Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[HOWTO] root, swap filesystem encryption for 2.4 and 2.6
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8  Next  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
angelacb
n00b
n00b


Joined: 31 Oct 2003
Posts: 50

PostPosted: Sun Jun 13, 2004 10:19 pm    Post subject: Reply with quote

angelacb wrote:
Hi,

I'm experiencing a very weird problem. I've successfully encrypted my root, swap, etc...
I've been running this machine for 3 months already. I haven't experienced any problems. However, today i try to extract a very large tar file. There's twelve 50 MB rar files within this huge tar file. There's also a checksum file that comes with the tar file in which it will validates all 12 of these large 50 MB rar files.
I've tried to extract these files many different times. Every time after I extracted these rar files from the huge tar file, I check it with the checksum file. And every single time, it gives errors but on different rar files.
The odd thing is, every time I extract from the tar file, different rar files gets corrupted. Therefore, i want to know if this has anything to do with encrypted file system, or is there something I might have done that may cause this error.
Just for the record, I run reiserfs on the loopback device backed by /dev/sdaX.

Best Regards,


I've tested it with other compression utils and compressing the same set of files and decompressing them on the encrypted file system:
ZIP/UNZIP: no corruptions
RAR/UNRAR: no corruptions
GZIP/UNGZIP: no corruptions
TAR/UNTAR: random corruptions on uncompressed files
TAR+BZIP2/UNTAR+UNBZIP2: random corruptions

I'm wondering if there's something special about tar/untar i have to worry about when i'm working with loop-AES encrypted file systems. Maybe someone experiences similar issues? :?:

Best Regards,
_________________
Love Linux, Love Life
Back to top
View user's profile Send private message
markymarc
n00b
n00b


Joined: 04 Dec 2003
Posts: 39
Location: Denmark

PostPosted: Tue Jun 15, 2004 8:25 am    Post subject: Re: Boot from USB(SOLVED) Reply with quote

markymarc wrote:

Code:
/dev/sda1 failed to mount as /lib


I get the same error when I try to boot from USB. I follow the guide abort gpg encyrption. And it works fin when BOOTDEV in build-initrd.sh is /dev/discs/disc0/part1 and boot is on the harddrive. But when I put me boot pation on me USB, and sets the BOOTDEV to /dev/discs/disc1/part1 I get the same error as Jeff. Have tryed the same as Jeff with pause no help.

PLS HELP


Fix the first problem now. Just put bootdev to /dev/discs/disc0/part1.

Now I got a new error, this is the output when I boot on me new initrd:
Code:
VFS: Mounted root (minix filesystem) readonly.
Mounted devfs on /dev
Freeing unused kernel memory: 220k freed
Command "/lib/insmod /lib/modules-2.6.5-gentoo-r1/loop.ko" returned error
System halted
Why is this ?
I have tryed all the steps from the gpg howto, and got it to work. When I put boot on hda1.
Do I have to put some speciel thing in the /boot/ patition or in the build-initrd??

SORRY it was not at loop-AES error. Just me stupidede, forgot to compile all the right stuff in the kernel, for initrd to read from USB drive :oops:
Back to top
View user's profile Send private message
Sh4d0w
n00b
n00b


Joined: 26 Nov 2003
Posts: 28

PostPosted: Fri Jun 18, 2004 3:16 am    Post subject: Reply with quote

I followed this guide back with 2.4 and now I'm trying to upgrade my kernel to 2.6.

I've compiled in all the modules listed, but when I try to boot with my 2.6 kernel I get:

Quote:

Mounted devfs on /dev
Freeing unused kernel memory: 104k freed
Mounting /dev/discs/disc0/part1 as /lib failed
System halted.


Any suggestions on what I may need to do?
Back to top
View user's profile Send private message
Duty
Apprentice
Apprentice


Joined: 15 Nov 2003
Posts: 253

PostPosted: Mon Jun 21, 2004 10:26 pm    Post subject: Reply with quote

Someone in Gentoo Chat tipped me off to this warning in the help blurb for the 'cryptoloop' module:

Quote:
WARNING: This device is not safe for journaled file systems like ext3 or Reiserfs. Please use the Device Mapper crypto module instead, which can be configured to be on-disk compatible with the cryptoloop device.


