View previous topic :: View next topic |
Author |
Message |
angelacb n00b
Joined: 31 Oct 2003 Posts: 50
|
Posted: Sun Jun 13, 2004 10:19 pm Post subject: |
|
|
angelacb wrote: | Hi,
I'm experiencing a very weird problem. I've successfully encrypted my root, swap, etc...
I've been running this machine for 3 months already. I haven't experienced any problems. However, today i try to extract a very large tar file. There's twelve 50 MB rar files within this huge tar file. There's also a checksum file that comes with the tar file in which it will validates all 12 of these large 50 MB rar files.
I've tried to extract these files many different times. Every time after I extracted these rar files from the huge tar file, I check it with the checksum file. And every single time, it gives errors but on different rar files.
The odd thing is, every time I extract from the tar file, different rar files gets corrupted. Therefore, i want to know if this has anything to do with encrypted file system, or is there something I might have done that may cause this error.
Just for the record, I run reiserfs on the loopback device backed by /dev/sdaX.
Best Regards, |
I've tested it with other compression utils and compressing the same set of files and decompressing them on the encrypted file system:
ZIP/UNZIP: no corruptions
RAR/UNRAR: no corruptions
GZIP/UNGZIP: no corruptions
TAR/UNTAR: random corruptions on uncompressed files
TAR+BZIP2/UNTAR+UNBZIP2: random corruptions
I'm wondering if there's something special about tar/untar i have to worry about when i'm working with loop-AES encrypted file systems. Maybe someone experiences similar issues?
Best Regards, _________________ Love Linux, Love Life |
|
Back to top |
|
|
markymarc n00b
Joined: 04 Dec 2003 Posts: 39 Location: Denmark
|
Posted: Tue Jun 15, 2004 8:25 am Post subject: Re: Boot from USB(SOLVED) |
|
|
markymarc wrote: |
Code: | /dev/sda1 failed to mount as /lib |
I get the same error when I try to boot from USB. I follow the guide abort gpg encyrption. And it works fin when BOOTDEV in build-initrd.sh is /dev/discs/disc0/part1 and boot is on the harddrive. But when I put me boot pation on me USB, and sets the BOOTDEV to /dev/discs/disc1/part1 I get the same error as Jeff. Have tryed the same as Jeff with pause no help.
PLS HELP |
Fix the first problem now. Just put bootdev to /dev/discs/disc0/part1.
Now I got a new error, this is the output when I boot on me new initrd:
Code: | VFS: Mounted root (minix filesystem) readonly.
Mounted devfs on /dev
Freeing unused kernel memory: 220k freed
Command "/lib/insmod /lib/modules-2.6.5-gentoo-r1/loop.ko" returned error
System halted | Why is this ?
I have tryed all the steps from the gpg howto, and got it to work. When I put boot on hda1.
Do I have to put some speciel thing in the /boot/ patition or in the build-initrd??
SORRY it was not at loop-AES error. Just me stupidede, forgot to compile all the right stuff in the kernel, for initrd to read from USB drive |
|
Back to top |
|
|
Sh4d0w n00b
Joined: 26 Nov 2003 Posts: 28
|
Posted: Fri Jun 18, 2004 3:16 am Post subject: |
|
|
I followed this guide back with 2.4 and now I'm trying to upgrade my kernel to 2.6.
I've compiled in all the modules listed, but when I try to boot with my 2.6 kernel I get:
Quote: |
Mounted devfs on /dev
Freeing unused kernel memory: 104k freed
Mounting /dev/discs/disc0/part1 as /lib failed
System halted.
