Bug#735496: initramfs-tools fails because of missing keyutils package
Package: initramfs-tools Version: 0.115~bpo70+1 Severity: normal I am using wheezy mostyle stable and also backports packages (such as initramfs-tools) I have multiple volumes encrypted using dm_crypt (3 LVM Physical Volumes) using the same passphrase I do not want to type the passphrase three times hence I am using the following option in /etc/crypttab luks,keyscript=decrypt_keyctl The problem is update-initramfs fails because /bin/keyctl is required but it is not installed. It works after I installed keyutils but I had to debug the script to figure out what had to be installed. A package dependency should make sure this program is already installed to avoid this problem. # cat /etc/crypttab luks-0d020ecb-9fae-40fb-9ddf-8a75c8830d9c UUID=0d020ecb-9fae-40fb-9ddf- 8a75c8830d9c none luks,keyscript=decrypt_keyctl luks-182a31c7-38da-4c7f-9bf6-3568c0dbf1d4 UUID=182a31c7-38da-4c7f- 9bf6-3568c0dbf1d4 none luks,keyscript=decrypt_keyctl luks-d1c60f39-a178-46f9-824d-6353b97158c3 UUID=d1c60f39-a178-46f9-824d- 6353b97158c3 none luks,keyscript=decrypt_keyctl # cat /etc/debian_version 7.3 The main update-initramfs command fails: # update-initramfs -u -k all update-initramfs: Generating /boot/initrd.img-3.2.0-4-amd64 E: /usr/share/initramfs-tools/hooks/cryptkeyctl failed with return 1. update-initramfs: failed for /boot/initrd.img-3.2.0-4-amd64 with 1. The internal commands which fails: # mkinitramfs -o /boot/initrd.img-3.2.0-4-amd64.new 3.2.0-4-amd64 E: /usr/share/initramfs-tools/hooks/cryptkeyctl failed with return 1. # bash -x /usr/share/initramfs-tools/hooks/cryptkeyctl + set -e + PREREQ=cryptroot + case $1 in + . /usr/share/initramfs-tools/hook-functions + '[' '!' -x /lib/cryptsetup/scripts/decrypt_keyctl ']' + copy_exec /bin/keyctl + local src target x nonoptlib + local libname dirname + src=/bin/keyctl + target=/bin/keyctl + '[' -f /bin/keyctl ']' + return 1 The missing program is /bin/keyctl: # ls -lh /bin/keyctl ls: cannot access /bin/keyctl: No such file or directory The solution is to install the missing package: # apt-get install keyutils Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: keyutils 0 upgraded, 1 newly installed, 0 to remove and 1 not upgraded. Need to get 36.2 kB of archives. After this operation, 86.0 kB of additional disk space will be used. Get:1 http://ftp.uk.debian.org/debian/ wheezy/main keyutils amd64 1.5.5-3 [36.2 kB] Fetched 36.2 kB in 0s (125 kB/s) Selecting previously unselected package keyutils. (Reading database ... 125426 files and directories currently installed.) Unpacking keyutils (from .../keyutils_1.5.5-3_amd64.deb) ... Processing triggers for man-db ... Setting up keyutils (1.5.5-3) ... Finally it works: # update-initramfs -u -k all update-initramfs: Generating /boot/initrd.img-3.2.0-4-amd64 -- Package-specific info: -- initramfs sizes -rw-r--r-- 1 root root 12M Jan 15 19:18 /boot/initrd.img-3.2.0-4-amd64 -rw-r--r-- 1 root root 12M Jan 12 17:58 /boot/initrd.img-3.2.0-4-amd64-20140112-1800 -rw-r--r-- 1 root root 12M Jan 15 19:23 /boot/initrd.img-3.2.0-4-amd64-20140115-1918 -- /proc/cmdline root=/dev/vgmain/sys_debian07 ro quiet -- /proc/filesystems btrfs ext4 xfs ext3 -- lsmod Module Size Used by dm_mirror 17707 1 dm_region_hash 13502 1 dm_mirror dm_log 13528 3 dm_region_hash,dm_mirror ip6table_filter12540 0 ebtable_nat12580 0 ebtables 26235 1 ebtable_nat parport_pc 22364 0 ppdev 12763 0 lp 17149 0 parport31858 3 lp,ppdev,parport_pc bnep 17567 2 rfcomm 33700 10 binfmt_misc12957 1 act_police 12654 1 cls_basic 12966 1 cls_flow 17351 0 cls_fw 12965 4 cls_u3213071 0 sch_tbf12964 0 sch_prio 13163 0 sch_htb17923 1 sch_hfsc 22230 0 sch_ingress12744 1 sch_sfq13172 4 xt_statistic 12519 0 xt_CT 12507 0 xt_time12459 0 xt_connlimit 12622 0 xt_realm 12423 0 xt_addrtype12557 4 iptable_raw12524 0 xt_comment 12427 9 xt_recent 13188 0 xt_policy 12506 0 ipt_ULOG 16833 0 ipt_REJECT 12502 4 ipt_REDIRECT 12471 0 ipt_NETMAP 12465 0 ipt_MASQUERADE 12594 3 ipt_ECN12456 0 ipt_ecn12456 0 ipt_CLUSTERIP 13045 0 ipt_ah 12453 0 xt_set 12989 0 ip_set 26649 1 xt_set nf_nat_tftp12422 0 nf_nat_snmp_basic 16995 0 nf_conntrack_snmp 12443 1
