Bug 525877 - LiveCD: dracut should provide a way to skip encrypted volumes
Summary: LiveCD: dracut should provide a way to skip encrypted volumes
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: livecd-tools
Version: rawhide
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Jeremy Katz
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-09-26 15:40 UTC by Charles R. Anderson
Modified: 2009-10-22 20:31 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-10-06 10:42:48 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Charles R. Anderson 2009-09-26 15:40:19 UTC
Description of problem:

When booting a LiveCD, dracut examines all devices and tries to decrypt/mount them.  There should be a way to skip this, because one may not wish to access the hard drive at all for the LiveCD boot, or one may not know the passphrase(s) to decrypt hard drive partition(s) or LV(s).

Version-Release number of selected component (if applicable):
desktop-i386-20090924.18.iso

How reproducible:
always

Steps to Reproduce:
1. boot 20090924 desktop LiveCD on a system that has encrypted hard drive
2.
3.
  
Actual results:
Dracut asks for passphrase for encrypted hard drive.  If there are many encrypted volumes, dracut asks for the passphrase for all of them in sequence.  There is no way to identify which device for which the passphrase is being asked, and there is no way to skip decrypting some/all devices.

On a system that contains many encrypted devices, the current behavior effectively makes booting the LiveCD impossible, because there is a never ending prompting for passphrases.

Expected results:
Each encrypted device for which a passphrase is asked should be identified somehow, and there hsould be a way to skip decrypting that device or all encrypted devices.  Alternatively, there should be a way to have the LiveCD skip all hard drive access entirely.


Additional info:

Comment 1 Harald Hoyer 2009-09-29 12:04:59 UTC
add "rd_NO_LUKS" to the kernel command line and it does not decrypt any partitions



see man dracut.8:

crypto LUKS
       rd_NO_LUKS
              disable crypto LUKS detection

       rd_LUKS_UUID=<luks uuid>
              only activate the LUKS partitions with the given UUID

Comment 2 Adam Williamson 2009-10-22 20:31:14 UTC
Changing this to CLOSED RAWHIDE, as we actually changed livecd-creator so the rd_NO_LUKS parameter is used, and hence live CDs don't activate encrypted volumes or mdraid sets.

-- 
Fedora Bugzappers volunteer triage team
https://fedoraproject.org/wiki/BugZappers


Note You need to log in before you can comment on or make changes to this bug.