Bug 2295215

Summary: With dracut 102, 'standard' passphrase prompt appears during rescue boot
Product: [Fedora] Fedora Reporter: Adam Williamson <awilliam>
Component: dracutAssignee: dracut-maint-list
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: rawhideCC: dracut-maint-list, jamacku, laszlo.gombos, lnykryn, ngompa13, pvalena
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: openqa
Fixed In Version: dracut-102-2.fc41 dracut-102-2.fc40 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-07-16 10:54:30 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Adam Williamson 2024-07-02 18:25:49 UTC
Up until dracut 102 came out, if you boot rescue mode on a system with encrypted root, this is how it worked:

1. Rescue mode would boot and prompt for "Continue", "Read-only mount" or "Skip to shell"
2. If you pick Continue or Read-only mount, rescue mode would prompt you for the passphrase to decrypt the installed system; if you picked Skip to shell it would not

With dracut 102, this has changed. You now see the "regular" encryption passphrase prompt during dracut phase, before the rescue mode menu appears. This isn't the intended experience. I guess this is related to "systemd-cryptsetup: factor out systemd-cryptsetup support into its own module".

Neal says he thinks there are fixes for this upstream in post-102.

Comment 1 Neal Gompa 2024-07-02 19:43:16 UTC
Hmm, there may not be yet, I just looked at https://github.com/dracut-ng/dracut-ng/commits/main/modules.d/90systemd-cryptsetup and saw nothing in particular that stands out...

Comment 2 Laszlo 2024-07-02 20:11:36 UTC
recent crypt changes - https://github.com/dracut-ng/dracut-ng/pulls?q=is%3Apr+is%3Aclosed+crypt

I would start by adding https://github.com/dracut-ng/dracut-ng/pull/373. 

If that does not work, perhaps revert https://github.com/dracut-ng/dracut-ng/pull/320

https://github.com/dracut-ng/dracut-ng/issues/333 has some good discussion with additional ideas - e.g. setting rd.auto=0

Comment 4 Adam Williamson 2024-07-02 21:10:54 UTC
hmm, we may want to add rd.auto to rescue mode, but...I'm not sure if rescue mode happens to be *relying* on it to construct things in some other cases...

Comment 5 Laszlo 2024-07-02 21:16:29 UTC
https://github.com/dracut-ng/dracut-ng/pull/237 could also has some surprising side-effect that can be mitigated on kernel command line.

Comment 6 Pavel Valena 2024-07-09 08:53:14 UTC
I'm so sorry I skipped asking for openQA this time. (Will remember to do it next time.)

Should I backport anything in the meantime? Or simply revert?

Comment 7 Laszlo 2024-07-09 11:24:26 UTC
> With dracut 102, this has changed. You now see the "regular" encryption passphrase prompt during dracut phase

Could you perhaps add a kernel command line option to disable encryption passphrase prompt - e.g. systemd.mask=systemd-ask-password-console.service

Comment 8 Pavel Valena 2024-07-11 13:14:28 UTC
Looking at the code, I think this specific issue _is_ caused by the inclusion of PR 373.

Can you check if adding `rd.auto=0` to the kernel command line mitigates the issue?

Comment 9 Pavel Valena 2024-07-11 14:09:06 UTC
Ad Comment 8; Sorry, I meant to write PR 320.

I will revert PR 320 for now, as it looks quite unreasonable to me anyway:

https://github.com/dracut-ng/dracut-ng/issues/492

Comment 10 Laszlo 2024-07-11 14:53:19 UTC
I am not yet convinced that PR 320 is responsible for this change in behavior. 

Can you please land https://github.com/redhat-plumbers/dracut-fedora/pull/33 and confirm that this one single PR revert would restore the earlier functionality fully before we engage in the upstream discussion ? Thank you !

Comment 11 Pavel Valena 2024-07-13 11:40:49 UTC
FTR, Laszlo, Fedora is not a testing ground. If you're not able to test whether you're doing breaking changes, you have a blind-spot in the test suite (and those kind of changes should come with some test anyway). I am reverting it because I think it shouldn't be merged in the first place (and I'm keeping the patch).

Comment 12 Laszlo 2024-07-13 15:42:28 UTC
Okey, noted.

