[Bug 1968636] Re: cryptroot-unlock doesn't work at all when terminal width is below 51

Adam Vodopjan 1968636 at bugs.launchpad.net
Tue Dec 13 23:47:22 UTC 2022 

@irkandur

> Btw, this issue may be more linked to the cryptsetup-initramfs
package?

cryptsetup is the source package for cryptsetup-initramfs

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1968636

Title:
  cryptroot-unlock doesn't work at all when terminal width is below 51

Status in cryptsetup package in Ubuntu:
  Confirmed

Bug description:
  I'm speaking about ubuntu 20.04.4 with cryptsetup 2:2.2.2-3ubuntu2.4.
  The behaviour is the same in ubuntu 22.04. I havent tried 18.04 and
  older LTS, probably the same problem there as well.

  So I have your usual setup with luks encrypted root. I've installed
  dropbear-initramfs to make it remotely unlockable, set everything up
  and tried to unlock it connecting from termux with my phone. When I
  ran cryptroot-unlock it kept silent (not even the prompt) for some
  secs and quit with such error:

      Error: Timeout reached while waiting for askpass.

  Long story short: if I rotated the phone everything worked as
  supposed.

  I tracked it down to this piece in cryptroot-unlock:

      # Print the list of PIDs the executed command of which is $exe.
      pgrep_exe() {
          local exe pid
          exe="$(readlink -f -- "$1" 2>/dev/null)" && [ -f "$exe" ] || return 0
          ps | awk '{print $1, $5}' | while read LINE; do
              set $LINE
              local pid=$1
              local cmd=$(readlink -f -- "$2")
              if [ "$cmd" == "$exe" ]; then
                  echo $pid
                  break
              fi
          done
      }

  Notice it walks through "ps" (busybox one) lines which adapts its
  output to the terminal width. Check out this shell session:

      > stty size
      40 115
      > /usr/lib/initramfs-tools/bin/busybox ps | grep '[b]usybox'
      18944 account   2804 R    /usr/lib/initramfs-tools/bin/busybox ps
      ## resize the terminal width to 50
      > stty size
      40 50
      > /usr/lib/initramfs-tools/bin/busybox ps | grep '[b]usybox'
      18947 account   2804 R    {busybox} /usr/lib/ini

  Look at the last line above. "ps" ensures one terminal line per
  process, no wrapping. If a line is too long, cut it. If the full
  binary path is to be cut, prepend the binary basename in curly braces.

  Here is a shell session over dropbear connection:

      > stty size
      40 115
      > ps | grep '[a]skpass'
        285 root      2364 S    /lib/cryptsetup/askpass Please unlock disk dm_crypt-0:
      ## resize the terminal width to 50
      > stty size
      40 50
      > ps | grep '[a]skpass'
        285 root      2364 S    {askpass} /lib/cryptse

  As you can see askpass cmdline is a total mess now and because of that
  pgrep_exe cant find askpass PID.

  
  A quick fix could be "ps -w" instead of just "ps" in pgrep_exe. It would make ps assume the terminal width 132 which is enough for askpass line to be printed pristine.

  
  Currently one cant unlock encrypted root with terminal width up to and including 50.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1968636/+subscriptions

More information about the foundations-bugs mailing list