Bug#719740: dracut does not boot with an encrypted hard disk
I noticed (with dracut 040+1-1) that I can make encrypted disks just work (and without the annoying repeating password questions you get with rd.auto=1) *IF* I configure dracut to use hostonly mode (hostonly=yes in /etc/dracut.conf). I also note that there's a separate wishlist bug (#752660) to make hostonly mode the default, like other distributions do. /Teddy Hogeborn -- The Mandos Project http://www.recompile.se/mandos
Bug#719740: dracut does not boot with an encrypted hard disk
Hi Thomas, Am 30.07.2014 19:29, schrieb Claudio A. T. Clemens: So I entered the password, and the volume is found. The boot starts hotplug, waits for /dev to be populated, sets the keymap, sets disc parameters, tries to assemble MD arrays, cleans /tmp, then start early crypto... Here I'm asked for the password again. Then I get an error: Cannot use device /dev/disk/by-uuid/03e0...1fc3 which is in use (already mapped or mounted. Maybe the error is because of the previous error at installation, and building of the initrd. Ok. I managed to boot. Using the version 038 and setting rd.auto was actually all needed to fix this bug. What I was having was another problem which I think is a conflict between how I setup my system (at installation time), and how dracut and cryptsetup manage this devices. So maybe this bug can be closed. For the other problem, I will send a new bug-/wishreport for dracut and cryptsetup. Grüße, Claudio -- +- .''`. ---| Dipl.-Inf. Univ. Claudio Clemens |---| wheezy |-+ | : :' : asturio at gmx (.) net GNU/Linux User #79942 | | `. `' http://asturio.gmxhome.de/begin.html| | `-YE GODS, I HAVE FEET??! - Userfriendly | Amar é... deletar o Windows da Winshester dela. signature.asc Description: OpenPGP digital signature
Bug#719740: dracut does not boot with an encrypted hard disk
Am 29.07.2014 10:03, schrieb Thomas Lange: On Tue, 29 Jul 2014 00:47:12 +0200, Claudio Clemens astu...@gmx.net said: Package: dracut Version: 020-2 It would be very nice, if you could try the newest version of dracut (038-2) from testing, which also can be used with wheezy. Hi Thomas, writing from another computer with Network. I installed Version 038-2. First info: there were some errors/warnings when dracut makes the initrd, when installing: 8 Vorbereitung zum Ersetzen von dracut 020-2 (durch dracut_038-2_amd64.deb) ... Ersatz für dracut wird entpackt ... dracut (038-2) wird eingerichtet ... Neue Version der Konfigurationsdatei /etc/kernel/postrm.d/dracut wird installiert ... Neue Version der Konfigurationsdatei /etc/kernel/postinst.d/dracut wird installiert ... Neue Version der Konfigurationsdatei /etc/dracut.conf wird installiert ... dracut: Generating /boot/initrd.img-3.2.0-4-amd64 sed: can't read /var/tmp/initramfs.3TiCaA/lib/udev/rules.d/69-dm-lvm-metad.rules: No such file or directory Trigger für man-db werden verarbeitet ... 8 Than I rebooted. I entered the password and after some time I get a dracut-shell. OK, now I have the shell, great. But no boot. I than rebooted with the rd.auto=1 flag. This was better, but not the solution :-/. I have some screen shots. Let me know if I can send them to you. So I entered the password, and the volume is found. The boot starts hotplug, waits for /dev to be populated, sets the keymap, sets disc parameters, tries to assemble MD arrays, cleans /tmp, then start early crypto... Here I'm asked for the password again. Then I get an error: Cannot use device /dev/disk/by-uuid/03e0...1fc3 which is in use (already mapped or mounted. Maybe the error is because of the previous error at installation, and building of the initrd. Any ideas? Just to be clear. I have a crypted physical partition. This partition is used as a LVM VG. So during boot it needs first to be decrypted, and after that the LVM must be set up. Thanks for any idea. Claudio signature.asc Description: OpenPGP digital signature
Bug#719740: dracut does not boot with an encrypted hard disk
On Tue, 29 Jul 2014 00:47:12 +0200, Claudio Clemens astu...@gmx.net said: Package: dracut Version: 020-2 It would be very nice, if you could try the newest version of dracut (038-2) from testing, which also can be used with wheezy. -- regards Thomas -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#719740: dracut does not boot with an encrypted hard disk
