Bug#507721: marked as done (cryptsetup: Sometimes initrd ends up missing conf/conf.d/cryptroot file in it)

Wed, 17 Dec 2008 16:16:52 -0800 

Your message dated Thu, 18 Dec 2008 00:02:05 +0000
with message-id <e1ld6l7-0001nz...@ries.debian.org>
and subject line Bug#507721: fixed in cryptsetup 2:1.0.6-7
has caused the Debian Bug report #507721,
regarding cryptsetup: Sometimes initrd ends up missing conf/conf.d/cryptroot 
file in it
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
507721: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507721
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: cryptsetup
Version: 2:1.0.6-6
Severity: critical
Justification: breaks the whole system


Sometimes update-initramfs -v -k $kernelversion works and creates a
file 'conf/conf.d/cryptroot' in it, as can be seen by unpacking it
using gunzip and cpio; and in those cases, I can boot my laptop, which
has its root fs on /dev/mapper/main-root which is a logical volume on
a volume group consisting of a luks encrypted partition. In cases
where I cannot boot, which manifests it in the system just doing
nothing where otherwise it would ask for the passphrase, this file is
missing. (Note: during bootup a message 'volume group "main" not
found' is shown in both cases, this appears normal, I guess the
scripts reattempt to find that one after the passphrase entering and
associated crypto setup. It's just that in the bogus case, it never
asks.)

I did install the system using the capabilities of the Debian
installer to create encrypted root partitions and LVM setups, and it
worked for some time; probably the first occurrence of the problem was
when I already started compiling and installing kernels manually (from
kernel.org's Git, using make install and make modules_install),
although this too worked upon the first (few?) kernel version(s). And,
again, sometimes it still works, like when I installed 2.6.27.5 I
could not reproduce the problem. This is also documented on a bug I
reported against initramfs-tools, here:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=

503062 I've tried to reopen this bug but that does not seem to be
possible? (Really?, how can we make people coming to that link know
that the problem is *not* solved now? In an spell of amicability I'm
creating such a link right now. "Google shall help them find out who
linked to that report". Ok, I've now added two linebreaks to not make
this happen.)

Here are the relevant sections from vgdisplay -v:

  --- Volume group ---
  VG Name               main
  System ID             
  Format                lvm2
  Metadata Areas        1
  Metadata Sequence No  35
  VG Access             read/write
  VG Status             resizable
  MAX LV                0
  Cur LV                2
  Open LV               1
  Max PV                0
  Cur PV                1
  Act PV                1
  VG Size               18.62 GB
  PE Size               4.00 MB
  Total PE              4767
  Alloc PE / Size       4718 / 18.43 GB
  Free  PE / Size       49 / 196.00 MB
  VG UUID               W5Hqed-zQba-aRdc-sAsc-XF2K-G0AM-xjJd8k

  --- Logical volume ---
  LV Name                /dev/main/root
  VG Name                main
  LV UUID                M51c6n-rw9j-vKBU-UnIJ-GvXD-nVw0-7yisre
  LV Write Access        read/write
  LV snapshot status     source of
                         /dev/main/root_snap_23nov [INACTIVE]
  LV Status              available
  # open                 2
  LV Size                17.43 GB
  Current LE             4462
  Segments               2
  Allocation             inherit
  Read ahead sectors     auto
  - currently set to     256
  Block device           253:2


  --- Physical volumes ---
  PV Name               /dev/dm-0     
  PV UUID               16lgMw-dDfK-BlUw-lWLE-ZIxl-Kcxh-2YRFhP
  PV Status             allocatable
  Total PE / Free PE    4767 / 49


novo:~# dmsetup ls
plain-rootextend-real   (253, 8)
main-root       (253, 2)
sda8_crypt      (253, 0)
plain-gpgbackups        (253, 5)
plain-rootextend_snap_23nov-cow (253, 10)
plain-rootextend_snap_23nov     (253, 11)
plain-plainswap2        (253, 12)
plain-media     (253, 6)
main-root_snap_23nov    (253, 4)
plain-rootextend        (253, 9)
plain-plainswap (253, 7)
main-root-real  (253, 1)
plain-spdvd     (253, 13)
main-root_snap_23nov-cow        (253, 3)

novo:~# l /dev/dm-0
brw-rw---- 1 root disk 253, 0 2008-12-03 21:00 /dev/dm-0

thus dm-0 is sda8_crypt

novo:~# cat /etc/crypttab 
sda8_crypt /dev/sda8 none luks
novo:~# 

novo:~# cat /etc/fstab |perl -wne 'print if m|\s/\s|'
/dev/mapper/main-root /               reiserfs defaults,noatime        0       1
novo:~# 

