Bug 1776408
Summary: | Ambiguous error returned preventing user from understanding the root cause of the error | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Renaud Métrich <rmetrich> |
Component: | systemd | Assignee: | David Tardon <dtardon> |
Status: | CLOSED ERRATA | QA Contact: | Frantisek Sumsal <fsumsal> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 8.1 | CC: | agk, dtardon, fkrska, jbrassow, mbroz, okozina, prajnoha, sbroz, systemd-maint-list |
Target Milestone: | rc | Keywords: | EasyFix, Patch, Reproducer |
Target Release: | 8.2 | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | systemd-239-23.el8 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2020-04-28 16:45:29 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Renaud Métrich
2019-11-25 16:03:30 UTC
I think that error message should be fixed on systemd-cryptsetup side. It should interpret -EBUSY return code from libcryptsetup not for a keyfile but data device instead. For example with cryptsetup cli I get following: [root@machine /]# mount /dev/sdc /mnt/blabla [root@machine /]# cryptsetup open --type plain /dev/sdc --key-file /dev/urandom sdc_crypt Cannot use device /dev/sdc which is in use (already mapped or mounted). Indeed, sorry for the noise, everything is fine on cryptsetup's side. But systemd's cryptsetup_log_glue() is broken, it logs everything at DEBUG level: -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- 7 void cryptsetup_log_glue(int level, const char *msg, void *usrptr) { 8 log_debug("%s", msg); 9 } -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- Probably the cryptsetup_log_glue() function should be modified to store the message somewhere for processing by the caller (only the caller can decide whether there is actually a failure). Additionally, when it goes with setting up the swap device with /dev/urandom, it is non-sense to retry the command interactively, as currently seen: (usually done by generated systemd-crypsetup): -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- # /usr/lib/systemd/systemd-cryptsetup attach swap-enc /dev/mapper/rhel-swap /dev/urandom swap Failed to activate with key file '/dev/urandom': Device or resource busy Please enter passphrase for disk rhel-swap (swap-enc) on swap! -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- --> That "Please enter passphrase ..." message shouldn't happen when the issue is on the device being busy (not the key file having an issue). We at least need to backport this: -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- commit aa2cc005d77890b07e8c579f25e1333ff8ba8dac Author: Jan Janssen <medhefgo> Date: Mon Jun 25 20:33:31 2018 +0200 crypt-util: Translate libcryptsetup log level instead of using log_debug() This makes sure that errors reported by libcryptsetup are shown to the user instead of getting swallowed up by log_debug(). -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- This commit logs at appropriate level. The fix should consist of 2 parts: 1. backporting aa2cc005d77890b07e8c579f25e1333ff8ba8dac 2. not asking for password if error is "device busy" (there is no point in asking for password in such case) So it's not so easy fix, but almost :-) Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:1794 |