Bug 607699
Summary: | Plymouth not asking for crypto swap password | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | David Kovalsky <dkovalsk> | ||||||
Component: | dracut | Assignee: | Harald Hoyer <harald> | ||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Release Test Team <release-test-team-automation> | ||||||
Severity: | high | Docs Contact: | |||||||
Priority: | high | ||||||||
Version: | 6.0 | CC: | atodorov, benl, borgan, pknirsch, qcai, syeghiay, twaugh | ||||||
Target Milestone: | rc | ||||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | dracut-004-29.el6 | Doc Type: | Bug Fix | ||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2010-11-10 20:19:23 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Comment 3
Ray Strode [halfline]
2010-06-24 21:36:44 UTC
Created attachment 430297 [details]
boot stuck screenshot
So basically only swap is encrypted on a LVM device, right? I just want to narrow down where the problem really comes from as well. What happens if you encrypt / as well e.g.? Thanks & regards, Phil First I started (randomly, like 1/20 boots) seeing this was only with swap encrypted. Now I also have /home encrypted. [root@kovinek ~]# cat /etc/crypttab cryptoswap_1 /dev/vg_kovinek/swap_1 none cryptohome /dev/vg_kovinek/cryptohome none [root@kovinek ~]# lvs LV VG Attr LSize Origin Snap% Move Log Copy% Convert cryptohome vg_kovinek -wi-ao 60.00g plaindata vg_kovinek -wi-a- 20.00g root_1 vg_kovinek -wi-a- 10.00g root_2 vg_kovinek -wi-ao 10.00g root_3 vg_kovinek -wi-a- 15.00g swap_1 vg_kovinek -wi-ao 4.00g I don't have an installation with RHEL6 encrypted home ATM, but if really required, I can install it. It might take a while though due to the fact that PXE installs don't work on the notebook (bug 607716), we don't have ISOs locally and I have a couple of burning items on the plate. So I'd prefer some VeryVerboseBoot and update the logs if possible - not sure how to do that though :) please boot with "rdinitdebug" and without "quiet" on the kernel command line Grub line modified and now waiting for the hanging condition. Stay tuned ... /etc/fstab: /dev/mapper/luks-4e4086f8-4f57-4b50-a8fd-d826b400250b swap swap defaults 0 0 /dev/mapper/vg_kovinek-swap_1 swap swap defaults 0 0 hmmm, this looks like /dev/mapper/luks-4e4086f8-4f57-4b50-a8fd-d826b400250b is a swap and /dev/mapper/vg_kovinek-swap_1 unencrypted is a swap, too? Since your root is not encrypted, "rd_NO_LUKS" on the kernel command line should solve any issues. If you want to resume from your swap partition, you would have to specify: "resume=/dev/mapper/vg_kovinek-swap_1 rd_LUKS_UUID=4e4086f8-4f57-4b50-a8fd-d826b400250b". Hi Harald, I likely had my fstab messed up after playing a bit with a new installation, sorry. Nevertheless, I was able to catch the hang again with the debugging output. Attaching screenshot. FYI, current fstab: /dev/mapper/vg_kovinek-root_2 / ext4 defaults 1 1 UUID=2c262d9f-26d5-498f-ad19-129c18ec51ed /boot ext2 defaults 1 2 /dev/mapper/cryptoswap_1 swap swap defaults 0 0 /dev/mapper/cryptohome /home ext4 noatime,nodiratime 1 2 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 + some irrelevant noauto NFS mounts /etc/crypttab cryptoswap_1 /dev/vg_kovinek/swap_1 none cryptohome /dev/vg_kovinek/cryptohome none Created attachment 431166 [details]
boot stuck screenshot with debug
OK, modified grub.conf and will see if it helps. Current kernel line: kernel /vmlinuz-2.6.32-44.el6.x86_64 ro root=/dev/mapper/vg_kovinek-root_2 rd_LVM_LV=vg_kovinek/root_2 rd_LUKS_UUID=luks-4e4086f8-4f57-4b50-a8fd-d826b400250b rd_LVM_LV=vg_kovinek/swap_2 rd_NO_MD rd_NO_DM rd_NO_LUKS LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us rdinitdebug crashkernel=auto resume=/dev/mapper/vg_kovinek-swap_1 (In reply to comment #18) > OK, modified grub.conf and will see if it helps. Current kernel line: > kernel /vmlinuz-2.6.32-44.el6.x86_64 ro root=/dev/mapper/vg_kovinek-root_2 > rd_LVM_LV=vg_kovinek/root_2 > rd_LUKS_UUID=luks-4e4086f8-4f57-4b50-a8fd-d826b400250b > rd_LVM_LV=vg_kovinek/swap_2 rd_NO_MD rd_NO_DM rd_NO_LUKS LANG=en_US.UTF-8 > SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us rdinitdebug > crashkernel=auto resume=/dev/mapper/vg_kovinek-swap_1 rd_LUKS_UUID=4e4086f8-4f57-4b50-a8fd-d826b400250b Fixed. Thanks! Hm, stupid question of the day: Aren't swap and home only mounted later on during the boot process typically? At least thats what lingers in the back of my mind. Certainly, to be able to resume from hibernate from an encrypted swap that needs to happen in dracut, but otherwise why would the password for a swap partition be required before the pviotroot? Just wondering and adding some $0,02 here. Regards, Phil (In reply to comment #21) > Hm, stupid question of the day: > > Aren't swap and home only mounted later on during the boot process typically? > At least thats what lingers in the back of my mind. > > Certainly, to be able to resume from hibernate from an encrypted swap that > needs to happen in dracut, but otherwise why would the password for a swap > partition be required before the pviotroot? > > Just wondering and adding some $0,02 here. > > Regards, Phil I think, he messed up with his configuration after installation :) :-) I've been doing only changes to fstab, grub.conf and crypttab (I have a bunch of systems I'm booting ondemand basis). But I should be clean now and updated kernel several times since then. dracut-004-26.el6 dracut-004-29.el6 (15,39,17) harald: in order to call this one verified boot with only swap encrypted and plymouth has to ask for the password in the dracut phase.. before "Welcome to..." (15,40,09) harald: of course rd_LUKS_UUID=<luks uuid of the swap partition> has to be present on the kernel command line Testing with snap #10 and only lv_swap encrypted I got: # cat /proc/cmdline ro root=/dev/mapper/vg_dhcp71159-lv_root rd_LVM_LV=vg_dhcp71159/lv_root rd_LUKS_UUID=luks-b8d99b41-8c91-4601-807b-9c2b3ea2d450 rd_LVM_LV=vg_dhcp71159/lv_swap rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us rhgb quiet # cat /etc/crypttab luks-b8d99b41-8c91-4601-807b-9c2b3ea2d450 UUID=b8d99b41-8c91-4601-807b-9c2b3ea2d450 none # cat /etc/fstab # # /etc/fstab # Created by anaconda on Wed Aug 11 10:21:33 2010 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/mapper/vg_dhcp71159-lv_root / ext4 defaults 1 1 UUID=a235855f-ab8f-4017-a1a4-972bf8f2cf9e /boot ext4 defaults 1 2 /dev/mapper/luks-b8d99b41-8c91-4601-807b-9c2b3ea2d450 swap swap defaults 0 0 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 Red Hat Enterprise Linux 6.0 is now available and should resolve the problem described in this bug report. This report is therefore being closed with a resolution of CURRENTRELEASE. You may reopen this bug report if the solution does not work for you. |