Bug 755164 - systemd will not enable LUKS-encrypted swap devices at boot
Summary: systemd will not enable LUKS-encrypted swap devices at boot
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: systemd
Version: 16
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: systemd-maint
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-11-19 09:03 UTC by Deron Meranda
Modified: 2012-09-14 15:33 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-09-14 15:33:34 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
Output of dmesg after boot with systemd in debug log mode (45.96 KB, application/x-gzip)
2011-11-21 21:52 UTC, Deron Meranda 		no flags Details
systemctl dump (40.85 KB, application/x-gzip)
2011-11-21 21:53 UTC, Deron Meranda 		no flags Details
View All

Description Deron Meranda 2011-11-19 09:03:31 UTC 
Description of problem: At boot, the systemd "swap.target" unit will not enable swapping on any swap devices mentioned in /etc/fstab if those devices happen to be encrypted with LUKS. After the system has finished booting you can manually restart the swap.target unit, and then those encrypted devices will be enabled for swapping.


Version-Release number of selected component (if applicable):
systemd-37-3.fc16.x86_64
systemd-sysv-37-3.fc16.x86_64
systemd-units-37-3.fc16.x86_64


How reproducible: Always.  Worked in Fedora 15.


Steps to Reproduce:
1. Create a new device, say a logical volume, to hold a swap area. Set it up so it will be LUKS-encrypted with a random key, and add with an entry in /etc/crypttab similar to

luks-XXXX UUID=XXXX /dev/urandom cipher=aes-cbc-essiv:sha256,size=256,hash=sha256,swap

2. Add the device to /etc/fstab as a "swap" type and "defaults" option

3. Reboot, then check the /proc/swaps  

Actual results:
All non-encrypted swap devices will be enabled and show up in /proc/swaps; however any encrypted swap devices do not.

Expected results:
All swap devices listed in /etc/fstab should show up in /proc/swaps

Additional info:
I have checked that the systemd manager property SwapAuto=yes

My /etc/crypttab entry is:
luks-b1640161-ce10-40e3-a684-bc4b4c23b7d2 UUID=b1640161-ce10-40e3-a684-bc4b4c23b7d2 /dev/urandom cipher=aes-cbc-essiv:sha256,size=256,hash=sha256,swap
Comment 1 Michal Schmidt 2011-11-21 12:14:50 UTC 
Problems with encrypted swaps may be related to bug 711150.
Are you seeing an ordering cycle logged in dmesg and/or /var/log/messages?

If it's not that, please boot with "log_buf_len=1M systemd.log_level=debug systemd.log_target=kmsg" and attach the output of dmesg.
Comment 2 Deron Meranda 2011-11-21 21:52:20 UTC 
Created attachment 534864 [details]
Output of dmesg after boot with systemd in debug log mode

Booted with systemd.log_level=debug, system versions:
kernel-3.1.1-2.fc16.x86_64
systemd-37-3.fc16.x86_64
systemd-sysv-37-3.fc16.x86_64
systemd-units-37-3.fc16.x86_64
Comment 3 Deron Meranda 2011-11-21 21:53:42 UTC 
Created attachment 534866 [details]
systemctl dump

The output of "systemctl dump" after boot
Comment 4 Deron Meranda 2011-11-21 21:58:07 UTC 
I attached more debugging information.  On this system I have two swap devices set up, one is LUKS encrypted, the other is not.

/dev/vg_beryl/lvswap    - LUKS encrypted swap (/dev/dm-5)
/dev/vg_beryl/lv_swap2  - a plain swap device (/dev/dm-14)

After boot, /proc/swaps contains:

Filename				Type		Size	Used	Priority
/dev/dm-14                              partition	1048572	0	0


If I then run "systemctl start swap.target", then /proc/swaps contains:

Filename				Type		Size	Used	Priority
/dev/dm-14                              partition	1048572	0	0
/dev/dm-18                              partition	33554428	0	0
Comment 5 Jóhann B. Guðmundsson 2012-01-29 20:02:20 UTC 
Is this still an issue with the latest systemd release ( 37-11 ) or can this bug be closed?
Comment 6 Gregorio Gervasio 2012-02-06 07:01:40 UTC 
Release 37-11 fixes the issue for me.
Comment 7 Lennart Poettering 2012-09-14 15:33:34 UTC 
OK, closing.
Note You need to log in before you can comment on or make changes to this bug.