Is this something to worry about?
Back to top
View user's profile Send private message
jeffrice
Tux's lil' helper
Tux's lil' helper


Joined: 25 Jun 2003
Posts: 89
Location: New York, USA

PostPosted: Thu Jun 24, 2004 2:38 pm    Post subject: Reply with quote

Duty wrote:
Someone in Gentoo Chat tipped me off to this warning in the help blurb for the 'cryptoloop' module:

Quote:
WARNING: This device is not safe for journaled file systems like ext3 or Reiserfs. Please use the Device Mapper crypto module instead, which can be configured to be on-disk compatible with the cryptoloop device.


Is this something to worry about?


I dunno... AESLoop on Reiser4 has been working flawlessly.

Jeff
_________________
A computer is like an Old Testament god, with a lot of rules and no mercy. -Joseph Campbell
Kingfisher Athlon-XP: 2.6.7-love8-ck5 +nptl
Back to top
View user's profile Send private message
hulk2nd
Guru
Guru


Joined: 25 Mar 2003
Posts: 512
Location: Freiburg, Germany

PostPosted: Fri Jun 25, 2004 8:31 pm    Post subject: Reply with quote

Duty wrote:
Someone in Gentoo Chat tipped me off to this warning in the help blurb for the 'cryptoloop' module:

Quote:
WARNING: This device is not safe for journaled file systems like ext3 or Reiserfs. Please use the Device Mapper crypto module instead, which can be configured to be on-disk compatible with the cryptoloop device.


Is this something to worry about?

also reiserfs hasnt made any probs (at least in my case)
_________________
Linux: "Free as in free speech, not as in free beer"
Back to top
View user's profile Send private message
QuizMasta
n00b
n00b


Joined: 07 Mar 2004
Posts: 10

PostPosted: Sun Sep 05, 2004 9:51 pm    Post subject: Reply with quote

I think it's been mentioned before, but to quote the loop-AES.README:
Quote:
Don't use a journaling file system on top of file backed loop device. Device
backed loop device can be used with journaling file systems as device backed
loops guarantee that writes reach disk platters in order required by
journaling file system (write caching must be disabled on the disk drive, of
course).


In short: If you're encrypting an entire device (/dev/hda3 for instance) it's safe to use journaled filesystems (ReiserFS, ETX3 and so on).
_________________
Dr. Frankenstein: Damn your eyes!!
Igor: Too late!
Back to top
View user's profile Send private message
QuizMasta
n00b
n00b


Joined: 07 Mar 2004
Posts: 10

PostPosted: Sun Sep 05, 2004 9:59 pm    Post subject: loop-AES v2.1c Reply with quote

Will the instructions on the first page cover the newer loop-AES (v2.1c)?

Specifically: Do I need the newest pacth for loop-AES in step 3c?
_________________
Dr. Frankenstein: Damn your eyes!!
Igor: Too late!
Back to top
View user's profile Send private message
chadders
Tux's lil' helper
Tux's lil' helper


Joined: 21 Jan 2003
Posts: 113

PostPosted: Thu Sep 09, 2004 9:51 pm    Post subject: Recommend not using loop device based encryption Reply with quote

Um, as the creator of one of the first "How to encrypt root, etc" Howto's in these forums, and spending a LOT of time messing around with the loop device driver, loopAES, the cryptoAPI yada yada...

I recommend that people think about using the new device mapper based stuff instead and NOT loop device based stuff. Why? Because it is more righteous, because it works better, because it has a future, and MOSTLY because the whole loop device implementation is one huge ugly kernel hack. There are some dm-crypt how-to's in the Gentoo forums that tell you how to do it. TRY IT YOU WILL BE GLAD YOU DID.

The device manager is a layer of code in 2.6 kernels that lets virtual layers of block devices be created on top of real devices. It is used by stuff like the logical volume managers (LVM and EVMS). It is the RIGHT place to put filesystem encryption.

SOOOOO.... flame away, but thats what *I* think.

