Upon upgrading to the above-mentioned version of systemd, system no longer prompts for a password to unlock LUKS-encrypted devices necessary for boot. Masking it and going back to the previous stable version (=sys-apps/systemd-233-r6) restores this functionality. I am using dracut to build an initrd in an EFI stub kernel (initrd built into the kernel). The root filesystem is a ZFS pool, but the kernel never sees ZFS because it cannot unlock the LUKS device. Reproducible: Always Steps to Reproduce: 1. Build an initrd with =sys-kernel/dracut-046-r1 with LUKS encryption support and =sys-apps/systemd-236-r5 under kernel =sys-kernel/gentoo-sources-4.9.76-r1 (all currently stable) 2. Boot using this initrd with an EFI stub kernel (probably not a factor) 3. Wait indefinitely for a password prompt or an emergency shell... neither of which will ever appear Actual Results: System fails to progress to unlocking the boot volume, or dropping to an emergency shell after any timeout. Remains responsive to keyboard commands (ctrl-alt-del performs graceful reboot) Expected Results: Prompt for a password which can be used to unlock the LUKS volume dracut is invoked with the following parameters: dracut -M -v --early-microcode --force --ro-mnt --no-compress --kernel-cmdline "init=/usr/lib64/systemd/systemd" /tmp/initrd.cpio 4.9.76-gentoo-r1 The kernel has the following built-in command-line: rd.luks.uuid=luks-ed2e40ef-3644-4205-aa90-60c3a8faddfc rd.luks.uuid=luks-901eb7f9-98b1-4ea0-aa12-75a3cba8c6dc modprobe.blacklist=nouveau I have the following in /etc/crypttab: luks-6ce533de-d023-4ddc-b960-1841a232c29f UUID=6ce533de-d023-4ddc-b960-1841a232c29f /root/home.key luks-901eb7f9-98b1-4ea0-aa12-75a3cba8c6dc UUID=901eb7f9-98b1-4ea0-aa12-75a3cba8c6dc luks-ed2e40ef-3644-4205-aa90-60c3a8faddfc UUID=ed2e40ef-3644-4205-aa90-60c3a8faddfc swap /dev/disk/by-id/wwn-0x5000c500a95372d2-part3 /dev/urandom swap,cipher=aes-xts-plain64:sha256,size=256 In this case, the devices with UUIDs beginning with 901e and ed2e are critical for booting, and the others can (and must) wait until the root filesystem is mounted. This configuration has worked with all versions of systemd until this one. emerge --info: Portage 2.3.13 (python 3.5.4-final-0, default/linux/amd64/17.0/desktop/plasma/systemd, gcc-6.4.0, glibc-2.25-r9, 4.9.76-gentoo-r1 x86_64) ================================================================= System uname: Linux-4.9.76-gentoo-r1-x86_64-Intel-R-_Core-TM-_i7-6700HQ_CPU_@_2.60GHz-with-gentoo-2.4.1 KiB Mem: 16365108 total, 12616116 free KiB Swap: 8305660 total, 8305660 free Timestamp of repository gentoo: Wed, 24 Jan 2018 06:30:01 +0000 Head commit of repository gentoo: 4b7957e12bca2dc621d3aadf0d717d3249dd302b sh bash 4.3_p48-r1 ld GNU ld (Gentoo 2.28.1 p1.0) 2.28.1 app-shells/bash: 4.3_p48-r1::gentoo dev-java/java-config: 2.2.0-r3::gentoo dev-lang/perl: 5.24.3::gentoo dev-lang/python: 2.7.14-r1::gentoo, 3.4.5::gentoo, 3.5.4-r1::gentoo dev-util/cmake: 3.8.2::gentoo dev-util/pkgconfig: 0.29.2::gentoo sys-apps/baselayout: 2.4.1-r2::gentoo sys-apps/openrc: 0.34.11::gentoo sys-apps/sandbox: 2.10-r4::gentoo sys-devel/autoconf: 2.13::gentoo, 2.69::gentoo sys-devel/automake: 1.11.6-r2::gentoo, 1.13.4-r1::gentoo, 1.15.1-r1::gentoo sys-devel/binutils: 2.28.1::gentoo, 2.29.1-r1::gentoo sys-devel/gcc: 6.4.0::gentoo