Description of problem: After upgrading to fedora 15 my encrypted swap is not set up by systemd which calls itself a drop-in replacement for SysV scripts. Version-Release number of selected component (if applicable): systemd-26-2.fc15.x86_64 How reproducible: Have F14 box with encrypted swap Upgrade to F15 using preupgrade. Once booted into upgraded box notice lack of swap. Steps to Reproduce: 1. See above 2. 3. Actual results: No swap Expected results: Encrypted swap Additional info: I fear for upgrading the other boxes to F15: SysV startup scripts as for mythTV don't work anymore, don't output anything and pretend they start the daemon OK when they don't. Same for mysql: pid directory is removed everytime so mysqld can't start; why doesn't systemd fix this?
ls -l /dev/mapper/ total 0 crw------- 1 root root 10, 236 Jun 5 08:50 control lrwxrwxrwx 1 root root 7 Jun 5 08:50 my_vg-homelv -> ../dm-0 lrwxrwxrwx 1 root root 7 Jun 5 08:50 my_vg-mythlv -> ../dm-3 lrwxrwxrwx 1 root root 7 Jun 5 08:50 my_vg-rootlv -> ../dm-5 lrwxrwxrwx 1 root root 7 Jun 5 08:50 my_vg-srclv -> ../dm-2 lrwxrwxrwx 1 root root 7 Jun 5 08:50 my_vg-usrlv -> ../dm-4 lrwxrwxrwx 1 root root 7 Jun 5 08:50 my_vg-varlv -> ../dm-1 lrwxrwxrwx 1 root root 7 Jun 5 08:50 swap -> ../dm-6 So we do have swap dm-partition, but: # swapon -a swapon: /dev/mapper/swap: read swap header failed: Invalid argument # mkswap /dev/mapper/swap mkswap: /dev/mapper/swap: warning: don't erase bootbits sectors on whole disk. Use -f to force. Setting up swapspace version 1, size = 2097148 KiB no label, UUID=b0cfcbd1-a2a6-4f57-a64a-f4f1f76054f8 # swapon -a So why isn't this done like it used to be? # cat /etc/crypttab swap /dev/sda2 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 So the partition is clearly marked as to be swap after encrypting. Also fstab shows the swap as swap. This worked very well in F14. F15 breaks this functionality.
Also, in dmesg: <30>systemd-cryptsetup[2279]: Set cipher aes, mode cbc-essiv:sha256, key size 256 bits for device /dev/sda2. <28>systemd[1]: Job dev-mapper-swap.device/start timed out. <29>systemd[1]: Job dev-mapper-swap.swap/start failed with result 'dependency'. <29>systemd[1]: Job dev-mapper-swap.device/start failed with result 'timeout'. Timed out for what? Dependency on what? LVM was already up, usr, var etc fscked...
On top of that, this 'timeout' costs you 60 seconds of additional boot time.
Indeed, even while we have /dev/urandom as our source of password. So is my /dev/urandom not good anymore?
Workaround: *) Edit /lib/systemd/systemd/swap.target and add a line. (The default delay is not 60 secs as I said earlier, but 90.) TimeoutSec=5 *) Add to the file /etc/rc.local something along the lines of mkswap /dev/mapper/swap swapon -a This works, but brings the swap up very very late in the boot process.
I reproduced the bug where systemd fails to run mkswap automatically on the device. The bug is in cryptsetup-generator.c. It parses the options from /etc/crypttab incorrectly. It only works if "swap" is the very last option in the list. I can provide a patch later.
So if I make /etc/crypttab to have: swap /dev/sda2 /dev/urandom cipher=aes-cbc-essiv:sha256,size=256,swap that should make stuff work without the patch?
The patch: http://lists.freedesktop.org/archives/systemd-devel/2011-June/002578.html Here's a scratch build you can test: http://koji.fedoraproject.org/koji/taskinfo?taskID=3114012
To comment 7: I've tried exactly that: makes no difference whatsoever. To comment 8: I've now these versions: [root@yingchang system]# rpm -aq | grep systemd systemd-units-26-2.fc15.m1.i686 systemd-26-2.fc15.m1.i686 systemd-sysv-26-2.fc15.m1.i686 But the problem is still there: [...] [ 11.960163] udev[495]: renamed network interface eth0 to em1 [ 12.668204] systemd-fsck[656]: /dev/mapper/vg_yingchang-LogVol02: clean, 41/43687936 files, 2792471/174743552 blocks [ 12.850134] EXT4-fs (dm-2): mounted filesystem with ordered data mode. Opts: acl,quota [ 13.028129] systemd-cryptsetup[673]: Set cipher aes, mode cbc-essiv:sha256, key size 256 bits for device /dev/mapper/vg_yingchang-LogVol01. [ 99.942840] systemd[1]: Job dev-mapper-swap.device/start timed out. [ 99.943283] systemd[1]: Job dev-mapper-swap.swap/start failed with result 'dependency'. [ 99.943615] systemd[1]: Job dev-mapper-swap.device/start failed with result 'timeout'. [ 100.429294] p4-clockmod: P4/Xeon(TM) CPU On-Demand Clock Modulation available [ 100.466867] ntpd[729]: ntpd 4.2.6p3 Fri May 6 16:27:05 UTC 2011 (1) [ 100.471675] ntpd[729]: proto: precision = 0.657 usec [...] Boot is ok, minus the swap... Maybe we are looking at more than one problem here ...
(In reply to comment #9) > Maybe we are looking at more than one problem here ... Yes, I'm pretty sure we are. Please file a new bug and attach this information to it: - the output of 'dmesg' after booting with 'log_buf_len=1M systemd.log_level=debug systemd.log_target=kmsg' - /etc/fstab - /etc/crypttab
See Bugzilla #711394 This one can be closed I guess?
(In reply to comment #11) > This one can be closed I guess? No. The fix has not been pushed to Fedora updates yet.
Do I understand correctly that the 'swap' keyword in crypttab isn't handled fully at all, independent of placement of the keyword?
Well, yes and no ... * Because of this here error, the 'swap' keyword is only seen, when it is NOT followed by a ',' (comma). So if you put 'swap' at the end that problem is circumvented. A patch for that is made by M. Schmidt, but not yet pushed. If this 'swap' is not recognized, the crypt stuff is started up, but no swap header is written to the LVM; i.e. you'd need to manually run 'mkswap' and then 'swapon'. * But, at least I have yet another problem, that when this one is solved, the swap is made (like with 'mkswap'), but the 'swapon' is not ran. That's bz. #711394.
*** Bug 710259 has been marked as a duplicate of this bug. ***
When can we test the fix(es) for the swap issue(s)? (i.e.: please provide an rpm)
systemd-26-3.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/systemd-26-3.fc15
After installing the 26-3 updates and a reboot: $ ssh root@recorder Last login: Sun Jun 12 20:54:01 2011 from surfplank2 [root@recorder ~]# free total used free shared buffers cached Mem: 3797992 428548 3369444 0 26628 152772 -/+ buffers/cache: 249148 3548844 Swap: 0 0 0 [root@recorder ~]# swapon -a [root@recorder ~]# free total used free shared buffers cached Mem: 3797992 446096 3351896 0 26648 167068 -/+ buffers/cache: 252380 3545612 Swap: 2097148 0 2097148 [root@recorder ~]# cat /etc/crypttab swap /dev/sda2 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 [root@recorder ~]# rpm -qa|grep systemd systemd-sysv-26-3.fc15.x86_64 systemd-units-26-3.fc15.x86_64 systemd-26-3.fc15.x86_64
Other box: # free total used free shared buffers cached Mem: 4053528 761308 3292220 0 58428 358148 -/+ buffers/cache: 344732 3708796 Swap: 2072376 0 2072376 # cat /etc/crypttab crypto UUID=4a65c764-b0b1-4b1f-94fb-c76d1bc3e287 none swapa /dev/sda4 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 swapb /dev/sdb4 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 swapc /dev/sdc4 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 swapd /dev/sdd4 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 # swapon -a # free total used free shared buffers cached Mem: 4053528 817028 3236500 0 85924 358052 -/+ buffers/cache: 373052 3680476 Swap: 4144752 0 4144752
(In reply to comment #18) That implies mkswap was run automatically, but swapon was not, i.e. it is likely bug 711394.
Package systemd-26-3.fc15: * should fix your issue, * was pushed to the Fedora 15 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing systemd-26-3.fc15' as soon as you are able to, then reboot. Please go to the following url: https://admin.fedoraproject.org/updates/systemd-26-3.fc15 then log in and leave karma (feedback).
systemd-26-3.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
encrypted swap does not work in systemd-30 [ 7.441347] Adding 4194296k swap on /dev/loop6. Priority:10 extents:1 across:4194296k [ 7.848455] Adding 4200956k swap on /dev/loop4. Priority:10 extents:1 across:4200956k # swapon -s Filename Type Size Used Priority /dev/sda1 partition 4200960 280100 0 /dev/sdb5 partition 4194300 280096 0 # losetup /dev/loop4 loop: can't get info on device /dev/loop4: No such device or address # grep swap /etc/fstab LABEL=wd1swap swap swap pri=10,encryption=AES128,loop=/dev/loop6 LABEL=wd2swap swap swap pri=10,encryption=AES128,loop=/dev/loop4 # cat /etc/crypttab cat: /etc/crypttab: No such file or directory
Sami, your setup is significantly different from the situation solved in this bug. Please file it as a separate bugzilla ticket. Thanks.
Michal: # free total used free shared buffers cached Mem: 4053584 3869076 184508 0 32740 1666724 -/+ buffers/cache: 2169612 1883972 Swap: 2072376 38192 2034184 # swapon -a # free total used free shared buffers cached Mem: 4053584 3870420 183164 0 32780 1667572 -/+ buffers/cache: 2170068 1883516 Swap: 4144752 38192 4106560 So yes it works partly, some of the time. (I have 4 swaps) # udevadm info -q all -n /dev/mapper/swap*|grep SYST E: SUBSYSTEM=block E: SYSTEMD_READY=0 # rpm -q udisks udisks-1.0.4-3.fc16.x86_64 So what is the workaround here? When will we see a solution to this very elementary issue? (for the user it is we just need swap, please make it behave like it did before systemd was 'introduced') BTW: my swap is NOT swap on encrypted LVM volumes. My swap is on a regular partition. (even more basic than just that!)