[Pkg-cryptsetup-devel] Bug#389835: better out of the box luks root migration support

maximilian attems maks at sternwelten.at
Thu Sep 28 01:25:23 UTC 2006 

Package: cryptsetup
Version: 2:1.0.4~rc2-1
Severity: normal

hello David,

pushed my an Manoj trial and error i wanted to retry an encrypted root
on current swap partition. did the following steps
 cryptsetup  luksFormat /dev/sda2
 cryptsetup luksOpen /dev/sda2 sda2
 mkfs.ext3 /dev/mapper/sda2
 mount /dev/mapper/sda2 /mnt/sda2
 mount /dev/sda1  /mnt/sda1 # root
 cd /mnt/sda2; cp -a /mn/sda1/* .

now having my newly encrypted root i thought to be easily boot of it,
the encountered troubles where:
1) initramfs had no cryptsetup bin
2) initramfs had no dm_crypt, sha256 and aes modules
3) README.initramfs did not document bootarg

to resolve 1) and 2) please do put those binaries unconditionaly,
on the initramfs unless the cryptoroot hook is invoked with an dep arg
for MODULES=dep usage. any other initramfs-tools hook support lands
there so this was really counter-inituitive.
also luks doesn't need an /etc/cryptoroot entry afaik?

the following bootarg worked fine, please add it to the doc
root=/dev/sda2 ro cryptopts=target=sda2

thanks + best regards
maks

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages cryptsetup depends on:
ii  dmsetup                      2:1.02.08-1 The Linux Kernel Device Mapper use
ii  libc6                        2.3.6.ds1-4 GNU C Library: Shared libraries
ii  libdevmapper1.02             2:1.02.08-1 The Linux Kernel Device Mapper use
ii  libgcrypt11                  1.2.3-2     LGPL Crypto library - runtime libr
ii  libgpg-error0                1.4-1       library for common error values an
ii  libpopt0                     1.10-3      lib for parsing cmdline parameters
ii  libuuid1                     1.39-1      universally unique id library

cryptsetup recommends no packages.

-- no debconf information

More information about the Pkg-cryptsetup-devel mailing list