Chadders :D
Back to top
View user's profile Send private message
hulk2nd
Guru
Guru


Joined: 25 Mar 2003
Posts: 512
Location: Freiburg, Germany

PostPosted: Thu Sep 09, 2004 10:20 pm    Post subject: Reply with quote

well hello chadders, chief encrypter!

that sounds quite interesting besides ive never heard of it. maybe you can describe the whole thing more detailed or provide some links or even write a tutorial since you now best what you are talking about.
as i wrote at the beginnig of the tutorial, this is mainly the same like your old guide, its just more detailed and from time to time i added some extras but the core consists of your guide so it would be really nice if we could keep this up to date.

greets,
hulk
_________________
Linux: "Free as in free speech, not as in free beer"
Back to top
View user's profile Send private message
chadders
Tux's lil' helper
Tux's lil' helper


Joined: 21 Jan 2003
Posts: 113

PostPosted: Fri Sep 10, 2004 4:50 pm    Post subject: Reply with quote

Hi Hulk2nd!

I really liked your howto and this thread. I kind of lurk around sometimes and see what people are doing. You and watersb and steeledan and some other guys make this stuff cool and really make me think, so THANKS!

It is pretty trivial to make dm-crypt work on a encrypted root. Basically the idea is about the same as what Jari Rusuu did with loop-AES. That is to get a kernel loaded, put some stuff in a initrd that makes the real root file system mountable, mount it, and then chroot or pivot root to it. You can put the setup stuff in a program or a script and on ram device or on the boot partition (I like boot partition scripts better because it is lots more flexible and I can fix it easier when I mess up which I do alot).

There is a pretty close Gentoo dm-crypt howto that steeledan did here.

I used it as the starting point on my stuff. I haven't written everything down because usually I just keep hackin away until I understand it and then when I understand it I remember it, then I forget to write it down. I know that doesnt make too much sense but hey thats me! I will make another encrypted root system from the beginning sometime and will take good notes then and put it on here if anyone wants it.

The only tricky part is to make sure you have the libraries on the boot partition that are needed to run whatever is going to get the passphrase, cryptsetup, and mount to run (I put other stuff there too like libraries needed for vi so that I can fix stuff without having to boot up all of knoppix, heh).

Also, there is some good stuff on dm-crypt that Christophe Saout did here.

The thing about dm-crypt thats so good is that it runs as part of the device mapper layer. So it doesn't have to do weird stuff that fakes out VFS or has to worry about what order blocks are written to the disk (like if you are using an encrypted filesystem backed by a journalled file system), and doesn't get real messy with a bunch of kernel patches.

Chadders :D
Back to top
View user's profile Send private message
dh003i2
Tux's lil' helper
Tux's lil' helper


Joined: 10 Mar 2003
Posts: 101
Location: Rochester, NY

PostPosted: Mon Sep 27, 2004 1:09 am    Post subject: having problems compiling the loop.ko module Reply with quote

Err...first, does the new util-linux ebuilds have the loop-aes patches? I looked through the ebuild, and it mentions stuff about a losetup patch.

Also, I'm having problems compiling he loop.ko modules for the kernel. I type downloaded loop-AES-v2.2b.tar.bz2 into /tmp/enc and then did the following:
Code:
cd /tmp/enc
tar jxvf loop-AES-v2.2b.tar.bz2
patch -p0 ./loop-AES-v2.2b/loop.c.-2.2.diff

After I try that, it says
Code:
can't find file to patch at input line 3
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------------
|--- loop.c-2.2.original        Mon Sep 16 21:50:11 2002
|+++ patched-loop.c        Thu Jan 8 17:49:11 2004
--------------------------------

Err, what's going on here?
_________________
Become one with the command-line.
Back to top
View user's profile Send private message
echto
Tux's lil' helper
Tux's lil' helper


Joined: 30 Jun 2002
Posts: 107

PostPosted: Thu Oct 07, 2004 12:15 am    Post subject: Reply with quote

/dev/loop6 was still active - from when you used it to encrypt the partition - and you probably tried to use the same loop device in your /etc/fstab to mount the newly encrypted partition. I bet if you would have done a

ps aux | grep loop

before rebooting you would have seen [loop6] in the output.

Next time try

losetup -d /dev/loop6

to release the loop device before mounting. :)


echto

yottabit wrote:
Can't seem to figure out how to setup swap part with GPG key. I've done this:
Code:
losetup -e AES256 -K /mnt/floppy/rootkey.gpg /dev/loop6 /dev/hda2


I guess this encrypts /dev/loop6 -> /dev/hda2 to my GPG key. It asks for my password, so I guess it worked.

