Bug#767832: Initramfs provided in initramfs-tools_0.118_all won’t automount luks partitions at boot

2014-12-07 Thread Niels Thykier 
On Thu, 27 Nov 2014 10:38:06 + Simon McVittie s...@debian.org wrote:
 [...] 
 
 I think this is a cryptsetup bug. The attached patch solves my test-case
 in a virtual machine.
 
 Regards,
 S

Hi,

Thanks to Simon for providing a patch and Marc for testing it.

@cryptsetup maintainers: Do you have any remarks to patch?  Otherwise an
upload with the patch would be much appreciated.  It is one of the last
~100 RC bugs in key packages affecting Jessie.
  If available time is an issue, please let us know and we will arrange
for cryptsetup to be NMU'ed.

Thanks,
~Niels


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#767832: Initramfs provided in initramfs-tools_0.118_all won’t automount luks partitions at boot

2014-11-27 Thread Simon McVittie 
On Sun, 02 Nov 2014 at 22:21:16 +0100, zer0 divide wrote:
 I chose during installation luks partitioning (not lvm), and separated /boot
 (on an usb pendrive) partition from /root partition (on another drive with
 the other one).

That isn't a full description of what you did; I can tell because you
mention a separate /usr, /var, /home later.

Please attach your /etc/fstab and /etc/crypttab. You can censor them if
necessary, but please make it obvious where you have done so.

The output of reportbug --template initramfs-tools would also be useful.

 My system does not start automatically after I enter the password for
 unlocking the root partition. I have to unlock manually /usr (from initramfs
 ), and then do CTRL + D.

The regression here is that initramfs-tools/0.118 mounts /usr in the
initramfs, whereas initramfs-tools/0.116 does not; and cryptsetup's
initramfs hook has not been updated to provide the necessary devices
for /usr as well as the root.

I'm testing a potential solution: making cryptsetup open /usr,
not just /, during the initramfs.

S


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#767832: Initramfs provided in initramfs-tools_0.118_all won’t automount luks partitions at boot

2014-11-27 Thread Simon McVittie 
On Thu, 27 Nov 2014 at 10:02:34 +, Simon McVittie wrote:
 On Sun, 02 Nov 2014 at 22:21:16 +0100, zer0 divide wrote:
  My system does not start automatically after I enter the password for
  unlocking the root partition. I have to unlock manually /usr (from initramfs
  ), and then do CTRL + D.

Steps to reproduce what I think is the same bug:

Install jessie on a virtual machine in this arrangement:

/dev/vda1: ext4 /boot, 200M
/dev/vda2: LUKS encrypted (volume named vda2_crypt), 1.5G
containing ext4 / (root filesystem), 1.5G
/dev/vda3: LUKS encrypted (volume named vda3_crypt), 1.5G
containing ext4 /usr, 1.5G

Reboot from the installer into the real system. The root filesystem is
decrypted and mounted by the initramfs; the /usr filesystem is decrypted
and mounted after systemd starts, with a visibly different passphrase
prompt.

Upgrade to current jessie and reboot. The same things happen.

Upgrade initramfs-tools (only) to the version from sid, 0.118, and reboot.
The initramfs unlocks and fscks vda2_crypt, then after a delay:

Gave up waiting for /usr device.  Common problems:
...
ALERT!  /dev/mapper/vda3_crypt does not exist. Dropping to a shell!
...
(initramfs)

To recover: type at the initramfs prompt

cryptsetup luksOpen /dev/vda3 vda3_crypt
exit

and the system boots.

