From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <heiko.rosemann@web.de>
Received: from mail.saout.de ([127.0.0.1])
 by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id b0WKcafAQmAk for <dm-crypt@saout.de>;
 Sun,  9 Feb 2014 11:46:40 +0100 (CET)
Received: from mout.web.de (mout.web.de [212.227.15.14])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
 (No client certificate requested)
 by mail.saout.de (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Sun,  9 Feb 2014 11:46:40 +0100 (CET)
Received: from [192.168.123.201] ([78.48.57.238]) by smtp.web.de (mrweb102)
 with ESMTPSA (Nemesis) id 0M3T1Y-1VLilL2CNE-00qwwL for <dm-crypt@saout.de>;
 Sun, 09 Feb 2014 11:46:39 +0100
Message-ID: <52F75C8C.6050702@web.de>
Date: Sun, 09 Feb 2014 11:46:36 +0100
From: Heiko Rosemann <heiko.rosemann@web.de>
MIME-Version: 1.0
References: <20140209094156.17061eb4@opensuse.site>
In-Reply-To: <20140209094156.17061eb4@opensuse.site>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Subject: Re: [dm-crypt] crypttab "tmp" option and /tmp 1777 permissions
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/09/2014 06:41 AM, Andrey Borzenkov wrote:
> Interesting thread=20
> https://forums.opensuse.org/showthread.php/495266-After-update-root-wor=
ks-but-not-regular-user
> which boils down to following:
>=20
> user is using "tmp" option for /tmp crypto container in
> /etc/crypttab (in this case it seems it was created by installer
> without user even realizing it). This recreates filesystem every
> time, this resetting permissions of fs root to default. It in turn
> breaks KDM which needs /tmp to be writable.
>=20
> I wonder what is the proper place to fix it. Reading crypttab
> manual, it says [...]

Cryptsetup/dm-crypt is not responsible for reading /etc/crypttab,
creating the filesystem and/or adjusting the permissions. This is left
to the distro maintainers (or maybe that know-it-all systemd - my
Slackware box has neither an /etc/crypttab nor systemd).

Even more so if the mapping is configured by the installer.

Best Regards,

Heiko

- --=20
eMails verschl=FCsseln mit PGP - privacy is your right!
Mein PGP-Key zur Verifizierung: http://pgp.mit.edu

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlL3XIgACgkQ/Vb5NagElAWruQCfc8kylSzBxHTIYd2fClLdbFPt
w/MAn0fiCAjY9MIn8w7kOB1I2dCKVvdu
=3DTq9o
-----END PGP SIGNATURE-----