Bug#765594: systemd: Attempting to hibernate permanently breaks encrypted swap partition
Rebecca N. Palmer
rebecca_palmer at zoho.com
Thu Oct 16 14:36:31 BST 2014
Package: systemd
Version: 215-5+b1
Severity: normal
Dear Maintainer,
I have LUKS encrypted /, /home and swap; before attempting to hibernate,
the initramfs could successfully mount swap, but I normally skipped this
and let systemd mount it, as systemd's swap setup would report failure
if the partition was already mounted.
After hibernating the system (with either 'sudo pm-hibernate' or
'systemctl hibernate'), attempting to mount swap in the initramfs would
fail with "No key available with this passphrase", and the system would
hence proceed to normal boot rather than resume.
systemd would then "successfully" mount the partition - *with or without
the password* - and gnome-system-monitor would then say swap was
available, but gnome-disk-utility would say the swap partition was
locked. Attempting to unlock the partition would fail, first with
something to the effect of "device already exists/is already mounted",
then after a 'cryptsetup close /dev/mapper/sda4_crypt', with "No key
available with this passphrase".
This persisted even after rebooting; the only fix I know is to
completely re-create the partition:
cryptsetup close /dev/mapper/sda4_crypt
#delete and recreate the swap partition with (e.g.) gnome-disk-utility
sudoedit /etc/crypttab #remove the old partition's entry
sudo update-initramfs -u -k all
After switching to sysvinit-core and Cinnamon desktop, hibernation
worked normally.
I'm guessing at a destroyed LUKS header and systemd falling back to
plain, but have no proof of that.
System log of failing to load a hibernation image:
Oct 16 10:42:18 rnpalmer-laptop kernel: [ 5.510685] sd 6:0:0:0: [sdb]
Attached SCSI removable disk
Oct 16 10:42:18 rnpalmer-laptop kernel: [ 11.179272] random:
nonblocking pool is initialized
Oct 16 10:42:18 rnpalmer-laptop kernel: [ 19.515846] NET: Registered
protocol family 38
Oct 16 10:42:18 rnpalmer-laptop kernel: [ 29.352203] PM: Starting
manual resume from disk
Oct 16 10:42:18 rnpalmer-laptop kernel: [ 29.352210] PM: Hibernation
image partition 254:1 present
Oct 16 10:42:18 rnpalmer-laptop kernel: [ 29.352213] PM: Looking for
hibernation image.
Oct 16 10:42:18 rnpalmer-laptop kernel: [ 29.352439] PM: Image not
found (code -22)
Oct 16 10:42:18 rnpalmer-laptop kernel: [ 29.352458] PM: Hibernation
image not present or could not be loaded.
Oct 16 10:42:18 rnpalmer-laptop kernel: [ 29.389853] EXT4-fs (dm-0):
mounted filesystem with ordered data mode. Opts: (null)
Oct 16 10:42:18 rnpalmer-laptop kernel: [ 31.399819] fuse init (API
version 7.23)
Oct 16 10:42:18 rnpalmer-laptop kernel: [ 33.412088] EXT4-fs (dm-0):
re-mounted. Opts: errors=remount-ro
-- Package-specific info:
(Collected after switching to sysvinit-core)
-- System Information:
Debian Release: jessie/sid
APT prefers testing-updates
APT policy: (500, 'testing-updates'), (500, 'testing
Architecture: amd64 (x86_64)
Kernel: Linux 3.16-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages systemd depends on:
ii acl 2.2.52-2
ii adduser 3.113+nmu3
ii initscripts 2.88dsf-53.4
ii libacl1 2.2.52-2
ii libaudit1 1:2.4-1
ii libblkid1 2.20.1-5.11
ii libc6 2.19-11
ii libcap2 1:2.24-6
ii libcap2-bin 1:2.24-6
ii libcryptsetup4 2:1.6.6-1
ii libgcrypt20 1.6.2-3
ii libkmod2 18-3
ii liblzma5 5.1.1alpha+20120614-2
ii libpam0g 1.1.8-3.1
ii libselinux1 2.3-2
ii libsystemd0 215-5+b1
ii sysv-rc 2.88dsf-53.4
ii udev 215-5+b1
ii util-linux 2.20.1-5.11
Versions of packages systemd recommends:
ii dbus 1.8.8-1+b1
ii libpam-systemd 215-5+b1
Versions of packages systemd suggests:
pn systemd-ui <none>
-- no debconf information
-------------- next part --------------
[EXTENDED] /lib/systemd/system/cups.socket -> /etc/systemd/system/cups.socket.d/cupsd-listen.conf
1 overridden configuration files found.
