Bug 607699 - Plymouth not asking for crypto swap password
Plymouth not asking for crypto swap password
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: dracut (Show other bugs)
6.0
All Linux
high Severity high
: rc
: ---
Assigned To: Harald Hoyer
Release Test Team
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-06-24 11:31 EDT by David Kovalsky
Modified: 2014-03-31 19:45 EDT (History)
7 users (show)

See Also:
Fixed In Version: dracut-004-29.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-11-10 15:19:23 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
boot stuck screenshot (1.23 MB, image/jpeg)
2010-07-08 06:44 EDT, David Kovalsky
no flags Details
boot stuck screenshot with debug (1.44 MB, image/jpeg)
2010-07-12 09:01 EDT, David Kovalsky
no flags Details

  None (edit)
Comment 3 Ray Strode [halfline] 2010-06-24 17:36:44 EDT
Not sure. might be some race in dracut or udev or something.

It's very unlikely to be a plymouth bug though.

Note plymouth still runs if you take rhgb off the kernel command line, it just has a "theme" that looks like its not running.
Comment 9 David Kovalsky 2010-07-08 06:44:00 EDT
Created attachment 430297 [details]
boot stuck screenshot
Comment 10 Phil Knirsch 2010-07-08 07:34:14 EDT
So basically only swap is encrypted on a LVM device, right? I just want to narrow down where the problem really comes from as well.

What happens if you encrypt / as well e.g.?

Thanks & regards, Phil
Comment 11 David Kovalsky 2010-07-08 07:45:35 EDT
First I started (randomly, like 1/20 boots) seeing this was only with swap encrypted. Now I also have /home encrypted.

[root@kovinek ~]# cat /etc/crypttab 
cryptoswap_1 /dev/vg_kovinek/swap_1 none
cryptohome   /dev/vg_kovinek/cryptohome none

[root@kovinek ~]# lvs
  LV         VG         Attr   LSize  Origin Snap%  Move Log Copy%  Convert
  cryptohome vg_kovinek -wi-ao 60.00g                                      
  plaindata  vg_kovinek -wi-a- 20.00g                                      
  root_1     vg_kovinek -wi-a- 10.00g                                      
  root_2     vg_kovinek -wi-ao 10.00g                                      
  root_3     vg_kovinek -wi-a- 15.00g                                      
  swap_1     vg_kovinek -wi-ao  4.00g


I don't have an installation with RHEL6 encrypted home ATM, but if really required, I can install it. It might take a while though due to the fact that PXE installs don't work on the notebook (bug 607716), we don't have ISOs locally and I have a couple of burning items on the plate.

So I'd prefer some VeryVerboseBoot and update the logs if possible - not sure how to do that though :)
Comment 12 Harald Hoyer 2010-07-09 05:52:05 EDT
please boot with "rdinitdebug" and without "quiet" on the kernel command line
Comment 13 David Kovalsky 2010-07-09 07:35:04 EDT
Grub line modified and now waiting for the hanging condition. Stay tuned ...
Comment 14 Harald Hoyer 2010-07-12 07:43:19 EDT
/etc/fstab:

/dev/mapper/luks-4e4086f8-4f57-4b50-a8fd-d826b400250b swap                   
swap    defaults        0 0
/dev/mapper/vg_kovinek-swap_1 swap                    swap    defaults        0
0

hmmm, this looks like /dev/mapper/luks-4e4086f8-4f57-4b50-a8fd-d826b400250b is a swap and /dev/mapper/vg_kovinek-swap_1 unencrypted is a swap, too?
Comment 15 Harald Hoyer 2010-07-12 08:56:10 EDT
Since your root is not encrypted, "rd_NO_LUKS" on the kernel command line should solve any issues. If you want to resume from your swap partition, you would have to specify: "resume=/dev/mapper/vg_kovinek-swap_1 rd_LUKS_UUID=4e4086f8-4f57-4b50-a8fd-d826b400250b".
Comment 16 David Kovalsky 2010-07-12 08:59:35 EDT
Hi Harald,

I likely had my fstab messed up after playing a bit with a new installation, sorry. Nevertheless, I was able to catch the hang again with the debugging output. Attaching screenshot.

