Upon boot, before the system runs GPG to decrypt the key that mounts the / filesystem, this initrd.scripts script renames the original /dev/tty to /dev/tty.org. The script then creates its own /dev/tty with 'mknod /dev/tty c 5 1'. This is the equivalent to /dev/console, as i assume GPG normally expects /dev/tty and since we are in a single initrd environment, the equivalent of /dev/console is required. (I tested, a real 5 0 /dev/tty and it fails at boot) Anyhow, after this happens the script then runs the GPG decrypt command, which asks for the password to decrypt the GPG key. After this happens, the script fails to return /dev/tty back to its original state. The system then continues to boot up with a broken /dev/tty with a 5 1 major/minor when it should be 5 0. Reproducible: Always Steps to Reproduce: 1. Build a system and initrd with a gpg keyed luks root volume and boot up with it. 2. Check the permissions on /dev/tty 3. Profit Actual Results: crw-r--r-- 1 root root 5, 1 Mar 28 05:35 /dev/tty Expected Results: crw-rw-rw- 1 root tty 5, 0 Mar 28 05:35 /dev/tty Move the /dev/tty.org back to /dev/tty
Created attachment 307027 [details, diff] genkernel.patch Made this patch and it solved my issue.
Portage 2.2.0_alpha96 (default/linux/amd64/10.0, gcc-4.6.2, unavailable, 3.3.0 x86_64) ================================================================= System uname: Linux-3.3.0-x86_64-Intel-R-_Core-TM-_i7_CPU_920_@_2.67GHz-with-gentoo-2.1 Timestamp of tree: Wed, 28 Mar 2012 12:15:01 +0000 app-shells/bash: 4.2_p24 dev-java/java-config: 2.1.11-r3 dev-lang/python: 2.7.2-r3 dev-util/cmake: 2.8.7-r5 dev-util/pkgconfig: 0.26 sys-apps/baselayout: 2.1 sys-apps/openrc: 0.9.9.3 sys-apps/sandbox: 2.5 sys-devel/autoconf: 2.13, 2.68 sys-devel/automake: 1.9.6-r3, 1.11.3 sys-devel/binutils: 2.22-r1 sys-devel/gcc: 4.6.2 sys-devel/gcc-config: 1.6 sys-devel/libtool: 2.4.2 sys-devel/make: 3.82-r3 sys-kernel/linux-headers: 3.3 (virtual/os-headers) sys-libs/glibc: 2.14.1-r2 Repositories: gentoo overlay Installed sets: @system ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA Nero-EULA-US dlj-1.1 skype-eula AdobeFlash-10.3 PUEL Oracle-BCLA-JavaSE" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-pipe -O2 -march=native" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /usr/share/openvpn/easy-rsa /var/bind" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-pipe -O2 -march=native" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--quiet-build=n" FEATURES="assume-digests binpkg-logs distlocks ebuild-locks fixlafiles news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch xattr" FFLAGS="" GENTOO_MIRRORS="http://gentoo.osuosl.org/" LANG="en_US.UTF8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="en" MAKEOPTS="-j10" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/dev/shm" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" USE="256-color 64bit X a52 aac acl acpi alsa amd64 ao apng aspell berkdb bluetooth bootstrap bzip2 cairo caps cdda cddb cdparanoia chardet cli consolekit contrast cracklib crypt cups curl custom-cflags custom-optimization cxx dbus device-mapper dlz enca encode exif extensions faac faad fam ffmpeg flac fontconfig g3dvl gdbm gif gimp glib glibc-omitfp glitz gmp gnutls gphoto2 gpm gs gtk3 gudev hpn httpd iconv icu id3tag idn imap imapc imlib iproute2 ipv6 joystick jpeg lame lcdfilter lcms lensfun libnotify lm_sensors mad mmap mmx mmxext mng modules mp3 mpeg msn mudflap multilib ncurses nptl nptlonly nsplugin ogg openal opengl openmp openssl pam pcre pdf perl pixbuf png policykit pppd pvr python qt-static readline rtsp samba sasl scrobbler sdl secure-delete session shm smp sndfile snesfilter spell sqlite sqlite3 sse sse2 ssh ssl ssse3 svg sysfs tcpd theora tiff timezone timidity truetype tta udev unicode upnp usb v4l2 vdpau vorbis wavpack wma x264 xattr xcomposite xml xorg xscreensaver xulrunner xv xvid zlib" ALSA_CARDS="ctxfi usb-audio" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif so speling status unique_id userdir usertrack vhost_alias dav proxy proxy_http" APACHE2_MPMS="prefork" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev" KERNEL="linux" LINGUAS="en" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" SANE_BACKENDS="plustek" USERLAND="GNU" VIDEO_CARDS="nvidia" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
The second mv command in my patch probably isn't needed, if you cant decrypt your root volume then you're out of options at that point....
commandline: real_root=/dev/mapper/root root_key=/master.gpg root_keydev=/dev/sdf1 crypt_root=/dev/mapper/mdadm-root dolvm domdadm ro vga=775 usbhid.mousepoll=4 i8042.nokbd snd-ctxfi.index=0
Thanks for the report and patch! I have adjusted your patch to minimize code duplication. Please give branch bug-410073 a try .. # git clone git://git.overlays.gentoo.org/proj/genkernel.git # cd genkernel # git checkout -t origin/bug-410073 # GK_SHARE="$PWD" ./genkernel initramfs --no-install --no-postclear [..] .. and report back.
Works, thank you.
(In reply to comment #6) > Works, thank you. Great, thanks for you help! +*genkernel-3.4.28 (30 Mar 2012) + + 30 Mar 2012; Sebastian Pipping <sping@gentoo.org> +genkernel-3.4.28.ebuild: + Bump to 3.4.28 +