Bug#735496: initramfs-tools fails because of missing keyutils package
reassign 735496 cryptsetup stop On Wed, Jan 15, 2014 at 07:45:06PM +, fdupoux wrote: Package: initramfs-tools Version: 0.115~bpo70+1 Severity: normal I am using wheezy mostyle stable and also backports packages (such as initramfs-tools) I have multiple volumes encrypted using dm_crypt (3 LVM Physical Volumes) using the same passphrase I do not want to type the passphrase three times hence I am using the following option in /etc/crypttab luks,keyscript=decrypt_keyctl The problem is update-initramfs fails because /bin/keyctl is required but it is not installed. It works after I installed keyutils but I had to debug the script to figure out what had to be installed. A package dependency should make sure this program is already installed to avoid this problem. # cat /etc/crypttab luks-0d020ecb-9fae-40fb-9ddf-8a75c8830d9c UUID=0d020ecb-9fae-40fb-9ddf- 8a75c8830d9c none luks,keyscript=decrypt_keyctl luks-182a31c7-38da-4c7f-9bf6-3568c0dbf1d4 UUID=182a31c7-38da-4c7f- 9bf6-3568c0dbf1d4 none luks,keyscript=decrypt_keyctl luks-d1c60f39-a178-46f9-824d-6353b97158c3 UUID=d1c60f39-a178-46f9-824d- 6353b97158c3 none luks,keyscript=decrypt_keyctl # cat /etc/debian_version 7.3 The main update-initramfs command fails: # update-initramfs -u -k all update-initramfs: Generating /boot/initrd.img-3.2.0-4-amd64 E: /usr/share/initramfs-tools/hooks/cryptkeyctl failed with return 1. update-initramfs: failed for /boot/initrd.img-3.2.0-4-amd64 with 1. The internal commands which fails: # mkinitramfs -o /boot/initrd.img-3.2.0-4-amd64.new 3.2.0-4-amd64 E: /usr/share/initramfs-tools/hooks/cryptkeyctl failed with return 1. dpkg -S /usr/share/initramfs-tools/hooks/cryptkeyctl would tell, which package that files belongs too, hence reassigned. # bash -x /usr/share/initramfs-tools/hooks/cryptkeyctl + set -e + PREREQ=cryptroot + case $1 in + . /usr/share/initramfs-tools/hook-functions + '[' '!' -x /lib/cryptsetup/scripts/decrypt_keyctl ']' + copy_exec /bin/keyctl + local src target x nonoptlib + local libname dirname + src=/bin/keyctl + target=/bin/keyctl + '[' -f /bin/keyctl ']' + return 1 The missing program is /bin/keyctl: # ls -lh /bin/keyctl ls: cannot access /bin/keyctl: No such file or directory The solution is to install the missing package: # apt-get install keyutils Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: keyutils 0 upgraded, 1 newly installed, 0 to remove and 1 not upgraded. Need to get 36.2 kB of archives. After this operation, 86.0 kB of additional disk space will be used. Get:1 http://ftp.uk.debian.org/debian/ wheezy/main keyutils amd64 1.5.5-3 [36.2 kB] Fetched 36.2 kB in 0s (125 kB/s) Selecting previously unselected package keyutils. (Reading database ... 125426 files and directories currently installed.) Unpacking keyutils (from .../keyutils_1.5.5-3_amd64.deb) ... Processing triggers for man-db ... Setting up keyutils (1.5.5-3) ... Finally it works: thanks. # update-initramfs -u -k all update-initramfs: Generating /boot/initrd.img-3.2.0-4-amd64 -- maks -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