sys-devel/gcc-config: 1.8-r1::gentoo sys-devel/libtool: 2.4.6-r3::gentoo sys-devel/make: 4.2.1::gentoo sys-kernel/linux-headers: 4.4::gentoo (virtual/os-headers) sys-libs/glibc: 2.25-r9::gentoo Repositories: gentoo location: /usr/portage sync-type: rsync sync-uri: rsync://rsync.gentoo.org/gentoo-portage priority: -1000 sync-rsync-extra-opts: x-portage location: /usr/local/portage masters: gentoo priority: 0 qt location: /var/lib/layman/qt sync-type: laymansync sync-uri: https://anongit.gentoo.org/git/proj/qt.git masters: gentoo priority: 50 steam-overlay location: /var/lib/layman/steam-overlay sync-type: laymansync sync-uri: https://github.com/anyc/steam-overlay.git masters: gentoo priority: 50 vifino-overlay location: /var/lib/layman/vifino-overlay sync-type: laymansync sync-uri: https://github.com/vifino/vifino-overlay.git masters: gentoo priority: 50 Installed sets: @esteam, @qt5-addons, @qt5-essentials, @qt5-tools ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=skylake -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/config /usr/share/gnupg/qualified.txt /usr/share/sddm/scripts/Xsetup" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-march=skylake -O2 -pipe" DISTDIR="/usr/portage/distfiles" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync multilib-strict news parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="en_US.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="en en_US" MAKEOPTS="-j4" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/var/tmp" USE="X a52 aac acl acpi activities alsa amd64 appstream berkdb bluetooth branding bzip2 cairo cdda cdr clang cli crypt cups cxx dbus declarative dri dts dvd dvdr emboss encode exif fam firefox flac fortran gdbm gif glamor gnome-keyring gpm gssapi gtk hidpi iconv ipv6 jpeg kde kerberos kipi kwallet lcms ldap libnotify mad mng modules mp3 mp4 mpeg multilib ncurses networkmanager nls nptl ogg openal opengl openmp pam pango pcre pdf phonon plasma plymouth png policykit postproc ppds pulseaudio qml qt3support qt5 readline sdl seccomp semantic-desktop spell ssl startup-notification svg systemd tcpd threads tiff truetype udev udisks unicode upower usb vdpau vim-syntax vorbis widgets wxwidgets x264 xattr xcb xcomposite xml xv xvid zlib" ABI_X86="64 32" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx avx2 fma3 mmx mmxext popcnt sse sse2 sse3 sse4_1 sse4_2 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="evdev synaptics" KERNEL="linux" L10N="en en_US" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-6 php7-0" POSTGRES_TARGETS="postgres9_5" PYTHON_SINGLE_TARGET="python3_5" PYTHON_TARGETS="python2_7 python3_5" RUBY_TARGETS="ruby22 ruby23" USERLAND="GNU" VIDEO_CARDS="intel i965 nvidia nouveau" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CC, CPPFLAGS, CTARGET, CXX, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Also, my local dracut config: hostonly="yes" add_drivers+="nvme"
... and I missed the following line :( add_dracutmodules+="crypt plymouth systemd zfs"
luks root is working fine for me with systemd-236-r5 and dracut-046-r1.
Hrmm... that's odd. What other factors could be involved here if it doesn't work for me with systemd-236-r5, but it does for systemd-233-r6? Are you using a passphrase or a keyfile? In my case, I don't get the password prompt for a passphrase.
