Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 257556 - baselayout2 & dm-crypt not parsing /etc/conf.d/dmcrypt correctly while booting
Summary: baselayout2 & dm-crypt not parsing /etc/conf.d/dmcrypt correctly while booting
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High major with 1 vote (vote)
Assignee: Gentoo's Team for Core System packages
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-02-04 04:04 UTC by Johannes Steidl
Modified: 2021-08-28 16:16 UTC (History)
8 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
simply use fd 4 instead of stdin (1.0.6-r2-dm-crypt-start.sh.patch,1.18 KB, patch)
2009-03-08 20:34 UTC, Victor Mataré
Details | Diff
whoops, sorry, this is the right one. (1.0.6-r2-dm-crypt-start.sh.patch,812 bytes, patch)
2009-03-08 20:37 UTC, Victor Mataré
Details | Diff
use fd 4 for reading the config (1.0.6-r2-dm-crypt-start.sh.patch,825 bytes, patch)
2009-03-09 20:17 UTC, Victor Mataré
Details | Diff
use fd 4 for reading the config (1.0.6-r2-dm-crypt-start.sh.patch,701 bytes, patch)
2009-03-10 13:20 UTC, Victor Mataré
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Steidl 2009-02-04 04:04:25 UTC
baselayout2 and dm-crypt make a mess of /etc/conf.d/dmcrypt when parsing a number of devices.

Reproducible: Always

Steps to Reproduce:
add partitions to /etc/conf.d/dmcrypt
Actual Results:  
configfile gets not parsed correctly and fails to initialise crypt-devices

Expected Results:  
well ....

i had this problem after upgrading to baselayout2 some time ago and thought it was some upgrade-quirk not worked out yet and left it alone. but since then i reinstalled gentoo from scratch and it was still there. i am trying to figure out if i am plain stupid or if this is actually a bug.

when booting normaly i get prompted for the passwd for my 3 LUKS-partitions.
this works perfectly (aside from the keymap-issue and localmount-mess) fine when i have the following in my /etc/conf.d/dmcrypt:

# SWAP                                                                          
swap=crypt-swap                                                                 
source='/dev/sda5'                                                              
                                                                                
# /home                                                                         
target=crypt-home                                                               
source='/dev/diego_vg00/home'                                                   
                                                                                
BUT if i add the rest of the partitions everything goes wrong. (following the respective bits of dmcrypt):

# /mnt/music                                                                    
#target=crypt-music                                                             
#source='/dev/diego_vg01/music'                                                 
                                                                                
                                                                                
# /mnt/media                                                                    
#target=crypt-media                                                             
#source='dev/diego_vg00/media'                                                  


rc.log looks like this:

* Setting system clock using the hardware clock [UTC]...
 [ ok ]
* Autoloaded 0 module(s)
*   mdraid uses addon code which is deprecated
*   and may not be available in the future.
* Starting up RAID devices...
 [ ok ]
*   lvm uses addon code which is deprecated
*   and may not be available in the future.
* Setting up the Logical Volume Manager...
  Locking type 1 initialisation failed.
 [ ok ]
*   device-mapper uses addon code which is deprecated
*   and may not be available in the future.
* Setting up dm-crypt mappings...
* Checking swap is not LUKS
* dm-crypt map crypt-swap...
* cryptsetup will be called with : -c aes -h sha1 -d /dev/urandom create crypt-swap /dev/sda5
 [ ok ]
*   Running pre_mount commands for crypt-swap...
 [ ok ]
* dm-crypt map crypt-home...
* cryptsetup will be called with :   luksOpen /dev/diego_vg00/home crypt-home
Command failed: No key available with this passphrase.

* failure running cryptsetup
 [ !! ]
* source "" for crypt-music missing, skipping...
* dm-crypt map crypt-media...
* cryptsetup will be called with :   luksOpen dev/diego_vg00/media crypt-media
key slot 1 unlocked.
Command successful.
 [ ok ]
* Failed to setup dm-crypt devices
 [ !! ]
* ERROR: dmcrypt failed to start
* Checking local filesystems ...
gentoo-root: clean, 10065/183264 files, 147988/732965 blocks
/dev/diego_vg00/gentoo-usr: clean, 492629/851968 files, 2127579/3407872 blocks
/dev/diego_vg00/gentoo-var: clean, 56801/163840 files, 118672/655360 blocks
boot: clean, 34/72288 files, 19820/289136 blocks
 [ ok ]
* Remounting root filesystem read/write...
 [ ok ]
* Updating /etc/mtab...
 [ ok ]
* Mounting local filesystems...
mount: special device /dev/mapper/crypt-home does not exist
* Some local filesystem failed to mount
 [ !! ]
* Setting hostname to diego...
 [ ok ]
* Configuring kernel parameters...
 [ ok ]
* Creating user login records...
 [ ok ]
* Cleaning /var/run...
 [ ok ]
* Wiping /tmp directory...
 [ ok ]
* Setting terminal encoding [UTF-8]...
 [ ok ]
* Setting console font [default8x16]...
 [ ok ]
* Loading key mappings [de]...
 [ ok ]
* Setting keyboard mode [UTF-8]...
 [ ok ]
* Bringing up interface lo
*   127.0.0.1/8...
 [ ok ]
*   Adding routes
*     127.0.0.0/8 via 127.0.0.1...
 [ ok ]
* Mounting USB device filesystem [usbfs]...
 [ ok ]
* Mounting misc binary format filesystem...
 [ ok ]
* Activating swap devices...
 [ ok ]
* Initializing random number generator...
 [ ok ]