And then I've made the guide-recommended changes to my /etc/fstab, but when I mount /dev/hda2 I get this:
Code:
# mount /dev/hda2
Password:
ioctl: LOOP_SET_FD: Device or resource busy


Any ideas?

Cheers,

J
Back to top
View user's profile Send private message
echto
Tux's lil' helper
Tux's lil' helper


Joined: 30 Jun 2002
Posts: 107

PostPosted: Thu Oct 07, 2004 12:30 am    Post subject: Reply with quote

dd if=/dev/loop0 of=/dev/hda3 bs=64k conv=notrunc



Gruffi wrote:
How do i UNencrypt the filesytem?
Set up the loop device with the right password
Code:
losetup -e AES256 /dev/loop0 /dev/hda3

En then what "dd" command do i use?
Back to top
View user's profile Send private message
schachti
Advocate
Advocate


Joined: 28 Jul 2003
Posts: 3765
Location: Gifhorn, Germany

PostPosted: Mon Oct 11, 2004 12:23 pm    Post subject: Re: [HOWTO] root, swap filesystem encryption for 2.4 and 2.6 Reply with quote

Hi.

hulk2nd wrote:

- get the latest loop-AES from sourceforge.net. at the moment it is
loop-AES-v2.0d. have a look at the Sourceforge.net loop-AES Project if the link is broken or to see if a newer version exists.

- get the latest util-linux (at the moment it is util-linux-2.12) from a gentoo mirror or from kernel.org.
util-linux is also in the portage tree but you have to patch util-linux and i dont know if the ebuild of util-linux contains an entry for the patch. haven't tried it yet but you can try it.

[...]

- extract the util-linux archive into the /tmp/enc/loop-AES-v2.0d/ directory and cd into it (cd /tmp/enc/loop-AES-v2.0d/util-linux-2.12/)
- then type the following commands:
Code:
patch -p1 <../util-linux-2.12.diff
export CFLAGS=-O2
export LDFLAGS='-static -s'
./configure
make SUBDIRS="lib mount"
cd mount
install -m 4755 -o root mount umount /bin
install -m 755 losetup swapon /sbin
rm -f /sbin/swapoff && ( cd /sbin && ln -s swapon swapoff )
rm -f /usr/share/man/man8/{mount,umount,losetup,swapon,swapoff}.8.gz
install -m 644 mount.8 umount.8 losetup.8 /usr/share/man/man8
install -m 644 swapon.8 swapoff.8 /usr/share/man/man8
rm -f /usr/share/man/man5/fstab.5.gz
install -m 644 fstab.5 /usr/share/man/man5



After doing this, I wasn't able to mount my exisiting encrypted partitions any more (which were created by using the unpatched version of util-linux), I get the error

Code:

mount: wrong fs type, bad option, bad superblock on /dev/loop0,
       or too many mounted file systems


After doing

Code:

emerge util-linux


everything works fine again. I use the following code to mount the partitions:

Code:

        losetup -e aes-256 /dev/loop0 /dev/hda4
        losetup -e aes-256 /dev/loop1 /dev/hdc1
        losetup -e aes-256 /dev/loop2 /dev/hdd1

        mount -t ext2 /dev/loop0 /mnt/storage0
        mount -t ext2 /dev/loop1 /mnt/storage1
        mount -t ext2 /dev/loop2 /mnt/storage2


Any idea what might be wrong? I even tried with -e aes256 and so on, but it didn't work...
Back to top
View user's profile Send private message
echo6
Guru
Guru


Joined: 04 Jan 2003
Posts: 587

PostPosted: Thu Oct 14, 2004 10:17 am    Post subject: Reply with quote

Has anyone got any observations relating to vulnerabilities with cryptoloop ?
http://lwn.net/Articles/67216 Andrew Morton will soon be deprecating this in favour of dm-crypt, device mapper http://www.saout.de/misc/dm-crypt/
Back to top
View user's profile Send private message
trent casternovas
n00b
n00b


Joined: 14 Oct 2004
Posts: 1

PostPosted: Sun Oct 31, 2004 11:41 pm    Post subject: /lib/insmod returns error while trying to load loop.ko Reply with quote

ok, i followed the part 3, encrypting your root with gpg right to the tee. but after ive encrypted the root partition and reboot im getting the following error:

Command "/lib/insmod /lib/modules/2.6.7/loop.ko" returned errors

anyone know how this is fixed?
ive tried creating a /lib directory on the /boot partition and copying insmod to that location but that didnt work. any ideas would be very appreciated.
Back to top
View user's profile Send private message
Warped_Dragon
Tux's lil' helper
Tux's lil' helper


Joined: 16 Sep 2004
Posts: 143
Location: Canada Eh?

