirmed. Request was from Vagrant Cascadian <vagrant@freegeek.org> to 690267-submit@bugs.debian.org. (Mon, 19 Nov 2012 20:24:05 GMT) (full text, mbox, link).

Severity set to 'important' from 'normal' Request was from Vagrant Cascadian <vagrant@freegeek.org> to 690267-submit@bugs.debian.org. (Mon, 19 Nov 2012 20:24:06 GMT) (full text, mbox, link).

Reply sent to Vagrant Cascadian <vagrant@debian.org>:
You have taken responsibility. (Wed, 21 Nov 2012 05:51:03 GMT) (full text, mbox, link).

Notification sent to George Kiagiadakis <kiagiadakis.george@gmail.com>:
Bug acknowledged by developer. (Wed, 21 Nov 2012 05:51:03 GMT) (full text, mbox, link).

Message #19 received at 690267-close@bugs.debian.org (full text, mbox, reply):

From: Vagrant Cascadian <vagrant@debian.org>
To: 690267-close@bugs.debian.org
Subject: Bug#690267: fixed in ltsp 5.4.2-4
Date: Wed, 21 Nov 2012 05:47:37 +0000
Source: ltsp
Source-Version: 5.4.2-4

We believe that the bug you reported is fixed in the latest version of
ltsp, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 690267@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Vagrant Cascadian <vagrant@debian.org> (supplier of updated ltsp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 20 Nov 2012 21:26:04 -0800
Source: ltsp
Binary: ltsp-server ltsp-server-standalone ltsp-client-core ltsp-client ltsp-client-builder
Architecture: source all i386
Version: 5.4.2-4
Distribution: unstable
Urgency: low
Maintainer: LTSP Debian Maintainers <pkg-ltsp-devel@lists.alioth.debian.org>
Changed-By: Vagrant Cascadian <vagrant@debian.org>
Description: 
 ltsp-client - complete LTSP client environment
 ltsp-client-builder - build an LTSP environment in the installer target (udeb)
 ltsp-client-core - basic LTSP client environment
 ltsp-server - basic LTSP server environment
 ltsp-server-standalone - complete LTSP server environment
Closes: 690267
Changes: 
 ltsp (5.4.2-4) unstable; urgency=low
 .
   * ltsp-client-core: Add patch to nbd-disconnect to handle cryptsetup swap
     devices (Closes: #690267).
Checksums-Sha1: 
 444ef3e6a53ae99652021f54eec563657a4e0c2d 2293 ltsp_5.4.2-4.dsc
 c573c3efc84d1c0d0efeb4c23a9d0eda2a037320 87721 ltsp_5.4.2-4.debian.tar.gz
 364b9b34cc75b89aa7ae2d0ea59d0aa57b27f4d3 248268 ltsp-server_5.4.2-4_all.deb
 48ae294458850b739a21dcb9c766c3c918b35155 135624 ltsp-server-standalone_5.4.2-4_all.deb
 7ccb61c08c4be5e0439cc974ebb7401a346ea991 225272 ltsp-client-core_5.4.2-4_i386.deb
 2d3e3373edb82493a88eba5e6820b479d49ba9f1 134810 ltsp-client_5.4.2-4_i386.deb
 c25618f4a61877514fd8511a6001b68d0d5dd49c 9858 ltsp-client-builder_5.4.2-4_all.udeb
Checksums-Sha256: 
 cf788c244a3176bc991821a865eb8818d1820c6a5e65ea107449d7da90d6fb26 2293 ltsp_5.4.2-4.dsc
 4e24cb3c9911636d019eb86f205fc51c9a14003ae084aa9c6577f67a84f22f3d 87721 ltsp_5.4.2-4.debian.tar.gz
 63112a5cc501d691dc9ac063350552e922f06d228110043d642075349ab1b859 248268 ltsp-server_5.4.2-4_all.deb
 1fd5a0793145b3ec2488da4db06a71cfa8c3c0fc8a945a1351bdca125d0c4fa8 135624 ltsp-server-standalone_5.4.2-4_all.deb
 9eb6ffdc373a0c12cd7f49cdd3bb3fa3261059bf55cc1176ed23fa5979477963 225272 ltsp-client-core_5.4.2-4_i386.deb
 a4292ce97679b098852d6b750732a3715875a956d2680008624ac987ec72facb 134810 ltsp-client_5.4.2-4_i386.deb
 cee4a9fb5a0f97a97c3053a3840295cd571457f9a67a4572ba09892cd4d1e458 9858 ltsp-client-builder_5.4.2-4_all.udeb
Files: 
 53f4e04c3019aae3c35b985c2089a259 2293 misc extra ltsp_5.4.2-4.dsc
 c366d0ce46d078d2bbf75c7307cc5fb9 87721 misc extra ltsp_5.4.2-4.debian.tar.gz
 ebecb2cfb16aa54d5e6c415db2632d57 248268 misc extra ltsp-server_5.4.2-4_all.deb
 f9478d61f18638d1d4ba0d048a8837b9 135624 misc extra ltsp-server-standalone_5.4.2-4_all.deb
 e7e468f1f7a6c3ed53aceae25575e2ee 225272 misc extra ltsp-client-core_5.4.2-4_i386.deb
 2759f6db0050356d80c12ea074f6240c 134810 misc extra ltsp-client_5.4.2-4_i386.deb
 623ef2726666da49e144055d24d3acde 9858 debian-installer extra ltsp-client-builder_5.4.2-4_all.udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJQrGhxAAoJELeLgtSBS5G2sGAP/i/qJze7P6/vgl6ozqlDvrVa
dfd44Eb6C2aulI99ZKnkAySb+7CaEFdo8SzGfWQQAOjle1G/+cx0W+nGcdlZzKtQ
1xrmokTct4bzZ3NmOWh4KPnIDlN0kIbOiO4xC/bq5v3IELNFO6j75lw+u6Sv/B+t
hnVPJOaSDzq0vMST+YcdhjPEx1wMDLIzlhArf0Sn90IFI60DBY28A9yxxDzPErGm
PnKehc4Zlnx60K4512z1Uq+/liCnrlM2bRZJRcIIaeACzRs7xqc2HY6F5u9u+u5b
kHulGdem5/p6VPavs55Icz9b7z5RdKLvYUs3ytsrQU9JL+WHxEO21t0vUom6smYy
hPW6WGnFLZH7Hhz+yaSemii4JnFvyfqFUZCJBbgsN/Djrw2Nq05FPGqgvOzqSbld
2Yl4dUxVxoaHsgR0/eaVqfLbfG0HBToowY2Kiw9ZfPFagI6jfdiaiAFzD5lsUCsX
HzO/zZgN88hypEW1eEbTorsqCVsLx+Slvs71UojlUoEbl158sgdl/WmQEONrlmva
WLUBEcbspRw2/R1ibWYHK7WmZEYS1mGmaGuq/VeIRn2iTIFqYVmEbSpXIwwjDq5w
HwAYBGbp+kOl/30SZcI7L57e27YjziM8Lt9/ED0hoN2a5CYr2PVGXJ6FwmQqzdDv
fS/8bD0Nuh9CNGmVxCkf
=WeRG
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 19 Jan 2013 07:27:12 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Jul 1 13:05:00 2023; Machine Name: bembo

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.