| Summary: | Incorrect entry in /etc/crypttab causes systemd-cryptsetup@crypt_sda1.service to fail. | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | PC LX <mageia> |
| Component: | Installer | Assignee: | Thierry Vignaud <thierry.vignaud> |
| Status: | RESOLVED INVALID | QA Contact: | |
| Severity: | major | ||
| Priority: | Normal | CC: | marja11, pterjan |
| Version: | Cauldron | Keywords: | 6dev1, NEEDINFO |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | CVE: | ||
| Status comment: | |||
| Attachments: | report.bug.xz | ||
|
PC LX
2016-05-26 18:09:00 CEST
Keywords:
(none) =>
6dev1 Please attach /root/drakx/report.bug.xz from the install Keywords:
(none) =>
NEEDINFO Created attachment 7863 [details]
report.bug.xz
Looking at report.bug, "crypt_sda1" is indeed the name used during installation. Hi PC LX, I cannot find that you created an unencrypted /boot partition. However, I do see this error: * error: Selecionou um Volume Lógico LVM como raiz (/). O carregador de arranque não o consegue gerir quando o volume atrasa os volumes fÃsicos. Deve primeiro criar uma partição de arranque /boot I do not speak Portuguese well enough to be able to see whether "O carregador de arranque não o consegue gerir quando o volume atrasa os volumes fÃsicos." is a correct translation. I understand this better, from http://doc.mageia.org/installer/5/pt/content/diskdrake.html : "Atenção Se você deseja usar a criptografia em sua partição / (raiz) você deve garantir que você tenha uma partição /boot separada. A opção de criptografia para a partição /boot NÃO deve ser feita, caso contrário, seu sistema não inicializará." Closing this bug as invalid. Feel free to reopen if you keep having the same problem with "crypt_sda1" vs "luks-5870bbd8-8eae-4b81-9aff-c6fe94dec39e" after putting /boot on a unencrypted partition during install. Status:
NEW =>
RESOLVED The setup I'm using to test Mageia 6 is the same I've been using for Mageia 5, in production. sda -> sda1 -> LUKS -> LVM -> (/ on btrfs, swap) With the exception of grub2 stage 1, all is encrypted. There is not separate /boot partition. And it works. With the exception of the easy to work around issue mentioned in this bug report, Mageia 6 also works. Requiring a separate unencrypted boot partition would be a step backwards. I don't how much work would be involved in fixing this issue but I suspect that changing the naming scheme or even just the code that writes /etc/crypttab would be enough to squash this bug. (In reply to PC LX from comment #5) > The setup I'm using to test Mageia 6 is the same I've been using for Mageia > 5, in production. > > sda -> sda1 -> LUKS -> LVM -> (/ on btrfs, swap) > > With the exception of grub2 stage 1, all is encrypted. There is not separate > /boot partition. And it works. > > With the exception of the easy to work around issue mentioned in this bug > report, Mageia 6 also works. > > Requiring a separate unencrypted boot partition would be a step backwards. > > I don't how much work would be involved in fixing this issue but I suspect > that changing the naming scheme or even just the code that writes > /etc/crypttab would be enough to squash this bug. @ Thierry, Pascal WDYT? CC:
(none) =>