I'm using a passphrase, and I am prompted for it by systemd in the initramfs. Here's my disk layout: > # lsblk -f > NAME FSTYPE LABEL UUID MOUNTPOINT > sda > ├─sda1 vfat 7E87-62CB > ├─sda2 swap 0c821e3b-e78a-41a8-a2d6-8f37e5a3e5f8 [SWAP] > └─sda3 crypto_LUKS 65111873-7fba-46af-808e-6258952663a7 > └─luks-65111873-7fba-46af-808e-6258952663a7 btrfs cryptroot 0bec7aa8-4e35-4380-a548-f92a7863b712 / > sr0 And my kernel command line: > # cat /proc/cmdline > initrd=\6b57096849e44b6a9de9317478b5fcae\4.9.78-gentoo\initrd luks.uuid=65111873-7fba-46af-808e-6258952663a7 root=UUID=0bec7aa8-4e35-4380-a548-f92a7863b712 loglevel=4 # emerge --info systemd dracut cryptsetup Portage 2.3.19 (python 3.5.4-final-0, default/linux/amd64/17.0/desktop/plasma/systemd, gcc-6.4.0, glibc-2.25-r9, 4.9.78-gentoo x86_64) ================================================================= System Settings ================================================================= System uname: Linux-4.9.78-gentoo-x86_64-Intel-R-_Core-TM-_i5-4210U_CPU_@_1.70GHz-with-gentoo-2.4.1 KiB Mem: 8078664 total, 6877960 free KiB Swap: 16777212 total, 16777212 free Timestamp of repository gentoo: Sat, 27 Jan 2018 18:00:01 +0000 Head commit of repository gentoo: d41db1596e3f6f0f9640dd34513359cade3086b5 sh bash 4.4_p12 ld GNU ld (Gentoo 2.29.1 p3) 2.29.1 app-shells/bash: 4.4_p12::gentoo dev-lang/perl: 5.24.3::gentoo dev-lang/python: 2.7.14-r1::gentoo, 3.5.4-r1::gentoo dev-util/cmake: 3.9.6::gentoo dev-util/pkgconfig: 0.29.2::gentoo sys-apps/baselayout: 2.4.1-r2::gentoo sys-apps/sandbox: 2.12::gentoo sys-devel/autoconf: 2.13::gentoo, 2.69-r4::gentoo sys-devel/automake: 1.15.1-r1::gentoo sys-devel/binutils: 2.29.1-r1::gentoo sys-devel/gcc: 6.4.0-r1::gentoo sys-devel/gcc-config: 1.8-r1::gentoo sys-devel/libtool: 2.4.6-r3::gentoo sys-devel/make: 4.2.1::gentoo sys-kernel/linux-headers: 4.13::gentoo (virtual/os-headers) sys-libs/glibc: 2.25-r9::gentoo Repositories: gentoo location: /usr/portage sync-type: rsync sync-uri: rsync://rsync.gentoo.org/gentoo-portage priority: -1000 sync-rsync-extra-opts: ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -march=haswell" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -pipe -march=haswell" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--jobs=2 --with-bdeps=y --dynamic-deps=n" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs clean-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync multilib-strict news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="en_US.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j4" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/x" USE="X a52 aac acl acpi activities alsa amd64 berkdb bluetooth branding bzip2 cairo cdda cdr cli crypt cups cxx dbus declarative dri dts dvd dvdr emboss encode exif fam firefox flac fortran gdbm gif glamor gpm gtk iconv ipv6 jpeg kde kipi kwallet lcms ldap libnotify mad mng modules mp3 mp4 mpeg multilib ncurses nls nptl ogg opengl openmp pam pango pcre pdf phonon plasma png policykit ppds qml qt3support qt5 readline sdl seccomp semantic-desktop spell ssl startup-notification svg systemd tcpd tiff truetype udev udisks unicode upower usb vorbis widgets wxwidgets x264 xattr xcb xcomposite xml xv xvid zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2 aes avx avx2 f16c fma3 pclmul popcnt sse3 sse4_1 sse4_2 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="libinput keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-6 php7-0" POSTGRES_TARGETS="postgres9_5" PYTHON_SINGLE_TARGET="python3_5" PYTHON_TARGETS="python2_7 python3_5" RUBY_TARGETS="ruby22 ruby23" USERLAND="GNU" VIDEO_CARDS="amdgpu