Bug#618862: systemd: ignores keyscript in crypttab

Evgeni Golov evgeni at debian.org
Sat Jul 19 08:18:07 BST 2014 

Version: 208-6

On Sat, Mar 19, 2011 at 03:40:25AM +0100, Mourad De Clerck wrote:
> my root and swap partition are encrypted with cryptsetup; root uses a custom
> keyscript and swap uses the cryptsetup-provided "decrypt_derived" keyscript.
> systemd seems to be unable to work with keyscripts at all, and requires
> password input for every volume that wasn't activated already. Luckily, my
> root FS is activated by the initramfs.

I have a slightly simplier setup: small /boot, big crypted partition, 
with LVM on it. root and swap are LVs. The only "interesting" part is 
the `passdev` keyscript from pkg:cryptsetup, which mounts a device and 
reads a file on that device as the actual key.

With the upgrade from 204-14 to 208-6, my system shows an interesting 
behaviour. The crypt is properly opened in initrd, but then systemd 
decides to reopen it, totally failing to use the keyscript and its 
"weird" keyfile naming, resulting in a timeout:

Jul 18 20:42:29 nana systemd[1]: Expecting device dev-disk-by\x2dlabel-usbext3:-keyfile\x2dnana.luks:10.device...
Jul 18 20:43:59 nana systemd[1]: Job dev-disk-by\x2dlabel-usbext3:-keyfile\x2dnana.luks:10.device/start timed out.
Jul 18 20:43:59 nana systemd[1]: Timed out waiting for device dev-disk-by\x2dlabel-usbext3:-keyfile\x2dnana.luks:10.device.
Jul 18 20:43:59 nana systemd[1]: Dependency failed for Cryptography Setup for nana-crypt.
Jul 18 20:43:59 nana systemd[1]: Dependency failed for Encrypted Volumes.

My crypttab:
# <target name> <source device>         <key file>      <options>
nana-crypt      UUID=ffff....           /dev/disk/by-label/usbext3:/keyfile-nana.luks:10         luks,discard,keyscript=/lib/cryptsetup/scripts/passdev,tries=1

My fstab:
LABEL=nana-boot				/boot	ext4	noatime,discard				0	0
/dev/mapper/nana--vg01-nana--root	/	ext4	noatime,discard,errors=remount-ro	0	1
/dev/mapper/nana--vg01-nana--home	/home	ext4	noatime,discard,errors=remount-ro	0	1
/dev/mapper/nana--vg01-nana--swap	none	swap	defaults				0	0

Greets
Evgeni

More information about the Pkg-systemd-maintainers mailing list