From 0a48e53aa78066b6aefeffc5f3a9ce52ccb4ef5d Mon Sep 17 00:00:00 2001 From: Richard Penney Date: Tue, 20 Dec 2022 13:53:17 +0000 Subject: [PATCH] Rebased against release 6.1.1 (9fb20e0e) --- ChangeLog | 4 ++++ README.md | 2 +- RELNOTES | 12 +++++----- cryptmount.c | 2 +- cryptmount.spec | 2 +- debian/control | 2 +- man/makeman.defs | 10 ++++---- testing/mudslinger.in | 53 +++++++++++++++++++++++-------------------- 8 files changed, 49 insertions(+), 38 deletions(-) diff --git a/ChangeLog b/ChangeLog index 3903846..20b109e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ ChangeLog for cryptmount (http://cryptmount.sourceforge.net) +20Dec22 - Updated various maintainer URLs to point to github.com + Reduced verbosity of manual-page variable substitution + Improved unit-test support for NVME devices + 08Oct22 - *** cryptmount-6.1 released 01Oct22 - Improved udev settling schedule and filesystem syncs diff --git a/README.md b/README.md index fbab3fd..3f8b845 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ CentOS, [Debian](https://packages.debian.org/stable/cryptmount), Fedora, [Ubuntu](https://packages.ubuntu.com/jammy/cryptmount) etc. For the most recent source-bundles of cryptmount, please see -[Sourceforge](http://www.sourceforge.net/projects/cryptmount), +[SourceForge](http://www.sourceforge.net/projects/cryptmount), or find the latest developer versions on [GitHub](https://github.com/rwpenney/cryptmount). diff --git a/RELNOTES b/RELNOTES index f29efcb..846631a 100644 --- a/RELNOTES +++ b/RELNOTES @@ -1,6 +1,6 @@ - Release notes for cryptmount-6.1 + Release notes for cryptmount-6.1.1 - RW Penney, October 2022 + RW Penney, December 2022 Introduction ============ @@ -39,17 +39,17 @@ It has been tested on the following systems: * Alma Linux 9.0 (x86_64, lacking libcryptsetup headers) - * Arch Linux (early-Oct-2022) (x86_64) + * Arch Linux (mid-Dec-2022) (x86_64) * Debian GNU/Linux 12.x ("bookworm"/"testing", early-Oct-2022) (amd64) - * Debian GNU/Linux 11.5 ("bullseye") (amd64) + * Debian GNU/Linux 11.6 ("bullseye") (amd64) * Debian GNU/Linux 10.13 ("buster") (x86) - * Fedora 36 (x86_64) + * Fedora 37 (x86_64) - * Ubuntu 22.04 ("jammy") (x86_64) + * Ubuntu 22.10 ("kinetic") (x86_64) Summary of new features in cryptmount-6.0 diff --git a/cryptmount.c b/cryptmount.c index d75d955..c408612 100644 --- a/cryptmount.c +++ b/cryptmount.c @@ -165,7 +165,7 @@ int fs_test_blkgetsz() const char **dev; const char *devices[] = { "/dev/hda", "/dev/hda1", "/dev/hda2", "/dev/hda3", - "/dev/hdb", "/dev/hdb1", "/dev/hdb2", "/dev/hdb3", + "/dev/nvme0n1", "/dev/nvme0n2", "/dev/nvme1n1", "/dev/nvme1n2", "/dev/sda", "/dev/sda1", "/dev/sda2", "/dev/sda3", "/dev/sdb", "/dev/sdb1", "/dev/sdb2", "/dev/sdb3", "/dev/vda", "/dev/vda1", "/dev/xvda", "/dev/xvda1", diff --git a/cryptmount.spec b/cryptmount.spec index 0140094..c2b6524 100644 --- a/cryptmount.spec +++ b/cryptmount.spec @@ -4,7 +4,7 @@ # Summary: Let ordinary users mount an encrypted file system Name: cryptmount -Version: 6.1.0 +Version: 6.1.1 Release: 1%{?dist} License: GPL URL: http://cryptmount.sourceforge.net diff --git a/debian/control