rpms/ecryptfs-utils/F-11 ecryptfs-utils-75-blkid.patch, NONE, 1.1 ecryptfs-utils-75-nocryptdisks.patch, NONE, 1.1 ecryptfs-utils-75-pamcheck.patch, NONE, 1.1 ecryptfs-utils.spec, 1.45, 1.46

Fri May 22 09:56:53 UTC 2009

Author: mhlavink

Update of /cvs/extras/rpms/ecryptfs-utils/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv15102

Modified Files:
	ecryptfs-utils.spec 
Added Files:
	ecryptfs-utils-75-blkid.patch 
	ecryptfs-utils-75-nocryptdisks.patch 
	ecryptfs-utils-75-pamcheck.patch 
Log Message:
- fix check for file name encryption support in pam (#495143)
- removed executable permission from ecryptfs-dot-private (#500817)
- require cryptsetup-luks for encrypted swap (#500824)
- use blkid instead of vol_id (#500820)


ecryptfs-utils-75-blkid.patch:

--- NEW FILE ecryptfs-utils-75-blkid.patch ---
=== modified file 'src/utils/ecryptfs-setup-swap'
--- src/utils/ecryptfs-setup-swap	2009-03-20 21:44:01 +0000
+++ src/utils/ecryptfs-setup-swap	2009-05-18 17:02:55 +0000
@@ -83,7 +83,7 @@
 fi
 
 # Make sure this is swap space
-if ! vol_id "$swap" | grep -qs "ID_FS_TYPE=swap"; then
+if ! blkid "$swap" | grep -qs "TYPE=.*swap"; then
 	error "[$swap] does not appear to be swap space"
 fi
 


ecryptfs-utils-75-nocryptdisks.patch:

--- NEW FILE ecryptfs-utils-75-nocryptdisks.patch ---
=== modified file 'src/utils/ecryptfs-setup-swap'
--- src/utils/ecryptfs-setup-swap	2009-03-20 21:44:01 +0000
+++ src/utils/ecryptfs-setup-swap	2009-05-19 14:50:01 +0000
@@ -158,13 +158,5 @@
 # Add fstab entry
 echo "/dev/mapper/cryptswap none swap sw 0 0" >> /etc/fstab
 
-# Turn swap off
-swapoff -a
-
-# Restart cryptdisks
-/etc/init.d/cryptdisks restart
-
-# Turn the swap on
-swapon -a
-
 info "Successfully setup encrypted swap!"
+info "This will take effect after reboot"
\ No newline at end of file


ecryptfs-utils-75-pamcheck.patch:

--- NEW FILE ecryptfs-utils-75-pamcheck.patch ---
=== modified file 'src/pam_ecryptfs/pam_ecryptfs.c'
--- src/pam_ecryptfs/pam_ecryptfs.c	2009-04-21 23:20:27 +0000
+++ src/pam_ecryptfs/pam_ecryptfs.c	2009-05-22 09:38:49 +0000
@@ -110,6 +110,7 @@
 	char *auth_tok_sig;
 	pid_t child_pid, tmp_pid;
 	long rc;
+	uint32_t version;
 
 	syslog(LOG_INFO, "%s: Called\n", __FUNCTION__);
 	rc = pam_get_user(pamh, &username, NULL);
@@ -130,6 +131,10 @@
 	}
 	if (!ecryptfs_pam_automount_set(homedir))
 		goto out;
+	/* we need side effect of this check: 
+	   load ecryptfs module if not loaded already */
+	if (ecryptfs_get_version(&version) != 0)
+		syslog(LOG_WARNING, "Can't check if kernel supports ecryptfs\n");
 	saved_uid = geteuid();
 	seteuid(uid);
 	rc = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&passphrase);



Index: ecryptfs-utils.spec
===================================================================
RCS file: /cvs/extras/rpms/ecryptfs-utils/F-11/ecryptfs-utils.spec,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -p -r1.45 -r1.46
--- ecryptfs-utils.spec	21 May 2009 09:58:45 -0000	1.45
+++ ecryptfs-utils.spec	22 May 2009 09:56:23 -0000	1.46
@@ -3,7 +3,7 @@
 
 Name: ecryptfs-utils
 Version: 75
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: The eCryptfs mount helper and support libraries
 Group: System Environment/Base
 License: GPLv2+
@@ -28,6 +28,9 @@ Patch5: ecryptfs-utils-75-blkid.patch
 #rhbz#500829
 Patch6: ecryptfs-utils-75-nocryptdisks.patch
 
+#rhbz#500829
+Patch7: ecryptfs-utils-75-pamcheck.patch
+
 BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 Requires: keyutils, cryptsetup-luks, e2fsprogs
 BuildRequires: libgcrypt-devel keyutils-libs-devel openssl-devel pam-devel
@@ -68,6 +71,7 @@ the interface supplied by the ecryptfs-u
 %patch4 -p1 -b .werror
 %patch5 -p0 -b .blkid
 %patch6 -p0 -b .nocryptdisks
+%patch7 -p0 -b .pamcheck
 
 %build
 export CFLAGS="$RPM_OPT_FLAGS -ggdb -O2 -Werror"
@@ -185,7 +189,8 @@ rm -rf $RPM_BUILD_ROOT
 %{python_sitearch}/ecryptfs-utils/_libecryptfs.so
 
 %changelog
-* Thu May 21 2009 Michal Hlavinka <mhlavink at redhat.com> 75-2
+* Fri May 22 2009 Michal Hlavinka <mhlavink at redhat.com> 75-2
+- fix check for file name encryption support in pam (#495143)
 - removed executable permission from ecryptfs-dot-private (#500817)
 - require cryptsetup-luks for encrypted swap (#500824)
 - use blkid instead of vol_id (#500820)


