Bug 655538
| Summary: | Passwords for non root encrypted devices print during boot. | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Bruno Wolff III <bruno> | ||||
| Component: | plymouth | Assignee: | Ray Strode [halfline] <rstrode> | ||||
| Status: | CLOSED EOL | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | 19 | CC: | a.badger, arvidjaar, bruno, dblechte, fedora, lpoetter, mcepl, mcepl, metherid, mschmidt, plautrba, rstrode, rvokal | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2015-02-17 13:28:51 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Bruno Wolff III
2010-11-21 15:53:13 UTC
When I rebooted using upstart to test another issue, I was only asked for the password once. Hmm, seems we do not support caching passphrases yet. Presumably you are using the same passphrase on multiple disks, right? Hmm, are you prompted for the passwords using plymouth? or using the text cryptsetup tools? Yes, I use the same password on several devices (software raid binding partitions together). I think the luks tools. It gets pretty messy since several things are running at once. There also seem to be timeouts that are relatively short and if I mess up, I don't always get the passwords entered in time. I get the same problem. My home directory is encrypted, the password asked gets displayed on the console and asterisks appear briefly only after enter is pressed - looks to me like the wrong device is set to raw mode (or it isn't set at all because of permissions - didn't realize this worked correctly for root device since my root isn't encrypted, just home. Also, this fits with my proposed explanation). Bruno, how have you configured plymouth? Are you passing any kernel arguments to disable Plymouth? Which ones exactly? I'd like to reproduce this here and hence would like to know how exactly I can trigger the problem you pointed out with multiple tools fighting for the console. kernel (hd0,0)/vmlinuz-2.6.36.2-12.rc1.fc15.i686.PAE ro root=/dev/mapper/luks-58 aa4879-4d9f-4074-ac4b-173be649c36d SYSFONT=latarcyrheb-sun16 LANG=en_US.UTF-8 KE YTABLE=us This is missing rhgb and quiet if I remember correctly. I see the same issues when booting later kernels, but on this machine my video card has extra issues with 2.6.37 kernels so I don't normally use them. It looks like here two different problems may be mixed; I have the same as comment #5. I was fighting with this problem through the last week. The problem happens when plymouth is started by dracut; in this case dracut immediately requests show-splash and plymouth starts to show details splash in case graphic was disabled. Later during boot sequence something resets console terminal settings from what plymough had set it to. Which by itself is rather weird because plymouth locks them. But I have log that proves it :) I was not able to find exact reason. On my system disabling fedora-readonly.service magically stopped screwing up terminal settings. Now, fedora-readonly is leftover from iniscripts and it calls /etc/init.d/functions which /may/ do something weird to terminal. I am going to play with it a bit more after I am back from business trip(s) :) BTW I'm using Mandriva but iniscripts are to large extent the same. The bug started to happen only after I built initscripts 9.24 and switched to booting without rc.sysinit. (In reply to comment #8) > It looks like here two different problems may be mixed; I have the same as > comment #5. > Well ... here is what happens. plymouth rebuilt with some extra debugging. For some reason plymouth gets HUP on opened console (we use tty7 but should not matter): [/home/bor/cooker/plymouth/BUILD/plymouth-0.8.3/src/libply/ply-event-loop.c] ply_event_loop_process_pending_events:EPOLLHUP^M [/home/bor/cooker/plymouth/BUILD/plymouth-0.8.3/src/libply/ply-event-loop.c] ply_event_loop_disconnect_source:disconnecting source with fd 10^M [/home/bor/cooker/plymouth/BUILD/plymouth-0.8.3/src/libply/ply-event-loop.c] ply_event_loop_handle_disconnect_for_source:calling disconnected_handler 0x7fc78ae88140 for fd 10^M [/home/bor/cooker/plymouth/BUILD/plymouth-0.8.3/src/libply-splash-core/ply-terminal.c] on_tty_disconnected:tty disconnected (fd 10)^M Next it tries to reopen it: [/home/bor/cooker/plymouth/BUILD/plymouth-0.8.3/src/libply-splash-core/ply-terminal.c] on_tty_disconnected:trying to reopen terminal '/dev/tty7'^M After terminal is reopened, we have quite strange situation where settings are locked, but actually reset to cooked input mode: [/home/bor/cooker/plymouth/BUILD/plymouth-0.8.3/src/libply-splash-core/ply-terminal.c] ply_terminal_open_device:locked attributes: iflag=ffffffff oflag=ffffffff clfag=ffffffff lflag=ffffffff line=ff ispeed=0 ospeed=e58666a8^M [/home/bor/cooker/plymouth/BUILD/plymouth-0.8.3/src/libply-splash-core/ply-terminal.c] ply_terminal_open_device:attributes: iflag=4500 oflag=5 clfag=4bf lflag=8a3b line=0 ispeed=f ospeed=f^M Later it calls ply_terminal_set_unbuffered_input() again but in this case it fails because terminal settings are locked. I do not know what is causing HUP being sent to plymouth, nor what can reset tty settings under the hood. Unlocking them in ply_terminal_set_unbuffered_input() before setting does provide a workaround. Andrey, thanks for tracking this down. Hmm, tentatively reassigning to plymouth. Ray? any idea? i'm okay with adding code to forcefully unlock the terminal in after reopening it, but we should figure out why the settings are getting reset too. Created attachment 479587 [details]
Ensure tty can be set into unbuffered mode during reconnect
This is almost certainly a kernel bug, more likely even two.