fbdev intel nouveau radeon radeonsi vesa dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CC, CPPFLAGS, CTARGET, CXX, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS ================================================================= Package Settings ================================================================= sys-apps/systemd-236-r5::gentoo was built with the following: USE="acl cryptsetup gcrypt gnuefi kmod lz4 pam (policykit) seccomp ssl sysv-utils (-apparmor) -audit -build -curl -elfutils -http -idn -importd -libidn2 -lzma -nat -qrcode (-selinux) -test -usrmerge -vanilla -xkb" ABI_X86="(64) -32 (-x32)" sys-kernel/dracut-046-r1::gentoo was built with the following: USE="-debug (-selinux)" ABI_X86="(64)" sys-fs/cryptsetup-1.7.5::gentoo was built with the following: USE="gcrypt nls udev -kernel -libressl -nettle -openssl -pwquality -python -reencrypt (-static) (-static-libs) -urandom" ABI_X86="(64)" PYTHON_TARGETS="python2_7 python3_5 -python3_4 -python3_6"
Hrm... here's an apples-to-apples comparison of the same: Disk layout: ``` graendal ~ # lsblk -f NAME FSTYPE LABEL UUID MOUNTPOINT sda ├─sda1 ├─sda2 ntfs-3g DATA 500EC80E0EC7EB54 ├─sda3 │ └─swap swap 08ce00df-6326-44aa-b3ca-6178df34e6c1 [SWAP] └─sda4 crypto_LU 6ce533de-d023-4ddc-b960-1841a232c29f └─luks-6ce533de-d023-4ddc-b960-1841a232c29f zfs_membe hpool 17424443539815919477 sdb ├─sdb1 ├─sdb2 crypto_LU 901eb7f9-98b1-4ea0-aa12-75a3cba8c6dc │ └─luks-901eb7f9-98b1-4ea0-aa12-75a3cba8c6dc │ zfs_membe rpool 11935181357237292819 └─sdb3 ntfs-3g HP GAMES 008ABB4B8ABB3C4A zd0 ├─zd0p1 ├─zd0p2 ├─zd0p3 └─zd0p4 nvme0n1 ├─nvme0n1p1 vfat ESP C24F-DC5D ├─nvme0n1p2 ├─nvme0n1p3 ntfs-3g OS 72E0BA5CE0BA25EF /mnt/winbo ├─nvme0n1p4 ntfs-3g WINRETOOLS C6F46173F4616721 ├─nvme0n1p5 ntfs-3g Image 563E61CC3E61A5A9 └─nvme0n1p6 crypto_LU ed2e40ef-3644-4205-aa90-60c3a8faddfc └─luks-ed2e40ef-3644-4205-aa90-60c3a8faddfc zfs_membe rpool 11935181357237292819 ``` Kernel command line: ``` graendal ~ # cat /proc/cmdline rd.luks.uuid=luks-ed2e40ef-3644-4205-aa90-60c3a8faddfc rd.luks.uuid=luks-901eb7f9-98b1-4ea0-aa12-75a3cba8c6dc modprobe.blacklist=nouveau ``` ================================================================= Package Settings ================================================================= sys-apps/systemd-233-r6:0/2::gentoo was built with the following: USE="acl cryptsetup gcrypt kmod lz4 pam (policykit) seccomp ssl (-apparmor) -audit -build -curl -doc -elfutils -gnuefi -http -idn -importd -lzma -nat -qrcode (-selinux) -sysv-utils {-test} -vanilla -xkb" ABI_X86="32 (64) (-x32)" sys-kernel/dracut-046-r1::gentoo was built with the following: USE="-debug (-selinux)" sys-fs/cryptsetup-1.7.5::gentoo was built with the following: USE="gcrypt nls udev urandom -kernel -libressl -nettle -openssl -pwquality -python -reencrypt (-static) (-static-libs)" PYTHON_TARGETS="python2_7 python3_5 -python3_4 -python3_6" Beyond that, the only thing that strikes me is possibly the kernel command line. I have no root=... statement because ZFS finds that automatically via the "bootfs" parameter. Maybe the new systemd didn't take that into account? All I have is speculation :( As far as I can tell, it never gets to the point where the root= statement would matter, as it never attempts to unlock the device node. Maybe that I manually specified the rd.luks parameters for dracut while you simply specified luks.uuid= parameters...? The fact that my initrd is built into the kernel and yours is a separate file...? I seem to be grasping at straws for the differences here. Is anyone else encountering this??
