[Bug 904987] New: Dracut not working as expected with full-disk encryption
http://bugzilla.opensuse.org/show_bug.cgi?id=904987 Bug ID: 904987 Summary: Dracut not working as expected with full-disk encryption Classification: openSUSE Product: openSUSE Distribution Version: 13.2 Hardware: All OS: openSUSE 13.2 Status: NEW Severity: Critical Priority: P5 - None Component: Bootloader Assignee: jsrain@suse.com Reporter: fedev@gmx.net QA Contact: jsrain@suse.com Found By: --- Blocker: --- Created attachment 613252 --> http://bugzilla.opensuse.org/attachment.cgi?id=613252&action=edit Screenshot - emergency console after upgrade Hi there, My laptop has full disk encryption with luks. It was working without problems until openSUSE 13.2. It seems dracut checks for encrypted partitions and volumes on crypttab however I did not have the partition listed in crypttab because all this time the luks partition information was added by grub (if not mistaken). Well, dracut seems can't recognize an unlocked luks partition/volume on its own nor from the previous used settings. Dracut was then trying to look for the volumes for home and root without trying to unlock first for the encrypted partition. There are two workarounds for this. One, use the kernel boot parameter rd.luks.uuid the other, add the disk to crypttab and then re-run dracut -M --force This however it is not obvious for those doing an upgrade. After doing an upgrade from 13.1 to 13.2, the system is no longer bootable unless you take care of the above first. Thank you. Regards, Fede -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
--- Comment #1 from Federico Vecchiarelli
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Jiri Srain
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Thomas Renninger
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
--- Comment #3 from Federico Vecchiarelli
This doesn't work with full disk encryption. Unit file does not get generated and I see this message:
[ 7.142993] testhost dracut-initqueue[202]: Failed to start systemd-cryptsetup@luks\x2d342d2414\x2d159c\x2d48d7\x2da0b7\x2d5b59fa6e27a5.service: Unit systemd-cryptsetup@luks\x2d342d2414\x2d159c\x2d48d7\x2da0b7\x2d5b59fa6e27a5.service failed to load: No such file or directory.
Note that I don't have an entry for this luks device in /etc/crypttab. I always thought that this is not necessary since all needed options are in cmdline. ================= If the best is to write a wiki article about it, I surely can give that a try. Regards, Federico -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Vojtech Zeisek
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
--- Comment #5 from Federico Vecchiarelli
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
--- Comment #6 from Vojtech Zeisek
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
--- Comment #7 from Federico Vecchiarelli
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
--- Comment #8 from Vojtech Zeisek
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c9
Alexander Naumov
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c10
--- Comment #10 from Alexander Naumov
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Alexander Naumov
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c11
--- Comment #11 from Alexander Naumov
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c13
Chris Targett
Failed to start systemd-cryptsetup@luks.service: Unit systemd-cryptsetup@luks.service not found.
This is the result of a default/suggested LUKS+LVM install using the 30-Jan Tumbleweed snapshot ISO. I also believe it occurred after when doing a `zypper up` ~2 days ago. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c14
--- Comment #14 from Chris Targett
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Andrei Borzenkov
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c16
Joost W
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c17
--- Comment #17 from Daniel Molkentin
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c18
--- Comment #18 from Daniel Molkentin
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c19
--- Comment #19 from Joost W
Please provide the output of the following:
cat /etc/crypttab sudo lsinitrd -f etc/crypttab /usr/lib/systemd/system-generators/systemd-cryptsetup-generator && ls /tmp/*.service
Hi, thanks a lot for taking this up. crypttab in initrd is a 0 byte file (empty). Chrooting to manually mounted system partition with: cryptsetup luksOpen /dev/nvme0n1p3 system --- PW entry lvm_scan lvm vgchange -ay mkdir /mnt mount /dev/mapper/system-root /mnt mount --rbind /dev /mnt/dev mount --rbind /proc /mnt/proc mount --rbind /sys /mnt/sys chroot /mnt system /etc/crypttab: cr_nvme-200080d030005f1a7-part3 /dev/disk/by-id/nvme-200080d030005f1a7-part3 none none Resulting file after generator run: please see attachment (as I can not boot anymore, it's typing or taking a picture for me). -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c20
--- Comment #20 from Joost W
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c21
--- Comment #21 from Joost W
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c22
--- Comment #22 from Joost W
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c23
--- Comment #23 from Joost W
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c24
Steffen Golle
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c25
--- Comment #25 from Joost W
I ran into the same problem. openSUSE Tumbleweed with Kernel 4.9.10 is not starting anymore. At boot, the plymouth splash screen doesn't show the password prompt. The system message from dracut-initqueue is: Failed to connect to the bus. No such file or directory.
Can you tell me, how to enter the dracut shell from grub? The dracut shell should come up automatically if booting fails, though it has a delay of 1-2minutes; try to boot and come back 5 minutes later. At least your error message is different from the one I had, perhaps you have more luck in fixing it. I had to give up and do a complete reinstall.
-- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c26
--- Comment #26 from Chris Targett
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c27
--- Comment #27 from Fabian Vogt
I have just attempted to install Tumbleweed on a new hardware.
- Intel NUC - Corsair Force NVME SSD - OpenSUSE-Tumbleweed-DVD-x86_64-Snapshot20170304-Media.iso (4.10.1-1-default)
*all* installs have been booted through UEFI.
[...]
* Third install attempt matched the third. No password prompt on any TTY.
In dracut shell: * /etc/crypttab was empty
In chrooted mount (from dracut shell): * /etc/crypttab contains `cr_-Force-part3 /dev/disk/by-id/-Force-part3 none none` There is no /dev/disk/by-id matching that name.
Please open a new bug report against YaST2, as it puts a wrong udev id in there and attach the file generated by "save_y2logs" and the output of "hwinfo --disk". -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Steven Harms
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c28
Markus Greger
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c29
Sebastian Rettenberger
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c30
Dariusz Ostolski
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Dariusz Ostolski
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Dariusz Ostolski
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Dariusz Ostolski
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c31
Dan Elder
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c32
Chris Scheible
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
http://bugzilla.opensuse.org/show_bug.cgi?id=904987#c33
--- Comment #33 from Chris Scheible
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Chris Scheible
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Dariusz Ostolski
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Michael Chang
http://bugzilla.opensuse.org/show_bug.cgi?id=904987
Kresten P. Vester
participants (1)
-
bugzilla_noreply@novell.com