|
Any suggestions on what I may need to do? |
|
Back to top |
|
|
Duty Apprentice
Joined: 15 Nov 2003 Posts: 253
|
Posted: Mon Jun 21, 2004 10:26 pm Post subject: |
|
|
Someone in Gentoo Chat tipped me off to this warning in the help blurb for the 'cryptoloop' module:
Quote: | WARNING: This device is not safe for journaled file systems like ext3 or Reiserfs. Please use the Device Mapper crypto module instead, which can be configured to be on-disk compatible with the cryptoloop device. |
Is this something to worry about? |
|
Back to top |
|
|
jeffrice Tux's lil' helper
Joined: 25 Jun 2003 Posts: 89 Location: New York, USA
|
Posted: Thu Jun 24, 2004 2:38 pm Post subject: |
|
|
Duty wrote: | Someone in Gentoo Chat tipped me off to this warning in the help blurb for the 'cryptoloop' module:
Quote: | WARNING: This device is not safe for journaled file systems like ext3 or Reiserfs. Please use the Device Mapper crypto module instead, which can be configured to be on-disk compatible with the cryptoloop device. |
Is this something to worry about? |
I dunno... AESLoop on Reiser4 has been working flawlessly.
Jeff _________________ A computer is like an Old Testament god, with a lot of rules and no mercy. -Joseph Campbell
Kingfisher Athlon-XP: 2.6.7-love8-ck5 +nptl |
|
Back to top |
|
|
hulk2nd Guru
Joined: 25 Mar 2003 Posts: 512 Location: Freiburg, Germany
|
Posted: Fri Jun 25, 2004 8:31 pm Post subject: |
|
|
Duty wrote: | Someone in Gentoo Chat tipped me off to this warning in the help blurb for the 'cryptoloop' module:
Quote: | WARNING: This device is not safe for journaled file systems like ext3 or Reiserfs. Please use the Device Mapper crypto module instead, which can be configured to be on-disk compatible with the cryptoloop device. |
Is this something to worry about? |
also reiserfs hasnt made any probs (at least in my case) _________________ Linux: "Free as in free speech, not as in free beer" |
|
Back to top |
|
|
QuizMasta n00b
Joined: 07 Mar 2004 Posts: 10
|
Posted: Sun Sep 05, 2004 9:51 pm Post subject: |
|
|
I think it's been mentioned before, but to quote the loop-AES.README:
Quote: | Don't use a journaling file system on top of file backed loop device. Device
backed loop device can be used with journaling file systems as device backed
loops guarantee that writes reach disk platters in order required by
journaling file system (write caching must be disabled on the disk drive, of
course). |
In short: If you're encrypting an entire device (/dev/hda3 for instance) it's safe to use journaled filesystems (ReiserFS, ETX3 and so on). _________________ Dr. Frankenstein: Damn your eyes!!
Igor: Too late! |
|
Back to top |
|
|
QuizMasta n00b
Joined: 07 Mar 2004 Posts: 10
|
Posted: Sun Sep 05, 2004 9:59 pm Post subject: loop-AES v2.1c |
|
|
Will the instructions on the first page cover the newer loop-AES (v2.1c)?
Specifically: Do I need the newest pacth for loop-AES in step 3c? _________________ Dr. Frankenstein: Damn your eyes!!
Igor: Too late! |
|
Back to top |
|
|
chadders Tux's lil' helper
Joined: 21 Jan 2003 Posts: 113
|
Posted: Thu Sep 09, 2004 9:51 pm Post subject: Recommend not using loop device based encryption |
|
|
Um, as the creator of one of the first "How to encrypt root, etc" Howto's in these forums, and spending a LOT of time messing around with the loop device driver, loopAES, the cryptoAPI yada yada...
I recommend that people think about using the new device mapper based stuff instead and NOT loop device based stuff. Why? Because it is more righteous, because it works better, because it has a future, and MOSTLY because the whole loop device implementation is one huge ugly kernel hack. There are some dm-crypt how-to's in the Gentoo forums that tell you how to do it. TRY IT YOU WILL BE GLAD YOU DID.
The device manager is a layer of code in 2.6 kernels that lets virtual layers of block devices be created on top of real devices. It is used by stuff like the logical volume managers (LVM and EVMS). It is the RIGHT place to put filesystem encryption.
SOOOOO.... flame away, but thats what *I* think.
