Bug#940710: Fails to load pkcs8_key_parser module
Control: reassign -1 linux-image-5.2.0-2-amd64 Control: retitle -1 Please enable CONFIG_PKCS8_PRIVATE_KEY_PARSER Hi Andreas, On Tue, Sep 24, 2019 at 1:32 PM Andreas Henriksson wrote: > Hello Felipe Sateler, > > On Tue, Sep 24, 2019 at 10:03:19AM -0300, Felipe Sateler wrote: > > Control: reopen -1 > [...] > > This causes failed boots on debian by default [...] > > Really? Please share more info! It certainly doesn't for me. > Sorry, I was a bit sloppy in my wording. What I mean is that systemd considers the boot degraded because `systemd-modules-load` fails: % systemctl is-system-running degraded % systemctl --no-legend --failed systemd-modules-load.service loaded failed failed Load Kernel Modules % systemctl --no-legend status systemd-modules-load.service ● systemd-modules-load.service - Load Kernel Modules Loaded: loaded (/lib/systemd/system/systemd-modules-load.service; static; vendor preset: enabled) Active: failed (Result: exit-code) since Thu 2019-04-11 12:28:36 -04; 5 months 13 days ago Docs: man:systemd-modules-load.service(8) man:modules-load.d(5) Process: 530 ExecStart=/lib/systemd/systemd-modules-load (code=exited, status=1/FAILURE) Main PID: 530 (code=exited, status=1/FAILURE) Apr 11 12:28:36 felipeasus systemd[1]: Starting Load Kernel Modules... Apr 11 12:28:36 felipeasus systemd-modules-load[530]: Failed to find module 'pkcs8_key_parser' Apr 11 12:28:36 felipeasus systemd[1]: systemd-modules-load.service: Main process exited, code=exited, status=1/FAILURE Apr 11 12:28:36 felipeasus systemd[1]: systemd-modules-load.service: Failed with result 'exit-code'. Apr 11 12:28:36 felipeasus systemd[1]: Failed to start Load Kernel Modules. > (Would also be nice if you reported a dedicated bug report about that > instead of repurposing this.) > Well, the root cause is the same, so I thought I'd just reopen. > > > [...] since the debian kernels don't enable that module: > > > > % grep CONFIG_PKCS8_PRIVATE_KEY_PARSER /boot/config-* > > /boot/config-5.2.0-2-amd64:# CONFIG_PKCS8_PRIVATE_KEY_PARSER is not set > > /boot/config-5.3.0-rc5-amd64:# CONFIG_PKCS8_PRIVATE_KEY_PARSER is not set > > I'm aware that it doesn't (at the moment). AFAIK the usual debian kernel > team policy is to enable things on request, so someone just needs to > request it. Since you're not the first to ask *me* (even though I'm not > on the kernel team) I've already asked on #debian-kernel if they can > enable it while at the same time asking people to please not use me as a > proxy. > I'm sorry you feel like I'm using you as middleman. As I said in the part quoted below, I didn't know if requesting the kernel maintainers to add this option makes sense. I'm happy to request it myself: #941098. > > > > > Since I have no idea what does pkcs8_key_parser do, I don't know if it > > would be best to have linux enable that option or to have iwd not ship > this > > file. > > It is needed if you want to use iwd to connect to wpa enterprise > networks. Thanks for the explanation. This means the best solution (from the iwd POV) is to have the kernel enable the option. I have requested that feature now on #941098. -- Saludos, Felipe Sateler
Bug#940710: Fails to load pkcs8_key_parser module
Hello Felipe Sateler, On Tue, Sep 24, 2019 at 10:03:19AM -0300, Felipe Sateler wrote: > Control: reopen -1 [...] > This causes failed boots on debian by default [...] Really? Please share more info! It certainly doesn't for me. (Would also be nice if you reported a dedicated bug report about that instead of repurposing this.) > [...] since the debian kernels don't enable that module: > > % grep CONFIG_PKCS8_PRIVATE_KEY_PARSER /boot/config-* > /boot/config-5.2.0-2-amd64:# CONFIG_PKCS8_PRIVATE_KEY_PARSER is not set > /boot/config-5.3.0-rc5-amd64:# CONFIG_PKCS8_PRIVATE_KEY_PARSER is not set I'm aware that it doesn't (at the moment). AFAIK the usual debian kernel team policy is to enable things on request, so someone just needs to request it. Since you're not the first to ask *me* (even though I'm not on the kernel team) I've already asked on #debian-kernel if they can enable it while at the same time asking people to please not use me as a proxy. > > Since I have no idea what does pkcs8_key_parser do, I don't know if it > would be best to have linux enable that option or to have iwd not ship this > file. It is needed if you want to use iwd to connect to wpa enterprise networks. The reason to ship the pkcs8.conf file is explained as a comment inside it (no autoloading of module, so modular builds would still be as broken as non-enabled if not shipping it). To summarize: I don't really see anything to change in *iwd*. Please talk directly to kernel people for kernel stuff. Please don't repurpose bug reports for new topics. Regards, Andreas Henriksson
Bug#940710: Fails to load pkcs8_key_parser module
Control: reopen -1 Hi Andreas, On Fri, 20 Sep 2019 15:17:28 +0200 Andreas Henriksson wrote: > Hello Yuri D'Elia, > > Thanks for your bug report. > > On Thu, Sep 19, 2019 at 12:39:32PM +0200, Yuri D'Elia wrote: > > Package: iwd > > Version: 0.21-1 > > Severity: normal > > > > iwd includes /usr/lib/modules-load.d/pkcs8.conf to load pkcs8_key_parser > > when available. This however causes an error message during startup in > > my case, which I'd like to silence. > > Ok. > This causes failed boots on debian by default since the debian kernels don't enable that module: % grep CONFIG_PKCS8_PRIVATE_KEY_PARSER /boot/config-* /boot/config-5.2.0-2-amd64:# CONFIG_PKCS8_PRIVATE_KEY_PARSER is not set /boot/config-5.3.0-rc5-amd64:# CONFIG_PKCS8_PRIVATE_KEY_PARSER is not set Since I have no idea what does pkcs8_key_parser do, I don't know if it would be best to have linux enable that option or to have iwd not ship this file. Saludos
Bug#940710: Fails to load pkcs8_key_parser module
Package: iwd Version: 0.21-1 Severity: normal iwd includes /usr/lib/modules-load.d/pkcs8.conf to load pkcs8_key_parser when available. This however causes an error message during startup in my case, which I'd like to silence. I would recommend moving the file to /etc/modules-load.d, possibly using ucf, so that I can modify/remove the file and have the change persist across package upgrades. -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (900, 'unstable'), (800, 'experimental'), (500, 'unstable-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.2.0-2-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages iwd depends on: ii libc6 2.29-1 ii libreadline8 8.0-3 iwd recommends no packages. iwd suggests no packages.