I am hitting this as well since systemd 236 was added to the tree. I thought I was CCed to such bug already but it seems not. Anyway, here is my configuration : # lsblk -f NAME FSTYPE LABEL UUID MOUNTPOINT sda ├─sda1 ntfs-3g Récupération 2E6C04A76C046C41 ├─sda2 vfat 2206-6A8C ├─sda3 ├─sda4 ntfs-3g BC3A09F73A09AF86 ├─sda5 ntfs-3g C23CC7D63CC7C39F ├─sda6 xfs 325c3837-721f-41cf-a2d4-6fb49e41d95a ├─sda7 crypto_LUKS 6a5f89ac-62e8-4371-a494-c701f70a6a37 │ └─luks-6a5f89ac-62e8-4371-a494-c701f70a6a37 swap a4e81d6a-4765-467f-aa77-b18d46bb034c [SWAP] ├─sda8 crypto_LUKS b6452990-48e2-4fae-9468-a97e2feff3bb │ └─luks-b6452990-48e2-4fae-9468-a97e2feff3bb btrfs a8910b46-e0d9-4243-83af-f915952d0ae9 /mnt/hdd └─sda9 ntfs-3g Lenovo_Recovery 5A40E1E214126640 zram0 [SWAP] # cat /proc/cmdline BOOT_IMAGE=/root/boot/vmlinuz-4.14.18-gentoo root=UUID=a8910b46-e0d9-4243-83af-f915952d0ae9 ro rootflags=subvol=root init=/usr/lib/systemd/systemd resume=UUID=a4e81d6a-4765-467f-aa77-b18d46bb034c rd.luks=1 rd.luks.uuid=b6452990-48e2-4fae-9468-a97e2feff3bb rd.luks.uuid=6a5f89ac-62e8-4371-a494-c701f70a6a37 systemd.legacy_systemd_cgroup_controller=yes rd.shell libata.allow_tpm=1 quiet splash # emerge --info systemd dracut cryptsetup Portage 2.3.24 (python 3.5.4-final-0, default/linux/amd64/17.0/hardened, gcc-7.2.0, glibc-2.26-r5, 4.14.18-gentoo x86_64) ================================================================= System Settings ================================================================= System uname: Linux-4.14.18-gentoo-x86_64-Intel-R-_Core-TM-_i7-3687U_CPU_@_2.10GHz-with-gentoo-2.4.1 KiB Mem: 12173904 total, 8200976 free KiB Swap: 20969464 total, 20969464 free Timestamp of repository gentoo: Thu, 08 Feb 2018 10:00:01 +0000 Head commit of repository gentoo: 0107fabb2640584bbde34957f1d28ba4e753b0b1 sh bash 4.3_p48-r1 ld GNU ld (Gentoo 2.29.1 p3) 2.29.1 distcc 3.2rc1 x86_64-pc-linux-gnu [disabled] ccache version 3.3.4 [disabled] app-shells/bash: 4.3_p48-r1::gentoo dev-java/java-config: 2.2.0-r3::gentoo dev-lang/perl: 5.26.1-r1::gentoo dev-lang/python: 2.7.14-r1::gentoo, 3.4.6-r1::gentoo, 3.5.4-r1::gentoo, 3.6.4::gentoo dev-util/ccache: 3.3.4-r1::gentoo dev-util/cmake: 3.10.1::gentoo dev-util/pkgconfig: 0.29.2::gentoo sys-apps/baselayout: 2.4.1-r2::gentoo sys-apps/openrc: 0.34.11::gentoo sys-apps/sandbox: 2.12::gentoo sys-devel/autoconf: 2.13::gentoo, 2.69-r4::gentoo sys-devel/automake: 1.11.6-r2::gentoo, 1.13.4-r1::gentoo, 1.15.1-r1::gentoo sys-devel/binutils: 2.28.1::gentoo, 2.29::gentoo, 2.29.1-r1::gentoo sys-devel/gcc: 6.4.0-r1::gentoo, 7.2.0-r1::gentoo sys-devel/gcc-config: 1.9.1::gentoo sys-devel/libtool: 2.4.6-r4::gentoo sys-devel/make: 4.2.1-r1::gentoo sys-kernel/linux-headers: 4.14::gentoo (virtual/os-headers) sys-libs/glibc: 2.26-r5::gentoo Repositories: gentoo location: /usr/portage sync-type: rsync sync-uri: rsync://rsync.gentoo.org/gentoo-portage priority: -1000 sync-rsync-verify-metamanifest: yes sync-rsync-extra-opts: eva location: /var/lib/layman/eva masters: gentoo priority: 50 steam-overlay location: /var/lib/layman/steam-overlay masters: gentoo priority: 50 Installed sets: @gnome-desktop, @local, @network, @portage-extras, @system-extras, @system-extras-phys ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=ivybridge --param l1-cache-line-size=64 --param l1-cache-size=32 --param l2-cache-size=4096 -pipe -g" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/chromium/policies/managed/chrome-gnome-shell.json /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/opt/chrome/policies/managed/chrome-gnome-shell.json /etc/php/apache2-php5.6/ext-active/ /etc/php/apache2-php7.1/ext-active/ /etc/php/apache2-php7.2/ext-active/ /etc/php/cgi-php5.6/ext-active/ /etc/php/cgi-php7.1/ext-active/ /etc/php/cgi-php7.2/ext-active/ /etc/php/cli-php5.6/ext-active/ /etc/php/cli-php7.1/ext-active/ /etc/php/cli-php7.2/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-O2 -march=ivybridge --param l1-cache-line-size=64 --param l1-cache-size=32 --param l2-cache-size=4096 -pipe -g" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--load=6.0 --jobs=4 --keep-going --buildpkg-exclude 'virtual/* sys-kernel/*-sources'" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs buildsyspkg config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync multilib-strict news parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="fr_FR.