Bug#397887: [Pkg-cryptsetup-devel] Bug#397887: resume support renders system unbootable

David Härdeman david at hardeman.nu
Sun Nov 12 17:15:08 CET 2006

On Sat, Nov 11, 2006 at 05:09:44PM +0100, martin f krafft wrote:
>also sprach David Härdeman <david at hardeman.nu> [2006.11.11.1239 +0100]:
>> Ok, I've committed fixes for both your bugs to the SVN repo. Could you 
>> please test the package? Either by downloading it from:
>> http://www.hardeman.nu/~david/cryptsetup_1.0.4-7_i386.deb
>I installed it, made the changes you suggested, and was left with an
>unbootable system, but I think it was my fault. So I tried again,
>with this crypttab:
>  cr_hda5 /dev/hda5 none luks
>  cr_hda2 /dev/hda2 cr_hda5 keyscript=/tmp/decrypt_derived,hash=sha256,size=256,cipher=aes-cbc-essiv:sha256
>  [...]
>But when creating the initramfs, all I got was:
>  update-initramfs: Generating /boot/initrd.img-2.6.18-2-686
>  cryptsetup: WARNING: target cr_hda2 uses a key file, skipped
>and /conf/conf.d/cryptroot does not list cr_hda2.

That means that the keyscript option wasn't accepted for some reason. 

I'm not able to reproduce this (by using a valid keyscript which is 
present and executable)

Are you sure the script was present and that it was executable? If it 
is, could you edit /usr/share/initramfs-tools/hooks/cryptsetup and add 
some debugging statements around the "keyscript" part of the 
get_device_opts function and also towards the end of the same function 
where the "uses a key file" text is printed and then run 
"update-initramfs -u"?

David Härdeman

More information about the Pkg-cryptsetup-devel mailing list