[pkg-cryptsetup-devel] Bug#776409: cryptsetup fails to unlock volumes with key files from initramfs

Sergio Gelato Sergio.Gelato at astro.su.se
Thu Apr 23 10:28:35 UTC 2015

I ran into this problem during a wheezy->jessie upgrade last night. Ben's
comment #61 about the root filesystem being mounted at /root was very helpful:
I just added the following keyscript for the /usr filesystem in /etc/crypttab.

exec /bin/cat ${rootmnt}${1}

With this, the system boots (and the warning

cryptsetup: WARNING: target $target uses a key file, skipped

from update-initramfs which had caught my eye during the upgrade
no longer appears during initrd generation).

Could this problem please be mentioned in the release notes? The obvious
places would be sections 4.6.2 (Changes to root and /usr filesystem mounting
and checking) and 5.6.6. The contents of the latter seem contrary to my own
experience: keyscript= works for me even though systemd-sysv is installed.
(Maybe the precise meaning of "relies on [keyscript] for successful booting"
needs to be clarified.)

Alternatively, could something like my fix be incorporated into
/usr/share/initramfs-tools/hooks/cryptroot ? Instead of issuing the
warning I mentioned earlier it could generate its own keyscript in
/lib/cryptsetup/scripts/ and add the option.

More information about the pkg-cryptsetup-devel mailing list