-
-
Notifications
You must be signed in to change notification settings - Fork 152
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error locking new container #343
Comments
Hi tpoliaw, |
Cryptsetup was recently updated to 2.1 Edit: Oh and header changes. And all this applies for 2.0.6 too |
In 2.0.6 manpage says
|
Gosh. I overlooked one important word :D changes since 2.0.6 and not what I read : changes in 2.0.6 :D |
I actually have the same issue. I can confirm that adding Furthermore, it would be nice to support Luks2. |
The linked output includes the |
Thank you all for looking at this so quickly. I've added the change @roddhjav suggested and it works for now. |
ACK. Lesson to be learned: just like in data structures, always 'reserve' a protocol version selection flag on CLI applications to avoid regressions in future. Meanwhile we have to stuck with cryptsetup's problem: of not supporting the Re: getting on board with luks2 in Tomb I believe calls for a major release to clearly mark the change, since luks1 and luks2 headers aren't compatible with each other, which makes me quite sad. |
Are the headers really incompatible? The changelog mentions at least for the keyslot area full backward compatibility. And it would be possible to reduce the header size to what it was before. |
Good catch Narrat, thanks. I overlooked the details. If you or anyone else can do some empirical tests on compatibility then we can release a compatible version pretty quick rather than postponing to a major release. But we need perhaps a test unit about this specific regression issue. |
Can you please report the fix to Debian so they can backport it. I maintain a privacy distro and would really like to have this for our users during Buster. |
the bugreport above has nothing to do with Tomb |
Fixed by commit b054a83 it sort of slipped through the commit and is a correct fix: |
I have used tomb in the past and it's always worked fine. Trying to get it to work on a new machine is giving errors.
Tomb version: 2.5
ZSH version: 5.7.1
OS: Arch (kernel 4.20.10-arch1-1-ARCH)
cryptsetup: 2.1.0
Following the example in the readme (dig/forge/lock) gets as far as the lock stage then fails with
I have made a container using cryptsetup directly and it seems to work ok. I can't try using the cryptsetup command in the readme because I don't have a container to try opening yet.
I tried to run using v2.4 (from the tag in git) and the current master version and both had the same behaviour.
The full trace is here if it helps. I am happy to get any other information if it helps.
Thanks for Tomb. It's a great script (when it's working).
The text was updated successfully, but these errors were encountered: