Package: systemd Version: 215-17+deb8u3 Severity: normal Dear Maintainer,
I've discovered that systemd-cryptsetup-generator doesn't work well in Debian. It seems that the reason is the way Debina abuses/extends the meaning of the third column of /etc/crypttab. By definition: The third field, key file, describes the file to use as a key for decrypting the data of the source device. Note that the entire key file will be used as the passphrase; the passphrase must not be followed by a newline character. To enable storing of key file on portable/pluggable device Debian provides passdev which accepts an extended format of the filed which includes a device node and a file name separated by a colon. systemd-cryptsetup-generator recognises such file name as a device name altogether and makes the respective cryptsetup unit depend on a nonexsitent device. For example, in my crypttab I've got the following entry: crypt-root UUID=9c9f0311-2647-4bfc-abcd-516edbd99363 /dev/disk/by-uuid/0396339f-904a-42d7-abcd-95d5549bff94:/key_root luks,keyscript=passdev the respective unit refers to an invalid device (see After and Requires fields). As the device never appears I need to wait for 90 seconds for a timeout. --8<---------------cut here---------------start------------->8--- # Automatically generated by systemd-cryptsetup-generator [Unit] Description=Cryptography Setup for %I Documentation=man:crypttab(5) man:systemd-cryptsetup-generator(8) man:systemd-cryptsetup@.service(8) SourcePath=/etc/crypttab DefaultDependencies=no Conflicts=umount.target BindsTo=dev-mapper-%i.device IgnoreOnIsolate=true After=systemd-readahead-collect.service systemd-readahead-replay.service cryptsetup-pre.target Before=cryptsetup.target After=dev-disk-by\x2duuid-0396339f\x2d904a\x2d42d7\x2dabcd\x2d95d5549bff94:-key_root.device Requires=dev-disk-by\x2duuid-0396339f\x2d904a\x2d42d7\x2abcd5\x2d95d5549bff94:-key_root.device BindsTo=dev-disk-by\x2duuid-9c9f0311\x2d2647\x2d4bfc\x2dabcd\x2d516edbd99363.device After=dev-disk-by\x2duuid-9c9f0311\x2d2647\x2d4bfc\x2dabcd\x2d516edbd99363.device Before=umount.target [Service] Type=oneshot RemainAfterExit=yes TimeoutSec=0 ExecStart=/lib/systemd/systemd-cryptsetup attach 'crypt-root' '/dev/disk/by-uuid/9c9f0311-2647-4bfc-abcd-516edbd99363' '/dev/disk/by-uuid/0396339f-904a-42d7-abcd-95d5549bff94:/key_root' 'luks,keyscript=passdev' ExecStop=/lib/systemd/systemd-cryptsetup detach 'crypt-root' --8<---------------cut here---------------end--------------->8--- systemd-cryptsetup does not know about passdev as a means of obtaining a password so it won't understand the reference to the /dev/disk/by-uuid/03[...]ff94:/key_root file either. One way to work around this bug is to mask systemd-cryptsetup@crypt\x2droot.service. It won't hurt because the root filesystem has already been mounted by initramfs. -- Package-specific info:
-- BEGIN ATTACHMENTS -- /tmp/tmp.P1MDMTgfSx/systemd-delta.txt /tmp/tmp.P1MDMTgfSx/systemd-analyze-dump.txt /tmp/tmp.P1MDMTgfSx/dsh-enabled.txt /etc/fstab -- END ATTACHMENTS --
-- System Information: Debian Release: 8.3 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.16.0-4-586 Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages systemd depends on: ii acl 2.2.52-2 ii adduser 3.113+nmu3 ii initscripts 2.88dsf-59 ii libacl1 2.2.52-2 ii libaudit1 1:2.4-1+b1 ii libblkid1 2.25.2-6 ii libc6 2.19-18+deb8u2 ii libcap2 1:2.24-8 ii libcap2-bin 1:2.24-8 ii libcryptsetup4 2:1.6.6-5 ii libgcrypt20 1.6.3-2 ii libkmod2 18-3 ii liblzma5 5.1.1alpha+20120614-2+b3 ii libpam0g 1.1.8-3.1+deb8u1 ii libselinux1 2.3-2 ii libsystemd0 215-17+deb8u3 ii mount 2.25.2-6 ii sysv-rc 2.88dsf-59 ii udev 215-17+deb8u3 ii util-linux 2.25.2-6 Versions of packages systemd recommends: ii dbus 1.8.20-0+deb8u1 ii libpam-systemd 215-17+deb8u3 Versions of packages systemd suggests: pn systemd-ui <none> -- no debconf information -- Było mi bardzo miło. --- Rurku. --- ... >Łukasz< --- To dobrze, że mnie słuchasz.