search

dyne / tomb

the Crypto Undertaker
https://dyne.org/software/tomb
GNU General Public License v3.0
1.32k stars 150 forks source link

tomb close tc.tomb doesn't close tc.tomb #321

Open stevelitt opened 5 years ago

stevelitt commented 5 years ago

What am I doing wrong?

tomb close tc.tomb

tomb [E] There is no open tomb to be closed.

( Then I successfully opened tc.tomb onto /media/tc )

tomb close -k tc.tomb.key tc.tomb

tomb [E] There is no open tomb to be closed.

ls /dev/mapper

control tomb.tc.1538336392.loop0 tomb.tc.1538337069.loop1

mount | grep loop

/dev/mapper/tomb.tc.1538336392.loop0 on /media/tc type ext4 (rw,nodev,noatime) /dev/mapper/tomb.tc.1538337069.loop1 on /media/tc type ext4 (rw,nodev,noatime) #

OTHER INFO... Void Linux, up to date as of this morning.

[root@mydesk ~]# uname -a Linux mydesk 4.18.11_1 #1 SMP PREEMPT Sat Sep 29 11:55:22 UTC 2018 x86_64 GNU/Linux [root@mydesk ~]#

Sudo version 1.8.25p1 cryptsetup 2.0.4 pinentry-curses (pinentry) 1.1.0 Copyright (C) 2016 g10 Code GmbH License GPLv2+: GNU GPL version 2 or later https://www.gnu.org/licenses/ This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. findmnt from util-linux 2.32.1 gpg (GnuPG) 1.4.23 - key forging algorithms (GnuPG symmetric ciphers): /usr/bin/gpg IDEA 3DES CAST5 BLOWFISH AES AES192 AES256 TWOFISH CAMELLIA128 CAMELLIA192 CAMELLIA256

roddhjav commented 5 years ago

Hi, can you try with the following command and provide us with its output:

tomb -D close tc
stevelitt commented 5 years ago

https://pastebin.com/iNUYMnnN

[root@mydesk dovecot]# cat tombclose.txt tomb [D] Identified caller: root (0:0) tomb [D] Tomb command: close tc.tomb tomb [D] Caller: uid[0], gid[0], tty[/dev/pts/4]. tomb [D] Temporary directory: /tmp/zsh tomb [E] There is no open tomb to be closed. [root@mydesk dovecot]#

And then...

[root@mydesk dovecot]# ls -ldF /tmp/zsh drwxrwxrwt 2 root root 40 Sep 30 15:51 /tmp/zsh/ [root@mydesk dovecot]#

roddhjav commented 5 years ago

Ok, it's because tomb close takes as argument the tomb name (tc) and not the tomb path (tc.tomb). So simply do tomb close tc and it should work.

Alternatively, you can also do tomb close or tomb close all to close all the opened tomb. You can also use tomb list to list the opened tomb.

jaromil commented 5 years ago

hi Steve! indeed that should be it. Lets add support for this corner case however, close could detect and strip the .tomb extension passed on command line.

stevelitt commented 5 years ago

Where can I find a tomb mailing list or even better a tomb IRC channel?

stevelitt commented 5 years ago

Thanks for the info. I never would have thought of just using "tc". Thanks!

jaromil commented 5 years ago

There was a list once used, but not anymore (silent since years) for all things crypto at dyne that is https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/crypto best is anyway IRC channel #dyne on our server irc.dyne.org

stevelitt commented 5 years ago

Thank you for the tomb close -D, tomb close, tomb close tc (in my example) and the tomb list commands. I managed to close the thing with tomb slam (it had said something was still using it). However, there's still left over /dev/mapper/tomb.tc.1538337069.loop1 (the loop 0 one was closed by the tomb commands). How do I get rid of that mapper file? losetup -d /dev/loop1 didn't do it.

Thanks!

jaromil commented 5 years ago

Ack, slam sometimes fails on that. Mapper volumes should be closed by cryptsetup luksClose but when the loopback is missing underneath they may be left hanging.

jaromil commented 3 days ago

Revisiting this, we should support also full filename (with .tomb extension) in close and slam commands, as it is rather intuitive and has path completion. This can be supported both on relative and absolute paths: argument to full file path.