S


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Processed: Re: Bug#767832: Initramfs provided in initramfs-tools_0.118_all won’t automount luks partitions at boot

2014-11-27 Thread Debian Bug Tracking System 
Processing control commands:

 retitle 767832 cryptsetup: does not decrypt a split /usr as required by 
 initramfs-tools = 0.118
Bug #767832 [initramfs-tools] Initramfs provided in initramfs-tools_0.118_all 
won’t automount luks partitions at boot
Changed Bug title to 'cryptsetup: does not decrypt a split /usr as required by 
initramfs-tools = 0.118' from 'Initramfs provided in initramfs-tools_0.118_all 
won’t automount luks partitions at boot'
 reassign 767832 cryptsetup
Bug #767832 [initramfs-tools] cryptsetup: does not decrypt a split /usr as 
required by initramfs-tools = 0.118
Bug reassigned from package 'initramfs-tools' to 'cryptsetup'.
Ignoring request to alter found versions of bug #767832 to the same values 
previously set
Ignoring request to alter fixed versions of bug #767832 to the same values 
previously set
 found 767832 cryptsetup/2:1.6.6-3
Bug #767832 [cryptsetup] cryptsetup: does not decrypt a split /usr as required 
by initramfs-tools = 0.118
Marked as found in versions cryptsetup/2:1.6.6-3.
 affects 767832 initramfs-tools
Bug #767832 [cryptsetup] cryptsetup: does not decrypt a split /usr as required 
by initramfs-tools = 0.118
Added indication that 767832 affects initramfs-tools
 tags 767832 + patch
Bug #767832 [cryptsetup] cryptsetup: does not decrypt a split /usr as required 
by initramfs-tools = 0.118
Added tag(s) patch.

-- 
767832: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767832
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#767832: Initramfs provided in initramfs-tools_0.118_all won’t automount luks partitions at boot

2014-11-27 Thread Simon McVittie 
Control: retitle 767832 cryptsetup: does not decrypt a split /usr as required 
by initramfs-tools = 0.118
Control: reassign 767832 cryptsetup
Control: found 767832 cryptsetup/2:1.6.6-3
Control: affects 767832 initramfs-tools
Control: tags 767832 + patch

I think this is a cryptsetup bug. The attached patch solves my test-case
in a virtual machine.

Regards,
S
diffstat for cryptsetup-1.6.6 cryptsetup-1.6.6

 changelog|8 
 initramfs/cryptroot-hook |   11 +++
 2 files changed, 15 insertions(+), 4 deletions(-)

diff -Nru cryptsetup-1.6.6/debian/changelog cryptsetup-1.6.6/debian/changelog
--- cryptsetup-1.6.6/debian/changelog	2014-10-22 18:28:59.0 +0100
+++ cryptsetup-1.6.6/debian/changelog	2014-11-27 10:13:13.0 +
@@ -1,3 +1,11 @@
+cryptsetup (2:1.6.6-3.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * debian/initramfs/cryptroot-script: decrypt /usr as well as / so that
+split-/usr will work with initramfs-tools (= 0.118). (closes: #767832)
+
+ -- Simon McVittie s...@debian.org  Thu, 27 Nov 2014 10:12:15 +
+
 cryptsetup (2:1.6.6-3) unstable; urgency=medium
 
   * debian/initramfs/cryptroot-script: fix environment variable $CRYPTTAB_TRIED
diff -Nru cryptsetup-1.6.6/debian/initramfs/cryptroot-hook cryptsetup-1.6.6/debian/initramfs/cryptroot-hook
--- cryptsetup-1.6.6/debian/initramfs/cryptroot-hook	2014-10-02 12:20:55.0 +0100
+++ cryptsetup-1.6.6/debian/initramfs/cryptroot-hook	2014-11-27 10:27:45.0 +
@@ -16,8 +16,9 @@
 
 . /usr/share/initramfs-tools/hook-functions
 
-get_root_devices() {
+get_fs_devices() {
 	local device mount type options dump pass
+	local wantmount=$1
 
 	if [ ! -r /etc/fstab ]; then
 		return 1
@@ -25,7 +26,7 @@
 
 	grep -s '^[^#]' /etc/fstab | \
 	while read device mount type options dump pass; do
-		if [ $mount = / ]; then
+		if [ $mount = $wantmount ]; then
 			local devices
 			if [ $type = btrfs ]; then
 for dev in $(btrfs filesystem show $(canonical_device $device --no-simplify) 2/dev/null | sed -r -e 's/.*devid .+ path (.+)/\1/;tx;d;:x') ; do
@@ -611,6 +612,7 @@
 
 setup=no
 rootdevs=
+usrdevs=
 resumedevs=
 
 # Include cryptsetup modules, regardless of _this_ machine
@@ -621,16 +623,17 @@
 
 # Find the root and resume device(s)
 if [ -r /etc/crypttab ]; then
-	rootdevs=$(get_root_devices)
+	rootdevs=$(get_fs_devices /)
 	if [ -z $rootdevs ]; then
 		echo cryptsetup: WARNING: could not determine root device from /etc/fstab 2
 	fi
+	usrdevs=$(get_fs_devices /usr)
 	resumedevs=$(get_resume_devices)
 	initramfsdevs=$(get_initramfs_devices)
 fi
 
