Tiny Core Linux
Tiny Core Extensions => TCE Q&A Forum => Topic started by: Hickory on November 01, 2010, 12:49:57 PM
-
I have successfully installed TC 3.2 on a second hard drive, however i cannot create a truecrypt volume.
First, it misrepresents the space that is available, second after it has gone through the process of encryption,
it fails, saying "failed to set up loop device".
Can anyone help?
-
Following a clue I found here (http://forums.gentoo.org/viewtopic-t-716569.html) does CONFIG_CRYPTO_XTS need to be compiled into the kernel? I noticed it isn't in the 3.x kernel. Can it be a module? I could do some testing if I had time, but maybe someone can recompile the kernel with XTS and try it.
-
Yes, it can be a module.
-
Thank you for your responses, I have never compiled a kernel, is a module an easier way, how is it done?
-
Basically these steps are sufficient to compile your "special" kernel modules:
1. Start TC, download and install compiletc extension
2. Download kernel sources from http://distro.ibiblio.org/pub/linux/distributions/tinycorelinux/3.x/release/src/kernel/ (http://distro.ibiblio.org/pub/linux/distributions/tinycorelinux/3.x/release/src/kernel/), easy way: Use linux-2.6.33.3-patched.tbz2, unpack. Download config-2.6.33.3-tinycore as well and edit to your needs, for example change the line
# CONFIG_CRYPTO_XTS is not setto
CONFIG_CRYPTO_XTS=m(m stands for module, y stands for kernel included, n for "not using")
3. Copy the edited config file to the unpacked kernel folder (with the new name ".config")
4. Run inside kernel folder
# make oldconfig5. Run inside kernel folder
# make modules6. Use the generated modules (e.g. xts.ko), usually compress it to save space "gzip xts.ko", copy xts.ko.gz to /usr/local/lib/modules/2.6.33.3/kernel/crypto/
7. Load module with modprobe xts or let it be done by truecrypt
...or you can just wait for crypto-xts-2.6.33.3-tinycore.tcz to be appearing in appbrowser, since I just sent it in for submission ;-) You will need this extension to run truecrypt (if it's the only missing "link").
-
Thank you, Gutmensch, this is exactly what I needed.
I also see that crypto_xts is included in TC3.3 rc2 which I just tried today.
-
Is solved the problem?
For me not. I have proved either in tc3.2 and tc3.3rc2
First I load the crypto-xts-2.6.33.3-tinycore.tcz
then "sudo modprobe xts"
I see the two modules loaded (gf128mul and xts)
then load truecrypt
I can make the encrypted volume, no problem
but when I want to mount it it says "Failed to setup a loop device"
Thinking about a lot of loop devices monted in my tc and that I can see in truecrypt only 64 possibilities, I have proved it in a base norestore with only loaded the crypto-xts and truecrypt and dependences, this are 15 loops devices.
I make all the above and select to mount the position 16 but with the same results.
I have do it with "sudo truecrypt" too, with the same problem
What I'm making wrong?
-
No, Onyarian, I get the same error.
-
I'm making more proves:
I have created in /etc/group the "truecrypt:x:1000:tc"
and in /etc/sudoers: "%truecrypt ALL=(root) NOPASSWD:/usr/bin/truecrypt"
that I have googled
(this two files in .filetool.lst)
I loaded crypto-xts-2.6.33.3-tinycore.tcz and cryptsetup.tcz
then
sudo modpobe dm-mirror, dm-snapshot, dm-crypt and xts
root@box:/home/tc# lsmod
Module Size Used by Not tainted
xts 1340 0
gf128mul 4284 1 xts
dm_crypt 7468 0
dm_snapshot 18364 0
dm_mirror 8620 0
dm_region_hash 4192 1 dm_mirror
dm_log 5228 2 dm_mirror,dm_region_hash
dm_mod 35392 4 dm_crypt,dm_snapshot,dm_mirror,dm_log
vboxnetflt 9260 0
vboxnetadp 4048 0
vboxdrv 109008 2 vboxnetflt,vboxnetadp
ipt_REJECT 1284 1
xt_state 636 1
ipt_LOG 3364 0
nf_conntrack_ftp 3672 0
iptable_nat 2008 0
nf_nat 8388 1 iptable_nat
nf_conntrack_ipv4 5688 4 iptable_nat,nf_nat
nf_conntrack 27752 5 xt_state,nf_conntrack_ftp,iptable_nat,nf_nat,nf_conntrack_ipv4
nf_defrag_ipv4 504 1 nf_conntrack_ipv4
vfat 5596 1
fat 30220 1 vfat
oss_usb 90348 0
oss_hdaudio 135956 0
osscore 542900 2 oss_usb,oss_hdaudio
i915 165436 2
drm_kms_helper 15480 1 i915
ath5k 96224 0
drm 93504 3 i915,drm_kms_helper
mac80211 87580 1 ath5k
ath 5584 1 ath5k
intel_agp 16252 1
i2c_i801 5748 0
i2c_algo_bit 2984 1 i915
cfg80211 73276 3 ath5k,mac80211,ath
i2c_core 9380 5 i915,drm_kms_helper,drm,i2c_i801,i2c_algo_bit
agpgart 15792 2 drm,intel_agp
yenta_socket 13432 0
rsrc_nonstatic 5780 1 yenta_socket
pcmcia_core 17332 2 yenta_socket,rsrc_nonstatic
squashfs 14728 138
ramzswap 10240 1
loop 8068 276
scsi_wait_scan 276 0
mmc_block 5492 4
video 12712 1 i915
backlight 1632 1 video
battery 6028 0
output 724 1 video
ac 1696 0
wmi 3656 0
sdhci_pci 4144 0
sdhci 10392 1 sdhci_pci
serio_raw 2380 0
r8169 22516 0
mmc_core 27968 2 mmc_block,sdhci
then loaded truecrypt.tcz
If I choose "Create an encrypted file container" It creates one but when I try to mount it I have another time the error
"Failed to set up a loop device: /home/tc/mycontainer"
BUT If I choose "Create a volume within a partition/drive" in an entire USB stick, it creates ok, and when I mount it there is NO problem to work with it, coping files to it and finally dismount, and mount another time (the USB stick is mounted in /mnt/truecrypt1)
I have proved with users tc and root with the same results.
