https://bugzilla.novell.com/show_bug.cgi?id=456004
Summary: mount encrypted /home before user config Product: openSUSE 11.1 Version: RC 2 Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: aschnell@novell.com QAContact: jsrain@novell.com Found By: Development
When installing with an encrypted /home partition I am informed during user creation that the /home partition is not mounted (see screenshot).
What is missing here is the possibility to enter the password for the partition, mount the partiton and continue with the user configuration.
https://bugzilla.novell.com/show_bug.cgi?id=456004
User aschnell@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c1
--- Comment #1 from Arvin Schnell aschnell@novell.com 2008-12-03 06:23:14 MST --- Created an attachment (id=257695) --> (https://bugzilla.novell.com/attachment.cgi?id=257695) screenshot of popup
https://bugzilla.novell.com/show_bug.cgi?id=456004
User aschnell@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c2
--- Comment #2 from Arvin Schnell aschnell@novell.com 2008-12-03 06:23:33 MST --- Created an attachment (id=257696) --> (https://bugzilla.novell.com/attachment.cgi?id=257696) y2logs
https://bugzilla.novell.com/show_bug.cgi?id=456004
Andreas Jaeger aj@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.provo.novell.com |yast2-maintainers@suse.de
https://bugzilla.novell.com/show_bug.cgi?id=456004
Michael Andres ma@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|yast2-maintainers@suse.de |jsuchome@novell.com
https://bugzilla.novell.com/show_bug.cgi?id=456004
User mmccarthy@lojack.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c3
Michael McCarthy mmccarthy@lojack.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mmccarthy@lojack.com
--- Comment #3 from Michael McCarthy mmccarthy@lojack.com 2008-12-05 10:32:07 MST --- This appears to have been broken in RC1 as it worked in Beta 5. The encrypted /home partition is not getting mounted during the installation process. It also failed to mount on first boot during an installation where the encrypted /home partition was left intact and not reformatted.
Should this bug get upgraded to critical and a ship stopper???
https://bugzilla.novell.com/show_bug.cgi?id=456004
User jsuchome@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c4
Jiří Suchomel jsuchome@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |crivera@novell.com
--- Comment #4 from Jiří Suchomel jsuchome@novell.com 2008-12-07 23:28:46 MST --- If this worked in beta5 and does not work in RC, it had to be implemented somewhere. But not in yast2-users, which didn't mount homes at all.
Chris, do you have an idea which part of the system asks for password and why it worked and does not work?
https://bugzilla.novell.com/show_bug.cgi?id=456004
User crivera@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c5
Chris Rivera crivera@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |crivera@novell.com Status|NEEDINFO |NEW Info Provider|crivera@novell.com |
--- Comment #5 from Chris Rivera crivera@novell.com 2008-12-08 10:18:10 MST --- This isn't related to cryptconfig. My stuff is for individual user's home being encrypted, not the /home partition. I'm not sure what yast currently does for encrypted partitions.
https://bugzilla.novell.com/show_bug.cgi?id=456004
User mmccarthy@lojack.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c6
Michael McCarthy mmccarthy@lojack.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Severity|Normal |Major
--- Comment #6 from Michael McCarthy mmccarthy@lojack.com 2008-12-08 10:39:47 MST --- You are right. This is an encrypted partition and is only a problem during installation. The expert partitioner correctly asks for the passphrase and the partition is created during the partitioning process and even added to /etc/fstab, but it does not mount (or fails trying to mount ) /home prior to the software installation phase. Therefore, creating the user will fail because /home is not mounted. If I reboot the system after installation is completed, the boot process will ask for the passphrase for the partition, mount it and continue with the boot process. Then users can be added and the /home partion can be accessed.
Sometime between Beta 5 and RC1 the INSTALL process was broken between the disk setup and the software installation phase, probably in the code that mounts the partitions just after they are created.
https://bugzilla.novell.com/show_bug.cgi?id=456004
User mmccarthy@lojack.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c7
Michael McCarthy mmccarthy@lojack.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Component|YaST2 |Installation
--- Comment #7 from Michael McCarthy mmccarthy@lojack.com 2008-12-08 10:40:54 MST --- I have changed the component from YaST2 to Installation where it belongs.