 # Load the config opts and modules for each device
-for dev in $rootdevs $resumedevs $initramfsdevs; do
+for dev in $rootdevs $usrdevs $resumedevs $initramfsdevs; do
 	if ! modules=$(add_device $dev); then
 		echo cryptsetup: FAILURE: could not determine configuration for $dev 2
 		continue

Bug#767832: Initramfs provided in initramfs-tools_0.118_all won’t automount luks partitions at boot

2014-11-27 Thread Marc Haber 
On Thu, Nov 27, 2014 at 10:38:06AM +, Simon McVittie wrote:
 I think this is a cryptsetup bug. The attached patch solves my test-case
 in a virtual machine.

I confirm that this also fixes things for me on a real system.

Greetings
Marc

-- 
-
Marc Haber | I don't trust Computers. They | Mailadresse im Header
Leimen, Germany|  lose things.Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600420


-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#767832: Initramfs provided in initramfs-tools_0.118_all won’t automount luks partitions at boot

2014-11-02 Thread zer0 divide 

Package: initramfs-tools
Version: 0.118_all
Severity: Critical

Hi,

I lastly did a clean install of debian amd64. I used for this a SID 
mini.iso from here 
http://ftp.nl.debian.org/debian/dists/sid/main/installer-amd64/current/images/netboot/


I chose during installation luks partitioning (not lvm), and separated 
/boot (on an usb pendrive) partition from /root partition (on another 
drive with the other one).
Then, at the end of the installation, I restarted my system and was 
unable to get it working. Indeed, debian was unable to find some partitions.


After a lot of time, I find out why things gone wrong. There where 
mismatch between /etc/fstab and /etc/crypttab. UUID and devices 
combination in crypttab file were different from /etc/fstab.
For exemple, it was written an UUID for a particular /dev on crypttab 
that was different from /etc/fstab (like /dev/mapper/sda6_crypt for /usr 
in crypttab, but listed as sda7_crypt in fstab, the /var partition)


So, from initramfs, I manually mounted all drives, and then did CTRL + 
D. The system finally boot completely. I corrected the crypttab and the 
fstab files, and chose the «file option» for unlocking each partition 
(/usr; /var; swap; /tmp; /home

But I still get some problems.


My system does not start automatically after I enter the password for 
unlocking the root partition. I have to unlock manually /usr (from 
initramfs ), and then do CTRL + D.


Finally, I discovered that initramfs-tools_0.118_all.deb is buggy. 
Indeed, when I replaced it for initramfs-tools_0.116_all.deb, my system 
boot perfectly.


Here what I get before booting manually :
/
//
/ /Decompressiong Linux… Parsing ELF… done.//
//Booting the kernel.//
//Loading, please wait...//
//Please unlock disk sda1_crypt://
//cryptsetup: sda1_crypt set up successfully//
//fsck from util-linux 2.25.2//
///dev/mapper/sda1_crypt: clean, 7869/170688 files, 89041/682752 blocks//
//Gave up waiting for /usr device.  Common problems://
// - Boot args (cat /proc/cmdline)//
//   - Check rootdelay= (did the system wait long enough?)//
// - Missing modules (cat /proc/modules; ls /dev)//
//ALERT!  /dev/mapper/sda5_crypt does not exist.  Dropping to a shell!//
//modprobe: module ehci-orion not found in modules.dep//
//
//
//BusyBox v1.22.1 (Debian 1:1.22.0-9) built-in shell (ash)//
//Enter 'help' for a list of built-in commands./