novo:/usr/src/linux# trash nohup.out; nohup update-initramfs -u -v -k 2.6.27.7
nohup: ignoring input and appending output to `nohup.out'
novo:/usr/src/linux# head nohup.out
Keeping /boot/initrd.img-2.6.27.7.dpkg-bak
update-initramfs: Generating /boot/initrd.img-2.6.27.7
Adding module /lib/modules/2.6.27.7/kernel/drivers/usb/host/ehci-hcd.ko
Adding module /lib/modules/2.6.27.7/kernel/drivers/usb/host/ohci-hcd.ko
...
novo:/usr/src/linux# tail nohup.out
Adding binary /lib/udev/usb_id
Adding binary /lib/udev/vol_id
Adding library /lib/libvolume_id.so.0
Calling hook udevhelper
Calling hook uswsusp
Calling hook cryptopenct
Calling hook cryptopensc
Calling hook cryptpassdev
Building cpio /boot/initrd.img-2.6.27.7.new initramfs
Removing current backup /boot/initrd.img-2.6.27.7.dpkg-bak
novo:/usr/src/linux# 

novo:/usr/src/linux# ls -lrt /boot/
...
lrwxrwxrwx 1 root root      19 2008-12-03 22:01 initrd.img -> 
initrd.img-2.6.27.7
-rw-r--r-- 1 root root 6743504 2008-12-03 22:03 initrd.img-2.6.27.7
novo:/usr/src/linux# 

novo:/tmp/root/A# gunzip < /boot/initrd.img-2.6.27.7|cpio --extract
35860 blocks
novo:/tmp/root/A# find -name cryptroot
./scripts/local-top/cryptroot
novo:/tmp/root/A# 

novo:/tmp/root# mkdir B
novo:/tmp/root# cd B
novo:/tmp/root/B# gunzip < /boot/initrd.img-2.6.27.5|cpio --extract
35858 blocks
novo:/tmp/root/B# find -name cryptroot
./conf/conf.d/cryptroot
./scripts/local-top/cryptroot
novo:/tmp/root/B# l ./conf/conf.d/cryptroot
-rw-r--r-- 1 root root 58 2008-12-03 22:27 ./conf/conf.d/cryptroot
novo:/tmp/root/B# cat ./conf/conf.d/cryptroot
target=sda8_crypt,source=/dev/sda8,key=none,lvm=main-root
novo:/tmp/root/B# cp ./conf/conf.d/cryptroot ../A/./conf/conf.d/cryptroot
novo:/tmp/root/B# cd ../A
novo:/tmp/root/A# find|cut -c3-|perl -wne 'print unless /^$/'|cpio --create -H 
newc > ../A2
35860 blocks
novo:/tmp/root/A# cd ..
novo:/tmp/root# mv /boot/initrd.img-2.6.27.7 /boot/initrd.img-2.6.27.7_broken

With the above initrd I can verifiably not boot.

novo:/tmp/root# gzip < A2 > /boot/initrd.img-2.6.27.7

[verification:

lrwxrwxrwx 1 root root 19 2008-12-03 22:01 /boot/initrd.img -> 
initrd.img-2.6.27.7

novo:/tmp/root# mkdir C
novo:/tmp/root# cd C
novo:/tmp/root/C# gunzip < /boot/initrd.img|cpio --extract
35860 blocks
novo:/tmp/root/C# find -name cryptroot
./scripts/local-top/cryptroot
./conf/conf.d/cryptroot
]

With that initrd I can now boot.


-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.27.5 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages cryptsetup depends on:
ii  dmsetup                      2:1.02.27-4 The Linux Kernel Device Mapper use
ii  libc6                        2.7-16      GNU C Library: Shared libraries
ii  libdevmapper1.02.1           2:1.02.27-4 The Linux Kernel Device Mapper use
ii  libpopt0                     1.14-4      lib for parsing cmdline parameters
ii  libuuid1                     1.41.3-1    universally unique id library

cryptsetup recommends no packages.

Versions of packages cryptsetup suggests:
ii  dosfstools                    2.11-6     utilities for making and checking 
ii  initramfs-tools [linux-initra 0.92j      tools for generating an initramfs
ii  udev                          0.125-7    /dev/ and hotplug management daemo

-- no debconf information

--- End Message ---
--- Begin Message --- 
Source: cryptsetup
Source-Version: 2:1.0.6-7

We believe that the bug you reported is fixed in the latest version of
cryptsetup, which is due to be installed in the Debian FTP archive:

cryptsetup-udeb_1.0.6-7_amd64.udeb
  to pool/main/c/cryptsetup/cryptsetup-udeb_1.0.6-7_amd64.udeb
cryptsetup_1.0.6-7.diff.gz
  to pool/main/c/cryptsetup/cryptsetup_1.0.6-7.diff.gz
cryptsetup_1.0.6-7.dsc
  to pool/main/c/cryptsetup/cryptsetup_1.0.6-7.dsc
cryptsetup_1.0.6-7_amd64.deb
  to pool/main/c/cryptsetup/cryptsetup_1.0.6-7_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 507...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonas Meurer <m...@debian.org> (supplier of updated cryptsetup package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 17 Dec 2008 21:25:45 +0100
Source: cryptsetup
Binary: cryptsetup cryptsetup-udeb
Architecture: source amd64
Version: 2:1.0.6-7
Distribution: unstable
Urgency: medium
Maintainer: Jonas Meurer <m...@debian.org>
Changed-By: Jonas Meurer <m...@debian.org>
Description: 
 cryptsetup - configures encrypted block devices
 cryptsetup-udeb - configures encrypted block devices (udeb)
Closes: 465902 474120 491867 495509 495832 499704 499936 505779 506536 506643 
507721
Changes: 
 cryptsetup (2:1.0.6-7) unstable; urgency=medium
 .
   * Add patches/01_gettext_package.patch: Remove -luks from GETTEXT_PACKAGE
     in configure.in.
   * Support keyfiles option in bash completion. Thanks to Stefan Goebel for
     the patch. (closes: #499936)
   * Update patches/02_manpage.patch: Fix the documnetation of default cipher
     for LUKS mappings. (closes: #495832)
   * Update debian/watch file to reflect the move of project home to
     code.google.com.
   * Check for $CRYPTDISKS_ENABLE in cryptdisks initscripts instead of
     cryptdisks.functions. This way, cryptdisks_start/stop work even with
     $CRYPTDISKS_ENABLE != "yes". Thanks to Pietro Abate. (closes: #506643)
   * Add force-start to cryptdisks(-early).init in order to support starting
     noauto devices manually. Thanks to Niccolo Rigacci. (closes: #505779)
   * Document how to enable remote device unlocking via dropbear ssh server
     in the initramfs during boot process. Thanks to Chris <deb...@x.ray.net>
     for the great work. (closes: #465902)
   * Completely remove support and documentation of the timeout option,
     document this in NEWS.Debian. (closes: #495509, #474120)
   * Use exit instead of return in decrypt_ssl keyscript. Thanks to Rene Wagner.
     (closes: #499704)
   * Fix initramfs/cryptpassdev-hook to check for passdev instead of mountdev.
     Thanks to Christoph Anton Mitterer.
   * cryptdisks.functions:
     - Search for keyscript in /lib/cryptdisks/scripts. the cryptoroot initramfs
       script already supports keyscripts without path as argument. Thanks to
       Christoph Anton Mitterer.
   * README.initramfs:
     - Remove the mention of bug #398302 from the section about suspend/resume,
       as this bug has been fixes for some time now.
     - Remove step 6 (mkswap) from the section about decrypt_derived, as it was
       superfluous. Thanks to Helmut Grohe. (closes: #491867)
   * Fix initramfs/cryptroot-script to use the lvm binary instead of vgchange.
     Thanks to Marc Haber. (closes: #506536)
   * Make get_lvm_deps() recursive in initramfs/cryptroot-hook. This is required
     to detect the dm-crypt device in setups with more than one level of device
     mapper mappings. For example if LVM is used with snapshots on top of the
     dm-crypt mapping. Thanks to Christian Jaeger for bugreport and patch, Ben
     Hutchings and Yves-Alexis Perez for help with debugging. (closes: #507721)
   * urgency=medium due to several important fixes.
Checksums-Sha1: 
 140ec985def5c976553aa7e593e7a5e1385c6742 1445 cryptsetup_1.0.6-7.dsc
 e1a4d97fff230e2312bb54784ce27daf7502ff87 59467 cryptsetup_1.0.6-7.diff.gz
 74a786e96f7339a5b495cbeba8510f0e5b447b44 308568 cryptsetup_1.0.6-7_amd64.deb
 7288414619ccb977ab130e31617919dd9a4d484e 247508 
cryptsetup-udeb_1.0.6-7_amd64.udeb
Checksums-Sha256: 
 b495ab0b916bc37bf45f864b4e06417b0c8c965cca8b82dabeb1d856fd239c60 1445 
cryptsetup_1.0.6-7.dsc
 6235f4db703a608da032b2689eee44bca7dba57efcec16470df0f707591f314c 59467 
cryptsetup_1.0.6-7.diff.gz
 4862eaf89e036a0b705d174dd75b62ecc8cca9a0e3aa10bebd42c3d921a2316e 308568 
cryptsetup_1.0.6-7_amd64.deb
 d6ce9cabe0bbaf3a5eef2beb59019c055d829658b56465fc1f49e9be4ca06d4f 247508 
cryptsetup-udeb_1.0.6-7_amd64.udeb
Files: 
 f958c529cf57b351b58927fb59dc3eb1 1445 admin optional cryptsetup_1.0.6-7.dsc
 9b91e81e4fb42d7922ad85fd680bf0de 59467 admin optional 
cryptsetup_1.0.6-7.diff.gz
 bdbf923e842ec47481b12962e023fc8e 308568 admin optional 
cryptsetup_1.0.6-7_amd64.deb
 c45e3c473ed5eede2f8ec816b9f24a68 247508 debian-installer optional 
cryptsetup-udeb_1.0.6-7_amd64.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAklJkAcACgkQd6lUs+JfIQLSZACeKd0LTL5vD7FO2FeGWARhcFCW
MbcAn2EkC1RYRLpmfvWZ6NiXR8/2Zgzj
=MGkx
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to