[opensuse] Encrypted partition fails to automount at boot time
Hi, Using openSUSE 11.1 and KDE 4.2.4 I have an encrypted partition, which used to interrupt the boot process to ask for its passphrase, then it would automatically mount according to the entry in fstab. Don't ask what's been changed here (too much fiddling!) but it no longer does this, and I have to mount it manually with the following commands: # cryptsetup luksOpen /dev/sdd1 music # mount /dev/mapper/music /home/bob/music /etc/crypttab contains the following line: music /dev/disk/by-id/scsi-SATA_SAMSUNG_HD753LJS13UJ1MQ202570-part1 none luks and /etc/fstab contains this line: /dev/mapper/music /home/bob/music ext3 auto 0 0 Any suggestions as to what's preventing the drive from detected as an encrypted volume at boot time, and therefore invoking cryptsetup? Bob -- Registered Linux User #463880 FSFE Member #1300 GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E openSUSE 11.1, Kernel 2.6.27.21-0.1-default, KDE 4.2.4 Intel Core2 Quad Q9400 2.66GHz, 4GB DDR RAM, nVidia GeForce 9200GS -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Am Dienstag, 14. Juli 2009 schrieb Bob Williams:
[...] /dev/mapper/music /home/bob/music ext3 auto 0 0 ^^^^ Really "auto"? The entry of my encrypted home partition has "noauto". I set it up via YaST while installing 11.1. The crypttab entry looks similar, besides "luks", there my entry has a "none", too.
[...] Any suggestions as to what's preventing the drive from detected as an encrypted volume at boot time, and therefore invoking cryptsetup?
Isn't /etc/init.d/boot.crypto responsible for mapping and mounting your encrypted partition? So, are you getting any messages when starting this service manually? Gruß Jan -- Computers are not intelligent. They only think they are. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 14.07.2009, Bob Williams wrote:
Any suggestions as to what's preventing the drive from detected as an encrypted volume at boot time, and therefore invoking cryptsetup?
Go to /etc/rc.d/boot.localfs, open it, and add "boot.crypto" to the Required-Start: line. Do an "insserv -v" as root afterwards. Reboot and enjoy. The problem is that boot.localfs is called before boot.crypto, and tries to handle the encrypted partition as an unencrypted one, fails, and bails out. It's a long standing bug... -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tuesday 14 July 2009 19:39:04 Heinz Diehl wrote:
On 14.07.2009, Bob Williams wrote:
Any suggestions as to what's preventing the drive from detected as an encrypted volume at boot time, and therefore invoking cryptsetup?
Go to /etc/rc.d/boot.localfs, open it, and add "boot.crypto" to the Required-Start: line. Do an "insserv -v" as root afterwards.
This gave the following possible error message... [...] insserv: There is a loop between service boot.localfs and boot.crypto if started insserv: loop involving service boot.crypto at depth 3 insserv: loop involving service boot.localfs at depth 2 insserv: loop involving service boot.clock at depth 1 insserv: loop involving service boot.swap at depth 5 insserv: loop involving service boot.lvm at depth 4 insserv: loop involving service boot.dmraid at depth 5 insserv: loop involving service boot.sysctl at depth 9 insserv: exiting without changing boot order!
Reboot and enjoy.
The problem is that boot.localfs is called before boot.crypto, and tries to handle the encrypted partition as an unencrypted one, fails, and bails out.
It's a long standing bug...
-- Registered Linux User #463880 FSFE Member #1300 GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E openSUSE 11.1, Kernel 2.6.27.21-0.1-default, KDE 4.2.4 Intel Core2 Quad Q9400 2.66GHz, 4GB DDR RAM, nVidia GeForce 9200GS -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 14.07.2009, Bob Williams wrote:
insserv: There is a loop between service boot.localfs and boot.crypto if started
Yes, you have to remove "boot.localfs" in Required-Start: in boot.crypto, of course. I should have mentioned that. Sorry! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 14.07.2009, Heinz Diehl wrote:
insserv: There is a loop between service boot.localfs and boot.crypto if started
Yes, you have to remove "boot.localfs" in Required-Start: in boot.crypto, of course. I should have mentioned that. Sorry!
