-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Fri, 2017-01-06 at 23:13 +0530, Ritesh Raj Sarraf wrote: > On Thu, 2017-01-05 at 18:56 +0530, Ritesh Raj Sarraf wrote: > > I think Christian did a great deal of work in the last year to get the > > integration much stronger. And given that you are using the latest version > > (backports), this surprises a bit. > > > > But if I remember correctly, neither of us talked about dm-crypt/LUKS when > > the > > integration was being revived. sanboot and DM-LVM were common setups and > > we've > > tested them. > > > > I still have my setup in place. Perhaps I should first look into what I > > have, > > and maybe have an additional setup covering dm-crypt. I'm still wondering > > why > > dm-crypt will break when the other dm target is working. With a setup in > > place, > > it may be easier to see why. > > So I extended one of my setups to include iSCSI + dm-crypt + ext4 and it is > working fine. But this is on a Sid setup. Next I'll add LMV to it. > > This is just a data point for Debian Testing/Unstable. >
I included LVM into the mix and it works fine. So, the good thing is that this issue is not affecting Stretch/Sid. This is how I setup my volume: > > # The iSCSI part works fine. > iscsiadm … --login > > # Device shows up as /dev/sdb; I create a /dev/sdb1 partition using > # fdisk, of type 8e. > > # Create encrypted LUKS volume on /dev/sdb1, open and map as > # /dev/mapper/sdb1_crypt. > cryptsetup luksFormat /dev/sdb1 > cryptsetup luksOpen /dev/sdb1 sdb1_crypt \ > --key-file /root/blackbird-ullu > > # Set up LVM PV, VG, and LV mapped to /dev/mapper/blackbird-ullu, > # with an ext4 filesystem on top. > pvcreate /dev/mapper/sdb1_crypt > vgcreate blackbird /dev/mapper/sdb1_crypt > lvcreate -n ullu -l 100%VG blackbird :-) > mkfs.ext4 /dev/mapper/blackbird-ullu > > mount /dev/mapper/blackbird-ullu /media/nas > > I have an entry in /etc/crypttab like this: > > sdb1_crypt UUID=ae6b9263-d63c-4515-b7ce-51e5cc4caa9f /root/blackbird-ullu > luks > > And an entry in /etc/fstab like this (I've tried various variants here, > see below): > > /dev/mapper/blackbird-ullu /media/nas ext4 defaults,nofail,_netdev 0 6 > All steps look good to me. I did the same in my test on Unstable. > There are three devices involved: > > - /dev/disk/by-uuid/<x>: is the iSCSI target (/dev/sdb) > - /dev/mapper/sdb1_crypt: result of cryptsetup luksOpen /dev/sdb1 > - /dev/mapper/blackbird-ullu: LV built on top of sdb1_crypt > > Now I suffer from the 90s wait on startup (before network-online), where > systemd waits for the dev-mapper-blackbird\x2dullu.device to become > available, along with dev-disk-by\x2duuid-<xxx>.device and > dev-mapper-sdb1_crypt.device. Here's a flow of the boot. Jan 06 23:23:46 debian-btrfs iscsid[485]: iSCSI daemon with pid=486 started! Jan 06 23:23:46 debian-btrfs iscsid[485]: Connection1:0 to [target: iqn.2003-01.org.linux-iscsi.debian.x8664, portal: 172.16.20.40,3260] through [iface: default] is operational now Jan 06 23:23:46 debian-btrfs iscsid[485]: Connection2:0 to [target: iqn.2003-01.org.linux-iscsi.debian.x8664, portal: 172.16.20.41,3260] through [iface: default] is operational now Jan 06 23:23:46 debian-btrfs iscsid[485]: Connection3:0 to [target: iqn.2003-01.org.linux-iscsi.debian.x8664, portal: 172.16.20.42,3260] through [iface: default] is operational now Jan 06 23:23:46 debian-btrfs iscsid[485]: Connection4:0 to [target: iqn.2003-01.org.linux-iscsi.debian.x8664, portal: 172.16.20.43,3260] through [iface: default] is