Bug#751585: systemd: opens emergency shell after prompting for unnecessary dm-crypt passwords

Michael Gold michael at bitplane.org
Sat Jun 14 15:59:40 BST 2014


On Sat, Jun 14, 2014 at 16:27:36 +0200, Michael Biebl wrote:
> Am 14.06.2014 16:04, schrieb Michael Gold:
> > Package: systemd
> > Version: 204-10
> > Severity: critical
> > 
> > After installing systemd today and rebooting, I saw a few lines (not
> > errors) about systemd-fsck on xfs filesystems, and then I was prompted
> > for dm-crypt passwords for 4 disks that are not necessary to boot the
> > system.  I pressed enter to bypass each prompt, and then saw I message
> > that I'd be dropped to an emergency shell.  It took about a minute to
> > open this shell each time (the shell died a few times while I was
> > working).
> > 
> > The disks it had prompted about were marked 'noauto' in /etc/crypttab,
> > and all had keyfiles available on the root filesystem (which is
> > encrypted but had been successfully mounted at the time); so no prompts
> > should have been shown.
> 
> Can you attach your /etc/fstab and /etc/crypttab please.

Attached (with serial numbers scrubbed).

> > I've marked this as critical because I was unable to use the system
> > until switching back to sysvinit.  Unfortunately, no logs of the event
> > seem to be available now, so it's not clear why systemd considered there
> > to be an emergency.
> 
> Does this happen on every boot i.e. can you reproduce the error reliably?

I didn't retry, and since I had some difficulty recovering (see bug
#751589) I'd rather not do it on this system.  I was thinking of trying
in a VM but that might take a while.

-- Michael
-------------- next part --------------
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system>                <mount point>   <type>  <options>  <dump> <pass>
proc                                   /proc   proc    defaults,hidepid=2,gid=4        0 0
/dev/mapper/vg_terra_base-lv_root      /       ext4    noatime,errors=remount-ro       0 1
/dev/mapper/vg_terra_base-lv_basehome  /home   ext4    noatime,nodev,nosuid            0 2
/dev/mapper/vg_terra_base-lv_var       /var    ext4    noatime,nodev,nosuid            0 2
/dev/mapper/md1_crypt                  none    swap    sw                              0 0
none                                   /tmp-michael tmpfs uid=1000,gid=1000,mode=0751,nodev,nosuid,size=10% 0 0

/dev/mapper/md3_crypt                  /xr0    xfs     inode64,logbsize=262144,noatime,nodev,nosuid  0 2
/dev/mapper/xi1_crypt                  /bulk/xi1    xfs     inode64,logbsize=262144,noatime,nodev,nosuid  0 2
/dev/mapper/xi2_crypt                  /bulk/xi2    xfs     inode64,logbsize=262144,noatime,nodev,nosuid  0 2
/dev/mapper/chimera-a                  /bulk/chimera xfs inode64,logbsize=262144,noatime,nodev,nosuid 0 0
/dev/mapper/octomamm-a                 /bulk/octomamm xfs inode64,logbsize=262144,noatime,nodev,nosuid 0 0
/dev/mapper/panther-a                  /bulk/panther-a xfs inode64,logbsize=262144,noatime,nodev,nosuid 0 0
/dev/mapper/panther-b                  /bulk/panther-b xfs inode64,logbsize=262144,noatime,nodev,nosuid 0 0
/dev/mapper/raven-a                    /bulk/raven xfs inode64,logbsize=262144,noatime,nodev,nosuid 0 0
/dev/mapper/rubicant-a                 /bulk/rubicant xfs inode64,logbsize=262144,noatime,nodev,nosuid 0 0
/dev/disk/by-id/scsi-SSeagate_Expansion_Desk_XXX-part1 /media/panther-efi vfat noauto,fmask=137,dmask=027 0 0
/dev/disk/by-id/ata-STXXX-XXX_XXX-part1 /media/chimera-efi vfat noauto,fmask=137,dmask=027 0 0

/dev/dvd                      /media/dvd  udf,iso9660  user,noauto                0 0

/dev/md0                                                           /boot             ext3  defaults                     0 2
/dev/disk/by-id/scsi-SATA_Hitachi_XXX_XXX-part1   /boot/efi-terra1  vfat  noauto,fmask=137,dmask=027   0 0
/dev/disk/by-id/scsi-SATA_ST2000DL003-XXX-part1   /boot/efi-terra2  vfat  noauto,fmask=137,dmask=027   0 0
/dev/disk/by-id/scsi-SATA_INTEL_SSDXXX-part1      /boot/efi-terra3  vfat  noauto,fmask=137,dmask=027   0 0
/dev/disk/by-id/usb-CBM_Flash_Disk_XXX-0:0-part1  /media/bootkey    ext2  noatime,nosuid,nodev         0 0
/dev/disk/by-id/usb-SanDisk_XXX-0:0-part1         /media/bootkey-sc ext2 noatime,nosuid,nodev 0 0

