[pkg-cryptsetup-devel] Bug#983708: passdev and systemd use conflicting syntax for keyfile

schaarsc at gmx.de schaarsc at gmx.de
Sun Feb 28 18:11:56 GMT 2021

Package: cryptsetup-initramfs
Version: 2:2.3.4-2~bpo10+2

systemd  247.2-5~bpo10+1

I recently switched to buster-backports and noticed an issue that (I think) could potentially break
systems migrating to bullseye.
On a system having encrypted root, keyfile on usb-stick and multiple btrfs subvolumes, the system
fails to mount all subvolumes.

If there is no solution, then maybe a hint in the README could be added.

== Root cause ==

/etc/crypttab is used by passdev and systemd, but using different syntax
passdev expects[1] <device>:<file>
systemd expects[2] <file>:<device>

== Setup ==

(this is in one line, split to avoid random line breaks)

/dev/sda1                /boot       ext2
/dev/mapper/root-luks    /           btrfs subvol=@
/dev/mapper/root-luks    /.snapshots btrfs subvol=@snapshots
/dev/mapper/root-luks    /home       btrfs subvol=@home

== Observed issues ==

1. grub starts initramfs
2. cryptsetup-initramfs opens root-luks
3. systemd-cryptsetup-generator starts
4. Error: failed to mount run-systemd-cryptsetup-keydev\\x2droot\\x2dluks.mount
5. .snapshots and home is not mounted because of missing "dependency" for root-luks

== Workaround ==

create a systemd-mount file for the usb-stick

== References ==
1. /usr/share/doc/cryptsetup-initramfs/README.initramfs.gz
2. https://www.freedesktop.org/software/systemd/man/crypttab.html

More information about the pkg-cryptsetup-devel mailing list