b/debian/control index d5e3efc..c00077d 100644 --- a/debian/control +++ b/debian/control @@ -6,7 +6,7 @@ Homepage: https://github.com/rwpenney/cryptmount Build-Depends: automake, debhelper-compat (= 12), libcryptsetup-dev (>= 2.0), libdevmapper-dev, libgcrypt20-dev (>= 1.8), pkgconf Rules-Requires-Root: binary-targets -Standards-Version: 4.6.1 +Standards-Version: 4.6.2 Package: cryptmount Architecture: linux-any diff --git a/man/makeman.defs b/man/makeman.defs index c947a21..78896ef 100644 --- a/man/makeman.defs +++ b/man/makeman.defs @@ -1,5 +1,4 @@ # cryptmount makefile-rules for man-pages -# $Revision: $, $Date: $ # RW Penney, April 2006 @@ -18,11 +17,14 @@ mantransform="s,@PACKAGE_VERSION\@,${PACKAGE_VERSION},g; \ cmtab.5: cmtab.5.in ${top_builddir}/config.status - sed ${mantransform} $< > $@ + @echo "Preparing $@ from $<" + @sed ${mantransform} $< > $@ cryptmount.8: cryptmount.8.in ${top_builddir}/config.status - sed ${mantransform} $< > $@ + @echo "Preparing $@ from $<" + @sed ${mantransform} $< > $@ cryptmount-setup.8: cryptmount-setup.8.in ${top_builddir}/config.status - sed ${mantransform} $< > $@ + @echo "Preparing $@ from $<" + @sed ${mantransform} $< > $@ diff --git a/testing/mudslinger.in b/testing/mudslinger.in index 5df7f36..37708e0 100755 --- a/testing/mudslinger.in +++ b/testing/mudslinger.in @@ -2,7 +2,7 @@ # Testing script for cryptmount (compiled with -DTESTING) # RW Penney, December 2005 -DD="/bin/dd oflag=sync" +DD=/bin/dd LOSETUP=/sbin/losetup SU_p="/bin/su -p" TMPDIR=/tmp/cm-$$ @@ -16,11 +16,10 @@ LOOPDEV2=/dev/null DATEFMT="+%d%b%y-%H:%M:%S" - function listLoopDevs() { # Find free loopback devices least likely to be selected by 'losetup -f' - losetup -f > /dev/null - losetup -l -O NAME | \ + ${LOSETUP} -f > /dev/null + ${LOSETUP} -l -O NAME | \ sed '1d' > ${TMPDIR}/usedLoops ls /dev/loop[0-9]* | \ grep -v -x -f ${TMPDIR}/usedLoops | \ @@ -28,6 +27,12 @@ function listLoopDevs() { }; +function dd_sync() { + ${DD} $@ + sync +}; + + # # Testing infrastructure # @@ -118,7 +123,7 @@ function wait_udev() { function mk_ssl_keyfile() { # Syntax: mk_ssl_keyfile - ${DD} if=/dev/urandom bs=${1}c count=1 2>/dev/null | \ + dd_sync if=/dev/urandom bs=${1}c count=1 2>/dev/null | \ openssl enc -e -pass pass:"${PASSWD}" -md $2 -${3} 2>&3 }; @@ -290,11 +295,11 @@ function test_setup_roloop() { if test_start "read-only loopback"; then true; else return; fi idx=`mkrandshort` mkdir ${TMPDIR}/romnt - ${DD} if=/dev/zero of=${TMPDIR}/roloopfile bs=1M count=16 2>/dev/null + dd_sync if=/dev/zero of=${TMPDIR}/roloopfile bs=1M count=32 2>/dev/null ${LOSETUP} "${LOOPDEV2}" ${TMPDIR}/roloopfile mke2fs -q "${LOOPDEV2}" mount -t ext2 "${LOOPDEV2}" ${TMPDIR}/romnt - ${DD} if=/dev/zero of=${TMPDIR}/romnt/lpfl bs=1M count=8 2>/dev/null + dd_sync if=/dev/zero of=${TMPDIR}/romnt/lpfl bs=1M count=16 2>/dev/null cat < ${TMPDIR}/cmtab target${idx} { dev=${TMPDIR}/romnt/lpfl flags=nofsck @@ -561,7 +566,7 @@ function test_bad_keyfmt() { EOF rm -f ${TMPDIR}/keyfile if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16 target${idx} 2>&3; then test_fail "key-generation"; return; fi - ${DD} if=/dev/urandom