LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   probs with cryptsetup (http://www.linuxquestions.org/questions/linux-security-4/probs-with-cryptsetup-406040/)

ankscorek 01-21-2006 12:17 AM

probs with cryptsetup
 
helo i am following this link

http://www.linuxquestions.org/linux/...ted_Containers


here is the output of my modules


[root@anks~]# modprobe -v aes
insmod /lib/modules/2.6.12/kernel/arch/i386/crypto/aes-i586.ko
[root@anks~]# modprobe -v dm-crypt
insmod /lib/modules/2.6.12/kernel/drivers/md/dm-mod.ko
insmod /lib/modules/2.6.12/kernel/drivers/md/dm-crypt.ko


also device mapper is installed

i downloaded cryptsetup-luks-1.0.1-i486-2cf.tgz from slackware packages site

#installpkg cryptsetup-luks-1.0.1-i486-2cf.tgz

installed the script

but when i tried running cryptsetup i got the foll errors


[root@anks/mnt/hd/security]# cryptsetup
cryptsetup: error while loading shared libraries: libdevmapper.so.1.01: cannot open shared object file: No such file or directory


how to resolve it please

nx5000 01-23-2006 04:14 AM

Install libdevmapper1.01 or libdevmapper1.02

ankscorek 01-23-2006 01:12 PM

from whjere?

nx5000 01-24-2006 02:07 AM

depends on the distro you are using.
on distro using apt
Code:

apt-get install libdevmapper1.01
on distro using rpm
http://rpmfind.net/linux/rpm2html/se...submit=Search+...

... don't know the rest

ankscorek 02-09-2006 08:27 AM

have done everything successfully that is required to create an encrypted file system
i am following this link

http://gentoo-wiki.com/SECURITY_Encr..._with_DM-Crypt

my lilo.conf

# Partition 1: Linux GUI mode
image = /boot/vmlinuz
root = /dev/hdb1
label = linux
append = ""
read-only

# Partition 2: Linux
image = /boot/vmlinuz-2.6.12
root = /dev/hdb1
label = 2.6.12
append = ""
read-only
# Partition 3: Linux
image = /boot/tamu/vmlinuz-slackware-hda1
root = /dev/hda1
label = slackware-hda1
read-only

# Partition 4: Linux
image = /boot/vmlinuz-2.6.12
root = /dev/ram0
#init=/linuxrc
initrd=/boot/myinitrd
label = vector-hdb5
read-only

partition 4 is my encrypted partition.. when i do this
#lilo
i get no error

when i try to boot into this crypted fs i get a kernel panic saying that no init found..

pl help

and yes i forgot here is the o/p of

#lilo -v

LILO version 22.5.9, Copyright (C) 1992-1998 Werner Almesberger
Development beyond version 21 Copyright (C) 1999-2004 John Coffman
Released 08-Apr-2004 and compiled at 00:18:50 on May 21 2004.

Warning: LBA32 addressing assumed
Reading boot sector from /dev/hda
Warning: Kernel & BIOS return differing head/sector geometries for device 0x80
Kernel: 38792 cylinders, 16 heads, 63 sectors
BIOS: 1023 cylinders, 240 heads, 63 sectors
Warning: Kernel & BIOS return differing head/sector geometries for device 0x81
Kernel: 16383 cylinders, 255 heads, 63 sectors
BIOS: 1023 cylinders, 240 heads, 63 sectors
Using BITMAP secondary loader
Calling map_insert_data
Warning: The boot sector and map file are on different disks.
Mapping bitmap file /boot/bitmap/boot.bmp -> boot-shine256.bmp
Calling map_insert_file

Boot image: /boot/vmlinuz -> vmlinuz-scsi-2.4.29
Added linux *

Boot image: /boot/vmlinuz-2.6.12
Added 2.6.12

Boot image: /boot/tamu/vmlinuz-slackware-hda1
Added slackware-hda1

Boot image: /boot/vmlinuz-2.6.12
Mapping RAM disk /boot/myinitrd
Added vector-hdb5

Writing boot sector.
/boot/boot.0300 exists - no boot sector backup copy made.

i am using vector linux

am reading the link i provided above

it tells to give a linuxrc script in the initrd image itself i did exactly that here is my /linuxrc
#!/bin/sh
export PATH=/bin:/sbin

# Get cmdline from proc
mount -t proc proc /proc
CMDLINE=`cat /proc/cmdline`
# Create /dev/mapper/control nod for udev systems
sh devmap_mknod.sh
umount /proc

# Mount real root and change to it
sleep 1
cryptsetup -y luksOpen /dev/hdb5 root
while test $? -ne 0; do
cryptsetup -y luksOpen /dev/hdb5 root;
done
# If you use JFS, check the filesystem before mounting to make sure it's clean.
# If it's not clean, mounting will fail.
# fsck.jfs /dev/mapper/root
mount /dev/mapper/root /new
cd /new
mkdir initrd
pivot_root . initrd

# Start init and flush ram device
exec chroot . /bin/sh <<- EOF >/dev/console 2>&1
umount initrd
rm -rf initrd
blockdev --flushbufs /dev/ram0
exec /sbin/init ${CMDLINE}
EOF

i have encrypted hdb5 partition

here is the /linuxrc script that i had added in the initrd.gz
#!/bin/sh
export PATH=/bin:/sbin

# Get cmdline from proc
mount -t proc proc /proc
CMDLINE=`cat /proc/cmdline`
# Create /dev/mapper/control nod for udev systems
sh devmap_mknod.sh
umount /proc

# Mount real root and change to it
sleep 1
cryptsetup -y luksOpen /dev/hdb5 root
while test $? -ne 0; do
cryptsetup -y luksOpen /dev/hdb5 root;
done
# If you use JFS, check the filesystem before mounting to make sure it's clean.
# If it's not clean, mounting will fail.
# fsck.jfs /dev/mapper/root
mount /dev/mapper/root /new
cd /new
mkdir initrd
pivot_root . initrd

# Start init and flush ram device
exec chroot . /bin/sh <<- EOF >/dev/console 2>&1
umount initrd
rm -rf initrd
blockdev --flushbufs /dev/ram0
exec /sbin/init ${CMDLINE}
EOF

pl comment and help me out

well the iso image command worked only problem was i was making wrong usage of these \ switches

i funally got it working..i am moving ahead to encrypt the root fs pl see this link i am almost done the only problem i am facing is getting the initrd to work right for slackware..

pl see this

http://kerneltrap.org/node/6146

ankscorek 02-15-2006 04:13 AM

folow this link major debugging done here

last step to be done

http://www.linuxpackages.net/forum/v...?p=75358#75358


All times are GMT -5. The time now is 09:12 AM.