FYI, current fstab:
/dev/mapper/vg_kovinek-root_2 /        ext4    defaults   1 1
UUID=2c262d9f-26d5-498f-ad19-129c18ec51ed /boot   ext2   defaults   1 2
/dev/mapper/cryptoswap_1 swap            swap    defaults        0 0
/dev/mapper/cryptohome  /home            ext4    noatime,nodiratime 1 2

tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0

+ some irrelevant noauto NFS mounts

/etc/crypttab
cryptoswap_1 /dev/vg_kovinek/swap_1 none
cryptohome   /dev/vg_kovinek/cryptohome none
Comment 17 David Kovalsky 2010-07-12 09:01:40 EDT
Created attachment 431166 [details]
boot stuck screenshot with debug
Comment 18 David Kovalsky 2010-07-12 09:05:14 EDT
OK, modified grub.conf and will see if it helps. Current kernel line:
kernel /vmlinuz-2.6.32-44.el6.x86_64 ro root=/dev/mapper/vg_kovinek-root_2 rd_LVM_LV=vg_kovinek/root_2 rd_LUKS_UUID=luks-4e4086f8-4f57-4b50-a8fd-d826b400250b rd_LVM_LV=vg_kovinek/swap_2 rd_NO_MD rd_NO_DM rd_NO_LUKS LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us rdinitdebug crashkernel=auto resume=/dev/mapper/vg_kovinek-swap_1
Comment 19 Harald Hoyer 2010-07-12 09:22:48 EDT
(In reply to comment #18)
> OK, modified grub.conf and will see if it helps. Current kernel line:
> kernel /vmlinuz-2.6.32-44.el6.x86_64 ro root=/dev/mapper/vg_kovinek-root_2
> rd_LVM_LV=vg_kovinek/root_2
> rd_LUKS_UUID=luks-4e4086f8-4f57-4b50-a8fd-d826b400250b
> rd_LVM_LV=vg_kovinek/swap_2 rd_NO_MD rd_NO_DM rd_NO_LUKS LANG=en_US.UTF-8
> SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us rdinitdebug
> crashkernel=auto resume=/dev/mapper/vg_kovinek-swap_1    

rd_LUKS_UUID=4e4086f8-4f57-4b50-a8fd-d826b400250b
Comment 20 David Kovalsky 2010-07-12 09:27:48 EDT
Fixed. Thanks!
Comment 21 Phil Knirsch 2010-07-12 10:59:42 EDT
Hm, stupid question of the day:

Aren't swap and home only mounted later on during the boot process typically? At least thats what lingers in the back of my mind.

Certainly, to be able to resume from hibernate from an encrypted swap that needs to happen in dracut, but otherwise why would the password for a swap partition be required before the pviotroot?

Just wondering and adding some $0,02 here.

Regards, Phil
Comment 22 Harald Hoyer 2010-07-19 04:34:38 EDT
(In reply to comment #21)
> Hm, stupid question of the day:
> 
> Aren't swap and home only mounted later on during the boot process typically?
> At least thats what lingers in the back of my mind.
> 
> Certainly, to be able to resume from hibernate from an encrypted swap that
> needs to happen in dracut, but otherwise why would the password for a swap
> partition be required before the pviotroot?
> 
> Just wondering and adding some $0,02 here.
> 
> Regards, Phil    

I think, he messed up with his configuration after installation :)
Comment 24 David Kovalsky 2010-07-19 07:33:17 EDT
:-) I've been doing only changes to fstab, grub.conf and crypttab (I have a bunch of systems I'm booting ondemand basis). But I should be clean now and updated kernel several times since then.
Comment 25 Harald Hoyer 2010-07-26 08:20:34 EDT
dracut-004-26.el6
Comment 28 Harald Hoyer 2010-07-29 11:49:11 EDT
dracut-004-29.el6
Comment 30 Alexander Todorov 2010-08-11 10:38:24 EDT
(15,39,17) harald:  in order to call this one verified boot with only swap encrypted and plymouth has to ask for the password in the dracut phase.. before "Welcome to..."
(15,40,09) harald: of course rd_LUKS_UUID=<luks uuid of the swap partition> has to be present on the kernel command line


Testing with snap #10 and only lv_swap encrypted I got:

# cat /proc/cmdline 
ro root=/dev/mapper/vg_dhcp71159-lv_root rd_LVM_LV=vg_dhcp71159/lv_root rd_LUKS_UUID=luks-b8d99b41-8c91-4601-807b-9c2b3ea2d450 rd_LVM_LV=vg_dhcp71159/lv_swap rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us  rhgb quiet


# cat /etc/crypttab 
luks-b8d99b41-8c91-4601-807b-9c2b3ea2d450 UUID=b8d99b41-8c91-4601-807b-9c2b3ea2d450 none 


# cat /etc/fstab 

#
# /etc/fstab
# Created by anaconda on Wed Aug 11 10:21:33 2010
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/vg_dhcp71159-lv_root /                       ext4    defaults        1 1
UUID=a235855f-ab8f-4017-a1a4-972bf8f2cf9e /boot                   ext4    defaults        1 2
/dev/mapper/luks-b8d99b41-8c91-4601-807b-9c2b3ea2d450 swap                    swap    defaults        0 0
tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0
Comment 33 releng-rhel@redhat.com 2010-11-10 15:19:23 EST
Red Hat Enterprise Linux 6.0 is now available and should resolve
the problem described in this bug report. This report is therefore being closed
with a resolution of CURRENTRELEASE. You may reopen this bug report if the
solution does not work for you.

Note You need to log in before you can comment on or make changes to this bug.