Package: dracut Version: 020-2 Followup-For: Bug #719740 Hi there, I just installed a wheezy 7.6.0 on my system, and I'm using dracut 020-2 (when installed, keep reading). I think also this bug is related to #705805 The default installation was OK, running Kernel 3.2.0 and initramfs-tools 0.109.1. This Kernel has a bug (my USB W-Lan Stick doesn't work with a USB-3-Port, it seems the maintainer won't fix that :-/ ). I wanted to solve the Problem with a new Kernel from backports 3.12. This works great with dracut on a not encrypted installation. But with an encrypted system, it doesn't work. Here at first my disk layout: claudio@boromir:~$ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:00 931,5G 0 disk ├─sda1 8:10 100M 0 part ├─sda2 8:20 292,9G 0 part ├─sda3 8:3020G 0 part ├─sda4 8:40 1K 0 part |-sda5 8:50 616,7G 0 part │ └─sda5_crypt (dm-0) 253:00 616,7G 0 crypt │ ├─boromir-swap (dm-1) 253:10 7,7G 0 lvm [SWAP] │ ├─boromir-root (dm-2) 253:2028G 0 lvm / │ ├─boromir-home (dm-3) 253:30 9,3G 0 lvm /home │ └─boromir-opt (dm-4) 253:40 571,8G 0 lvm /opt └─sda6 8:60 1,8G 0 part /boot Just for the understanding. I have 2 Debian installations, one unencrypted in sda6 (only Debian base system), which works with kernel 3.12 from bpo and dracut, and my main installation in (dm-2) works also with 3.2.0 (mounting everything in sda5_crypt + sda6 (as /boot)) See http://smcv.pseudorandom.co.uk/2008/09/cryptroot/ for more details. sda1-sda4 are irrelevant. When sda5-dm2 has Kernel 3.2 and initramfs-tools, and sda6 has kernel 3.12, I can boot both. So then I installed on sda5-dm2 kernel 3.12 too, and also the needed dracut. If I then reboot, I will enter the crypt-volume password as prompted, but then nothing happen. I waited some minutes, but nothing happened at all. I read that there should be a dracut console... but even that doesn't show up. The first time I enter the password, it won't echo. But after that every thing I type, will be echoed. (Nothing happens anyway) Probably another bug is that the keyboard layout was not loaded. So I typed a password using the en Layout. And I tryed also to type this correctly (using the wrong layout). Nothing worked. The rc.auto=1 also didn't work. And odd enough: The unencrypted partition (sda6) wouldn't also boot. When I select it in grub, it also asks for a password, and it hangs there. Before the update, I mustn't enter a password for this partition. Here is at least some useful information, I found nowhere: When I'm in this state, no Debian partition will boot anymore. To repair the boot I do the following: - Boot from the Debian Netinstall CD - Select rescue - Enter the password for the encrypted volume, when asked for - Mount the / of the installation (dm2) - Start a shell on the partition. - Mount the /boot (manually) - Remove the 3.12 kernel and dracut. - Reinstall initramfs-tools After that the boot will still hang. So you need also to recreate the initrd. I used then update-initramfs -k all -ut Only after that I was able to boot the system again. I haven't tryed a newer version of dracut, as there is none in proposed-updates. Will it be a problem to install the version of jessey or sid in wheezy? Or will be there a version for bpo? Sorry that I'm reporting this now from a system without dracut, but I can only boot my encryped system on wheezy without it. What should I do/try? -- System Information: Debian Release: 7.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages dracut depends on: ii cpio 2.11+dfsg-0.1 ii kbd1.15.3-9 pn kpartx none ii module-init-tools 9-3 ii udev 175-7.2 ii util-linux 2.20.1-5.3 Versions of packages dracut recommends: ii cryptsetup 2:1.4.3-4 pn dmraid none ii dmsetup 2:1.02.74-8 ii lvm22.02.95-8 ii mdadm 3.2.5-5 Versions of packages dracut suggests: pn dracut-network none -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#719740: dracut does not boot with an encrypted hard disk
Hi, FWIW, rebuilding dracut with modules.d/98systemd usr/lib/dracut/modules.d added to debian/install does not make things better. systemd can’t find the cryptsetup@uuid.service file, even though the generator is present. What’s worse is that the failure mode is such that I actually don’t get a shell and cannot use systemctl or journalctl to investigate. Do you have some experience in debugging these kinds of issues? I tried booting with rd.shell, rd.debug, rd.luks=0, rd.break, but no combination of these parameters help. -- Best regards, Michael -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org