Chadders |
|
Back to top |
|
|
hulk2nd Guru
Joined: 25 Mar 2003 Posts: 512 Location: Freiburg, Germany
|
Posted: Thu Sep 09, 2004 10:20 pm Post subject: |
|
|
well hello chadders, chief encrypter!
that sounds quite interesting besides ive never heard of it. maybe you can describe the whole thing more detailed or provide some links or even write a tutorial since you now best what you are talking about.
as i wrote at the beginnig of the tutorial, this is mainly the same like your old guide, its just more detailed and from time to time i added some extras but the core consists of your guide so it would be really nice if we could keep this up to date.
greets,
hulk _________________ Linux: "Free as in free speech, not as in free beer" |
|
Back to top |
|
|
chadders Tux's lil' helper
Joined: 21 Jan 2003 Posts: 113
|
Posted: Fri Sep 10, 2004 4:50 pm Post subject: |
|
|
Hi Hulk2nd!
I really liked your howto and this thread. I kind of lurk around sometimes and see what people are doing. You and watersb and steeledan and some other guys make this stuff cool and really make me think, so THANKS!
It is pretty trivial to make dm-crypt work on a encrypted root. Basically the idea is about the same as what Jari Rusuu did with loop-AES. That is to get a kernel loaded, put some stuff in a initrd that makes the real root file system mountable, mount it, and then chroot or pivot root to it. You can put the setup stuff in a program or a script and on ram device or on the boot partition (I like boot partition scripts better because it is lots more flexible and I can fix it easier when I mess up which I do alot).
There is a pretty close Gentoo dm-crypt howto that steeledan did here.
I used it as the starting point on my stuff. I haven't written everything down because usually I just keep hackin away until I understand it and then when I understand it I remember it, then I forget to write it down. I know that doesnt make too much sense but hey thats me! I will make another encrypted root system from the beginning sometime and will take good notes then and put it on here if anyone wants it.
The only tricky part is to make sure you have the libraries on the boot partition that are needed to run whatever is going to get the passphrase, cryptsetup, and mount to run (I put other stuff there too like libraries needed for vi so that I can fix stuff without having to boot up all of knoppix, heh).
Also, there is some good stuff on dm-crypt that Christophe Saout did here.
The thing about dm-crypt thats so good is that it runs as part of the device mapper layer. So it doesn't have to do weird stuff that fakes out VFS or has to worry about what order blocks are written to the disk (like if you are using an encrypted filesystem backed by a journalled file system), and doesn't get real messy with a bunch of kernel patches.
Chadders |
|
Back to top |
|
|
dh003i2 Tux's lil' helper
Joined: 10 Mar 2003 Posts: 101 Location: Rochester, NY
|
Posted: Mon Sep 27, 2004 1:09 am Post subject: having problems compiling the loop.ko module |
|
|
Err...first, does the new util-linux ebuilds have the loop-aes patches? I looked through the ebuild, and it mentions stuff about a losetup patch.
Also, I'm having problems compiling he loop.ko modules for the kernel. I type downloaded loop-AES-v2.2b.tar.bz2 into /tmp/enc and then did the following:
Code: | cd /tmp/enc
tar jxvf loop-AES-v2.2b.tar.bz2
patch -p0 ./loop-AES-v2.2b/loop.c.-2.2.diff |
After I try that, it says
Code: | can't find file to patch at input line 3
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------------
|--- loop.c-2.2.original Mon Sep 16 21:50:11 2002
|+++ patched-loop.c Thu Jan 8 17:49:11 2004
-------------------------------- |
Err, what's going on here? _________________ Become one with the command-line. |
|
Back to top |
|
|
echto Tux's lil' helper
Joined: 30 Jun 2002 Posts: 108
|
Posted: Thu Oct 07, 2004 12:15 am Post subject: |
|
|
/dev/loop6 was still active - from when you used it to encrypt the partition - and you probably tried to use the same loop device in your /etc/fstab to mount the newly encrypted partition. I bet if you would have done a
ps aux | grep loop
before rebooting you would have seen [loop6] in the output.
Next time try
losetup -d /dev/loop6
to release the loop device before mounting.
echto
yottabit wrote: | Can't seem to figure out how to setup swap part with GPG key. I've done this:
Code: | losetup -e AES256 -K /mnt/floppy/rootkey.gpg /dev/loop6 /dev/hda2 |
I guess this encrypts /dev/loop6 -> /dev/hda2 to my GPG key. It asks for my password, so I guess it worked.
