[pkg-cryptsetup-devel] Bug#1052290: cryptsetup-initramfs: askpass is not executed; cryptroot-unlock fails
Guilhem Moulin
guilhem at debian.org
Wed Sep 20 08:35:35 BST 2023
Control: tag -1 moreinfo
On Tue, 19 Sep 2023 at 22:39:40 +0100, Tj wrote:
> On reaching initialramfs it fails to unlock either of the LUKS devices;
> eventually dropping to the shell after reporting:
>
> Error: Timeout reached while waiting for askpass.
>
> After using `break=mount` and investigating with `sh -x
> /bin/cryptsetup-unlock` it seems it fails because it is not finding
> `askpass` in the process list.
cryptsetup-unlock waits until the initramfs boot script is blocking on
passphrase prompt. This is only useful for injecting passphrases from
outside the initramfs console (for instance from a remote shell).
When you set ‘break=mount’ our boot script isn't running in the
background, so cryptsetup-unlock timeouts. This is expected. Why are
you running cryptsetup-unlock in the first place instead of relying on
the builtin initramfs logic? Also, FWIW ‘break=mount’ breaks *after*
unlocking whatever block devices need to be unlocked, so cryptsetup-initramfs
has nothing more to do at this point.
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20230920/8fb2aeec/attachment.sig>
More information about the pkg-cryptsetup-devel
mailing list