PostPosted: Sat Dec 11, 2004 6:09 pm    Post subject: Reply with quote

EDIT: Deleted post, was my own stupid mistake...
_________________
I could put my system specs in my sig, but I'm not a plonker, so...
Back to top
View user's profile Send private message
alexander-m
n00b
n00b


Joined: 13 Aug 2004
Posts: 31

PostPosted: Sun Dec 19, 2004 2:46 pm    Post subject: Question to "boot knoppix => encrypt your disc" Reply with quote

Hi

i have some problems with the step where one shoot use a knoppix cd to boot and then encrypt its partitions.
Shouldn't this boot cd have loopaes support included or how is it possible to encrypt with a "knoppix cd".
Do I have tu use a special version of knoppix cd?
Is disc encryption with loopaes (with current patches available on such an "knoppix cd" ?)

Thanks for your answer and the great guide


Alexander
Back to top
View user's profile Send private message
Takker
Tux's lil' helper
Tux's lil' helper


Joined: 17 Mar 2004
Posts: 98
Location: Münster, Germany

PostPosted: Tue Jan 11, 2005 8:39 am    Post subject: Re: [HOWTO] root, swap filesystem encryption for 2.4 and 2.6 Reply with quote

schachti wrote:

- get the latest util-linux

After doing this, I wasn't able to mount my exisiting encrypted partitions any more (which were created by using the unpatched version of util-linux), I get the error

Code:

mount: wrong fs type, bad option, bad superblock on /dev/loop0,
       or too many mounted file systems



Had this one right now. A world update is was the problem. There is a new use flag "old-crypt". Add it to your make.conf, then
Code:
# emerge util-linux

After that you'll find a new mount command for mounting your cryptoloop drive in /sbin:
Code:
# mount-old-crypt /mnt/crypt


Read the util-linux ebuild for more infos:

Quote:
* This version of util-linux includes crypto support
* for loop-aes instead of the old cryptoapi.
* If you need the older support, please re-emerge
* util-linux with USE=old-crypt. This will create
* /sbin/mount-old-crypt and /sbin/losetup-old-crypt.


@Hulk you should add this to your howto and maybe add an information that cryptoloop is "replaced" by dm-crypt.
_________________
Gentoo e.V.
takkahz.de
Gentoo Tips & Tricks
Back to top
View user's profile Send private message
meuk
n00b
n00b


Joined: 27 Feb 2005
Posts: 3

PostPosted: Sun Feb 27, 2005 10:27 pm    Post subject: Reply with quote

Hi All,

Recently I had some problems making loop-AES 3.0b work with kernel 2.4.27. It seems that you need to remove the loop.o and loop.h files from the kernel in order to make losetup work during the boot process.

The loop.o file can be found in linux/drivers/block inside the kernel source and loop.h in include/linux.


Maybe an idea to put this in the tutorial? Saves some people alot of headaches ;)

Laters
Back to top
View user's profile Send private message
Hans P.
n00b
n00b


Joined: 26 Feb 2005
Posts: 3

PostPosted: Tue Mar 01, 2005 12:02 am    Post subject: loop-AES: compile problems with patched gnupg Reply with quote

Hi,

I'm trying to build a root encrypted system with kernel 2.6.10. Compiling of gnupg fails like this:

Code:

# cd gnupg-1.4.0
# patch -p1 <../gnupg-1.4.0.diff
# CFLAGS="-O2" LDFLAGS="-static -s" ./configure --prefix=/usr --enable-static-rnd=linux
# make