And then I've made the guide-recommended changes to my /etc/fstab, but when I mount /dev/hda2 I get this:
Code: | # mount /dev/hda2
Password:
ioctl: LOOP_SET_FD: Device or resource busy |
Any ideas?
Cheers,
J |
|
|
Back to top |
|
|
echto Tux's lil' helper
Joined: 30 Jun 2002 Posts: 108
|
Posted: Thu Oct 07, 2004 12:30 am Post subject: |
|
|
dd if=/dev/loop0 of=/dev/hda3 bs=64k conv=notrunc
Gruffi wrote: | How do i UNencrypt the filesytem?
Set up the loop device with the right password
Code: | losetup -e AES256 /dev/loop0 /dev/hda3 |
En then what "dd" command do i use? |
|
|
Back to top |
|
|
schachti Advocate
Joined: 28 Jul 2003 Posts: 3765 Location: Gifhorn, Germany
|
Posted: Mon Oct 11, 2004 12:23 pm Post subject: Re: [HOWTO] root, swap filesystem encryption for 2.4 and 2.6 |
|
|
Hi.
hulk2nd wrote: |
- get the latest loop-AES from sourceforge.net. at the moment it is
loop-AES-v2.0d. have a look at the Sourceforge.net loop-AES Project if the link is broken or to see if a newer version exists.
- get the latest util-linux (at the moment it is util-linux-2.12) from a gentoo mirror or from kernel.org.
util-linux is also in the portage tree but you have to patch util-linux and i dont know if the ebuild of util-linux contains an entry for the patch. haven't tried it yet but you can try it.
[...]
- extract the util-linux archive into the /tmp/enc/loop-AES-v2.0d/ directory and cd into it (cd /tmp/enc/loop-AES-v2.0d/util-linux-2.12/)
- then type the following commands:
Code: | patch -p1 <../util-linux-2.12.diff
export CFLAGS=-O2
export LDFLAGS='-static -s'
./configure
make SUBDIRS="lib mount"
cd mount
install -m 4755 -o root mount umount /bin
install -m 755 losetup swapon /sbin
rm -f /sbin/swapoff && ( cd /sbin && ln -s swapon swapoff )
rm -f /usr/share/man/man8/{mount,umount,losetup,swapon,swapoff}.8.gz
install -m 644 mount.8 umount.8 losetup.8 /usr/share/man/man8
install -m 644 swapon.8 swapoff.8 /usr/share/man/man8
rm -f /usr/share/man/man5/fstab.5.gz
install -m 644 fstab.5 /usr/share/man/man5
|
|
After doing this, I wasn't able to mount my exisiting encrypted partitions any more (which were created by using the unpatched version of util-linux), I get the error
Code: |
mount: wrong fs type, bad option, bad superblock on /dev/loop0,
or too many mounted file systems
|
After doing
everything works fine again. I use the following code to mount the partitions:
Code: |
losetup -e aes-256 /dev/loop0 /dev/hda4
losetup -e aes-256 /dev/loop1 /dev/hdc1
losetup -e aes-256 /dev/loop2 /dev/hdd1
mount -t ext2 /dev/loop0 /mnt/storage0
mount -t ext2 /dev/loop1 /mnt/storage1
mount -t ext2 /dev/loop2 /mnt/storage2
|
Any idea what might be wrong? I even tried with -e aes256 and so on, but it didn't work... |
|
Back to top |
|
|
echo6 Guru
Joined: 04 Jan 2003 Posts: 587
|
|
Back to top |
|
|
trent casternovas n00b
Joined: 14 Oct 2004 Posts: 1
|
Posted: Sun Oct 31, 2004 11:41 pm Post subject: /lib/insmod returns error while trying to load loop.ko |
|
|
ok, i followed the part 3, encrypting your root with gpg right to the tee. but after ive encrypted the root partition and reboot im getting the following error:
Command "/lib/insmod /lib/modules/2.6.7/loop.ko" returned errors
anyone know how this is fixed?