Comment 13 Neal Gompa 2024-07-13 18:32:39 UTC
(In reply to Pavel Valena from comment #11)
> FTR, Laszlo, Fedora is not a testing ground. If you're not able to test
> whether you're doing breaking changes, you have a blind-spot in the test
> suite (and those kind of changes should come with some test anyway). I am
> reverting it because I think it shouldn't be merged in the first place (and
> I'm keeping the patch).

For the record, Fedora Rawhide is used as such by *many* upstreams, notably GCC, LLVM, and historically even Dracut. While it's true we want to have as much coverage as possible within Dracut itself, we are not necessarily going to have everything that our downstream users have. And this is simply one of those cases. Obviously, I don't want to solely rely on Fedora Rawhide for that sort of thing, but a productive opportunity would be to help us extend our test suite to cover this gap rather than yelling at us.

But I will also point out as both a member of upstream and a Fedora contributor, the Fedora dracut package using source-git has made things difficult. We are kind of stuck between a rock and a hard place to do anything, since your source-git repo is basically locked to Red Hatters. We have been paralyzed for trying to deliver backport fixes because of this too. There's at least one other bug that has been stuck for weeks because none of us can do anything due to the source-git setup. I will reiterate my request that dracut in Fedora please not use source-git so that normal Fedora packager workflows can function properly.

Comment 14 Pavel Valena 2024-07-16 08:45:30 UTC
(In reply to Neal Gompa from comment #13)

> For the record, Fedora Rawhide is used as such by *many* upstreams, notably
> GCC, LLVM, and historically even Dracut. While it's true we want to have as
> much coverage as possible within Dracut itself, we are not necessarily going
> to have everything that our downstream users have. And this is simply one of
> those cases. Obviously, I don't want to solely rely on Fedora Rawhide for
> that sort of thing, but a productive opportunity would be to help us extend
> our test suite to cover this gap rather than yelling at us.

Sure, I do see it an opportunity; I hope to get around to extending test the suite. But at the moment I have other important work I'm afraid. Sorry to get you the impression of yelling, I was just trying to point out that I prefer stability - e.g. ppl being able to boot without issues. Anyway at the same time, I always welcome new features. I just do not think fitting the upstream by tweaking defauls hidden in some module just to satisfy one distribution probably wasn't the right choice. And I also think I'm not the only one.

> But I will also point out as both a member of upstream and a Fedora
> contributor, the Fedora dracut package using source-git has made things
> difficult. We are kind of stuck between a rock and a hard place to do

If you rather find creating a PR on github bothersome, feel free to create a PR in pagure. The `source-git` sync works both ways. I just find rebases and cherry-picking easier than handling patches by hand. Also it runs the upstream test suite :).

> anything, since your source-git repo is basically locked to Red Hatters. We

Locked? Probably same as the dist-git, right? But feel free to push commits to dist-git per my previous comment if you find something of urgency to fix - nothing has changed there.

> have been paralyzed for trying to deliver backport fixes because of this
> too. There's at least one other bug that has been stuck for weeks because
> none of us can do anything due to the source-git setup. I will reiterate my
> request that dracut in Fedora please not use source-git so that normal
> Fedora packager workflows can function properly.

I have seen no PR anywhere; may I ask what fix you want delivered? I don't think the source-git interferes with the workflows in any way - do you have some hard argument for that or is that just based on your preference/opinion?

Comment 15 Fedora Update System 2024-07-16 09:06:06 UTC
FEDORA-2024-0495a4da6c (dracut-102-2.fc41) has been submitted as an update to Fedora 41.
https://bodhi.fedoraproject.org/updates/FEDORA-2024-0495a4da6c

Comment 16 Fedora Update System 2024-07-16 10:54:30 UTC
FEDORA-2024-0495a4da6c (dracut-102-2.fc41) has been pushed to the Fedora 41 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 17 Fedora Update System 2024-07-16 11:49:36 UTC
FEDORA-2024-18215bc41f (dracut-102-2.fc40) has been submitted as an update to Fedora 40.
https://bodhi.fedoraproject.org/updates/FEDORA-2024-18215bc41f

Comment 18 Fedora Update System 2024-07-17 08:21:08 UTC
FEDORA-2024-18215bc41f has been pushed to the Fedora 40 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-18215bc41f`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-18215bc41f

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 19 Fedora Update System 2024-07-19 01:45:56 UTC
FEDORA-2024-18215bc41f (dracut-102-2.fc40) has been pushed to the Fedora 40 stable repository.
If problem still persists, please make note of it in this bug report.