rpms/ecryptfs-utils/F-11 ecryptfs-utils-75-blkid.patch, NONE, 1.1 ecryptfs-utils-75-nocryptdisks.patch, NONE, 1.1 ecryptfs-utils-75-pamcheck.patch, NONE, 1.1 ecryptfs-utils.spec, 1.45, 1.46
Michal Hlavinka
mhlavink at fedoraproject.org
Fri May 22 09:56:53 UTC 2009
Author: mhlavink
Update of /cvs/extras/rpms/ecryptfs-utils/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv15102
Modified Files:
ecryptfs-utils.spec
Added Files:
ecryptfs-utils-75-blkid.patch
ecryptfs-utils-75-nocryptdisks.patch
ecryptfs-utils-75-pamcheck.patch
Log Message:
- fix check for file name encryption support in pam (#495143)
- removed executable permission from ecryptfs-dot-private (#500817)
- require cryptsetup-luks for encrypted swap (#500824)
- use blkid instead of vol_id (#500820)
ecryptfs-utils-75-blkid.patch:
--- NEW FILE ecryptfs-utils-75-blkid.patch ---
=== modified file 'src/utils/ecryptfs-setup-swap'
--- src/utils/ecryptfs-setup-swap 2009-03-20 21:44:01 +0000
+++ src/utils/ecryptfs-setup-swap 2009-05-18 17:02:55 +0000
@@ -83,7 +83,7 @@
fi
# Make sure this is swap space
-if ! vol_id "$swap" | grep -qs "ID_FS_TYPE=swap"; then
+if ! blkid "$swap" | grep -qs "TYPE=.*swap"; then
error "[$swap] does not appear to be swap space"
fi
ecryptfs-utils-75-nocryptdisks.patch:
--- NEW FILE ecryptfs-utils-75-nocryptdisks.patch ---
=== modified file 'src/utils/ecryptfs-setup-swap'
--- src/utils/ecryptfs-setup-swap 2009-03-20 21:44:01 +0000
+++ src/utils/ecryptfs-setup-swap 2009-05-19 14:50:01 +0000
@@ -158,13 +158,5 @@
# Add fstab entry
echo "/dev/mapper/cryptswap none swap sw 0 0" >> /etc/fstab
-# Turn swap off
-swapoff -a
-
-# Restart cryptdisks
-/etc/init.d/cryptdisks restart
-
-# Turn the swap on
-swapon -a
-
info "Successfully setup encrypted swap!"
+info "This will take effect after reboot"
\ No newline at end of file
ecryptfs-utils-75-pamcheck.patch:
--- NEW FILE ecryptfs-utils-75-pamcheck.patch ---
=== modified file 'src/pam_ecryptfs/pam_ecryptfs.c'
--- src/pam_ecryptfs/pam_ecryptfs.c 2009-04-21 23:20:27 +0000
+++ src/pam_ecryptfs/pam_ecryptfs.c 2009-05-22 09:38:49 +0000
@@ -110,6 +110,7 @@
char *auth_tok_sig;
pid_t child_pid, tmp_pid;
long rc;
+ uint32_t version;
syslog(LOG_INFO, "%s: Called\n", __FUNCTION__);
rc = pam_get_user(pamh, &username, NULL);
@@ -130,6 +131,10 @@
}
if (!ecryptfs_pam_automount_set(homedir))
goto out;
+ /* we need side effect of this check:
+ load ecryptfs module if not loaded already */
+ if (ecryptfs_get_version(&version) != 0)
+ syslog(LOG_WARNING, "Can't check if kernel supports ecryptfs\n");
saved_uid = geteuid();
seteuid(uid);
rc = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&passphrase);
Index: ecryptfs-utils.spec
===================================================================
RCS file: /cvs/extras/rpms/ecryptfs-utils/F-11/ecryptfs-utils.spec,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -p -r1.45 -r1.46
--- ecryptfs-utils.spec 21 May 2009 09:58:45 -0000 1.45
+++ ecryptfs-utils.spec 22 May 2009 09:56:23 -0000 1.46
@@ -3,7 +3,7 @@
Name: ecryptfs-utils
Version: 75
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: The eCryptfs mount helper and support libraries
Group: System Environment/Base
License: GPLv2+
@@ -28,6 +28,9 @@ Patch5: ecryptfs-utils-75-blkid.patch
#rhbz#500829
Patch6: ecryptfs-utils-75-nocryptdisks.patch
+#rhbz#500829
+Patch7: ecryptfs-utils-75-pamcheck.patch
+
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
Requires: keyutils, cryptsetup-luks, e2fsprogs
BuildRequires: libgcrypt-devel keyutils-libs-devel openssl-devel pam-devel
@@ -68,6 +71,7 @@ the interface supplied by the ecryptfs-u
%patch4 -p1 -b .werror
%patch5 -p0 -b .blkid
%patch6 -p0 -b .nocryptdisks
+%patch7 -p0 -b .pamcheck
%build
export CFLAGS="$RPM_OPT_FLAGS -ggdb -O2 -Werror"
@@ -185,7 +189,8 @@ rm -rf $RPM_BUILD_ROOT
%{python_sitearch}/ecryptfs-utils/_libecryptfs.so
%changelog
-* Thu May 21 2009 Michal Hlavinka <mhlavink at redhat.com> 75-2
+* Fri May 22 2009 Michal Hlavinka <mhlavink at redhat.com> 75-2
+- fix check for file name encryption support in pam (#495143)
- removed executable permission from ecryptfs-dot-private (#500817)
- require cryptsetup-luks for encrypted swap (#500824)
- use blkid instead of vol_id (#500820)
More information about the scm-commits
mailing list