[Bug 812944] New: cryptsetup: 12.3 update breaks LUKS crypto encrypted root
https://bugzilla.novell.com/show_bug.cgi?id=812944 https://bugzilla.novell.com/show_bug.cgi?id=812944#c0 Summary: cryptsetup: 12.3 update breaks LUKS crypto encrypted root Classification: openSUSE Product: openSUSE 12.3 Version: Final Platform: All OS/Version: Linux Status: NEW Severity: Critical Priority: P5 - None Component: Basesystem AssignedTo: lnussel@suse.com ReportedBy: jengelh@inai.de QAContact: qa-bugs@suse.de Found By: Beta-Customer Blocker: --- In 12.3, the luks initrd scripts silently got split into cryptsetup-mkinitrd.rpm. So when cryptsetup.rpm is updated as part of a 12.2->12.3 setup, the scripts will be gone and the mkinitrd call done in cryptsetup.rpm's %post then ensures one won't be able to boot the system anymore without a rescue media. NOT GOOD. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=812944 https://bugzilla.novell.com/show_bug.cgi?id=812944#c1 Ludwig Nussel <lnussel@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |jengelh@inai.de --- Comment #1 from Ludwig Nussel <lnussel@suse.com> 2013-04-02 15:10:54 CEST --- do you have the logs of the system? If so please reopen 797205 and attach them there. cryptsetup-mkinitrd is supposed to get installed during update for two reasons 1. Supplements: packageand(mkinitrd:cryptsetup) 2. Provides: cryptsetup:/lib/mkinitrd/scripts/boot-luks.sh -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=812944 https://bugzilla.novell.com/show_bug.cgi?id=812944#c2 Jan Engelhardt <jengelh@inai.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|jengelh@inai.de | --- Comment #2 from Jan Engelhardt <jengelh@inai.de> 2013-04-02 15:57:29 CEST --- zypper/libzypp has two modes/options, --recommends and --no-recommends. If the administrator is using no-recommends, either by command-line option or setting it in the configuration file, cryptsetup-mkinitrd will not be proposed during `zypper dup`. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=812944 https://bugzilla.novell.com/show_bug.cgi?id=812944#c3 --- Comment #3 from Ludwig Nussel <lnussel@suse.com> 2013-04-03 09:04:34 CEST --- So that kicks out the supplements. Still the split-provides were supposed to work. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=812944 https://bugzilla.novell.com/show_bug.cgi?id=812944#c4 Uwe Girlich <uwe.girlich@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |uwe.girlich@gmail.com --- Comment #4 from Uwe Girlich <uwe.girlich@gmail.com> 2013-04-21 19:42:08 UTC --- I observed this bug too but did not find (even with the rescue boot dvd) how to manually change the 12.3 initrd to make the new system bootable again. I even tried the 12.2 initrd, which suprisingly also did not work. So I ended up installing 12.3 from scratch and restored my user data from backup later. I never changed any recommended or not recommended options. I just installed 12.2 last year and 12.3 yesterday. Because I reinstalled the whole system, unfortunately I destroyed all logs from the update try in the process. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=812944 https://bugzilla.novell.com/show_bug.cgi?id=812944#c5 Bruno Friedmann <bruno@ioda-net.ch> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bruno@ioda-net.ch --- Comment #5 from Bruno Friedmann <bruno@ioda-net.ch> 2013-04-22 07:26:41 UTC --- /me as cc, will have to test in vm before upgrading for real. Especially as I'm using --no-recommends option. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=812944 https://bugzilla.novell.com/show_bug.cgi?id=812944#c6 Ludwig Nussel <lnussel@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX --- Comment #6 from Ludwig Nussel <lnussel@suse.com> 2013-04-22 14:07:05 CEST --- Looks like split-provides are converted to supplements internally in libsolv. So that explains why they don't work if --no-recommends is used :-( I cannot fix that for 12.3 anymore. Let's see whether for 13.1 we still use mkinitrd. If so please remind be before beta1 or so to merge the scripts into the mkinitrd package to avoid this situation. Meanwhile I've written instructions to fix a broken initrd: https://en.opensuse.org/SDB:Encrypted_filesystems#Fixing_Broken_Initrds -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=812944 https://bugzilla.novell.com/show_bug.cgi?id=812944#c7 Bruno Friedmann <bruno@ioda-net.ch> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fcrozat@suse.com --- Comment #7 from Bruno Friedmann <bruno@ioda-net.ch> 2013-05-11 09:49:03 UTC --- okay just two comments : I've done an upgrade from a fully working 12.2 with luks vg + lvm on top of it Previously in 12.2 in /etc/crypttab I've this line cr_sda2 /dev/disk/by-id/ata-Corsair_Force_GT_114882050000098800C7-part2 none luks,allow-discards Do be able to get luks opening and vg working on 12.3 I've to remove the allow-discards So it seems we got some trouble now with systemd direct integration cf https://bugzilla.redhat.com/show_bug.cgi?id=901888 The second point is the missing usleep in initrd The fix is easy in boot-devfunctions.sh: #%programs: /bin/usleep in place of usleep -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=812944 https://bugzilla.novell.com/show_bug.cgi?id=812944#c8 --- Comment #8 from Frederic Crozat <fcrozat@suse.com> 2013-05-14 13:18:13 UTC --- hmm, the only thing systemd is doing is adding "CRYPT_ACTIVATE_ALLOW_DISCARDS" to crypt_activate_by_*, so if there is an issue, it is probably in cryptsetup itself, not systemd.. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=812944 https://bugzilla.novell.com/show_bug.cgi?id=812944#c Jan Engelhardt <jengelh@inai.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com