of=${TMPDIR}/keyfile bs=16c count=1 2>/dev/null + dd_sync if=/dev/urandom of=${TMPDIR}/keyfile bs=16c count=1 2>/dev/null if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx} 2>&3; then ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3 test_fail prepare @@ -664,7 +669,7 @@ EOF cleanup="${CM} --config-dir ${TMPDIR} --release --all" if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare --all 2>&3; then true; else test_fail "prepare" "${cleanup}"; return; fi for tgt in ${tgtlist}; do - ${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null + dd_sync if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null if mke2fs -q /dev/mapper/${tgt}; then true; else test_fail mke2fs; return; fi done wait_udev @@ -753,7 +758,7 @@ EOF EOF rm -f ${TMPDIR}/keyfile if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx} 2>&3; then true; else test_fail prepare; return; fi - ${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null + dd_sync if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi wait_udev if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi @@ -790,7 +795,7 @@ function test_ssl_algs() { } EOF if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx} 2>&3; then true; else test_fail prepare; return; fi - ${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null + dd_sync if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi wait_udev if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi @@ -830,7 +835,7 @@ EOF rm -f ${TMPDIR}/keyfile if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16 target${idx} 2>&3; then true; else test_fail "key-generation"; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx} 2>&3; then true; else test_fail prepare; return; fi - ${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null + dd_sync if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi wait_udev if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi @@ -878,7 +883,7 @@ function test_gcryossl() { EOF # Configure filesystem with libgcrypt-openssl compatibility layer: if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx} 2>&3; then true; else test_fail prepare; return; fi - ${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null + dd_sync if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi wait_udev if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi @@ -1039,11 +1044,11 @@ function test_offsets() { } EOF test -f ${TMPDIR}/keyfile || ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16 target${idx} 2>&3 - ${DD} if=/dev/zero of=${LOOPDEV} bs=1M count=32 2>/dev/null + dd_sync if=/dev/zero of=${LOOPDEV} bs=1M count=32 2>/dev/null sync if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx} 2>&3; then cleanup="${CM} --config-dir ${TMPDIR} --release target${idx}" - ${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1b count=`expr ${length} + 16` 2>&3 + dd_sync if=/dev/zero of=/dev/mapper/target${idx} bs=1b count=`expr ${length} + 16` 2>&3 wait_udev ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3 wait_udev @@ -1087,13 +1092,13 @@ EOF echo "config: $cfg - prio=${prio}" 1>&3 case $format in zero) - ${DD} if=/dev/zero