/dev/mapper/usb-slug     /media/slug     ext4 noauto,user,noatime,nosuid,nodev 0 0
/dev/mapper/usb-mantcore /media/mantcore ext4 noauto,user,noatime,nosuid,nodev 0 0
/dev/mapper/usb-jestrex  /media/jestrex  ext4 noauto,user,noatime,nosuid,nodev 0 0
/dev/mapper/usb-tortoise /media/tortoise ext4 noauto,user,noatime,nosuid,nodev 0 0
/dev/mapper/usb-cannibal /media/cannibal ext4 noauto,user,noatime,nosuid,nodev 0 0
/dev/disk/by-id/usb-SanDisk_XXX-0:0-part1 /media/cruzer vfat rw,user,noauto,utf8,uid=1000,gid=1000,fmask=177,dmask=077 0 0

/dev/disk/by-id/usb-Lexar_JumpDrive_XXX-0:0-part1          /media/slug-clear     vfat noauto,fmask=137,dmask=027,uid=1000,gid=1000,user 0 0
/dev/disk/by-id/usb-Lexar_JumpDrive_XXX-0:0-part1          /media/mantcore-clear vfat noauto,fmask=137,dmask=027,uid=1000,gid=1000,user 0 0
/dev/disk/by-id/usb-Lexar_JumpDrive_XXX-0:0-part1          /media/jestrex-clear  vfat noauto,fmask=137,dmask=027,uid=1000,gid=1000,user 0 0
/dev/disk/by-id/usb-ADATA_USB_Flash_Drive_XXX-0:0-part1    /media/tortoise-clear vfat noauto,fmask=137,dmask=027,uid=1000,gid=1000,user 0 0
/dev/disk/by-id/usb-Kingston_DataTraveler_G3_XXX-0:0-part1 /media/cannibal-clear vfat noauto,fmask=137,dmask=027,uid=1000,gid=1000,user 0 0
/dev/disk/by-id/usb-HGST_HDS_XXX-0:0-part1                 /media/rubicant-clear vfat noauto,fmask=137,dmask=027,uid=1000,gid=1000,user 0 0
-------------- next part --------------
# <target> <source> <keyfile> <options>
# with passdev, source is <device>:<path>[:<timeout in seconds>]

md1_crypt /dev/md1 /dev/urandom cipher=aes-cbc-essiv:sha256,size=256,swap
md2_crypt /dev/md2 /dev/disk/by-uuid/7adf7a3a-5c29-4754-96f6-4d9378d82b31:/keys/vg-terra-base:30 luks,keyscript=/lib/cryptsetup/scripts/passdev
md3_crypt /dev/md3 /etc/keys/terra-extraid luks
xi1_crypt /dev/disk/by-id/ata-Hitachi_XXX_XXX-part6 /etc/keys/terra-xi1 luks
xi2_crypt /dev/disk/by-id/ata-STXXX-XXX_XXX-part6 /etc/keys/terra-xi2 luks
usb-slug /dev/disk/by-id/usb-Lexar_JumpDrive_XXX-0:0-part2 /etc/keys/usb-slug luks,noauto
usb-mantcore /dev/disk/by-id/usb-Lexar_JumpDrive_XXX-0:0-part2 /etc/keys/usb-mantcore luks,noauto
usb-jestrex /dev/disk/by-id/usb-Lexar_JumpDrive_XXX-0:0-part2 /etc/keys/usb-jestrex luks,noauto
usb-tortoise /dev/disk/by-id/usb-ADATA_USB_Flash_Drive_XXX-0:0-part2 /etc/keys/usb-tortoise luks,noauto
usb-cannibal /dev/disk/by-id/usb-Kingston_XXX-0:0-part2 /etc/keys/usb-cannibal luks,noauto
chimera-a /dev/disk/by-id/ata-STXXX-XXX_XXX-part5 /etc/keys/chimera-a luks,noauto
octomamm-a /dev/disk/by-id/ata-STXXX-XXX_XXX-part5 /etc/keys/octomamm-a luks,noauto
panther-a /dev/disk/by-id/ata-STXXX-XXX_XXX-part5 /etc/keys/panther-a luks,noauto
panther-b /dev/disk/by-id/ata-STXXX-XXX_XXX-part6 /etc/keys/panther-b luks,noauto
raven-a /dev/disk/by-id/ata-STXXX-XXX_XXX-part5 /etc/keys/hd-raven luks,noauto
rubicant-a /dev/disk/by-id/usb-HGST_XXX_XXX-0:0-part5 /etc/keys/hd-rubicant luks,noauto
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20140614/0d229338/attachment-0002.sig>


More information about the Pkg-systemd-maintainers mailing list