[pkg-cryptsetup-devel] Bug#586704: Bug#586704: cryptsetup: unbootable root on luks encrypted LVM volume - stops after accepting pass phrase

[Bjørn Mork]

Jonas Meurer <jonas at freesources.org> writes:

> could you try to regenerate the initramfs after downgrading to
> 2:1.1.0-2.1, and test whether that works as well? that way you verify
> that the bug is in cryptsetup package itself, and was not introduced by
> some other package upgrade.
>
> you should backup the working initramfs first (copy it to
> /boot/initramfs.works), then downgrade the cryptsetup package to
> 2:1.1.0-2.1 (you can get it from snapshot.debian.org).

I have verified this.  The regenerated initramfs, after just downgrading
cryptsetup to 2:1.1.0-2.1, does work.

I've unpacked the two initramfs'es in good/ and bad/, and these are the
only files which differ between the working and non-working:

 bjorn at nemi:/tmp$ diff -qarN good bad
 Files good/lib/cryptsetup/askpass and bad/lib/cryptsetup/askpass differ
 Files good/sbin/cryptsetup and bad/sbin/cryptsetup differ
 Files good/scripts/local-top/cryptroot and bad/scripts/local-top/cryptroot differ



Which means that the difference must be in one of these three files.
Most of this seems innocent, as there is no /bin/plymouth, but I'm
wondering a bit about the last hunch here, what does it do?:


bjorn at nemi:/tmp$ diff -u good/scripts/local-top/cryptroot bad/scripts/local-top/cryptroot
--- good/scripts/local-top/cryptroot    2010-06-21 21:19:28.352464686 +0200
+++ bad/scripts/local-top/cryptroot     2010-06-21 21:19:16.663971550 +0200
@@ -30,7 +30,9 @@
 #
 message()
 {
-       if [ -p /dev/.initramfs/usplash_outfifo ] && [ -x /sbin/usplash_write ]; then
+       if [ -x /bin/plymouth ] && plymouth --ping; then
+               plymouth message --text="$@"
+       elif [ -p /dev/.initramfs/usplash_outfifo ] && [ -x /sbin/usplash_write ]; then
                usplash_write "TEXT-URGENT $@"
        else
                echo "$@" >&2
@@ -175,7 +177,7 @@
 
        # Sanity checks
        if [ ! -x /sbin/evms_activate ]; then
-               message "cryptsetup: evmc_activate is not available"
+               message "cryptsetup: evms_activate is not available"
                return 1
        elif [ "$dev" = "$1" ]; then
                message "cryptsetup: evms device name ($vg) does not begin with /dev/evms/"
@@ -290,8 +292,13 @@
                fi
 
                if [ -z "$cryptkeyscript" ]; then
-                       cryptkeyscript="/lib/cryptsetup/askpass"
                        cryptkey="Unlocking the disk $cryptsource ($crypttarget)\nEnter passphrase: "
+                       if [ -x /bin/plymouth ] && plymouth --ping; then
+                               cryptkeyscript="plymouth ask-for-password --prompt"
+                               cryptkey=$(echo -e "$cryptkey")
+                       else
+                               cryptkeyscript="/lib/cryptsetup/askpass"
+                       fi
                fi
 
 
@@ -335,7 +342,7 @@
                        continue
                fi
 
-               message "cryptsetup: $crypttarget setup successfully"
+               message "cryptsetup: $crypttarget set up successfully"
                break
        done
 
@@ -365,7 +372,7 @@
 # Do we have any settings from the /conf/conf.d/cryptroot file?
 if [ -r /conf/conf.d/cryptroot ]; then
        while read mapping <&3; do
-               setup_mapping "$mapping"
+               setup_mapping "$mapping" 3<&-
        done 3< /conf/conf.d/cryptroot
 fi
 




Bjørn