Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 525877 - LiveCD: dracut should provide a way to skip encrypted volumes
Summary: LiveCD: dracut should provide a way to skip encrypted volumes
Alias: None
Product: Fedora
Classification: Fedora
Component: livecd-tools
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Jeremy Katz
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2009-09-26 15:40 UTC by Charles R. Anderson
Modified: 2009-10-22 20:31 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2009-10-06 10:42:48 UTC
Type: ---

Attachments (Terms of Use)

Description Charles R. Anderson 2009-09-26 15:40:19 UTC
Description of problem:

When booting a LiveCD, dracut examines all devices and tries to decrypt/mount them.  There should be a way to skip this, because one may not wish to access the hard drive at all for the LiveCD boot, or one may not know the passphrase(s) to decrypt hard drive partition(s) or LV(s).

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. boot 20090924 desktop LiveCD on a system that has encrypted hard drive
Actual results:
Dracut asks for passphrase for encrypted hard drive.  If there are many encrypted volumes, dracut asks for the passphrase for all of them in sequence.  There is no way to identify which device for which the passphrase is being asked, and there is no way to skip decrypting some/all devices.

On a system that contains many encrypted devices, the current behavior effectively makes booting the LiveCD impossible, because there is a never ending prompting for passphrases.

Expected results:
Each encrypted device for which a passphrase is asked should be identified somehow, and there hsould be a way to skip decrypting that device or all encrypted devices.  Alternatively, there should be a way to have the LiveCD skip all hard drive access entirely.

Additional info:

Comment 1 Harald Hoyer 2009-09-29 12:04:59 UTC
add "rd_NO_LUKS" to the kernel command line and it does not decrypt any partitions

see man dracut.8:

crypto LUKS
              disable crypto LUKS detection

       rd_LUKS_UUID=<luks uuid>
              only activate the LUKS partitions with the given UUID

Comment 2 Adam Williamson 2009-10-22 20:31:14 UTC
Changing this to CLOSED RAWHIDE, as we actually changed livecd-creator so the rd_NO_LUKS parameter is used, and hence live CDs don't activate encrypted volumes or mdraid sets.

Fedora Bugzappers volunteer triage team

Note You need to log in before you can comment on or make changes to this bug.