TrueCrypt on Ubuntu Fiesty Fawn (or later)

Sunday, April 15th, 2007 at 2:56 pm | 2,788 views | trackback url
Tags:

In a previous blog entry, I described how to get TrueCrypt working on your Linux machine with ext2/ext3 or XFS filesystems.

If you’ve upgraded your kernel, you may run into trouble with the kernel module. You might see an error like the following:

$ sudo truecrypt /dev/sdi1
Enter password for '/dev/sdi1': 
FATAL: Module truecrypt not found.
Failed to load TrueCrypt kernel module

Here’s how to fix it..

If you fetch the latest TrueCrypt source, unpack it, and go into truecrypt-${VERSION}-source-code/Linux (I’m using v4.3 here), and edit ‘build.sh’ in your favorite editor. In this file, you’ll see a check for the kernel source’s .config, that looks like this:

if [ ! -f "$KERNEL_SRC/.config" ]
then
        if [ -f /proc/config.gz -o -f /boot/config-$KERNEL_VER -o -f /boot/config-$(uname -r) ]
        then
                echo -n "Configure kernel source according to the system configuration? [Y/n]: "
                read A
                if [ -z "$A" -o "$A" = "y" -o "$A" = "Y" ]
                then
                        echo -n "Configuring kernel source in $KERNEL_SRC... "
                        
                        if [ -f /proc/config.gz ]
                        then
                                zcat /proc/config.gz >$KERNEL_SRC/.config || exit 1
                        else
                                if [ -f /boot/config-$(uname -r) ]
                                then
                                        cp /boot/config-$(uname -r) $KERNEL_SRC/.config || exit 1
                                else
                                        cp /boot/config-$KERNEL_VER $KERNEL_SRC/.config || exit 1
                                fi
                        fi
              
                        make -C $KERNEL_SRC oldconfig /dev/null || exit 1
                        echo Done.
                fi
        fi

        if [ ! -f "$KERNEL_SRC/.config" ]
        then
                error "Kernel not configured. You should run make -C $KERNEL_SRC config"
                exit 1
        fi
fi

The outermost test is what we need to remove in this file. Simply comment out the first two lines of that block, as follows (unified diff, you can apply this with patch(1) on your Linux system). I’ve bolded the appropriate lines above. Just comment them out, or apply the diff below to patch this file.

--- build.sh.orig       2007-04-15 14:15:10.000000000 -0400
+++ build.sh    2007-04-15 13:25:18.000000000 -0400
@@ -72,8 +72,8 @@
        exit 1
 fi
 
-if [ ! -f "$KERNEL_SRC/.config" ]
-then
+# if [ ! -f "$KERNEL_SRC/.config" ]
+# then
        if [ -f /proc/config.gz -o -f /boot/config-$KERNEL_VER -o -f /boot/config-$(uname -r) ]
        then
                echo -n "Configure kernel source according to the system configuration? [Y/n]: "
@@ -104,7 +104,7 @@
                error "Kernel not configured. You should run make -C $KERNEL_SRC config"
                exit 1
        fi
-fi
+# fi
 
 if [ ! -d "$KERNEL_SRC/include/asm" ] && grep -q modules_prepare $KERNEL_SRC/Makefile
 then

On most machines, you won’t have the full kernel source tree installed… let’s fix that first.

I’m running 2.6.20 here, and the numbers below will reflect that. Replace your running kernel version with that below:

sudo apt-get install linux-source-2.6.20
cd /usr/src/
sudo tar jxvf linux-source-2.6.20.tar.bz2
sudo ln -s linux-source-2.6.20 linux
sudo cp /boot/config-2.6.20-12-386 /usr/src/linux/.config
cd linux
sudo make oldconfig

Now you need to go back into your TrueCrypt source directory and type ‘sudo sh ./build.sh’, and follow the prompts. It may take a long while to build, but let it run and do its work. You should see the following output (your own output may vary, but it should compile the kernel modules and userland tools cleanly.

$ sudo sh ./build.sh 
Checking build requirements...
Configure kernel source according to the system configuration? [Y/n]: 
Configuring kernel source in /usr/src/linux-source-2.6.20... .config:1390:warning: trying to assign nonexistent symbol SATA_INTEL_COMBINED
.config:3548:warning: trying to assign nonexistent symbol RTL818X
Done.
Building internal kernel modules (may take a long time)... Done.
Building kernel module... Done.
Building truecrypt... Done.

Once it builds correctly, you can run the install script:

desrod@purity:/tmp/truecrypt-4.3-source-code/Linux$ sudo sh ./install.sh 
Checking installation requirements...
Testing truecrypt... Done.

Install binaries to [/usr/bin]: 
Install man page to [/usr/share/man]: 
Install user guide and kernel module to [/usr/share/truecrypt]: 
Allow non-admin users to run TrueCrypt [y/N]: y
Installing kernel module... Done.
Installing truecrypt to /usr/bin... Done.
Installing man page to /usr/share/man/man1... Done.
Installing user guide to /usr/share/truecrypt/doc... Done.
Installing backup kernel module to /usr/share/truecrypt/kernel... Done.

That’s it.. you’re done. You should now be able to run TrueCrypt to mount your encrypted drive using my other instructions.

Good luck!

Last Modified: Sunday, April 15th, 2007 @ 14:56

Leave a Reply

You must be logged in to post a comment.

Bad Behavior has blocked 2467 access attempts in the last 7 days.