https://bugzilla.novell.com/show_bug.cgi?id=456004
User aschnell@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c8
Arvin Schnell aschnell@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |aschnell@novell.com
--- Comment #8 from Arvin Schnell aschnell@novell.com 2008-12-08 12:27:41 MST --- The popup is *after* reboot during installation. boot.crypto should have mounted the home partition. I will check what happened there. (Maybe there's a timeout for entering the password during boot in which case it would have expired since I did not watch the installation process.)
https://bugzilla.novell.com/show_bug.cgi?id=456004
User jsuchome@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c9
Jiří Suchomel jsuchome@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jsuchome@novell.com
--- Comment #9 from Jiří Suchomel jsuchome@novell.com 2008-12-09 00:19:38 MST --- I think it is neither YaST nor Installation, Arvin's direction is right.
https://bugzilla.novell.com/show_bug.cgi?id=456004
User aschnell@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c10
Arvin Schnell aschnell@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Severity|Major |Minor Status|NEEDINFO |NEW Info Provider|aschnell@novell.com |
--- Comment #10 from Arvin Schnell aschnell@novell.com 2008-12-09 03:25:35 MST --- Tested with RC2: boot.crypto does ask for the password and if entered YaST does create users later without the warning popup.
And boot.crypto does have a timeout of 15 seconds.
So, since 15 seconds is short for an installation where you don't constantly watch I would still suggest to improve YaST and offer the possibility to mount the home partition from the popup.
Of course people who encrypt other parts of the filesystem can still face problems. Don't know how to solve that best.
https://bugzilla.novell.com/show_bug.cgi?id=456004
User mmccarthy@lojack.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c13
--- Comment #13 from Michael McCarthy mmccarthy@lojack.com 2008-12-09 11:23:24 MST --- You will have to forgive me on my previous comments about it working in previous releases. After some more investigation, I cannot recreate the problem I thought I saw and may have just missed the part where it asks for the password during the boot. This behavior seems to be consistent back to 11.0.
https://bugzilla.novell.com/show_bug.cgi?id=456004
User jsuchome@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c14
Jiří Suchomel jsuchome@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|jsuchome@novell.com |aschnell@novell.com
--- Comment #14 from Jiří Suchomel jsuchome@novell.com 2008-12-10 01:00:06 MST --- Still, I don't see this as a YaST problem. The issue when the timeout passes can happen during the normal boot, and there no YaST is run to mount the directories correctly.
I think the correct behavior should be as described by Jiri in comment 12 (no timeout, but possibility to cancel) or the boot.crypto behavior should be configurable (maybe it already is). Arvin, please give to the appropriate maintainer.
https://bugzilla.novell.com/show_bug.cgi?id=456004
User aschnell@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c15
Arvin Schnell aschnell@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |aschnell@novell.com AssignedTo|aschnell@novell.com |behlert@novell.com
--- Comment #15 from Arvin Schnell aschnell@novell.com 2008-12-10 06:18:53 MST --- This issue is not about the update.
Looks overall more like a feature request for cryptsetup we have to think about when implementing encrypted root-fs. Maybe we could use the "nofail" option to indicate whether to use a timeout during system startup for a volume or not.
Stefan, since you collect requirements for encrypted root-fs please add this issue there.
https://bugzilla.novell.com/show_bug.cgi?id=456004
User aschnell@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c16
Arvin Schnell aschnell@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |bluedzins@wp.pl
--- Comment #16 from Arvin Schnell aschnell@novell.com 2009-01-11 10:14:40 MST --- *** Bug 465177 has been marked as a duplicate of this bug. *** https://bugzilla.novell.com/show_bug.cgi?id=465177
https://bugzilla.novell.com/show_bug.cgi?id=456004
Stefan Behlert behlert@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Severity|Minor |Enhancement
https://bugzilla.novell.com/show_bug.cgi?id=456004
User aschnell@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c17
Arvin Schnell aschnell@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |ktran@novell.com
--- Comment #17 from Arvin Schnell aschnell@novell.com 2009-01-23 06:11:35 MST --- *** Bug 468809 has been marked as a duplicate of this bug. *** https://bugzilla.novell.com/show_bug.cgi?id=468809
https://bugzilla.novell.com/show_bug.cgi?id=456004
User behlert@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=456004#c18
Stefan Behlert behlert@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FEATURE Partner ID| |fate 306326
--- Comment #18 from Stefan Behlert behlert@novell.com 2009-04-01 09:51:48 MDT --- added to feature tracking tool.