Here's an example, maybe it's clear for you now:
#! /bin/sh
#
# Copyright (c) 2001-2002 SuSE Linux AG, Nuernberg, Germany.
# All rights reserved.
#
# /etc/init.d/boot.localfs
#
### BEGIN INIT INFO
# Provides: boot.localfs
# Required-Start: boot.crypto boot.udev boot.rootfsck
# Should-Start: boot.md boot.lvm dasd_devfs_compat boot.multipath boot.evms boot.loadmodules
# Required-Stop: boot.udev
# Should-Stop: boot.lvm dasd_devfs_compat boot.multipath
# Default-Start: B
# Default-Stop:
# Short-Description: check and mount local filesystems except /
# Description: check and mount local filesystems except /
### END INIT INFO
#!/bin/bash
# Copyright (C) 1996-2009 SUSE Linux Products GmbH, Nuernberg, Germany.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# Author: Werner Fink
On Tuesday 14 July 2009 21:03:19 Heinz Diehl wrote:
On 14.07.2009, Bob Williams wrote:
insserv: There is a loop between service boot.localfs and boot.crypto if started
Yes, you have to remove "boot.localfs" in Required-Start: in boot.crypto, of course. I should have mentioned that. Sorry!
Thanks, Heinz. Because of the loop problem, I reverted to the original version of /etc/rc.d/boot.localfs. However, things are working properly now. I think it was doing # chkconfig boot.crypto that solved the problem. I did notice, though, that there was a message during the boot sequence 'waiting for /dev/mapper/music' before cryptsetup kicked in and asked for the LuKS password. This suggests to me that doing the modifications you suggested might might force it to do the crypt stuff before it tries to mount the device listed in fstab. I might play around with that later, when I've got time. Thanks for your help. Bob -- Registered Linux User #463880 FSFE Member #1300 GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E openSUSE 11.1, Kernel 2.6.27.21-0.1-default, KDE 4.2.4 Intel Core2 Quad Q9400 2.66GHz, 4GB DDR RAM, nVidia GeForce 9200GS -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 14.07.2009, Bob Williams wrote:
Any suggestions as to what's preventing the drive from detected as an encrypted volume at boot time, and therefore invoking cryptsetup?
Another possibility: did you activate boot.crypto by doing a "chkconfig boot.crypto on" ? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tuesday 14 July 2009 20:00:45 Heinz Diehl wrote:
On 14.07.2009, Bob Williams wrote:
Any suggestions as to what's preventing the drive from detected as an encrypted volume at boot time, and therefore invoking cryptsetup?
Another possibility: did you activate boot.crypto by doing a
"chkconfig boot.crypto on"
? This gives the same warning about a loop as in your previous message...
insserv: There is a loop between service boot.localfs and boot.crypto if started insserv: loop involving service boot.crypto at depth 3 insserv: loop involving service boot.localfs at depth 2 insserv: loop involving service boot.clock at depth 1 insserv: loop involving service boot.swap at depth 5 insserv: loop involving service boot.lvm at depth 4 insserv: loop involving service boot.dmraid at depth 5 insserv: loop involving service boot.sysctl at depth 9 insserv: exiting without changing boot order! Bob -- Registered Linux User #463880 FSFE Member #1300 GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E openSUSE 11.1, Kernel 2.6.27.21-0.1-default, KDE 4.2.4 Intel Core2 Quad Q9400 2.66GHz, 4GB DDR RAM, nVidia GeForce 9200GS -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday, 2009-07-14 at 16:37 +0100, Bob Williams wrote:
Any suggestions as to what's preventing the drive from detected as an encrypted volume at boot time, and therefore invoking cryptsetup?
Do you see this? nimrodel:~ # chkconfig boot.crypto boot.crypto on - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkpc1ucACgkQtTMYHG2NR9USFACeJrzYZkIahPzdZQv4HkjRLdOQ 4ygAn1Ey6nnPgcPQ1JrKi6aPlNKXt9AR =4k9j -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tuesday 14 July 2009 20:05:04 Carlos E. R. wrote:
On Tuesday, 2009-07-14 at 16:37 +0100, Bob Williams wrote:
Any suggestions as to what's preventing the drive from detected as an encrypted volume at boot time, and therefore invoking cryptsetup?
Do you see this?
nimrodel:~ # chkconfig boot.crypto boot.crypto on
I do. I have now removed the addition of 'boot.crypto' from /etc/rc.d/boot.localfs as it was giving warnings of a loop situation. I will now reboot, and report back in due course. Many thanks, Bob -- Registered Linux User #463880 FSFE Member #1300 GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E openSUSE 11.1, Kernel 2.6.27.21-0.1-default, KDE 4.2.4 Intel Core2 Quad Q9400 2.66GHz, 4GB DDR RAM, nVidia GeForce 9200GS -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (4)
-
Bob Williams -
Carlos E. R. -
Heinz Diehl -
Jan Ritzerfeld