rc boot logging stopped at Wed Feb  4 04:40:18 2009


rc default logging started at Wed Feb  4 04:40:18 2009

* Setting up dm-crypt mappings...
* Checking swap is not LUKS
* dm-crypt mapping crypt-swap is already configured
* dm-crypt map crypt-home...
* cryptsetup will be called with :   luksOpen /dev/diego_vg00/home crypt-home
Command failed: No key available with this passphrase.

* failure running cryptsetup
 [ !! ]
* source "" for crypt-music missing, skipping...
* dm-crypt mapping crypt-media is already configured
* Failed to setup dm-crypt devices
 [ !! ]
* ERROR: dmcrypt failed to start

i do NOT get prompted for a passwd except for the third partition (crypt-media).

please help me out here, i can't seem to figure this out myself.
Comment 1 Johannes Steidl 2009-02-04 15:02:33 UTC
forgot some information regarding versions and such:

sys-apps/baselayout-2.0.0
sys-fs/cryptsetup-1.0.6-r2

jsteidl@diego ~ $ emerge --info
Portage 2.1.6.7 (default/linux/x86/2008.0/desktop, gcc-4.3.3, glibc-2.9_p20081201-r1, 2.6.28.3-untouched i686)
=================================================================
System uname: Linux-2.6.28.3-untouched-i686-Intel-R-_Pentium-R-_4_CPU_3.00GHz-with-glibc2.0
Timestamp of tree: Tue, 03 Feb 2009 19:00:14 +0000
app-shells/bash:     3.2_p48
dev-java/java-config: 1.3.7-r1, 2.1.7
dev-lang/python:     2.4.4-r13, 2.5.4-r2
dev-python/pycrypto: 2.0.1-r6
dev-util/cmake:      2.6.2-r1
sys-apps/baselayout: 2.0.0
sys-apps/openrc:     0.4.2
sys-apps/sandbox:    1.3.3
sys-devel/autoconf:  2.13, 2.63
sys-devel/automake:  1.5, 1.7.9-r1, 1.9.6-r2, 1.10.2
sys-devel/binutils:  2.19
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6a
virtual/os-headers:  2.6.28-r1
ACCEPT_KEYWORDS="x86 ~x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=i686 -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d"
CXXFLAGS="-O2 -march=i686 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch"
GENTOO_MIRRORS="ftp://ftp.free.fr/mirrors/ftp.gentoo.org/ http://mirror.netcologne.de/gentoo/ ftp://mirror.netcologne.de/gentoo/ "
LANG="de_DE.UTF-8"
LDFLAGS="-Wl,-O1"
LINGUAS="de en"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage/layman/lstrojny-php5 /usr/local/portage/layman/suka /usr/local/portage/own"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="X a52 aac aalib acl acpi alsa bash-completion berkdb bzip2 cairo cdr cli cracklib crypt cups dbus doc dri dvd dvdr dvdread eds emboss encode esd evo fam fat fbcondecor firefox flac fortran galago gdbm gif git glitz gnome gnome-keyring gnutls gpm gstreamer gtk hal iconv id3tag isdnlog jpeg ldap libburn libnotify mad matroska midi mikmod mmx mng mono mp3 mpeg mudflap musepack musicbrainz ncurses networkmanager nls nptl nptlonly nvidia ogg opengl openmp pam pcre pdf perl png podcast ppds pppd python qt3support quicktime readline reflection rememberthemilk schroedinger sdl sensord session skins smp speex spell spl sqlite sse ssl startup-notification stream subversion svg sysfs tagwriting tcpd theora tiff truetype unicode upnp usb v4l v4l2 vim-syntax vim-with-x vlm vorbis webkit win32codecs x264 x86 xcb xcomposite xml xorg xulrunner xv xvmc zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="de en" USERLAND="GNU" VIDEO_CARDS="fbdev glint i810 intel mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa vga via vmware voodoo"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 2 Marc Schiffbauer gentoo-dev 2009-02-22 01:59:32 UTC
I can confirm this bug with this setup.
swap gets activated, but the second entry fails with

* source "" for vg00-mschiff_crypt missing, skipping...