1. tty gets sporadically closed, very probably the same issue as in systemd commit f73f76
2. locked terminal settings get changed (or lock for changed settings is not cleared on reopen).
May be it is the same race. I am not sure what semantic of locked settings is, but I'd expect lock to be reset after tty was closed by process that had set lock.
Anyway I am currently pushing attach patch for plymouth in Mandriva as workaround. I do not think it has to go upstream, nor that any workaround should go upstream. We need to fix kernel for this.
I agree we should figure out the root cause and fix it there, but we already have various work arounds in plymouth (including the whole reconnect tty thing) so adding one more won't hurt. eventually I'd like to dump all this tty crap and switch to using /dev/input. I just pushed this: http://cgit.freedesktop.org/plymouth/commit/?id=bb3be6b60f6f0b8f8cea67b7817210b7e7164043 *** Bug 678720 has been marked as a duplicate of this bug. *** I'm running plymouth-0.8.4-0.20110419.1.fc16.i686 in a VM. The changelog implies that this is fixed: - unlock tty when reopening in case it spontaneously goes bonkers and we need to fix it up Resolves: #655538 I'm still seeing the problems reported in Bug 678720. I'm also seeing other terminal problems that may be related to raw vs cooked mode. Arrow keys don't work in the shell. vim is unusable because keystrokes are echoed to the top line in the screen instead of affecting the buffer. Control-L does not redraw the screen. Etc. This does not seem to be related to hitting the ESC key during bootup as I originally thought -- the symptoms occur even when the ESC key is not hit. However, it does seem to be a race as every once in a while (maybe one in 10 boots) the system comes up with the terminal behaving as expected. Should I reopen 678720 and retarget it against plymouth? Or continue on here? I think these are multiple issues in one. I have recently made some changes to systemd to ensure that no getty is started before plymouth is gone Okay, reopened and updated 678720. Uh, really no need to open a bug for that, it's already fixed upstream. People need to know when to test an updated package. Having a bug allows that notification to happen. Since we have to push F15 packages through bodhi now, you can just add the bug number in the bodhi update info and it will notify people and close the bug once the package goes to stable. I am seeing new behavior today. In two reboots I saw both the old F14 behavior where I entered a pass phrase once early in the boot that is needed for a few different encrypted devices and everything worked. I also saw a case where there was an selinux denial and the system hung for a minute or two and then continued with a few encrypted devices not being mounted which caused problems requiring me to reboot. I haven't seen the password echo issue for a while, so this bug can probably be closed. The other issue I started noticing after the fix has at least one bug open for it. This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle. Changing version to '19'. (As we did not run this process for some time, it could affect also pre-Fedora 19 development cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.) More information and reason for this action is here: https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19 This message is a notice that Fedora 19 is now at end of life. Fedora has stopped maintaining and issuing updates for Fedora 19. It is Fedora's policy to close all bug reports from releases that are no longer maintained. Approximately 4 (four) weeks from now this bug will be closed as EOL if it remains open with a Fedora 'version' of '19'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 19 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. Fedora 19 changed to end-of-life (EOL) status on 2015-01-06. Fedora 19 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed. |