Created attachment 1015951 [details] Anaconda traceback log (truncated for clarity and privacy) Description of problem: Version-Release number of selected component (if applicable): Fedora 21, Anaconda 21.48.21-1 How reproducible: Always Steps to Reproduce: 1. Install Fedora 21 server spin via kickstart. 2. KS file contains partition definitions with --encrypt but without --passphrase. Actual results: Anacona blows out partition table, indicates its creating filesystems, then displays traceback, indicating no passphrase was recorded. Expected results: Prompt for encryption passphrase by anaconda Additional info: Similar to #446930
Created attachment 1015952 [details] file generated by %pre which shows the partition configuration that resulted in the TB
Created attachment 1015953 [details] log file from Anaconda during the install that made the TB
Created attachment 1015954 [details] Kickstart file I was using
(In reply to Nick from comment #0) > Created attachment 1015951 [details] > Anaconda traceback log (truncated for clarity and privacy) > > Description of problem: Sorry I missed the description... I boot up into my kickstart install, all goes well, except that I'm not prompted for a passphrase. Yet the installer continues to try and format my disks, wiping out my MBR, etc., and only *then* does it traceback with the whole "missing passphrase" bit. I think part of the solution here would be to check for correctness *before* touching the disks. I had to file this bug from a different machine because this particular bug left my system in an unusable state. (BAD) But the biggest thing to fix, is that Anaconda should prompt me for a passphrase in this case. This was a bug going back all the way to Fedora 9... https://bugzilla.redhat.com/show_bug.cgi?id=446930 Like that bug author, I tried adding --passphrase with no text (writing down passphrases in plain text in a kickstart file is a non-starter) and at least at that point, anaconda failed gracefully without breaking my system. :) I'm surprised at how little attention to FDE bugs is paid. I'm not a great python dev, but in the past, maintainers of Anaconda have given me the "here be dragons" warning when I asked for tips on where to start. But that was before the new Fedora 20 installer version of Anaconda. So if anyone can point me in the right direction on how to get started contributing bugfixes to Anaconda, I'd be happy to help! (once I get a working system again.)
I'm inclined to think that a pykickstart error when --encrypted is set but --passphrase is not is the best solution to this problem. Reassigning to pykickstart.
Taking, because already have related bug.
Reassigning to anaconda...seems that prompting for the missing passphrase is the correct solution.
I would agree, getting Anaconda to prompt me for a passphrase is exactly the effect I was going for. I believe that would keep in the kickstart tradition of "move forward and only pause if you're missing something." What can I do to help?
Anaconda is now on GitHub: https://github.com/rhinstaller/anaconda. Try checking out master and looking at custom.py and storage.py. There is an existing method, _check_encrypted which obtains passphrase from user. Also look out for occurrances of PassphraseDialog. These are examples of setting passphrases on LUKS devices. (In reply to Nick from comment #8) > I would agree, getting Anaconda to prompt me for a passphrase is exactly the > effect I was going for. I believe that would keep in the kickstart > tradition of "move forward and only pause if you're missing something." > > What can I do to help?
This seems like a blivet bug as well as I don't think TUI is an encryption handling UI.
Note that configuration should fail sanity check. sanity checking for missing passphrase was added in python-blivet-0.38-1 and required in anaconda-21.21-1. See bz#1060255.
My last experience with Anaconda was such that TUI mode did *not* handle prompting for encryption. (Though it works perfectly fine if you pass in the LUKS PP via --passphrase="" in your kickstart file)
Created attachment 1016976 [details] Working kickstart for showing error In the file, change "text" to "graphical" to see traceback in GUI.
This is essentially the same as: https://github.com/rhinstaller/anaconda/pull/140.
https://github.com/rhinstaller/anaconda/pull/174 ^^ appears to fix the bug in RHEL7. No such patch for F22 or F21 that I could see here: https://github.com/rhinstaller/anaconda/commits/f22-branch or in Master. :(
This message is a reminder that Fedora 21 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 21. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '21'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 21 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Fedora 21 changed to end-of-life (EOL) status on 2015-12-01. Fedora 21 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.