ecryptfs team mailing list archive

Thread
Date

[Bug 400484] Re: unable to show the contents of my kernel keyring

To: ecryptfs@xxxxxxxxxxxxxxxxxxx
From: Serge Hallyn <serge.hallyn@xxxxxxxxx>
Date: Wed, 22 Jul 2009 17:29:19 -0000
Reply-to: Bug 400484 <400484@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

I can't reproduce this as yet.  With a plain, fresh pull from Linus' tree on a rhel5.3 system,
I get the following.  Can you confirm that in your case, with the commands below, you do
not see the last line in the 'keyctl show' output?

with user namespaces:

[root@linuz11 ~]# keyctl add user mykey stuff @u
743079327
[root@linuz11 ~]# keyctl list @u
1 key in keyring:
743079327: --alswrv     0     0 user: mykey
[root@linuz11 ~]# keyctl show
Session Keyring
       -3 --alswrv      0     0  keyring: _ses
713825872 --alswrv      0    -1   \_ keyring: _uid.0
743079327 --alswrv      0     0       \_ user: mykey
[root@linuz11 ~]# uname -a
Linux linuz11.watson.ibm.com 2.6.31-rc3-00157-gaea1f79 #582 SMP Wed Jul 22 13:14:37 EDT 2009 s390x s390x s390x GNU/Linux

without user namespaces:

[root@linuz11 ~]# keyctl add user mykey stuff @u
113989424
[root@linuz11 ~]# keyctl list @u
1 key in keyring:
113989424: --alswrv     0     0 user: mykey
[root@linuz11 ~]# keyctl show
Session Keyring
       -3 --alswrv      0     0  keyring: _ses
653741632 --alswrv      0    -1   \_ keyring: _uid.0
113989424 --alswrv      0     0       \_ user: mykey

-- 
unable to show the contents of my kernel keyring
https://bugs.launchpad.net/bugs/400484
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in “ecryptfs-utils” package in Ubuntu: Fix Released
Status in “keyutils” package in Ubuntu: New
Status in “linux” package in Ubuntu: In Progress

Bug description:
Running the command:
 $ keyctl show

I should see something like the following:
kirkland@t61p:~$ keyctl show
Session Keyring
       -3 --alswrv   1000    -1  keyring: _uid_ses.1000
698440950 --alswrv   1000    -1   \_ keyring: _uid.1000
575594151 --alswrv   1000     0       \_ user: 67354f2e3a6c1216
940463712 --alswrv   1000     0       \_ user: 1cb12fd405033223

And this is true, if I run the Jaunty 2.6.28 kernel on Karmic.

However, this is completely broken with the 2.6.31 Karmic kernel.

kirkland@x200:~$ keyctl show
Session Keyring
       -3 --alswrv   1000  1000  keyring: _ses


Major regression.  Hoses ecryptfs, which relies on keyutils.

:-Dustin

ProblemType: Bug
Architecture: amd64
Date: Thu Jul 16 21:32:48 2009
DistroRelease: Ubuntu 9.10
MachineType: LENOVO 7454CTO
Package: linux-image-2.6.31-3-generic 2.6.31-3.19
ProcCmdLine: root=UUID=d45ce184-de1d-48ac-a143-44ab4432a207 ro quiet splash
ProcEnviron:
 PATH=(custom, user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-3.19-generic
RelatedPackageVersions: linux-backports-modules-2.6.31-3-generic N/A
SourcePackage: linux
Uname: Linux 2.6.31-3-generic x86_64
dmi.bios.date: 04/22/2009
dmi.bios.vendor: LENOVO
dmi.bios.version: 6DET44WW (2.08 )
dmi.board.name: 7454CTO
dmi.board.vendor: LENOVO
dmi.board.version: Not Available
dmi.chassis.asset.tag: No Asset Information
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.version: Not Available
dmi.modalias: dmi:bvnLENOVO:bvr6DET44WW(2.08):bd04/22/2009:svnLENOVO:pn7454CTO:pvrThinkPadX200:rvnLENOVO:rn7454CTO:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable:
dmi.product.name: 7454CTO
dmi.product.version: ThinkPad X200
dmi.sys.vendor: LENOVO

Follow ups

Re: [Bug 400484] Re: unable to show the contents of my kernel keyring
From: Dustin Kirkland, 2009-07-22