--test-passphrase requires root
When specifying --test-passphrase
and --header
with luksOpen
, the device specified seems to be opened anyways, even though cryptsetup seems to only need to interact with the header file.
Example (built at fdd6794c):
$ ./src/cryptsetup --header=/tmp/header --key-file=/tmp/key --test-passphrase luksOpen /dev/sda1 do-not-create
Device /dev/sda1 doesn't exist or access denied.
$ truncate --size=2M /tmp/dummy
$ ./src/cryptsetup --header=/tmp/header --key-file=/tmp/key --test-passphrase luksOpen /tmp/dummy do-not-create
Cannot use a loopback device, running as non-root user.
Device /tmp/header doesn't exist or access denied.
$ sudo ./src/cryptsetup --header=/tmp/header --key-file=/tmp/key --test-passphrase luksOpen /tmp/dummy do-not-create; echo $?
0
/tmp/dummy
is not actually read for any useful purpose, only opened.