ive tried creating a /lib directory on the /boot partition and copying insmod to that location but that didnt work. any ideas would be very appreciated. |
|
Back to top |
|
|
Warped_Dragon Apprentice
Joined: 16 Sep 2004 Posts: 158 Location: Canada Eh?
|
Posted: Sat Dec 11, 2004 6:09 pm Post subject: |
|
|
EDIT: Deleted post, was my own stupid mistake... _________________ No. |
|
Back to top |
|
|
alexander-m n00b
Joined: 13 Aug 2004 Posts: 31
|
Posted: Sun Dec 19, 2004 2:46 pm Post subject: Question to "boot knoppix => encrypt your disc" |
|
|
Hi
i have some problems with the step where one shoot use a knoppix cd to boot and then encrypt its partitions.
Shouldn't this boot cd have loopaes support included or how is it possible to encrypt with a "knoppix cd".
Do I have tu use a special version of knoppix cd?
Is disc encryption with loopaes (with current patches available on such an "knoppix cd" ?)
Thanks for your answer and the great guide
Alexander |
|
Back to top |
|
|
Takker Tux's lil' helper
Joined: 17 Mar 2004 Posts: 98 Location: Münster, Germany
|
Posted: Tue Jan 11, 2005 8:39 am Post subject: Re: [HOWTO] root, swap filesystem encryption for 2.4 and 2.6 |
|
|
schachti wrote: |
- get the latest util-linux
After doing this, I wasn't able to mount my exisiting encrypted partitions any more (which were created by using the unpatched version of util-linux), I get the error
Code: |
mount: wrong fs type, bad option, bad superblock on /dev/loop0,
or too many mounted file systems
|
|
Had this one right now. A world update is was the problem. There is a new use flag "old-crypt". Add it to your make.conf, then
Code: | # emerge util-linux |
After that you'll find a new mount command for mounting your cryptoloop drive in /sbin:
Code: | # mount-old-crypt /mnt/crypt |
Read the util-linux ebuild for more infos:
Quote: | * This version of util-linux includes crypto support
* for loop-aes instead of the old cryptoapi.
* If you need the older support, please re-emerge
* util-linux with USE=old-crypt. This will create
* /sbin/mount-old-crypt and /sbin/losetup-old-crypt. |
@Hulk you should add this to your howto and maybe add an information that cryptoloop is "replaced" by dm-crypt. _________________ Gentoo e.V.
takkahz.de
Gentoo Tips & Tricks |
|
Back to top |
|
|
meuk n00b
Joined: 27 Feb 2005 Posts: 3
|
Posted: Sun Feb 27, 2005 10:27 pm Post subject: |
|
|
Hi All,
Recently I had some problems making loop-AES 3.0b work with kernel 2.4.27. It seems that you need to remove the loop.o and loop.h files from the kernel in order to make losetup work during the boot process.
The loop.o file can be found in linux/drivers/block inside the kernel source and loop.h in include/linux.
Maybe an idea to put this in the tutorial? Saves some people alot of headaches
Laters |
|
Back to top |
|
|
Hans P. n00b
Joined: 26 Feb 2005 Posts: 3
|
Posted: Tue Mar 01, 2005 12:02 am Post subject: loop-AES: compile problems with patched gnupg |
|
|
Hi,
I'm trying to build a root encrypted system with kernel 2.6.10. Compiling of gnupg fails like this:
Code: |
# cd gnupg-1.4.0
# patch -p1 <../gnupg-1.4.0.diff
# CFLAGS="-O2" LDFLAGS="-static -s" ./configure --prefix=/usr --enable-static-rnd=linux
# make
[...]
