Bug 441728 - rc.sysinit is trying to "cryptsetup create" on a LUKS partition
Summary: rc.sysinit is trying to "cryptsetup create" on a LUKS partition
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: initscripts
Version: rawhide
Hardware: All
OS: Linux
low
high
Target Milestone: ---
Assignee: Bill Nottingham
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 221304 (view as bug list)
Depends On:
Blocks: F9Blocker
TreeView+ depends on / blocked
 
Reported: 2008-04-09 18:00 UTC by Charles R. Anderson
Modified: 2014-03-17 03:13 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2008-04-15 17:27:37 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
screenshot of rc.sysinit running w/set -x (1.47 MB, image/png)
2008-04-09 18:15 UTC, Charles R. Anderson
no flags Details
anaconda install.log (36.55 KB, text/plain)
2008-04-09 18:31 UTC, Charles R. Anderson
no flags Details
anaconda install.log.syslog (4.16 KB, text/plain)
2008-04-09 18:32 UTC, Charles R. Anderson
no flags Details
anaconda-ks.cfg (1.84 KB, text/plain)
2008-04-09 18:32 UTC, Charles R. Anderson
no flags Details
fstab after commenting out /home (619 bytes, text/plain)
2008-04-09 18:35 UTC, Charles R. Anderson
no flags Details
/etc/crypttab (103 bytes, text/plain)
2008-04-09 18:35 UTC, Charles R. Anderson
no flags Details
anaconda.log (42.67 KB, text/plain)
2008-04-09 18:40 UTC, Charles R. Anderson
no flags Details
[PATCH] fix for rc.sysinit to call init_crypto again after LVM init (371 bytes, patch)
2008-04-09 19:05 UTC, Charles R. Anderson
no flags Details | Diff

Description Charles R. Anderson 2008-04-09 18:00:39 UTC
Description of problem:

On a newly installed rawhide system I created an encrypted LV /home.  On bootup,
rc.sysinit tries to initialize this based on the contents of /etc/crypttab, but
it is improperly trying to use "cryptsetup create" for a non-LUKS style of
encrypted filesystem, rather than "cryptsetup luksOpen".

Version-Release number of selected component (if applicable):
8.69-1

How reproducible:
always

Steps to Reproduce:
1. install and create an encrypted filesystem other than / from anaconda
2. boot system
3. system drops to repair shell since it can't fsck the unopened encrypted volume

Comment 1 Charles R. Anderson 2008-04-09 18:15:08 UTC
Created attachment 301868 [details]
screenshot of rc.sysinit running w/set -x

I booted with set -x in /etc/rc.sysinit.  Here is a screenshot showing the
bootup sequence.  cryptsetup isLuks is run on /dev/mapper/fedora.data-home,
which when I run it manually returns 0 (true) so I'm not sure why it is
choosing the "else" clause which runs cryptsetup create.

       if [ -z "$makeswap" ] && cryptsetup isLuks "$src" 2>/dev/null ; then
	    if key_is_random "$key"; then
		echo $"$dst: LUKS requires non-random key, skipping"
		ret=1
		continue
	    fi
	    if [ -n "$params" ]; then
		echo "$dst: options are invalid for LUKS partitions," \
		    "ignoring them"
	    fi
	    /sbin/cryptsetup ${key:+-d $key} luksOpen "$src" "$dst" <&1
	else
	    /sbin/cryptsetup $params ${key:+-d $key} create "$dst" "$src" <&1
2>/dev/null
	fi

Comment 2 Jesse Keating 2008-04-09 18:18:52 UTC
I don't think we're considering non-anaconda applyed crypto setups as release
blockers for F9.  Moving to target (unless bill disagrees and moves it back).

Comment 3 Charles R. Anderson 2008-04-09 18:21:54 UTC
This isn't non-anaconda applied.  Anaconda created all of this, and the system
fails to boot properly.


Comment 4 Charles R. Anderson 2008-04-09 18:31:24 UTC
Created attachment 301871 [details]
anaconda install.log

Comment 5 Charles R. Anderson 2008-04-09 18:32:37 UTC
Created attachment 301874 [details]
anaconda install.log.syslog

Comment 6 Charles R. Anderson 2008-04-09 18:32:55 UTC
Created attachment 301875 [details]
anaconda-ks.cfg

Comment 7 Charles R. Anderson 2008-04-09 18:35:03 UTC
Created attachment 301876 [details]
fstab after commenting out /home

Comment 8 Charles R. Anderson 2008-04-09 18:35:25 UTC
Created attachment 301877 [details]
/etc/crypttab

Comment 9 Charles R. Anderson 2008-04-09 18:40:36 UTC
Created attachment 301879 [details]
anaconda.log

Comment 10 Charles R. Anderson 2008-04-09 19:05:03 UTC
Created attachment 301883 [details]
[PATCH] fix for rc.sysinit to call init_crypto again after LVM init

The problem was that rc.sysinit wasn't handling the case where you have an
encrypted LV.  Calling init_crypto again after LVM is activated fixes the
problem.  Since anaconda now supports creating encrypted LV's, can you please
apply this fix to rc.sysinit?  Thanks.

Comment 11 Bill Nottingham 2008-04-09 20:30:12 UTC
*** Bug 221304 has been marked as a duplicate of this bug. ***

Comment 12 Bill Nottingham 2008-04-09 20:32:02 UTC
Added in git, will be in 8.70-1.

http://git.fedorahosted.org/git/?p=initscripts.git;a=commit;h=1e610b947935fa07f427c06bb0490d92ab67a0ae


Note You need to log in before you can comment on or make changes to this bug.