[pkg-cryptsetup-devel] Bug#1023716: cryptsetup: cryptroot-unlock in initramfs fails with lvm
Guilhem Moulin
guilhem at debian.org
Wed Nov 9 14:14:08 GMT 2022
Control: tag -1 moreinfo unreproducible
Hi,
On Tue, 08 Nov 2022 at 22:36:39 +0100, Hauke Mehrtens wrote:
> Unlocking and mounting of the root partitions does not work any more
> from the initramfs. When I call cryptroot-unlock and provide the disk
> password I see some error messages about mdadm, but the bootup process
> does not continue. If needed I can provide the detailed messages, they
> are not in a log file, but only printed on screen. Normally I unlock the
> system over the network from the initramfs, then I do not get any error
> message, but the system continues to stay in initramfs.
An LVM-specific regression in the `cryptroot-unlock` logic wouldn't have
broken the dropbear-initramfs autopkgtests since we don't use LVM there
anymore, but I tested it again after reverting the commit and the test
still pass.
https://salsa.debian.org/debian/dropbear/-/jobs/3489869
> It looks like this when unlocking the system unsuccessfully from the
> initramfs over ssh:
> ----------
> $ ssh root at 192.168.10.15
> To unlock root partition, and maybe others like swap, run
> `cryptroot-unlock`.
>
> BusyBox v1.35.0 (Debian 1:1.35.0-2) built-in shell (ash)
> Enter 'help' for a list of built-in commands.
>
> ~ # vi /scripts/local-top/cryptroot
> ~ # cryptroot-unlock
> Please unlock disk sda3_crypt:
> cryptsetup: sda3_crypt set up successfully
> ~ #
> ------------------
I see nothing wrong in the above, `cryptroot-unlock` has only one job
which is to unlock the disk, and that appears to have worked. Did the
system terminate the remote session before 2:2.5.0-2 and continued with
the boot process? If so, perhaps the boot process is now blocking on
that shell session; does it help to type `exit` after `cryptroot-unlock`?
Otherwise, please compare your system messages withe the aforementioned
autopkgtest output, and/or provide debug output; See /usr/share/doc/cryptsetup/README.debug
or https://cryptsetup-team.pages.debian.net/cryptsetup/README.debug.html
for how to save it into a file.
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20221109/671bc0d8/attachment.sig>
More information about the pkg-cryptsetup-devel
mailing list