While the password is escaped for the shell, it is not enclosed in single quotes. I will look at changing this. Until then avoid characters that are interpreted by the bash shell like parentheses, ampersand, and dollar symbols.
Just saw the updated LUKS plugin and that this was fixed. Thank you for doing this
Are there any known passphrase requirements when using LUKS encryption through the GUI, such as disallowed special characters? I ask because today I added a new encrypted partition using the plugin, and attempted to add another key using randomly generated passphrases that included all ASCII printable characters as possibilities.
They didn't seem to work, as I kept getting the following error message:
Unable to add the key to the encrypted device: Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; /bin/bash -c 'echo -n 'Password1' | cryptsetup luksAddKey -q '/dev/sdb2' --key-file=- <(echo -n 'A&8V#feFBhSbOsSduxDmVc)Y)oZcfoOQ')' 2>&1' with exit code '2':
After testing different combination, it appears that any use of either parenthesis sign () causes this error. A new passphrase without the parenthesis is working, but I wanted to check to ensure there are not other requirements that I am unware of that could cause future access issues. Thanks
EDIT: Also just found that a passphrase with the ampersand & would not enter in the GUI to add a key. That's not a problem, as long as I'm not able to add a key that would later not work to unlock.
However, I also found that the following passphrase was allowed to be added as a key through the GUI but will not unlock the partition: 4cSJD?O8%4nl$7dM3555mqTg$HH5vmbB, and yielded the following error when trying to unlock:
Error #0:
exception 'OMV\Exception' in /usr/share/openmediavault/engined/rpc/luks.inc:239
Stack trace:
#0 [internal function]: OMVRpcServiceLuksMgmt->openContainer(Array, Array)
#1 /usr/share/php/openmediavault/rpc/serviceabstract.inc(124): call_user_func_array(Array, Array)
#2 /usr/share/php/openmediavault/rpc/rpc.inc(86): OMV\Rpc\ServiceAbstract->callMethod('openContainer', Array, Array)
#3 /usr/sbin/omv-engined(536): OMV\Rpc\Rpc::call('LuksMgmt', 'openContainer', Array, Array, 1)
#4 {main}
This is more a concern as being able to add a password that may not be parsed correctly when recorded for a key would be an issue. There may be another issue here I'm not seeing, but I'm copying and pasting the password each time so I know that's at least correct.
I'm going to use only numbers and letters from now on in passphrase which is not a big deal, but would like to know the specific requirements if someone knows
Thank you ryecoaaron for these settings. Setup my OMV acting as syslog server for many devices, and its great having it centralized.
Since I didn't want everything recording to the default syslog, I set up different logs as needed for the varied devices (http://www.rsyslog.com/storing…tem-into-a-specific-file/). However since I've done that, the logs are obviously no longer visible in the OMV GUI (use SSH right now which is fine)
Is there a way to set which logs appear in the drop down menu on the System Logs page? I glanced through the OMV config and didn't see one, and it would be nice to add custom logs to give another option to view the logs.
Also, if there are many others using OMV as a syslog server, may I suggest adding GUI config support for it? I see there's a bug tracker noted above, but the link isn't working so not sure if that was for this. Also, at least for me, it would be nice to have a separate GUI page to view logs (including custom added ones as mentioned), like how Duplicati and Plex have their own GUI page viewable at omvIP:port. Would allow quick access to view logs without having to log into OMV