-------------- next part --------------
==> /var/lib/systemd/deb-systemd-helper-enabled/bluetooth.service.dsh-also <==
/etc/systemd/system/bluetooth.target.wants/bluetooth.service
/etc/systemd/system/dbus-org.bluez.service
==> /var/lib/systemd/deb-systemd-helper-enabled/anacron.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/anacron.service
==> /var/lib/systemd/deb-systemd-helper-enabled/accounts-daemon.service.dsh-also <==
/etc/systemd/system/graphical.target.wants/accounts-daemon.service
==> /var/lib/systemd/deb-systemd-helper-enabled/binfmt-support.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/binfmt-support.service
==> /var/lib/systemd/deb-systemd-helper-enabled/graphical.target.wants/accounts-daemon.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/dbus-org.freedesktop.ModemManager1.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/acpid.socket.dsh-also <==
/etc/systemd/system/sockets.target.wants/acpid.socket
==> /var/lib/systemd/deb-systemd-helper-enabled/dbus-org.freedesktop.NetworkManager.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/atd.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/atd.service
==> /var/lib/systemd/deb-systemd-helper-enabled/dbus-org.bluez.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/avahi-daemon.socket.dsh-also <==
/etc/systemd/system/sockets.target.wants/avahi-daemon.socket
==> /var/lib/systemd/deb-systemd-helper-enabled/cgmanager.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/cgmanager.service
==> /var/lib/systemd/deb-systemd-helper-enabled/paths.target.wants/cups.path <==
==> /var/lib/systemd/deb-systemd-helper-enabled/NetworkManager-wait-online.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/NetworkManager-wait-online.service
==> /var/lib/systemd/deb-systemd-helper-enabled/cups-browsed.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/cups-browsed.service
==> /var/lib/systemd/deb-systemd-helper-enabled/cups.service.dsh-also <==
/etc/systemd/system/sockets.target.wants/cups.socket
/etc/systemd/system/paths.target.wants/cups.path
/etc/systemd/system/printer.target.wants/cups.service
==> /var/lib/systemd/deb-systemd-helper-enabled/pppd-dns.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/pppd-dns.service
==> /var/lib/systemd/deb-systemd-helper-enabled/avahi-daemon.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/avahi-daemon.service
/etc/systemd/system/sockets.target.wants/avahi-daemon.socket
/etc/systemd/system/dbus-org.freedesktop.Avahi.service
==> /var/lib/systemd/deb-systemd-helper-enabled/cups.socket.dsh-also <==
/etc/systemd/system/sockets.target.wants/cups.socket
==> /var/lib/systemd/deb-systemd-helper-enabled/cups.path.dsh-also <==
/etc/systemd/system/paths.target.wants/cups.path
==> /var/lib/systemd/deb-systemd-helper-enabled/cgproxy.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/cgproxy.service
==> /var/lib/systemd/deb-systemd-helper-enabled/NetworkManager.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/NetworkManager.service
/etc/systemd/system/dbus-org.freedesktop.NetworkManager.service
/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service
==> /var/lib/systemd/deb-systemd-helper-enabled/rsyslog.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/rsyslog.service
/etc/systemd/system/syslog.service
==> /var/lib/systemd/deb-systemd-helper-enabled/syslog.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/sockets.target.wants/avahi-daemon.socket <==
==> /var/lib/systemd/deb-systemd-helper-enabled/sockets.target.wants/acpid.socket <==
==> /var/lib/systemd/deb-systemd-helper-enabled/sockets.target.wants/cups.socket <==
==> /var/lib/systemd/deb-systemd-helper-enabled/printer.target.wants/cups.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/dbus-org.freedesktop.Avahi.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/bluetooth.target.wants/bluetooth.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/dbus-org.freedesktop.nm-dispatcher.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/cron.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/cron.service
==> /var/lib/systemd/deb-systemd-helper-enabled/NetworkManager-dispatcher.service.dsh-also <==
/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/cups-browsed.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/ModemManager.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/anacron.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/binfmt-support.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/NetworkManager.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/pppd-dns.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/cron.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/rsyslog.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/avahi-daemon.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/atd.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/acpid.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/acpid.service
==> /var/lib/systemd/deb-systemd-helper-enabled/ModemManager.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/ModemManager.service
/etc/systemd/system/dbus-org.freedesktop.ModemManager1.service
-------------- next part --------------
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
/dev/mapper/sda3_crypt / ext4 errors=remount-ro 0 1
# /boot was on /dev/sda2 during installation
UUID=baafcd6e-2a52-4dc4-8e73-84599ba3a1b6 /boot ext4 defaults 0 2
# /boot/efi was on /dev/sda1 during installation
UUID=BC1E-E7DE /boot/efi vfat defaults 0 1
/dev/mapper/sda5_crypt /home ext4 defaults 0 2
/dev/mapper/sda4_crypt none swap sw 0 0
/dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
/dev/sdc1 /media/usb0 auto rw,user,noauto 0 0
/dev/sdc2 /media/usb1 auto rw,user,noauto 0 0
-------------- next part --------------
sda3_crypt UUID=f64b26b9-d782-400d-b7a1-06e77fa72513 none luks
sda4_crypt UUID=f6ddec99-21a9-42f5-bf22-aa15584334a9 none luks,swap
sda5_crypt UUID=86b3f36d-40f8-41f4-aa38-f4aec1d222b4 none luks
More information about the Pkg-systemd-maintainers
mailing list