[...]
Making all in tools
make[2]: Entering directory `/home/hans/gnupg-1.4.0/tools'
gcc  -O2 -Wall  -static -s -o bftest  bftest.o ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a      -ldl   -lreadline
 ../cipher/libcipher.a(idea-stub.o)(.text+0x2d): In function `load_module':
: warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(complete.o)(.text+0xde1): In function `rl_username_completion_function':
: warning: Using 'getpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(tilde.o)(.text+0x2db): In function`tilde_expand_word':
: warning: Using 'getpwnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(shell.o)(.text+0x102): In function`sh_get_home_dir':
: warning: Using 'getpwuid' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(complete.o)(.text+0xdd3): In function `rl_username_completion_function':
: warning: Using 'setpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(complete.o)(.text+0xe7f): In function `rl_username_completion_function':
: warning: Using 'endpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x72b): In function `rl_redisplay':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x1b3a): In function `update_line':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x235b): In function `_rl_move_cursor_relative':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x23f6): In function `_rl_move_cursor_relative':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2495): In function `_rl_move_vert':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x24e0): more undefined references to `tputs' follow
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x282b): In function `insert_some_chars':
: undefined reference to `tgoto'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2840): In function `insert_some_chars':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x28b7): In function `delete_chars':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x28db): In function `delete_chars':
: undefined reference to `tgoto'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x28f0): In function `delete_chars':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2926): In function `cr':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2e7a): In function `_rl_clear_screen':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2fa6): In function `_rl_redisplay_after_sigwinch':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2fe4): In function `_rl_redisplay_after_sigwinch':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x27f5): more undefined references to `tputs' follow
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0xdd): In function `_rl_get_screen_size':
: undefined reference to `tgetnum'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x152): In function `_rl_get_screen_size':
: undefined reference to `tgetnum'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x264): In function `_rl_init_terminal_io':
: undefined reference to `PC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x34e): In function `_rl_init_terminal_io':
: undefined reference to `BC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x354): In function `_rl_init_terminal_io':
: undefined reference to `UP'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x3cf): In function `_rl_init_terminal_io':
: undefined reference to `tgetent'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x3ff): In function `_rl_init_terminal_io':
: undefined reference to `tgetstr'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x429): In function `_rl_init_terminal_io':
: undefined reference to `PC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x452): In function `_rl_init_terminal_io':
: undefined reference to `UP'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x45a): In function `_rl_init_terminal_io':
: undefined reference to `BC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x465): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x4b9): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x511): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x523): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x856): In function `_rl_backspace':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x929): In function `rl_ding':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x976): In function `_rl_enable_meta_key':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x9ae): In function `_rl_control_keypad':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0xa03): In function `_rl_set_cursor':
: undefined reference to `tputs'
collect2: ld returned 1 exit status
make[2]: *** [bftest] Error 1
make[2]: Leaving directory `/home/hans/gnupg-1.4.0/tools'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/hans/gnupg-1.4.0'
make: *** [all] Error 2


It works without the LDFLAGS - but then I can't expect a statically linked binary...


Please heeeeeeelp!

Hans
Back to top
View user's profile Send private message
Hans P.
n00b
n00b


Joined: 26 Feb 2005
Posts: 3

PostPosted: Tue Mar 01, 2005 12:03 am    Post subject: loop-AES: compile problems with patched gnupg Reply with quote

Hi,

I'm trying to build a root encrypted system with kernel 2.6.10. Compiling of gnupg fails like this:

Code:

# cd gnupg-1.4.0
# patch -p1 <../gnupg-1.4.0.diff
# CFLAGS="-O2" LDFLAGS="-static -s" ./configure --prefix=/usr --enable-static-rnd=linux
# make

