Bug 695345 - Cannot use auto-partitioning and encryption on s390x
Summary: Cannot use auto-partitioning and encryption on s390x
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: anaconda
Version: 6.1
Hardware: s390x
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: David Cantrell
QA Contact: Release Test Team
Petr Bokoc
URL:
Whiteboard:
Depends On: 707042
Blocks: 670159 705163 742820
TreeView+ depends on / blocked
 
Reported: 2011-04-11 12:46 UTC by Jan Stodola
Modified: 2015-06-24 11:37 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Known Issue
Doc Text:
Automatic Partitioning on IBM System z Does Not Work with LUKS When using automatic partitioning (the 'autopart' Kickstart command or its equivalent in the graphical interface) and enabling full disk encryption with LUKS at the same time, /boot will be created as a LVM logical volume on an encrypted physical volume. This results in an unbootable system. To work around this issue, create a custom partition layout using Kickstart or the graphical interface.
Clone Of:
: 707042 742820 (view as bug list)
Environment:
Last Closed: 2011-05-23 19:54:56 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Jan Stodola 2011-04-11 12:46:49 UTC 
Description of problem:
Anaconda fails to create automatic partitioning when encryption is enabled. The following message is shown:


The following errors occurred with your partitioning:

Bootable partitions cannot be on an encrypted block device
Bootable partitions cannot be on an encrypted block device
Bootable partitions cannot be on an encrypted block device

This can happen if there is not enough space on your hard drive
(s) for the installation.

Press 'OK' to choose a different partitioning option.


It seems that anaconda is trying to place /boot into LVM, where PVs are encrypted. When the warning message is shown, user can go back and create custom partitioning with /boot on an unencrypted partition and rest of filesystems encrypted.

Version-Release number of selected component (if applicable):
RHEL6.1-20110406.0
anaconda-13.21.111-1.el6

How reproducible:
always

Steps to Reproduce:
1. start graphical installation on s390x
2. enable "Encrypt system" check box at the partitioning type screen
3. continue with the installation
  
Actual results:
anaconda cannot create partitioning

Expected results:
partitioning is created automatically, /root swap and /home are encrypted, boot is not encrypted
Comment 4 David Cantrell 2011-05-16 15:00:59 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
On s390x systems, you cannot use automatic partitioning and encryption.  If you want to use storage encryption, you must perform custom partitioning.  Do not place the /boot volume on an encrypted volume.
Comment 8 David Cantrell 2011-05-23 19:51:32 UTC 
New and extended product functionality as well as new features for this component must be implemented by IBM and accepted upstream before consideration for a RHEL backport can be made.  For your convenience, this bug has been cloned to the same component under Fedora, which serves as the upstream development area for RHEL.
Comment 9 RHEL Program Management 2011-05-23 19:54:56 UTC 
Development Management has reviewed and declined this request.  You may appeal
this decision by reopening this request.
Comment 10 Stephen Gilson 2015-04-16 17:53:15 UTC 
Engineering and Product Management along with CCS have determined that this bug should be described in the RHEL 6.7 Release Notes. 

Please update the Doc Text field with a description following the Cause Consequence Workaround Result model by April 22.
Note You need to log in before you can comment on or make changes to this bug.