So, the question is,
why I can't mount a file container but a volume drive yes?
-
could be some trouble with losetup... you can try the util-linux-ng.tcz extension which contains another losetup and not the one from busybox.
cryptsetup shouldn't be necessary, it's for the linux unified key setup (not related to truecrypt IIRC).
-
I succeeded in getting truecrypt to work.
There are several problems I found:
1) lvm2 is not listed as a dependency. Truecrypt requires dmsetup.
2) util-linux-ng is not listed as a dependency. The busybox mount is insufficient.
3) crypto-xts-2.6.33.3-tinycore is not listed as a dependency, which is understandable.
4) Truecrypt uses the busybox mount even if util-linux-ng is loaded.
5) The loop.max_loop parameter must be set to a value.
To solve this:
1) Load lvm2.
2) Load util-linux-ng.
3) Load crypto-xts-2.6.33.3-tinycore.
4) softlink the util-linux-ng mount binary into /usr/sbin.
5) Boot with the "loop.max_loop=256" boot parameter.
I hope that someone can provide an explanation and/or independent confirmation. I don't know how to fix 5, but 1-4 can be fixed in the extension by adding extensions to the .dep list then creating the mount softlink in the /usr/local/tce.installed/truecrypt script.
I confirmed the following will work:
# ln -s /tmp/tcloop/util-linux-ng/usr/local/bin/mount /usr/sbin/mount
# dd if=/dev/urandom of=/tmp/random bs=1024 count=1
# truecrypt --create --volume-type=normal --size=$((8*1024*1024)) \
--encryption=aes --random-source=/tmp/random --hash=whirlpool \
--filesystem=fat --password=test --keyfiles= /tmp/stuff.tc
# mkdir -p /tmp/stuff
# truecrypt --password=test --keyfiles= --non-interactive /tmp/stuff.tc /tmp/stuff
An 8MB FAT filesystem is now present at /tmp/stuff. I hope this helps. Use "truecrypt -d" to unmount.
NOTES:
- If loop.max_loop is not set, the message is "Error: failed to set up a loop device: /tmp/stuff.tc"
- truecrypt uses the busybox losetup, but that is sufficient. I did not get different results with the util-linux-ng losetup.
- truecrypt looks for mount in the following directories in order: /usr/sbin, /sbin, /usr/bin, /bin. Thus, it finds and uses the busybox mount binary. This results in the message: "Error: mount: mounting /dev/mapper/truecrypt1 on /tmp/stuff failed: Invalid argument"
- The truecrypt.tcz.list file has "truecrypt.tcz" in it. This is an error.
-
Solved!
THANKS Danielibarnes
The kit of the question was the boot parameter loop.max_loop=256
only with this change it works.
With and without the symlink of mount from util-linux-ng works too
So I have changed in grub.conf
kernel /boot/tc/bzImage quiet lang=es_ES@euro tce=sda1 home=sda1 restore=sda1/tce waitusb=5 laptop max_loop=256
with
kernel /boot/tc/bzImage quiet lang=es_ES@euro tce=sda1 home=sda1 restore=sda1/tce waitusb=5 laptop loop.max_loop=256
and finally works!
-
Success! Thank you, everyone for your help.
-
Run this script and everything works:
#!/bin/bash
for i in {8..255}; do
if [ -e /dev/loop$i ]; then
echo not creating loop $i
continue;
fi;
mknod -m 0660 /dev/loop$i b 7 $i
done