[...]
Making all in tools
make[2]: Entering directory `/home/hans/gnupg-1.4.0/tools'
gcc  -O2 -Wall  -static -s -o bftest  bftest.o ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a      -ldl   -lreadline
 ../cipher/libcipher.a(idea-stub.o)(.text+0x2d): In function `load_module':
: warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(complete.o)(.text+0xde1): In function `rl_username_completion_function':
: warning: Using 'getpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(tilde.o)(.text+0x2db): In function`tilde_expand_word':
: warning: Using 'getpwnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(shell.o)(.text+0x102): In function`sh_get_home_dir':
: warning: Using 'getpwuid' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(complete.o)(.text+0xdd3): In function `rl_username_completion_function':
: warning: Using 'setpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(complete.o)(.text+0xe7f): In function `rl_username_completion_function':
: warning: Using 'endpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x72b): In function `rl_redisplay':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x1b3a): In function `update_line':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x235b): In function `_rl_move_cursor_relative':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x23f6): In function `_rl_move_cursor_relative':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2495): In function `_rl_move_vert':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x24e0): more undefined references to `tputs' follow
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x282b): In function `insert_some_chars':
: undefined reference to `tgoto'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2840): In function `insert_some_chars':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x28b7): In function `delete_chars':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x28db): In function `delete_chars':
: undefined reference to `tgoto'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x28f0): In function `delete_chars':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2926): In function `cr':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2e7a): In function `_rl_clear_screen':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2fa6): In function `_rl_redisplay_after_sigwinch':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2fe4): In function `_rl_redisplay_after_sigwinch':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x27f5): more undefined references to `tputs' follow
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0xdd): In function `_rl_get_screen_size':
: undefined reference to `tgetnum'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x152): In function `_rl_get_screen_size':
: undefined reference to `tgetnum'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x264): In function `_rl_init_terminal_io':
: undefined reference to `PC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x34e): In function `_rl_init_terminal_io':
: undefined reference to `BC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x354): In function `_rl_init_terminal_io':
: undefined reference to `UP'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x3cf): In function `_rl_init_terminal_io':
: undefined reference to `tgetent'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x3ff): In function `_rl_init_terminal_io':
: undefined reference to `tgetstr'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x429): In function `_rl_init_terminal_io':
: undefined reference to `PC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x452): In function `_rl_init_terminal_io':
: undefined reference to `UP'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x45a): In function `_rl_init_terminal_io':
: undefined reference to `BC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x465): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x4b9): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x511): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x523): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x856): In function `_rl_backspace':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x929): In function `rl_ding':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x976): In function `_rl_enable_meta_key':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x9ae): In function `_rl_control_keypad':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0xa03): In function `_rl_set_cursor':
: undefined reference to `tputs'
collect2: ld returned 1 exit status
make[2]: *** [bftest] Error 1
make[2]: Leaving directory `/home/hans/gnupg-1.4.0/tools'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/hans/gnupg-1.4.0'
make: *** [all] Error 2


It works without the LDFLAGS - but then I can't expect a statically linked binary...


Please heeeeeeelp!

Hans
Back to top
View user's profile Send private message
TheRelevator
n00b
n00b


Joined: 07 Mar 2005
Posts: 36

PostPosted: Thu Apr 07, 2005 9:32 am    Post subject: Re: [HOWTO] root, swap filesystem encryption for 2.4 and 2.6 Reply with quote

Takker wrote:

Had this one right now. A world update is was the problem. There is a new use flag "old-crypt". Add it to your make.conf, then
Code:
# emerge util-linux

After that you'll find a new mount command for mounting your cryptoloop drive in /sbin:
Code:
# mount-old-crypt /mnt/crypt



Will my / encryption still work after

Code:

emerge util-linux


or do I have to change something in the initial ramdisk?
Back to top
View user's profile Send private message
janne_oksanen
n00b
n00b


Joined: 06 Jul 2004
Posts: 16
Location: Finland

PostPosted: Sun Apr 10, 2005 2:57 pm    Post subject: broken system, password no good Reply with quote

I just finished encrypting my / partition and now when I boot it says my password is no good. I figured it might be a keymap issue so I went back and enebled the keymap option using knoppix. I also copied the default.kmap to /boot as instructed in the build.something script (I forget). Now when I boot it says

Code:
Loading /lib/default.kmap
loadkeys: /lib/default.kmap:7: cannot open include file qwerty-layout
Command "/lib/loadkeys/ /lib/dafault.kmap" returned error


And still it won't let me in. Any ideas before I make a new install?

EDIT:

Here's the error that I get when I'm booting and after I supply my password:

Code:
Error: unable to open /lib/rootkey.gpg for reading
Command "/lib/losetup -e AES128 -I 0 -K /lib/rootkey.gpg -G /lib /dev/loop5 /dev/hda3" returned error

_________________
Running:
Soltek SL-75KAV
Duron 1.8GHz
512 SD-RAM
GeForce4 MX 440 SE with TwinView
Gentoo Linux
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8  Next
Page 7 of 8

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum