RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 739878 - RFE: Boot procedure should allow one to skip mounting an encrypted filesystem
Summary: RFE: Boot procedure should allow one to skip mounting an encrypted filesystem
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: initscripts
Version: 6.4
Hardware: Unspecified
OS: Unspecified
low
medium
Target Milestone: rc
: ---
Assignee: David Kaspar // Dee'Kej
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-09-20 10:26 UTC by David Tonhofer
Modified: 2017-12-06 10:31 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-12-06 10:31:20 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
potential patch (597 bytes, patch)
2011-09-21 19:12 UTC, Bill Nottingham 		no flags Details | Diff
View All

Description David Tonhofer 2011-09-20 10:26:45 UTC 
Description of problem:

Situation: An encrypted filesystem exists on a machine that is being booted.

           There is no immediate need to obtain the filesystem password
           and/or the filesystem is unavailable at this point in time.

           (Scenario: Maintenance on usually powered-down system to be
            performed by a person that has no "need to decrypt")

Problem:   The boot procedure asks you for the password and does not
           relent (using CTRL-C for example)

           Your options:

           reboot single, then mess around with /etc/fstab and
           possible /etc/crypttab

           or

           During earlier installation, have remembered to add "noauto" to
           /etc/fstab so that the encrypted filesystem is not  mounted by
           default.

Solution:  Allow to skip mounting an encrypted filesystem by accepting
           CTRL-C or similar at the prompt.

(On second thoughts, the "noauto" option would be a good solution if one knew about it)
 
Version-Release number of selected component (if applicable):

initscripts-9.03.23-1.el6.x86_64
Comment 2 Bill Nottingham 2011-09-20 15:52:46 UTC 
In future major releases we may have a timeout here. However, the current infrastructure does not support that, and it can't easily be added.

'noauto' is documented in both the fstab and crypttab man page.

The initscripts check should exit after 3 attempts. plymouth code may not, assigning there.
Comment 3 Ray Strode [halfline] 2011-09-20 16:49:05 UTC 
plymouth has a --number-of-tries option to the ask-for-password command.  I believe initscripts already does --number-of-tries 3

ctrl-c should cancel any pending password requests immediately
Comment 4 Bill Nottingham 2011-09-20 17:10:12 UTC 
initscripts in RHEL 6, at least, does not pass any --number-of-tries.
Comment 5 Ray Strode [halfline] 2011-09-21 15:27:56 UTC 
okay, moving back to initscripts.
Comment 7 Bill Nottingham 2011-09-21 19:12:08 UTC 
Created attachment 524265 [details]
potential patch
Comment 8 David Tonhofer 2011-09-27 08:53:00 UTC 
Hi,

I tried the patch on RH6.1. 

I works insofar as the system gives up on the password query after 3 tries, BUT:

After that, automounting causes problems. The filesystem-supposedly-decrypted is mounted normally through /etc/fstab, which of course fails:

"The superblock could not be read or does not describe a correct ext2 filesystem"

You are then dropped to the maintenance shell.

This happens even if "noauto" has been given in /etc/fstab!
Comment 9 RHEL Program Management 2012-05-03 05:32:29 UTC 
Since RHEL 6.3 External Beta has begun, and this bug remains
unresolved, it has been rejected as it is not proposed as
exception or blocker.

Red Hat invites you to ask your support representative to
propose this request, if appropriate and relevant, in the
next release of Red Hat Enterprise Linux.
Comment 10 RHEL Program Management 2012-07-10 08:36:04 UTC 
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 11 RHEL Program Management 2012-07-10 23:25:40 UTC 
This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development.  This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4.
Comment 15 Jan Kurik 2017-12-06 10:31:20 UTC 
Red Hat Enterprise Linux 6 is in the Production 3 Phase. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available.

The official life cycle policy can be reviewed here:

http://redhat.com/rhel/lifecycle

This issue does not meet the inclusion criteria for the Production 3 Phase and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please contact Red Hat Customer Support to request a re-evaluation of the issue, citing a clear business justification. Note that a strong business justification will be required for re-evaluation. Red Hat Customer Support can be contacted via the Red Hat Customer Portal at the following URL:

https://access.redhat.com/
Note You need to log in before you can comment on or make changes to this bug.