loop-aes-utils mount does not support --no-canonicalize

just to be clear libfuse2 was one of the updated packages

here's fragment of /var/log/apt/term.log

Configuring libfuse2 (2.8.4-1ubuntu1.3) ...

Configuring fuse-utils (2.8.4-1ubuntu1.3) ...
...
Configuring linux-image-generic (2.6.35.27.35) ...

Configuring linux-generic (2.6.35.27.35) ...

Configuring linux-headers-2.6.35-27 (2.6.35-27.48) ...

Configuring linux-headers-2.6.35-27-generic (2.6.35-27.48) ...

oh... and reverting to previous libfuse2 version solved the issue

apt-get install libfuse2=2.8.4-1ubuntu1

so... I bet it's deffinately something with the new package

I'm having the exact same problem.
Updated today and I get the same Truecrypt error.
Thanks for the temporary solution.
You saved me quite some time.
Cheers

I have the same problem as well on Ubuntu 10.10. Downgrading libfuse2 from 2.8.4-1ubuntu1.3 to 2.8.4-1ubuntu1 worked. Tell me if you need any more information.

Same problem after updating
fuse-utils (2.8.4-1ubuntu1.2) to 2.8.4-1ubuntu1.3
libfuse2 (2.8.4-1ubuntu1.2) to 2.8.4-1ubuntu1.3
yesterday. Maverick AMD64 with custom kernel, fuse built as module.

The bug affects sshfs as well as TrueCrypt: trying to mount ssh filesystem gave error:
fusermount: failed to access mountpoint [mount_point]: Transport endpoint is not connected

Reverting libfuse2 and fuse-utils solved the problem:
apt-get install libfuse2=2.8.4-1ubuntu1 fuse-utils=2.8.4-1ubuntu1

Thanks to the above posters for saving me time working around this crippling bug (I rely on sshfs and TrueCrypt).

I have the same problem with lucid after upgrading to kernel 2.6.32-30 from lucid proposed today.

On Lucid returning to libfuse2 2.8.1-1.1ubuntu2 and the corresponding fuse-utils solves the problem, too. So it seems that there is a bug in the last security uupdate of this packages that breaks fuse.

Just built a new custom 2.6.37.2 kernel with CONFIG_FUSE_FS=y rather than CONFIG_FUSE_FS=m as I'd been using. It didn't make a difference whether FUSE is compiled into the kernel or as a module.

# apt-cache showpkg libfuse2
Package: libfuse2
Versions:
2.8.4-1ubuntu1.3 (/var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_maverick-updates_main_binary-amd64_Packages) (/var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_maverick-security_main_binary-amd64_Packages)
 Description Language:
                 File: /var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_maverick-updates_main_binary-amd64_Packages
                  MD5: 5d223263b75b2a98a7218dd5a0a8aaa7

2.8.4-1ubuntu1 (/var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_maverick_main_binary-amd64_Packages) (/var/lib/dpkg/status)
 Description Language:
                 File: /var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_maverick_main_binary-amd64_Packages
                  MD5: 5d223263b75b2a98a7218dd5a0a8aaa7

The latest 2.8.4-1ubuntu1.3 package fails in both cases, while the older 2.8.4-1ubuntu1 package works in both.

+1
Really annoying these glitches.

Just for the record I am a noob. So just out of curiosity would this be the same problem in Debian 6. I tried the latest release, but sacked it after I found out that truecrypt gave the same error message when trying to mount a container. So I re-installed Ubuntu 10.04 from a copy made with remastersys. Then when I updated Ubuntu a month later I started to get the same error message again. Any idea as to how long this quote "Important security update" will take before it gets fixed? Or does truecrypt need to be modified?

So thanks for the solution.

Same issue here with Ubuntu 10.04 Lucid AMD64 and True Crypt 7.0a, was working until I updated last week:

Linux ubuntu 2.6.32-30-generic #59-Ubuntu SMP Tue Mar 1 21:30:46 UTC 2011 x86_64 GNU/Linux

$ apt-cache showpkg libfuse2
Package: libfuse2
Versions:
2.8.1-1.1ubuntu3.1
2.8.1-1.1ubuntu2
Dependencies:
2.8.1-1.1ubuntu3.1 - libc6 (2 2.7) mount (2 2.17.2-0ubuntu1.10.04.1) fuse-utils (0 (null)) fuse-utils (3 2.8.1-1.1ubuntu3.1)
2.8.1-1.1ubuntu2 - libc6 (2 2.7) fuse-utils (0 (null)) fuse-utils (3 2.8.1-1.1ubuntu2)

If I downgrade to 2.8.1-1.1ubuntu2 then it uninstalls the following packages: fuse-utils gvfs-fuse ntfs-3g ntfsprogs sshfs. :(

Is there something I can do to help solving it?

I had the same problem on Ubuntu 10.10.