Making all in tools
make[2]: Entering directory `/home/hans/gnupg-1.4.0/tools'
gcc -O2 -Wall -static -s -o bftest bftest.o ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a -ldl -lreadline
../cipher/libcipher.a(idea-stub.o)(.text+0x2d): In function `load_module':
: warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(complete.o)(.text+0xde1): In function `rl_username_completion_function':
: warning: Using 'getpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(tilde.o)(.text+0x2db): In function`tilde_expand_word':
: warning: Using 'getpwnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(shell.o)(.text+0x102): In function`sh_get_home_dir':
: warning: Using 'getpwuid' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(complete.o)(.text+0xdd3): In function `rl_username_completion_function':
: warning: Using 'setpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(complete.o)(.text+0xe7f): In function `rl_username_completion_function':
: warning: Using 'endpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x72b): In function `rl_redisplay':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x1b3a): In function `update_line':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x235b): In function `_rl_move_cursor_relative':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x23f6): In function `_rl_move_cursor_relative':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2495): In function `_rl_move_vert':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x24e0): more undefined references to `tputs' follow
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x282b): In function `insert_some_chars':
: undefined reference to `tgoto'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2840): In function `insert_some_chars':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x28b7): In function `delete_chars':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x28db): In function `delete_chars':
: undefined reference to `tgoto'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x28f0): In function `delete_chars':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2926): In function `cr':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2e7a): In function `_rl_clear_screen':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2fa6): In function `_rl_redisplay_after_sigwinch':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2fe4): In function `_rl_redisplay_after_sigwinch':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x27f5): more undefined references to `tputs' follow
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0xdd): In function `_rl_get_screen_size':
: undefined reference to `tgetnum'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x152): In function `_rl_get_screen_size':
: undefined reference to `tgetnum'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x264): In function `_rl_init_terminal_io':
: undefined reference to `PC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x34e): In function `_rl_init_terminal_io':
: undefined reference to `BC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x354): In function `_rl_init_terminal_io':
: undefined reference to `UP'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x3cf): In function `_rl_init_terminal_io':
: undefined reference to `tgetent'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x3ff): In function `_rl_init_terminal_io':
: undefined reference to `tgetstr'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x429): In function `_rl_init_terminal_io':
: undefined reference to `PC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x452): In function `_rl_init_terminal_io':
: undefined reference to `UP'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x45a): In function `_rl_init_terminal_io':
: undefined reference to `BC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x465): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x4b9): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x511): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x523): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x856): In function `_rl_backspace':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x929): In function `rl_ding':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x976): In function `_rl_enable_meta_key':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x9ae): In function `_rl_control_keypad':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0xa03): In function `_rl_set_cursor':
: undefined reference to `tputs'
collect2: ld returned 1 exit status
make[2]: *** [bftest] Error 1
make[2]: Leaving directory `/home/hans/gnupg-1.4.0/tools'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/hans/gnupg-1.4.0'
make: *** [all] Error 2
|
It works without the LDFLAGS - but then I can't expect a statically linked binary...
Please heeeeeeelp!
Hans |
|
Back to top |
|
|
Hans P. n00b
Joined: 26 Feb 2005 Posts: 3
|
Posted: Tue Mar 01, 2005 12:03 am Post subject: loop-AES: compile problems with patched gnupg |
|
|
Hi,
I'm trying to build a root encrypted system with kernel 2.6.10. Compiling of gnupg fails like this:
Code: |
# cd gnupg-1.4.0
# patch -p1 <../gnupg-1.4.0.diff
# CFLAGS="-O2" LDFLAGS="-static -s" ./configure --prefix=/usr --enable-static-rnd=linux
# make
[...]
