|Summary:||RHEL 7 kickstart text mode installation halts when just --encrypted is mentioned|
|Product:||Red Hat Enterprise Linux 7||Reporter:||Abhijeet Sadawarte <asadawar>|
|Component:||anaconda||Assignee:||Vendula Poncova <vponcova>|
|Status:||CLOSED ERRATA||QA Contact:||Release Test Team <release-test-team>|
|Severity:||medium||Docs Contact:||Sharon Moroney <smoroney>|
|Version:||7.3||CC:||apstallard92, asadawar, cww, dan, dominik, dverbeeck, jcastran, jkonecny, jstodola, pasik, phil.seeley, sbueno, smoroney, vponcova, vslavik|
|Fixed In Version:||anaconda-126.96.36.199-1||Doc Type:||Bug Fix|
Text mode will now prompt for a passphrase if a Kickstart file does not provide one while enabling encryption Prior to this update, if you used the text mode interface with a Kickstart file that enabled disk encryption but did not provide a passphrase, the installation failed with an error. This update prompts the user to provide a passphrase during installation if the partitioning specified in the provided Kickstart file requires one.
|Last Closed:||2018-10-30 07:52:43 UTC||Type:||Bug|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
|Bug Depends On:|
|Bug Blocks:||1477664, 1557360|
Description Abhijeet Sadawarte 2017-03-27 15:44:59 UTC
Description of problem: When RHEL7 is kickstarted in text mode using the following partitioning, it fails with unfinished Disk configuration (Error checking storage configuration) error and would not prompt for luks password as RHEL 6 text mode or RHEL 7 graphical installation. ~~~ clearpart --all --initlabel part /home --fstype=ext4 --size=500 --encrypted part /boot --fstype=ext4 --size=200 part swap --size=1000 part / --fstype=ext4 --grow --size=200 ~~~ In RHEL 6 text mode, this was prompting the user to provide the password and even RHEL7 documentation mentions as follows. --encrypted — Specifies that this logical volume should be encrypted, using the passphrase provided in the --passphrase= option. If you do not specify a passphrase, the installation program will use the default, system-wide passphrase set with the autopart --passphrase command, or stops the installation and prompts you to provide a passphrase if no default is set. Version-Release number of selected component (if applicable): RHEL7.x How reproducible: Always Steps to Reproduce: 1. Use the partitioning mentioned above and start the installation in text mode. 2. See the error Actual results: anaconda installer fails with "Error checking storage configuration" error and doesn't prompt for luck passphrase Expected results: It should have asked for password for passphrase like RHEL6 and as per documentation. Additional info: Similar bug (Bug 1185466) was filed for RHEL 7 graphical installation and resolved with an error but customer is expecting same behaviour in RHEL 7 text mode installation as well.
Comment 2 Samantha N. Bueno 2017-08-03 07:48:13 UTC
Please attach logs to this bug as individual, text/plain attachments. They can be found in /tmp.
Comment 4 Dan Snider 2017-09-05 12:13:38 UTC
Created attachment 1322177 [details] Anaconda Interface Config Log
Comment 6 Dan Snider 2017-09-05 12:15:19 UTC
Created attachment 1322180 [details] Anaconda Program Log
Comment 7 Dan Snider 2017-09-05 12:16:17 UTC
Created attachment 1322181 [details] Anaconda Storage Log
Comment 8 Dan Snider 2017-09-05 12:30:33 UTC
(In reply to Samantha N. Bueno from comment #2) > Please attach logs to this bug as individual, text/plain attachments. They > can be found in /tmp. I have attached logs of a kickstarted text installation of RHEL 7.4 on a virtual machine using the following kickstart partitioning scheme: - # System bootloader configuration. bootloader --location=mbr --boot-drive=vda clearpart --all --initlabel --drives=vda zerombr # Disk partitioning information. part /home --fstype=ext4 --size=2048 --encrypted part /boot --fstype=ext4 --size=512 part swap --size=1000 part / --fstype=ext4 --grow --size=200 - The error I get in Anaconda is: "LUKS device vda2 has no encryption key" If I provide a blank --passphrase flag Anaconda dies with the error: "The following problem occurred on line 40 of the kickstart file: --passphrase option requires an argument"
Comment 9 Adam Stallard 2017-10-27 22:06:18 UTC
I am experiencing this issue as well. I am using a plaintext passphrase right now, but this is very undesirable as the config is stored on our PXE install server and then shows up in original-ks.cfg in /root. Are there plans to implement an encrypted passphrase such as it is done with the root password? I noticed some discussion here years back but haven't found info on the current state of that as of today with centOS 7.
Comment 12 Vendula Poncova 2018-05-03 17:12:44 UTC
Fixed in a pull request: https://github.com/rhinstaller/anaconda/pull/1468
Comment 14 Jan Stodola 2018-07-19 10:40:34 UTC
Verified with anaconda-188.8.131.52-2.el7. Anaconda running in text mode asks for the encryption password. Tested the autopart, part and pv kickstart commands. Also retested cmdline and graphical installations for possible regressions - no change comparing to RHEL-7.5 GA was found. Moving to VERIFIED.
Comment 21 errata-xmlrpc 2018-10-30 07:52:43 UTC
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:3035