of=${LOOPDEV} bs=1M count=4 2>/dev/null ;; + dd_sync if=/dev/zero of=${LOOPDEV} bs=1M count=4 2>/dev/null ;; blank) mke2fs -q ${LOOPDEV} ;; rand) - ${DD} if=/dev/urandom of=${LOOPDEV} bs=1M count=4 2>/dev/null ;; + dd_sync if=/dev/urandom of=${LOOPDEV} bs=1M count=4 2>/dev/null ;; data) - ${DD} if=$0 of=${LOOPDEV} bs=1M count=4 2>/dev/null ;; + dd_sync if=$0 of=${LOOPDEV} bs=1M count=4 2>/dev/null ;; esac wait_udev; sync if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --swapon swap${idx}" 2>&3; then test_fail privilege; return; fi @@ -1162,7 +1167,7 @@ function test_privblock() { if test_start "privilege checks"; then true; else return; fi if [ -f ${TMPDIR}/keyfile ]; then rm ${TMPDIR}/keyfile; fi if [ -f ${TMPDIR}/keyfile_ ]; then rm ${TMPDIR}/keyfile_; fi - ${DD} if=/dev/zero of=${LOOPDEV} bs=1M count=4 2>/dev/null; sync + dd_sync if=/dev/zero of=${LOOPDEV} bs=1M count=4 2>/dev/null; sync idx=`mkrandshort` NEWPASSWD="${PASSWD}-new${idx}" cat < ${TMPDIR}/cmtab @@ -1250,7 +1255,7 @@ function test_cryptsetup_compat() { cryptsetup --key-file ${TMPDIR}/keymat -c ${cipher} -b ${length} -o ${startsec} -p ${ivoffset} create cstarget${idx} ${LOOPDEV} 2>&3 if [ -b /dev/mapper/cstarget${idx} ]; then cs_size=`blockdev --getsize /dev/mapper/cstarget${idx}` - ${DD} if=/dev/zero of=/dev/mapper/cstarget${idx} \ + dd_sync if=/dev/zero of=/dev/mapper/cstarget${idx} \ bs=16k count=16 2>/dev/null mke2fs -q -j /dev/mapper/cstarget${idx} wait_udev @@ -1328,7 +1333,7 @@ function test_luks_compat() { # Setup partition with cryptsetup-luks: TMPTGT="mudslinger-`mkrandshort`" - if ${DD} if=/dev/zero of=${LOOPDEV} bs=1M count=1 conv=notrunc 2>/dev/null; then true; else test_fail "purging"; return; fi + if dd_sync if=/dev/zero of=${LOOPDEV} bs=1M count=1 conv=notrunc 2>/dev/null; then true; else test_fail "purging"; return; fi cryptsetup --batch-mode --cipher ${cipher} --key-size ${len} luksFormat "${LOOPDEV}" ${TMPDIR}/keymat0 1>&3 2>&3 sync cryptsetup --key-file ${TMPDIR}/keymat0 --cipher ${cipher} --key-slot 2 luksAddKey "${LOOPDEV}" ${TMPDIR}/keymat 1>&3 2>&3 @@ -1383,7 +1388,7 @@ function test_luks_tapmoc() { cipher=${cipher}-${mode} } EOF - if ${DD} if=/dev/zero of=${LOOPDEV} bs=1M count=1 conv=notrunc 2>/dev/null; then true; else test_fail "purging"; return; fi + if dd_sync if=/dev/zero of=${LOOPDEV} bs=1M count=1 conv=notrunc 2>/dev/null; then true; else test_fail "purging"; return; fi sync if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 32 target${idx} 1>&3 2>&3; then true; else test_fail "key-generation"; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx} 2>&3; then true; else test_fail "prepare"; return; fi @@ -1516,8 +1521,8 @@ fi # Prepare loopback file & pseudo device file: set -e touch ${TMPDIR}/keyfile -${DD} if=/dev/zero of=${TMPDIR}/loopfile bs=1M count=64 2>&3 1>&2 -${DD} if=/dev/zero of=${TMPDIR}/devfile bs=1M count=64 2>&3 1>&2 +dd_sync if=/dev/zero of=${TMPDIR}/loopfile bs=1M count=64 2>&3 1>&2 +dd_sync if=/dev/zero of=${TMPDIR}/devfile bs=1M count=64 2>&3 1>&2 listLoopDevs LOOPDEV=`sed -n '1p' "${TMPDIR}/availableLoops"` LOOPDEV2=`sed -n '2p' "${TMPDIR}/availableLoops"`