Making all in tools
make[2]: Entering directory `/home/hans/gnupg-1.4.0/tools'
gcc -O2 -Wall -static -s -o bftest bftest.o ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a -ldl -lreadline
../cipher/libcipher.a(idea-stub.o)(.text+0x2d): In function `load_module':
: warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(complete.o)(.text+0xde1): In function `rl_username_completion_function':
: warning: Using 'getpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(tilde.o)(.text+0x2db): In function`tilde_expand_word':
: warning: Using 'getpwnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(shell.o)(.text+0x102): In function`sh_get_home_dir':
: warning: Using 'getpwuid' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(complete.o)(.text+0xdd3): In function `rl_username_completion_function':
: warning: Using 'setpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(complete.o)(.text+0xe7f): In function `rl_username_completion_function':
: warning: Using 'endpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x72b): In function `rl_redisplay':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x1b3a): In function `update_line':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x235b): In function `_rl_move_cursor_relative':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x23f6): In function `_rl_move_cursor_relative':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2495): In function `_rl_move_vert':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x24e0): more undefined references to `tputs' follow
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x282b): In function `insert_some_chars':
: undefined reference to `tgoto'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2840): In function `insert_some_chars':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x28b7): In function `delete_chars':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x28db): In function `delete_chars':
: undefined reference to `tgoto'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x28f0): In function `delete_chars':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2926): In function `cr':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2e7a): In function `_rl_clear_screen':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2fa6): In function `_rl_redisplay_after_sigwinch':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x2fe4): In function `_rl_redisplay_after_sigwinch':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(display.o)(.text+0x27f5): more undefined references to `tputs' follow
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0xdd): In function `_rl_get_screen_size':
: undefined reference to `tgetnum'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x152): In function `_rl_get_screen_size':
: undefined reference to `tgetnum'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x264): In function `_rl_init_terminal_io':
: undefined reference to `PC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x34e): In function `_rl_init_terminal_io':
: undefined reference to `BC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x354): In function `_rl_init_terminal_io':
: undefined reference to `UP'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x3cf): In function `_rl_init_terminal_io':
: undefined reference to `tgetent'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x3ff): In function `_rl_init_terminal_io':
: undefined reference to `tgetstr'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x429): In function `_rl_init_terminal_io':
: undefined reference to `PC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x452): In function `_rl_init_terminal_io':
: undefined reference to `UP'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x45a): In function `_rl_init_terminal_io':
: undefined reference to `BC'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x465): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x4b9): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x511): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x523): In function `_rl_init_terminal_io':
: undefined reference to `tgetflag'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x856): In function `_rl_backspace':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x929): In function `rl_ding':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x976): In function `_rl_enable_meta_key':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0x9ae): In function `_rl_control_keypad':
: undefined reference to `tputs'
/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/../../../libreadline.a(terminal.o)(.text+0xa03): In function `_rl_set_cursor':
: undefined reference to `tputs'
collect2: ld returned 1 exit status
make[2]: *** [bftest] Error 1
make[2]: Leaving directory `/home/hans/gnupg-1.4.0/tools'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/hans/gnupg-1.4.0'
make: *** [all] Error 2
|
It works without the LDFLAGS - but then I can't expect a statically linked binary...
Please heeeeeeelp!
Hans |
|
Back to top |
|
|
TheRelevator n00b
Joined: 07 Mar 2005 Posts: 36
|
Posted: Thu Apr 07, 2005 9:32 am Post subject: Re: [HOWTO] root, swap filesystem encryption for 2.4 and 2.6 |
|
|
Takker wrote: |
Had this one right now. A world update is was the problem. There is a new use flag "old-crypt". Add it to your make.conf, then
Code: | # emerge util-linux |
After that you'll find a new mount command for mounting your cryptoloop drive in /sbin:
Code: | # mount-old-crypt /mnt/crypt |
|
Will my / encryption still work after
or do I have to change something in the initial ramdisk? |
|
Back to top |
|
|
janne_oksanen n00b
Joined: 06 Jul 2004 Posts: 16 Location: Finland
|
Posted: Sun Apr 10, 2005 2:57 pm Post subject: broken system, password no good |
|
|
I just finished encrypting my / partition and now when I boot it says my password is no good. I figured it might be a keymap issue so I went back and enebled the keymap option using knoppix. I also copied the default.kmap to /boot as instructed in the build.something script (I forget). Now when I boot it says
Code: | Loading /lib/default.kmap
loadkeys: /lib/default.kmap:7: cannot open include file qwerty-layout
Command "/lib/loadkeys/ /lib/dafault.kmap" returned error |
And still it won't let me in. Any ideas before I make a new install?
EDIT:
Here's the error that I get when I'm booting and after I supply my password:
Code: | Error: unable to open /lib/rootkey.gpg for reading
Command "/lib/losetup -e AES128 -I 0 -K /lib/rootkey.gpg -G /lib /dev/loop5 /dev/hda3" returned error
|
_________________ Running:
Soltek SL-75KAV
Duron 1.8GHz
512 SD-RAM
GeForce4 MX 440 SE with TwinView
Gentoo Linux |
|
Back to top |
|
|
|