437261 – rc.sysinit doesn't tell you which crypt device it wants a password for

Bug 437261 - rc.sysinit doesn't tell you which crypt device it wants a password for

Summary: rc.sysinit doesn't tell you which crypt device it wants a password for

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	cryptsetup-luks
Sub Component:
Version:	5.2
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Milan Broz
QA Contact:	Alexander Todorov
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2008-03-13 09:57 UTC by Matthew Booth
Modified:	2013-03-01 04:06 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2009-09-02 11:17:57 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2009:1349	0	normal	SHIPPED_LIVE	cryptsetup-luks bug fix update	2009-09-01 10:48:20 UTC

Description Matthew Booth 2008-03-13 09:57:05 UTC

Description of problem:
I multiple crypt devices in /etc/crypttab, eg:
home        /dev/vg_local/home_crypt
var         /dev/vg_local/var_crypt

At boot time, I am prompted for 2 passwords. However, the password prompt does
not tell me which device's password I am being prompted for. It turns out that
it's the order in which they're listed in /etc/crypttab, but you just have to
remember that.

Version-Release number of selected component (if applicable):
initscripts-8.45.19.EL-1.i386

Comment 1 Bill Nottingham 2008-03-13 15:19:47 UTC

This message comes from cryptsetup-luks.

Comment 2 Bill Nottingham 2008-04-15 17:51:45 UTC


*** This bug has been marked as a duplicate of 433406 ***

Comment 3 Bill Nottingham 2008-04-15 17:52:15 UTC

Whoops, cross-product. Sorry about that.

Comment 8 Milan Broz 2009-02-11 14:38:23 UTC

Fixed in cryptsetup-luks-1.0.3-5.el5.

Comment 10 Alexander Todorov 2009-05-12 08:18:04 UTC

I have / and swap on LVs which are encrypted. 

With 5.3 cryptsetup-luks and latest one from 5.4 I get:

Setting up disk encryption for: /dev/mapper/VolGroup00-LogVol00
Enter LUKS passphrase:

Setting up disk encryption for: /dev/mapper/VolGroup00-LogVol01
Enter LUKS passphrase:


This looks like verified but it's already in 5.3. If I read the patch from comment #4 correctly it should be:
Enter LUKS passphrase for /dev/mapper/VolGroup00-LogVol00:

Milan, can you clarify what was the fix?

Thanks

Comment 11 Milan Broz 2009-05-14 13:25:21 UTC

The message "Setting up disk encryption for:" is printed by initscripts/initrd an not cryptsetup itself.

cryptsetup now should print prints "Enter LUKS passphrase for /dev/mapper/VolGroup00-LogVol00".

(uu can try run it manuallly on some LUKS device)

But if you have encrypted root, you have to update initrd after uprading cryptsetup otherwise it use old version included in initrd.

Comment 12 Alexander Todorov 2009-05-27 10:51:35 UTC

I have / and swap encrypted. 

with cryptsetup-luks-1.0.3-5.el5 and latest RHEL5.4 tree I get:

Setting up disk encryption for: /dev/mapper/VolGroup00-LogVol00
Enter LUKS passphrase for /dev/mapper/VolGroup00-LogVol00:

Setting up disk encryption for: /dev/mapper/VolGroup00-LogVol01
Enter LUKS passphrase for /dev/mapper/VolGroup00-LogVol01:


moving to verified.

Comment 14 errata-xmlrpc 2009-09-02 11:17:57 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-1349.html

Note You need to log in before you can comment on or make changes to this bug.