Summary: | sys-fs/cryptsetup-1.0.6-r2: dmcrypt post_mount commands do not run | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Jack Lloyd <lloyd> |
Component: | [OLD] Core system | Assignee: | Gentoo's Team for Core System packages <base-system> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | martin.kolleck, quazgar |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
My /etc/conf.d/dmcrypt
/bin/setup_crypt_tmp boot log |
Description
Jack Lloyd
2009-07-23 00:46:26 UTC
Created attachment 198860 [details]
My /etc/conf.d/dmcrypt
Created attachment 198861 [details]
/bin/setup_crypt_tmp
Created attachment 198863 [details]
boot log
I can confirm this bug with amd64. /etc/conf.d/dmcrypt ----- target=crypt-tmp source='/dev/disk/by-id/ata-WDC_WD6401AALS-00L3B2_WD-WCASY5783237-part3' key='/dev/urandom' options='-c aes-cbc-essiv:sha256' pre_mount='/sbin/mkfs.ext2 -L crypto-tmp ${dev}' post_mount='chown root:root ${mount_point}; chmod 1777 ${mount_point}' ------ (In reply to comment #3) > Created an attachment (id=198863) [edit] > boot log > OpenRC 0.4.3 is starting up Gentoo Linux (x86_64) Press I to enter interactive boot mode * Mounting /proc... [ ok ] * Mounting /sys... [ ok ] * Mounting debug filesystem... [ ok ] * Mounting /dev... [ ok ] * Starting udevd... [ ok ] * Populating /dev with existing devices through uevents... [ ok ] * Waiting for uevents to be processed... [ ok ] * Device initiated services: net.eth0 * Mounting /dev/pts... [ ok ] * Mounting /dev/shm... [ ok ] * Setting system clock using the hardware clock [UTC]... [ ok ] * Autoloaded 0 module(s) * device-mapper uses addon code which is deprecated * and may not be available in the future. * Setting up dm-crypt mappings... * Checking swap is not LUKS * dm-crypt map crypt-swap... * cryptsetup will be called with : -c aes -h sha1 -d /dev/urandom create crypt-swap /dev/disk/by-id/ata-WDC_WD6401AALS-00L3B2_WD-WCASY5803499-part3 [ ok ] * Running pre_mount commands for crypt-swap... [ ok ] * dm-crypt map crypt-tmp... * cryptsetup will be called with : -c aes-cbc-essiv:sha256 create crypt-tmp /dev/disk/by-id/ata-WDC_WD6401AALS-00L3B2_WD-WCASY5783237-part3 [ ok ] * Running pre_mount commands for crypt-tmp... mke2fs 1.41.3 (12-Oct-2008) [ ok ] * Checking local filesystems ... /dev/disk/by-uuid/23fafc47-37dc-431f-9da2-fc9e0c67f772: clean, 431984/3278576 files, 1822681/13109024 blocks /dev/disk/by-uuid/7362ee33-b769-4be2-b878-6adb518be0c9: clean, 41/28112 files, 22591/112320 blocks crypto-tmp: clean, 11/262944 files, 18570/1050249 blocks [ ok ] * Remounting root filesystem read/write... [ ok ] * Updating /etc/mtab... [ ok ] * Mounting local filesystems... [ ok ] * Setting hostname to Machine... [ ok ] * Configuring kernel parameters... [ ok ] * Creating user login records... [ ok ] * Cleaning /var/run... [ ok ] * Wiping /tmp directory... [ ok ] * Loading ALSA modules... [ ok ] * Restoring Mixer Levels... [ ok ] * Setting terminal encoding [UTF-8]... [ ok ] * Setting console font [lat9v-08]... [ ok ] * Loading key mappings [fi-latin9]... [ ok ] * Fixing font for euro symbol... [ ok ] * Setting keyboard mode [UTF-8]... [ ok ] * Bringing up interface lo * 127.0.0.1/8... [ ok ] * Adding routes * 127.0.0.0/8 via 127.0.0.1... [ ok ] * Bringing up interface eth0 * dhcp... * Running dhcpcd... eth0: dhcpcd 4.0.13 starting eth0: broadcasting for a lease eth0: offered 192.168.1.130 from 192.168.1.1 eth0: acknowledged 192.168.1.130 from 192.168.1.1 eth0: checking 192.168.1.130 is available on attached networks eth0: leased 192.168.1.130 for 86400 seconds [ ok ] * received address 192.168.1.130/24 [ ok ] * Mounting USB device filesystem [usbfs]... [ ok ] * Mounting misc binary format filesystem... [ ok ] * Activating swap devices... [ ok ] * Initializing random number generator... [ ok ] INIT: Entering runlevel: 3 * Starting syslog-ng... [ ok ] * Starting acpid... [ ok ] * Starting D-BUS system messagebus... [ ok ] * Starting Hardware Abstraction Layer daemon... [ ok ] * Mounting network filesystems... [ ok ] * Starting vixie-cron... [ ok ] * Starting local... [ ok ] I have to sleep more to see that it was an answer not a question. A workaround for this particular case (encrypted /tmp) is to use a larger encrypted swap and make /tmp a tmpfs, which has the same effect since if VM space gets tight the /tmp contents will be pushed to the (encrypted) swap. The tmpfs won't be persistent, but neither will encrypted /tmp (unless one sets a persistent key for the partition, which would probably work fine without needing a post_mount command, though I haven't attempted it), so these approaches seem to be more or less functionally equivalent. I never noticed this before, but with my current cryptsetup (1.1.3-r2), I hit this (or something very similar). Jack: Could you see if this can be reproduced with more recent (stable) versions of the cryptsetup package? I can confirm this started (again?) with cryptsetup-1.1.3-r2 which is the current stable version. This does not happen with 1.1.2 which is the previous stable version currently in portage. A diff on /lib/rcscripts/addons/dm-crypt-start.sh from both versions show that the newer version sets SVCNAME=dmcrypt for localmount. That way, dm_crypt_execute_localmount() never gets executed. Instead, dm_crypt_execute_dmcrypt() is executed twice. The second time it simply complains that all configured mappings are already active. I do not have enough expertise with the Gentoo start scripts to be able to suggest a patch. A naive solution would be to remove the current test for localmount, but I assume the developer put that explicitly there for a good reason. Btw. stable baselayout is 1.12.14-r1 on amd64. Should this block the stablereq #350044 ? stable requests are never blocked by non-regression bugs Yes, but this is a regression, since this behaviour did not occur in 1.1.2. this bug would indicate differently. notice how the summary says 1.0.6. Ok, so what would be the correct way then? Have the sumary changed by someone with sufficient rights? Or open a new bug (because most probably only the symptoms, but not the cause are the same)? Seems to be fixed in 1.1.3-r3: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh?r1=1.4&r2=1.5 The check for "localmount" now works as expected. I think this bug is finally resolved&dead now. (In reply to comment #14) > I think this bug is finally resolved&dead now. (At least as far as 1.1.3-r3 is concerned.) |