On Sat, Sep 21, 2013 at 4:49 PM, Canek Peláez Valdés <can...@gmail.com>
wrote:
[...]
> The problem, that I believe Stefan and Frank hinted, is that the
> encrypted swap did not activated properly, sometimes resulting in huge
> boot times (in the order of 1 minute). But only if you specify the
> swap partition in fstab.
>
> The problem is, I think, that systemd tries to activate as soon as
> possible the swap partitions, even before
> systemd-cryptsetup activates the devices in /dev/mapper.
>
> The solution is to move the swap partition from fstab, and create a
> system unit for it which has to wait until systemd-cryptsetup does its
> job:
I was a little too quick to reach that conclusion: the problem is a little
more complex, but it has a clean solution.
Following the reports in [1] and [2], I discovered that I had missed two
kernel options required by LVM2:
CONFIG_UEVENT_HELPER_PATH=""
CONFIG_DM_UEVENT=y
Also, the system where I am doing my experiments is a virtual machine with
almost nothing installed; therefore, I forgot to set USE=udev, and
cryptsetup needs it.
With those things out of the way, everything works as expected; there is no
need for an explicit unit for the swap partition, and I can set it in fstab:
/dev/mapper/swap none swap sw 0 0
I would like to use a label for the swap partition, but when the swap is
encrypted systemd does mkswap in the partition without any parameter [3]. I
could wrote a patch, I guess; but I don't think is worth it.
Anyhow, I can get a Gentoo install with mdraid+LVM2+LUKS+systemd working as
intended, and without hacks nor workarounds.
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sr0 11:0 1 1024M 0 rom
vda 253:0 0 5G 0 disk
└─vda1 253:1 0 5G 0 part
└─md127 9:127 0 15G 0 raid5
├─vg-vol1 (dm-0) 254:0 0 200M 0 lvm /boot
├─vg-vol3 (dm-1) 254:1 0 2G 0 lvm /
├─vg-vol4 (dm-2) 254:2 0 8G 0 lvm /usr
├─vg-vol2 (dm-3) 254:3 0 2G 0 lvm
│ └─swap (dm-5) 254:5 0 2G 0 crypt [SWAP]
└─vg-vol5 (dm-4) 254:4 0 2.8G 0 lvm
└─home (dm-6) 254:6 0 2.8G 0 crypt /home
vdb 253:16 0 5G 0 disk
└─vdb1 253:17 0 5G 0 part
└─md127 9:127 0 15G 0 raid5
├─vg-vol1 (dm-0) 254:0 0 200M 0 lvm /boot
├─vg-vol3 (dm-1) 254:1 0 2G 0 lvm /
├─vg-vol4 (dm-2) 254:2 0 8G 0 lvm /usr
├─vg-vol2 (dm-3) 254:3 0 2G 0 lvm
│ └─swap (dm-5) 254:5 0 2G 0 crypt [SWAP]
└─vg-vol5 (dm-4) 254:4 0 2.8G 0 lvm
└─home (dm-6) 254:6 0 2.8G 0 crypt /home
vdc 253:32 0 5G 0 disk
└─vdc1 253:33 0 5G 0 part
└─md127 9:127 0 15G 0 raid5
├─vg-vol1 (dm-0) 254:0 0 200M 0 lvm /boot
├─vg-vol3 (dm-1) 254:1 0 2G 0 lvm /
├─vg-vol4 (dm-2) 254:2 0 8G 0 lvm /usr
├─vg-vol2 (dm-3) 254:3 0 2G 0 lvm
│ └─swap (dm-5) 254:5 0 2G 0 crypt [SWAP]
└─vg-vol5 (dm-4) 254:4 0 2.8G 0 lvm
└─home (dm-6) 254:6 0 2.8G 0 crypt /home
vdd 253:48 0 5G 0 disk
└─vdd1 253:49 0 5G 0 part
└─md127 9:127 0 15G 0 raid5
├─vg-vol1 (dm-0) 254:0 0 200M 0 lvm /boot
├─vg-vol3 (dm-1) 254:1 0 2G 0 lvm /
├─vg-vol4 (dm-2) 254:2 0 8G 0 lvm /usr
├─vg-vol2 (dm-3) 254:3 0 2G 0 lvm
│ └─swap (dm-5) 254:5 0 2G 0 crypt [SWAP]
└─vg-vol5 (dm-4) 254:4 0 2.8G 0 lvm
└─home (dm-6) 254:6 0 2.8G 0 crypt /home
lvm ~ # systemd-analyze blame
2.948s systemd-cryptsetup@home.service
765ms systemd-udev-settle.service
199ms systemd-cryptsetup@swap.service
170ms systemd-fsck-root.service
154ms systemd-udev-trigger.service
145ms systemd-logind.service
136ms dhcpcd@enp0s3.service
129ms sshd.service
108ms systemd-modules-load.service
100ms systemd-fsck@dev-disk-by\x2dlabel-Home.service
99ms lvm2-activation-early.service
99ms lvm2-activation.service
75ms dev-mqueue.mount
74ms mdadm.service
72ms systemd-sysctl.service
67ms systemd-fsck@dev-disk-by\x2dlabel-Boot.service
61ms systemd-ask-password-wall.service
60ms dev-hugepages.mount
58ms systemd-vconsole-setup.service
57ms systemd-tmpfiles-clean.service
51ms systemd-tmpfiles-setup-dev.service
47ms systemd-random-seed-load.service
47ms sys-kernel-debug.mount
45ms systemd-remount-fs.service
44ms systemd-user-sessions.service
43ms systemd-tmpfiles-setup.service
37ms boot.mount
33ms systemd-udevd.service
27ms systemd-journal-flush.service
22ms tmp.mount
15ms dev-mapper-swap.swap
15ms home.mount
The almost 3 seconds pause is me entering the passphrase for the /home
partition; the system takes less than a second to boot.
Let me reiterate: the problem was that I didn't pay attention when I
emerged LVM2 and cryptsetup; otherwise everything should have worked
immediately.
Regards.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=979695
[2] https://bugzilla.redhat.com/show_bug.cgi?id=759402
[3]
http://cgit.freedesktop.org/systemd/systemd/tree/src/cryptsetup/cryptsetup-generator.c#n166
--
Canek Peláez Valdés
Posgrado en Ciencia e Ingeniería de la Computación
Universidad Nacional Autónoma de México
