Bug 506627 – Complete kexec/kdump failure with encrypted root

Bug 506627 - Complete kexec/kdump failure with encrypted root

Summary:	Complete kexec/kdump failure with encrypted root

Status:	CLOSED INSUFFICIENT_DATA

Aliases:	None

Product:	Fedora
Classification:	Fedora
Component:	kexec-tools (Show other bugs)
Sub Component:
Version:	11
Hardware:	All Linux

Priority	low Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Neil Horman
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2009-06-17 22:30 EDT by Chuck Ebbert
Modified:	2009-09-04 08:49 EDT (History)
CC List:	2 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2009-09-04 08:49:00 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
crypttab (90 bytes, application/octet-stream) 2009-06-20 06:28 EDT, Chuck Ebbert	no flags	Details
patch to avoid starting kdump if dump target is encrypted (1.06 KB, patch) 2009-06-22 15:29 EDT, Neil Horman	no flags	Details \| Diff
updated patch (1.05 KB, text/plain) 2009-06-23 22:11 EDT, Chuck Ebbert	no flags	Details
Show Obsolete (1) Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Chuck Ebbert 2009-06-17 22:30:23 EDT

Description of problem:

Set up the kdump service and rebooted, then forced a panic. The kdump kernel loads, then just sits there after printing "Waiting for dm-..."

Comment 1 Neil Horman 2009-06-18 06:48:43 EDT

yeah, unfortunately this isn't likely to get fixed, since kdump is meant to be an automatic process, and dumping to an encrypted partition is by definition interactive (you need to enter the password to capture the dump).  What we should probably do is fail to start the kdump service on encrypted root filesystmes, and tell the user that they have to configure kdump to write the dump elsewhere.

Comment 2 Neil Horman 2009-06-18 15:16:12 EDT

hey, do me a favor, attach your enctab and/or crypttab files if you would please.  Thanks!

Comment 3 Chuck Ebbert 2009-06-20 06:28:24 EDT

Created attachment 348739 [details]
crypttab

I can't find an enctab, just crypttab

Comment 4 Neil Horman 2009-06-22 15:29:50 EDT

Created attachment 348984 [details]
patch to avoid starting kdump if dump target is encrypted

Hey, can you give this patch a shot.  I've not tested it yet, and its doesn't allow encrypted partitions to work, but it should stop kdump from starting if you try to dump to such a partition.  Thanks!

Comment 5 Chuck Ebbert 2009-06-23 22:10:41 EDT

(In reply to comment #4)

The patch doesn't change anything. (My kdump.conf has nothing but comments in it. Root is on ext4, but I added ext4 to the list. Is kdump taking some kind of defaults when kdump.conf is empty?)

Comment 6 Chuck Ebbert 2009-06-23 22:11:46 EDT

Created attachment 349180 [details]
updated patch

Comment 7 Neil Horman 2009-06-24 06:58:11 EDT

Yes, if there is nothing in kdump.conf, kdump mounts the root filesystem and runs /sbin/init like a normal bootup.  Thats why this patch defaults the DUMP_TARGET id to that of the / file system.

Just for clarity, does the patch you updated for RHEL4 work, or does it still not detect your root file system as being encrypted.  If not, could you please add a set -x to the top of your kdump initscript, and send me the output from when you attempt to start the service?  That will help me figure out whats going on.  Thanks

Comment 8 Neil Horman 2009-07-10 06:38:13 EDT

ping?

Comment 9 Neil Horman 2009-09-04 08:49:00 EDT

closing due to lack of response

Note You need to log in before you can comment on or make changes to this bug.