operational now Jan 06 23:23:47 debian-btrfs kernel: NET: Registered protocol family 38 Jan 06 23:23:50 debian-btrfs systemd[1]: Started Cryptography Setup for sda_crypt. Jan 06 23:23:50 debian-btrfs systemd[1]: Reached target Encrypted Volumes. Jan 06 23:23:50 debian-btrfs systemd[1]: Reached target System Initialization. Jan 06 23:23:50 debian-btrfs systemd[1]: Listening on D-Bus System Message Bus Socket. Jan 06 23:23:50 debian-btrfs systemd[1]: Started Daily Cleanup of Temporary Directories. Jan 06 23:23:50 debian-btrfs systemd[1]: Listening on UUID daemon activation socket. Jan 06 23:23:50 debian-btrfs systemd[1]: Started ACPI Events Check. Jan 06 23:23:50 debian-btrfs systemd[1]: Reached target Paths. Jan 06 23:23:50 debian-btrfs systemd[1]: Listening on ACPID Listen Socket. Jan 06 23:23:50 debian-btrfs systemd[1]: Reached target Sockets. Jan 06 23:23:50 debian-btrfs systemd[1]: apt-daily.timer: Adding 10h 3min 9.218087s random time. and further.......... Jan 06 23:23:50 debian-btrfs systemd[1]: Started Login Service. Jan 06 23:23:50 debian-btrfs systemd-logind[735]: New seat seat0. Jan 06 23:23:50 debian-btrfs systemd-logind[735]: Watching system buttons on /dev/input/event3 (Power Button) Jan 06 23:23:50 debian-btrfs systemd[1]: Found device /dev/mapper/CryptVG-test. Jan 06 23:23:50 debian-btrfs systemd[1]: Found device /dev/mapper/sda_crypt. Jan 06 23:23:50 debian-btrfs systemd[1]: Starting File System Check on /dev/mapper/CryptVG-test... Jan 06 23:23:50 debian-btrfs systemd[1]: Started File System Check Daemon to report status. Jan 06 23:23:50 debian-btrfs systemd-fsck[751]: /dev/mapper/CryptVG-test: clean, 11/128016 files, 18474/512000 blocks Jan 06 23:23:50 debian-btrfs systemd[1]: Started File System Check on /dev/mapper/CryptVG-test. Jan 06 23:23:50 debian-btrfs acpid[724]: starting up with netlink and the input layer Jan 06 23:23:50 debian-btrfs acpid[724]: 1 rule loaded Jan 06 23:23:50 debian-btrfs systemd[1]: Mounting /mnt/crypt... Jan 06 23:23:50 debian-btrfs acpid[724]: waiting for events: event logging is off Jan 06 23:23:50 debian-btrfs kernel: EXT4-fs (dm-4): mounted filesystem without journal. Opts: (null) Jan 06 23:23:50 debian-btrfs systemd[1]: Mounted /mnt/crypt. Jan 06 23:23:50 debian-btrfs systemd[1]: Reached target Remote File Systems. Jan 06 23:23:50 debian-btrfs systemd[1]: Starting Permit User Sessions... Jan 06 23:23:50 debian-btrfs systemd[1]: Started Permit User Sessions. Jan 06 23:23:50 debian-btrfs systemd[1]: Started Getty on tty1. Jan 06 23:23:50 debian-btrfs systemd[1]: Reached target Login Prompts. - -- Ritesh Raj Sarraf | http://people.debian.org/~rrs Debian - The Universal Operating System -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEQCVDstmIVAB/Yn02pjpYo/LhdWkFAlhv3hwACgkQpjpYo/Lh dWnwUQ//UtL5x159BEIAci+ZUEecNrSjrLUyuvXqoCo+Bho1vGNUOyIHKOgMn00Q l8z9OB7aMSh9xzy2aH1+Gb2uxM/fltRRwvvUAnxnK3+QT3Ogx1IHHgrMm8hTwmH3 F8mz25FQ1q1ejitixWdFSVPDS/EG76zAK54NC7GMtnlomcQ4ENwn3lZiFR5H4JzF 3thpvDEtfxj6iwhZvcCkpUEzqZGQLEBkOIQ+QwbXTce99Ic088U6I7l7UiDKK3aR I0jS6a7pj53LkF9T9IAq6zL4R1wtEYRiemj4cgbYGHx/4FQM40zU3bXBN0PWYPMp /b4ZUlJ8TrJakNoKqieZeF7R/YbfM8CpsghU+xJWhdoHNfiUk35A1ShIJh3iOv5s bw5RZQMq1GC1K1oa9WvZQ/XmqdXin+TTCA2trBohjLi9V1Xxw0Cy+WXkCf8nN79j LLb1xqEK8q2Za5nm5jakBzVPun7FLyhzBjEv+u+5bVh+CBLeXXgQUB2iqajQ3Qsk xrTK/RV8shVhzYF94C6mpUORsz8kNxvuKBX0xoP3mgj3M6uHjVvZpznRmUpcy/Zh HrkqtI/hibO6q3s5YzgmW+nDj73M6f8LHYikEZAECUbP+71mFWk7X2twIiCMOvG/ yT2+nX1GpvliWS87tgzagqpaaudeLr646byjIXU3ga1NTawFgwc= =QpRy -----END PGP SIGNATURE-----
