Your message dated Sun, 4 Aug 2024 20:23:48 +0200
with message-id <[email protected]>
and subject line Re: Bug#1076100: /usr/share/initramfs-tools/hooks/cryptroot:
replaces stable LABEL=… lines in crypttab with unstable UUID=… entries
has caused the Debian Bug report #1076100,
regarding /usr/share/initramfs-tools/hooks/cryptroot: replaces stable LABEL=…
lines in crypttab with unstable UUID=… entries
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1076100: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076100
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: cryptsetup-initramfs
Version: 2:2.3.7-1+deb11u1
Severity: normal
X-Debbugs-Cc: [email protected]
The /cryptroot/crypttab file in the initramfs contains lines like:
cxxxxPV UUID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx none discard,luks,initramfs
This is bad because these are less stable than the LABEL=… lines I put
into crypttab(5): the UUID changes then you do a restore from backup,
whereas the LABEL can be easily made to stay the same.
It should not do so for LABEL= lines. (I can understand wishing to do
so for others, but even GRUB has a GRUB_DISABLE_LINUX_UUID=true option
because they realise UUIDs can be troubling.)
-- Package-specific info:
-- /proc/cmdline
BOOT_IMAGE=/vmlinuz-5.10.0-30-amd64 root=/dev/mapper/vg--xxxx-lv--root ro
rootdelay=5 net.ifnames=0
ip=6,0,eth0,xxxx.mirbsd.org,2a02:xxxx:xxxx:xxxx::1/64,fe80::1 nomodeset TZ=:UTC
-- /etc/crypttab
# <target name> <source device> <key file> <options>
cxxxxPV LABEL=cxxxxPV none discard,luks,initramfs
cswp1 /dev/vg-xxxx/lv-swp1 /dev/random
discard,cipher=aes-xts-plain64,size=256,plain,swap
cswp2 /dev/vg-xxxx/lv-swp2 /dev/random
discard,cipher=aes-xts-plain64,size=256,plain,swap
-- /etc/fstab
/dev/vg-xxxx/lv-root / ext4
defaults,auto_da_alloc,relatime,lazytime 0 2
LABEL=xxxx-boot /boot ext4
defaults,auto_da_alloc,noatime,lazytime,nodev,noexec 0 1
swap /tmp tmpfs
defaults,noatime,lazytime,nosuid,nodev 0 0
/dev/vg-xxxx/lv-mbsd /var/anoncvs ext4
defaults,auto_da_alloc,noatime,lazytime,nodev 0 3
/dev/mapper/cswp1 swap swap sw,discard=once
0 0
/dev/mapper/cswp2 swap swap sw,discard=once
0 0
swap /var/log/apache2 tmpfs
size=37748736,async,noatime,lazytime,auto,nodev,noexec,nosuid,rw,nouser,uid=0,gid=4,mode=2750
0 0
-- lsmod
Module Size Used by
nft_reject_inet 16384 7
nf_reject_ipv4 16384 1 nft_reject_inet
nf_reject_ipv6 20480 1 nft_reject_inet
nft_reject 16384 1 nft_reject_inet
nf_tables 274432 56 nft_reject_inet,nft_reject
libcrc32c 16384 1 nf_tables
nfnetlink 20480 1 nf_tables
joydev 28672 0
drm_kms_helper 278528 0
evdev 28672 2
cec 61440 1 drm_kms_helper
sg 36864 0
serio_raw 20480 0
pcspkr 16384 0
drm 634880 1 drm_kms_helper
virtio_balloon 24576 0
qemu_fw_cfg 20480 0
button 24576 0
dm_crypt 57344 3
dm_mod 163840 19 dm_crypt
ext4 942080 3
crc16 16384 1 ext4
mbcache 16384 1 ext4
jbd2 151552 1 ext4
crc32c_generic 16384 0
hid_generic 16384 0
usbhid 65536 0
hid 151552 2 usbhid,hid_generic
crc32_pclmul 16384 0
crc32c_intel 24576 7
sd_mod 61440 3
t10_pi 16384 1 sd_mod
crc_t10dif 20480 1 t10_pi
crct10dif_generic 16384 0
crct10dif_pclmul 16384 1
crct10dif_common 16384 3 crct10dif_generic,crc_t10dif,crct10dif_pclmul
virtio_scsi 24576 2
virtio_net 61440 0
net_failover 24576 1 virtio_net
failover 16384 1 net_failover
ghash_clmulni_intel 16384 0
ata_generic 16384 0
uhci_hcd 57344 0
ata_piix 36864 0
libata 299008 2 ata_piix,ata_generic
ehci_hcd 98304 0
aesni_intel 372736 6
scsi_mod 270336 4 virtio_scsi,sd_mod,libata,sg
libaes 16384 1 aesni_intel
crypto_simd 16384 1 aesni_intel
cryptd 24576 5 crypto_simd,ghash_clmulni_intel
glue_helper 16384 1 aesni_intel
psmouse 184320 0
virtio_pci 28672 0
virtio_ring 36864 4 virtio_balloon,virtio_scsi,virtio_pci,virtio_net
virtio 16384 4 virtio_balloon,virtio_scsi,virtio_pci,virtio_net
i2c_piix4 28672 0
usbcore 331776 3 usbhid,ehci_hcd,uhci_hcd
usb_common 16384 3 usbcore,ehci_hcd,uhci_hcd
floppy 90112 0
-- System Information:
Debian Release: 11.10
APT prefers oldstable-updates
APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'), (500,
'oldstable-proposed-updates'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-30-amd64 (SMP w/1 CPU thread)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)
Versions of packages cryptsetup-initramfs depends on:
ii busybox 1:1.30.1-6+b3
ii cryptsetup 2:2.3.7-1+deb11u1
ii debconf [debconf-2.0] 1.5.77
ii initramfs-tools [linux-initramfs-tool] 0.140
Versions of packages cryptsetup-initramfs recommends:
ii console-setup 2:20200214
ii kbd 2.3.0-3
cryptsetup-initramfs suggests no packages.
-- debconf information:
cryptsetup-initramfs/prerm_active_mappings: true
--- End Message ---
--- Begin Message ---
Version: 2:2.5.0-2
On Wed, 10 Jul 2024 at 18:35:36 +0000, Thorsten Glaser wrote:
> The /cryptroot/crypttab file in the initramfs contains lines like:
> […]
> This is bad because these are less stable than the LABEL=… lines I put
> into crypttab(5): the UUID changes then you do a restore from backup,
> whereas the LABEL can be easily made to stay the same.
>
> It should not do so for LABEL= lines.
Since the fix for #1016455 the logic is as follows:
* if the source is a spec (such as LABEL= or PARTUUID=), preserve its
value;
* if the source starts with /dev/disk/by-, perserve its value;
* if the source is a mapped device (it starts with /dev/mapper/),
perserve its value;
* if the source has a UUID (e.g., for LUKS), replace it with that
UUID;
* otherwise, preserve its value.
--
Guilhem.
signature.asc
Description: PGP signature
--- End Message ---