pterjan This issue is still present in the most recent rc iso. Changing the entry in cryptab from: crypt_sda1 UUID=c71129c3-9947-4381-b41f-51e1d2d155d7 to: luks-c71129c3-9947-4381-b41f-51e1d2d155d7 UUID=c71129c3-9947-4381-b41f-51e1d2d155d7 solves this issue. File: Mageia-6-rc-x86_64-DVD.iso Date: Mon May 8 00:48:36 CEST 2017 sha1: fd11e0581a749cb517b203d0cd6f15a919e87e54 -- Logs begin at Ter 2017-05-09 22:24:59 WEST, end at Ter 2017-05-09 23:03:51 WEST. -- Mai 09 22:42:40 localhost.localdomain systemd[1]: Starting Cryptography Setup for crypt_sda1... Mai 09 22:42:40 localhost.localdomain systemd-cryptsetup[771]: Set cipher aes, mode xts-benbi, key size 512 bits for device /dev/disk/by-uuid/c71129c3-9947-4381-b41f-51e1d2d155d7. Mai 09 22:42:43 localhost.localdomain systemd[1]: systemd-cryptsetup@crypt_sda1.service: Main process exited, code=exited, status=1/FAILURE Mai 09 22:42:43 localhost.localdomain systemd[1]: Failed to start Cryptography Setup for crypt_sda1. Mai 09 22:42:43 localhost.localdomain systemd[1]: systemd-cryptsetup@crypt_sda1.service: Unit entered failed state. Mai 09 22:42:43 localhost.localdomain systemd[1]: systemd-cryptsetup@crypt_sda1.service: Failed with result 'exit-code'. Mai 09 22:42:52 localhost.localdomain systemd[1]: Starting Cryptography Setup for crypt_sda1... Mai 09 22:42:52 localhost.localdomain systemd-cryptsetup[1020]: Set cipher aes, mode xts-benbi, key size 512 bits for device /dev/disk/by-uuid/c71129c3-9947-4381-b41f-51e1d2d155d7. Mai 09 22:42:55 localhost.localdomain systemd[1]: systemd-cryptsetup@crypt_sda1.service: Main process exited, code=exited, status=1/FAILURE Mai 09 22:42:55 localhost.localdomain systemd[1]: Failed to start Cryptography Setup for crypt_sda1. Mai 09 22:42:55 localhost.localdomain systemd[1]: systemd-cryptsetup@crypt_sda1.service: Unit entered failed state. Mai 09 22:42:55 localhost.localdomain systemd[1]: systemd-cryptsetup@crypt_sda1.service: Failed with result 'exit-code'. Mai 09 22:43:10 localhost.localdomain systemd[1]: Starting Cryptography Setup for crypt_sda1... Mai 09 22:43:10 localhost.localdomain systemd-cryptsetup[1888]: Set cipher aes, mode xts-benbi, key size 512 bits for device /dev/disk/by-uuid/c71129c3-9947-4381-b41f-51e1d2d155d7. Mai 09 22:43:14 localhost.localdomain systemd[1]: systemd-cryptsetup@crypt_sda1.service: Main process exited, code=exited, status=1/FAILURE Mai 09 22:43:14 localhost.localdomain systemd[1]: Failed to start Cryptography Setup for crypt_sda1. Mai 09 22:43:14 localhost.localdomain systemd[1]: systemd-cryptsetup@crypt_sda1.service: Unit entered failed state. Mai 09 22:43:14 localhost.localdomain systemd[1]: systemd-cryptsetup@crypt_sda1.service: Failed with result 'exit-code'. Mai 09 22:45:48 localhost.localdomain systemd[1]: Starting Cryptography Setup for crypt_sda1... Mai 09 22:55:03 localhost.localdomain systemd[1]: Stopped Cryptography Setup for crypt_sda1. |
Context: Mageia 6 (cauldron, 6dev1) was installed from a boot-nonfree.iso image on to a VirtualBox VM. The storage has the following arrangement. # lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 10G 0 disk ââsda1 8:1 0 10G 0 part ââluks-5870bbd8-8eae-4b81-9aff-c6fe94dec39e 252:0 0 10G 0 crypt ââMageia6-swap 252:1 0 512M 0 lvm [SWAP] ââMageia6-btrfs 252:2 0 9,5G 0 lvm / sr0 11:0 1 57M 0 rom # cat /etc/crypttab crypt_sda1 UUID=5870bbd8-8eae-4b81-9aff-c6fe94dec39e Description of problem: The service systemd-cryptsetup@crypt_sda1.service fails. # journalctl -b -u systemd-cryptsetup@crypt_sda1.service -- Logs begin at Sex 2016-05-20 13:49:44 WEST, end at Qui 2016-05-26 16:32:56 WEST. -- Mai 26 16:20:32 localhost systemd[1]: Starting Cryptography Setup for crypt_sda1... Mai 26 16:20:32 localhost systemd-cryptsetup[791]: Set cipher aes, mode xts-benbi, key size 512 bits for device /dev/disk/by-uuid/5870bbd8-8eae-4b81-9aff-c6fe94dec39e. Mai 26 16:20:35 localhost systemd[1]: systemd-cryptsetup@crypt_sda1.service: Main process exited, code=exited, status=1/FAILURE Mai 26 16:20:35 localhost systemd[1]: Failed to start Cryptography Setup for crypt_sda1. Mai 26 16:20:35 localhost systemd[1]: systemd-cryptsetup@crypt_sda1.service: Unit entered failed state. Mai 26 16:20:35 localhost systemd[1]: systemd-cryptsetup@crypt_sda1.service: Failed with result 'exit-code'. Mai 26 16:20:48 localhost systemd[1]: Starting Cryptography Setup for crypt_sda1... Mai 26 16:20:48 localhost systemd-cryptsetup[1440]: Set cipher aes, mode xts-benbi, key size 512 bits for device /dev/disk/by-uuid/5870bbd8-8eae-4b81-9aff-c6fe94dec39e. Mai 26 16:20:52 localhost systemd[1]: systemd-cryptsetup@crypt_sda1.service: Main process exited, code=exited, status=1/FAILURE Mai 26 16:20:52 localhost systemd[1]: Failed to start Cryptography Setup for crypt_sda1. Mai 26 16:20:52 localhost systemd[1]: systemd-cryptsetup@crypt_sda1.service: Unit entered failed state. Mai 26 16:20:52 localhost systemd[1]: systemd-cryptsetup@crypt_sda1.service: Failed with result 'exit-code'. Mai 26 16:21:00 localhost systemd[1]: Starting Cryptography Setup for crypt_sda1... Mai 26 16:21:00 localhost systemd-cryptsetup[2090]: Set cipher aes, mode xts-benbi, key size 512 bits for device /dev/disk/by-uuid/5870bbd8-8eae-4b81-9aff-c6fe94dec39e. Mai 26 16:21:04 localhost systemd[1]: systemd-cryptsetup@crypt_sda1.service: Main process exited, code=exited, status=1/FAILURE Mai 26 16:21:04 localhost systemd[1]: Failed to start Cryptography Setup for crypt_sda1. Mai 26 16:21:04 localhost systemd[1]: systemd-cryptsetup@crypt_sda1.service: Unit entered failed state. Mai 26 16:21:04 localhost systemd[1]: systemd-cryptsetup@crypt_sda1.service: Failed with result 'exit-code'. Mai 26 16:21:12 localhost systemd[1]: Starting Cryptography Setup for crypt_sda1... Mai 26 16:21:12 localhost systemd-cryptsetup[2419]: Set cipher aes, mode xts-benbi, key size 512 bits for device /dev/disk/by-uuid/5870bbd8-8eae-4b81-9aff-c6fe94dec39e. Mai 26 16:21:16 localhost systemd-cryptsetup[2419]: Failed to activate: Device or resource busy Mai 26 16:21:16 localhost systemd[1]: systemd-cryptsetup@crypt_sda1.service: Main process exited, code=exited, status=1/FAILURE Mai 26 16:21:16 localhost systemd[1]: Failed to start Cryptography Setup for crypt_sda1. Mai 26 16:21:16 localhost systemd[1]: systemd-cryptsetup@crypt_sda1.service: Unit entered failed state. Mai 26 16:21:16 localhost systemd[1]: systemd-cryptsetup@crypt_sda1.service: Failed with result 'exit-code'. How reproducible: Have installed only once but after boot the issue always occurs. Steps to Reproduce: 1. Install from boot-nonfree.iso on to a VirtualBox VM. 2. Boot the VM. 3. Run "systemctl | grep systemd-cryptsetup" and see that the service failed. Probable Cause and Fix: This issue occurs because the name in /etc/crypttab, "crypt_sda1", and the name setup during early boot, "luks-5870bbd8-8eae-4b81-9aff-c6fe94dec39e", do not match. The name "crypt_sda1" is (probably, will check next time I install) the one used during installation and that name is put in /etc/crypttab during the installation. After installation, the fix is simple, replace "crypt_sda1" with "luks-5870bbd8-8eae-4b81-9aff-c6fe94dec39e" in /etc/crypttab. But the cause of the issue is the use of different naming conventions for LUKS partitions. I suggest using the same convention during installation as used after installation (e.g. luks_{UUID}).