Downgraded libfuse2 using "sudo dpkg -i --force-downgrade libfuse2_2.8.4-1ubuntu1_i386.deb", after downloading the .deb from https://launchpad.net/ubuntu/+source/fuse/, so TrueCrypt is working back.

Thanks! This also worked for me!

In 10.04 the current working version is libfuse2_2.8.1-1.1ubuntu2.

I downloaded it from http://launchpadlibrarian.net/38427956/libfuse2_2.8.1-1.1ubuntu2_amd64.deb and installed as you said:

root@ubuntu:/var/cache/apt/archives# wget http://launchpadlibrarian.net/38427956/libfuse2_2.8.1-1.1ubuntu2_amd64.deb
--2011-03-09 22:30:50-- http://launchpadlibrarian.net/38427956/libfuse2_2.8.1-1.1ubuntu2_amd64.deb
Resolviendo launchpadlibrarian.net... 91.189.89.228, 91.189.89.229
Conectando a launchpadlibrarian.net|91.189.89.228|:80... conectado.
Petición HTTP enviada, esperando respuesta... 200 OK
Longitud: 146138 (143K) [application/x-debian-package]
Guardando en: «libfuse2_2.8.1-1.1ubuntu2_amd64.deb»

100%[======================================>] 146.138 130K/s en 1,1s

2011-03-09 22:30:52 (130 KB/s) - «libfuse2_2.8.1-1.1ubuntu2_amd64.deb» guardado [146138/146138]

root@ubuntu:/var/cache/apt/archives# dpkg -i --force-downgrade libfuse2_2.8.1-1.1ubuntu
libfuse2_2.8.1-1.1ubuntu2_amd64.deb libfuse2_2.8.1-1.1ubuntu3.1_amd64.deb
root@getsuga:/var/cache/apt/archives# dpkg -i --force-downgrade libfuse2_2.8.1-1.1ubuntu2_amd64.deb
dpkg: aviso: desactualizando libfuse2 de 2.8.1-1.1ubuntu3.1 a 2.8.1-1.1ubuntu2.
(Leyendo la base de datos ... 00%
448929 ficheros y directorios instalados actualmente.)
Preparando para reemplazar libfuse2 2.8.1-1.1ubuntu3.1 (usando libfuse2_2.8.1-1.1ubuntu2_amd64.deb) ...
Desempaquetando el reemplazo de libfuse2 ...
Configurando libfuse2 (2.8.1-1.1ubuntu2) ...

Procesando disparadores para libc-bin ...
ldconfig deferred processing now taking place
root@ubuntu:/var/cache/apt/archives#

And It works:

root@ubuntu:/var/cache/apt/archives# mount | grep truecrypt
truecrypt on /tmp/.truecrypt_aux_mnt1 type fuse.truecrypt (rw,nosuid,nodev,allow_other)
/dev/mapper/truecrypt1 on /media/truecrypt1 type vfat (rw,uid=1000,gid=1000,umask=077)
root@ubuntu:/var/cache/apt/archives#

Hi! I'm using lucid amd64, and I found the easy way to downgrade is to run

apt-get install libfuse2=2.8.1-1.1ubuntu2 fuse-utils=2.8.1-1.1ubuntu2

Of course when I do a general upgrade those two packages will be upgraded again, but then I just run the command again. No need to pin it if the bug is fixed soon...

So, does anyone understand what they did to libfuse2 to break it?

@Søren Weber, thanks for your solution. You can pin the packages, so they don't get updated. First perform the downgrade, then as root do:
# echo libfuse2 hold | dpkg --set-selections
# echo fuse-utils hold | dpkg --set-selections

I can't seem to be able to reproduce this on Lucid.

Could someone please give detailed steps on how to set up truecrypt and show the issue?

Thanks.

Does anyone experiencing this problem have the loop-aes-utils package installed?

Marc, thank you for looking into this.

I'm using Maverick, not Lucid, but do have loop-aes-utils package installed. I've stopped using loop-aes, though, so could try removing loop-aes-utils if that helps to troubleshoot.

As far as setting up TrueCrypt, I just followed instructions at
http://www.truecrypt.org/docs/
(click on Beginner's Tutorial).

As I noted earlier, this bug also prevents me from mounting sshfs volumes, maybe that would be easier for you to test?

Thanks Marc.

I'm using Ubuntu 10.10 Maverick and I do have loop-aes-utils 2.16.2-1 installed.

Reverting from libfuse2 version 2.8.4-1ubuntu1.3 to version 2.8.4-1ubuntu1 allows Truecrypt to work again.

The loop-aes-utils package contains a "mount" binary which is lacking the options needed for the fuse security update. Could you please remove that package and see if TrueCrypt starts working again?

I reinstalled the latest libfuse2 and removed loop-aes-utils and it works perfectly again.

Thank you very much Marc.

Is anyone else having this issue that doesn't have the loop-aes-utils package installed?