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu" LINGUAS="en fr" MAKEOPTS="-j5 -l5.0" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/var/tmp" USE="X a52 aac acl acpi alsa amd64 attr audit avahi avi bash-completion bluetooth bzip2 cairo caps cdr cgmanager cjk colord consolekit crypt cryptsetup cups cxx dbus dconf dvd eds evo exif ffmpeg filecaps flac fortran glamor gmp gnome-keyring gnome-online-accounts gnome-shell grilo gstreamer gudev hardened hwdb iconv icu introspection iptc ipv6 jit jpeg keymap laptop lcms ldap libnotify libsamplerate lirc lz4 lzma lzo mad matroska mp3 mpeg mtp multilib nautilus ncurses netlink networkmanager nfs nls nntp nptl nsplugin ntp ogg opengl openmp opus orc pam pcre pcsc-lite pdf pie pkcs11 playlist png policykit pulseaudio readline realtime seccomp sendto smartcard spell ssl ssp startup-notification svg systemd taglib telepathy theora threads tracker udev unicode upnp upnp-av urandom usb v4l v4l2 vim vim-syntax vorbis webkit x264 xattr xattrs xcb xinerama xml xmp xtpax xv xvid xvmc zeroconf zlib" ABI_X86="64" ALSA_CARDS="hda-intel" APACHE2_MODULES="auth_digest authn_file authz_groupfile dav dav_fs" APACHE2_MPMS="prefork" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="ptp2 directory" COLLECTD_PLUGINS="apache cpu cgroups df disk interface load logfile memory network swap syslog tail write_graphite" CPU_FLAGS_X86="aes avx mmx mmxext popcnt sse sse2 sse3 sse4_1 sse4_2 ssse3 f16c" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="pc efi-64" INPUT_DEVICES="evdev libinput synaptics" KERNEL="linux" L10N="en fr" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" NGINX_MODULES_HTTP="access auth_basic autoindex browser charset empty_gif fastcgi geo gzip limit_conn limit_req map memcached mirror proxy referer rewrite scgi split_clients ssi upstream_hash upstream_ip_hash upstream_keepalive upstream_least_conn upstream_zone userid uwsgi gzip_static realip" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-6 php7-0" POSTGRES_TARGETS="postgres9_5" PYTHON_SINGLE_TARGET="python3_5" PYTHON_TARGETS="python2_7 python3_4 python3_5 python3_6" QEMU_SOFTMMU_TARGETS="x86_64 arm" QEMU_USER_TARGETS="x86_64 arm" RUBY_TARGETS="ruby22 ruby23" USERLAND="GNU" VIDEO_CARDS="intel" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CC, CPPFLAGS, CTARGET, CXX, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS ================================================================= Package Settings ================================================================= sys-apps/systemd-236-r5::gentoo was built with the following: USE="acl audit cryptsetup gcrypt kmod lz4 lzma pam policykit seccomp ssl -apparmor -build -curl -elfutils -gnuefi -http -idn -importd -libidn2 -nat -qrcode (-selinux) -sysv-utils -test -usrmerge -vanilla -xkb" ABI_X86="(64) -32 (-x32)" sys-kernel/dracut-046-r1::gentoo was built with the following: USE="-debug (-selinux)" ABI_X86="(64)" sys-fs/cryptsetup-2.0.1::gentoo was built with the following: USE="argon2 gcrypt nls udev urandom -kernel -libressl -nettle -openssl -pwquality -python -reencrypt -static -static-libs" ABI_X86="(64)" PYTHON_SINGLE_TARGET="python3_5 -python2_7 -python3_4 -python3_6" PYTHON_TARGETS="python2_7 python3_4 python3_5 python3_6"
I got =sys-apps/systemd-236-r5 working after disabling the plymouth module in dracut. Therefore, it appears the integration between dracut, systemd, and plymouth is the culprit here. It now prompts for a password and boots properly.
Confirming omitting plymouth fixed my issues on my full encrypted disk laptop. I'll give it another shot with newer dracut+systemd releases.
