eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-06 00:10:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fxi luksKill slot to work in batch mode in non-tty environment.

Browse Source 
If there is no TTY on stdin (like nohup or service) then
batch mode should not fail to kill slot.

For more info see Issue#329.
This commit is contained in:
Milan Broz
2017-06-21 13:31:08 +02:00
parent ce1e5374b9
commit c80dbb2210
3 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/utils_crypt.c
View File

@@ -302,6 +302,7 @@ int crypt_keyfile_read(struct crypt_device *cd, const char *keyfile,
char_read = read(fd, &pass[i], 1); char_read = read(fd, &pass[i], 1);
if (char_read < 0) { if (char_read < 0) {
log_err(cd, _("Error reading passphrase.\n")); log_err(cd, _("Error reading passphrase.\n"));
r = -EPIPE;
goto out_err; goto out_err;
} }

6
src/cryptsetup.c
View File

@@ -933,6 +933,12 @@ static int action_luksKillSlot(void)
_("This is the last keyslot. Device will become unusable after purging this key."), _("This is the last keyslot. Device will become unusable after purging this key."),
_("Enter any remaining passphrase: "), _("Enter any remaining passphrase: "),
opt_key_file, opt_keyfile_offset, opt_keyfile_size); opt_key_file, opt_keyfile_offset, opt_keyfile_size);
if (r == -EPIPE && (!opt_key_file || tools_is_stdin(opt_key_file))) {
log_dbg("Failed read from input, ignoring passphrase.");
r = 0;
}
if (r < 0) if (r < 0)
goto out; goto out;
} }

5
tests/compat-test
View File

@@ -354,6 +354,8 @@ prepare "[18] RemoveKey passphrase and keyfile" reuse
$CRYPTSETUP luksRemoveKey $LOOPDEV $KEY1 || fail $CRYPTSETUP luksRemoveKey $LOOPDEV $KEY1 || fail
$CRYPTSETUP luksDump $LOOPDEV | grep -q "Key Slot 3: DISABLED" || fail $CRYPTSETUP luksDump $LOOPDEV | grep -q "Key Slot 3: DISABLED" || fail
$CRYPTSETUP luksRemoveKey $LOOPDEV $KEY1 2>/dev/null && fail $CRYPTSETUP luksRemoveKey $LOOPDEV $KEY1 2>/dev/null && fail
$CRYPTSETUP luksAddKey $LOOPDEV -i1 -d $KEY2 $KEY1 --key-slot 3 2>/dev/null || fail
$CRYPTSETUP luksDump $LOOPDEV | grep -q "Key Slot 3: ENABLED" || fail
$CRYPTSETUP luksRemoveKey $LOOPDEV $KEY2 --keyfile-size 1 2>/dev/null && fail $CRYPTSETUP luksRemoveKey $LOOPDEV $KEY2 --keyfile-size 1 2>/dev/null && fail
$CRYPTSETUP luksRemoveKey $LOOPDEV $KEY2 || fail $CRYPTSETUP luksRemoveKey $LOOPDEV $KEY2 || fail
$CRYPTSETUP luksDump $LOOPDEV | grep -q "Key Slot 4: DISABLED" || fail $CRYPTSETUP luksDump $LOOPDEV | grep -q "Key Slot 4: DISABLED" || fail
@@ -366,6 +368,9 @@ $CRYPTSETUP luksDump $LOOPDEV | grep -q "Key Slot 2: ENABLED" || fail
# kill slot using passphrase from 1 # kill slot using passphrase from 1
echo $PWD2 | $CRYPTSETUP luksKillSlot $LOOPDEV 2 || fail echo $PWD2 | $CRYPTSETUP luksKillSlot $LOOPDEV 2 || fail
$CRYPTSETUP luksDump $LOOPDEV | grep -q "Key Slot 2: DISABLED" || fail $CRYPTSETUP luksDump $LOOPDEV | grep -q "Key Slot 2: DISABLED" || fail
# kill slot with redirected stdin
$CRYPTSETUP luksKillSlot $LOOPDEV 3 </dev/null || fail
$CRYPTSETUP luksDump $LOOPDEV | grep -q "Key Slot 3: DISABLED" || fail
# remove key0 / slot 0 # remove key0 / slot 0
echo $PWD1 | $CRYPTSETUP luksRemoveKey $LOOPDEV || fail echo $PWD1 | $CRYPTSETUP luksRemoveKey $LOOPDEV || fail
$CRYPTSETUP luksDump $LOOPDEV | grep -q "Key Slot 0: DISABLED" || fail $CRYPTSETUP luksDump $LOOPDEV | grep -q "Key Slot 0: DISABLED" || fail