Hi, I'm using Lucid 10.04 updated to date.
I marked as "install" the two packages, upgraded, and the problem appeared again.

I confirm that after uninstalling loop-aes-utils It works with the latest version of libfuse and fuse-utils.

Thanks for looking into this Marc.

I also have loop-aes-utils installed. Do I need loop-aes-utils in my setup?

I'm using fulldisk encryption + LVM (ubuntu standard chosen during lucid installation), and (obviously) truecrypt for an external USB disk.

Is there any way I can check if loop-aes-utils is being used in my system right now (my main worry being removing the package and not being able to boot)?

Marc, thank you so much for pointing to loop-aes-utils as the culprit. I can confirm that after removing the loop-aes-utils package from my Maverick AMD64 system, and re-installing the latest libfuse and fuse-utils updates, I can mount sshfs and TrueCrypt volumes.

@Søren Weber:
losetup -a
will show you the loop devices set up on your system. For example:

# losetup -a
/dev/loop5: [000e]:14986 (/dev/md1) offset=4096 encryption=AES128 multi-key-v3
/dev/loop7: [000e]:14954 (/dev/md0) offset=4096 encryption=AES128 multi-key-v3

shows 2 loop-aes devices in use. You can tell they are are loop-aes devices because of the "encryption=AES128" string. In case you see such devices, you need to keep loop-aes-utils. As a counter-example, on my system using 1 TrueCrypt volume and no loop-aes devices:

# losetup -a
/dev/loop0: [0902]:20 (/mnt/sdc1/encrypted.tc)

Much more info about loop-aes is available in the README files at
http://loop-aes.sourceforge.net/

Someone needs to backport --no-canonicalize to loop-aes-utils's mount, as it is now required by the fuse security updates. If someone can prepare debdiffs, attach them here, and subscribe ubuntu-security-sponsors, they will get pushed out as a security update.

This is similar to bug #731228

I've just uploaded a fix for this to Natty. The debdiff is attached. I included 'umount --fake' support as well as --no-canonicalize, since this is needed by modern 'fusermount -u' to update /etc/mtab.

This bug was fixed in the package loop-aes-utils - 2.16.2-1ubuntu1

---------------
loop-aes-utils (2.16.2-1ubuntu1) natty; urgency=low

  * Backport mount/umount --no-canonicalize option from util-linux
    (LP: #727220).
  * Backport umount --fake option from util-linux.
 -- Colin Watson <email address hidden> Sun, 24 Apr 2011 16:02:36 +0100

Uploaded maverick fix to ubuntu-security PPA.

Updated patch for Lucid uploaded to security PPA.

Testing with QRT test-fuse.py and test-util-linux.py with loop-aes-tools installed demonstrates the regression in prepatached loop-aes-tools. After upgrading, test-fuse.py and test-util-linux.py pass all tests.

This bug was fixed in the package loop-aes-utils - 2.16.2-1ubuntu0.1

---------------
loop-aes-utils (2.16.2-1ubuntu0.1) maverick-security; urgency=low

  [ Colin Watson ]
  * Backport mount/umount --no-canonicalize option from util-linux
    (LP: #727220).
  * Backport umount --fake option from util-linux.
 -- Jamie Strandboge <email address hidden> Wed, 04 May 2011 17:11:48 -0500

This bug was fixed in the package loop-aes-utils - 2.15.1~rc1-2ubuntu1.1

---------------
loop-aes-utils (2.15.1~rc1-2ubuntu1.1) lucid-security; urgency=low

  * debian/patches/30no-canonicalize.dpatch: Backport mount/umount
    --no-canonicalize option from util-linux (LP: #727220). Patch from
    Colin Watson.
  * debian/patches/31umount-fake.dpatch: Backport umount --fake option from
    util-linux. Patch from Colin Watson.
 -- Jamie Strandboge <email address hidden> Wed, 04 May 2011 17:22:33 -0500

I`m still experiencing this same issue. I`ve described it in all the details I could at:
http://ubuntuforums.org/showthread.php?t=2319019

 It looks like it`s been 5 years and you even claim that it`s been fixed but it happens that I have exactly that version of loop-aes-utils:

apt-cache show loop-aes-utils | grep Version
Version: 2.16.2-1

... and the issue is still present!

So... what is going on ? Could someone help ? It`s very important.
I need aes-loop to live :) not gonna uninstall it...

Oh! Just want to add for a quick record that this time my issue involves mounting NTFS partition on USB device, not TrueCrypt...

Wow, scratch my previous messages. Found and updated to "loop-aes-utils_2.16.2-3_amd64.deb" and it fixed itself :| I`ll be darn xD

Oh, and one more thing, like it wrote at ubuntuforums... but there might be a chance that you guys will know better:

Why is it that official Ubuntu repo doesn`t have/maintain loop-aes-utils anymore ?
It`s so useful tool...
I need to keep my own, old .deb package...