--------------------
# If no makefs is given then mkswap will be assumed
swap=vg00-swap_crypt
options='-c aes-cbc-essiv:sha256 -s 256'
source='/dev/mapper/vg00-swap'

## /home with passphrase
#

target=vg00-mschiff_crypt
source='/dev/mapper/vg00-mschiff'
------------------------------

I looked a bit into the involved scripts a swa that not all lines get parsed in some situations.

Interesting is, that if I add a comment line between the target and the source line , everything works:.

target=vg00-mschiff_crypt
# foo
source='/dev/mapper/vg00-mschiff'


Comment 3 Victor Mataré 2009-02-24 14:51:24 UTC
this is a duplicate of #245266.
Comment 4 Tim Weber 2009-02-24 21:04:54 UTC
I'd say the original report by Johannes is indeed a duplicate of bug #245266, but the behavior Marc is seeing seems strange. As far as I kn(o|e)w, two entries in the file should work fine _if_ the first one does not need a passphrase (e.g. because it's swap), and comment lines should make no difference.

As I currently can't play around with the dmcrypt init script, I cannot comment further.
Comment 5 Mick Reed aka ykill and petlab 2009-03-06 21:04:00 UTC
This problem exists for me as well. It doesn't parse correctly.
~~~x86, baselayout-2.0.0, portage-2.2-rc23 
Comment 6 Victor Mataré 2009-03-08 20:34:58 UTC
Created attachment 184360 [details, diff]
simply use fd 4 instead of stdin

This is a quick hack that fixes this ugly "parser" so it doesn't connect /etc/conf.d/dmcrypt to stdin. This should work with X, too, since cryptsetup's stdin isn't redirected any more.
Comment 7 Victor Mataré 2009-03-08 20:37:26 UTC
Created attachment 184361 [details, diff]
whoops, sorry, this is the right one.

Sorry, picked up the wrong file there...
Comment 8 Mick Reed aka ykill and petlab 2009-03-09 18:36:40 UTC
(In reply to comment #7)
> whoops, sorry, this is the right one.
> 
> Sorry, picked up the wrong file there...
> 

Would you please clarify this?  From reading the bug, I can't tell which patch to apply, or both, in what order.  Do you want it to end up using fd 4?  Thanks, I will help test this on my machine.  
Comment 9 Victor Mataré 2009-03-09 20:09:58 UTC
Please don't use the obsolete one (the one that's stroked through).
Please use the second patch that's 812 Bytes long, where the Description field says "whoops, sorry, this is the right one.".

Using the obsolete patch (first one) won't break anything. It just feeds tty0 to cryptsetup's stdin, which means that the password can only be entered from a text console and not i.e. from an X terminal. The second patch only uses fd 4 to read the config, an thus should work on X terminals, too.
Comment 10 Victor Mataré 2009-03-09 20:17:33 UTC
Created attachment 184488 [details, diff]
use fd 4 for reading the config

Looks like I diff'ed in the wrong direction last time. Please apply ONLY this patch. Sorry about the confusion.
Comment 11 Mick Reed aka ykill and petlab 2009-03-09 20:29:44 UTC
(In reply to comment #10)
> Created an attachment (id=184488) [edit]
> use fd 4 for reading the config
> 
> Looks like I diff'ed in the wrong direction last time. Please apply ONLY this
> patch. Sorry about the confusion.
> 
There we go.  That is what I was asking about. Thanks!
Comment 12 Mick Reed aka ykill and petlab 2009-03-09 21:15:55 UTC
Yes, that works for me.  I have /home and /mnt/storage but no swap.  It asks for both LUKS passphrases.  THanks!

BTW, I think the patch filenames are broken, I manually patched (edited) the file in /lib as you are intending(?)  I am a noob and really appreciate everyone's efforts here, I couldn't fix this myself.
Comment 13 Victor Mataré 2009-03-10 13:20:19 UTC
Created attachment 184567 [details, diff]
use fd 4 for reading the config

Alright, sorry, for some reason KWrite defaults to DOS line endings. Now this one should apply correctly (just do "patch TARGETFILE 1.0.6-r2-dm-crypt-start.sh.patch"). TARGETFILE being for example /lib/rcscripts/addons/dm-crypt-start.sh if you want to do a live test.
Comment 14 Mick Reed aka ykill and petlab 2009-03-10 18:48:22 UTC
(In reply to comment #13)
> Created an attachment (id=184567) [edit]
> use fd 4 for reading the config
> 
> Alright, sorry, for some reason KWrite defaults to DOS line endings. Now this
> one should apply correctly (just do "patch TARGETFILE
> 1.0.6-r2-dm-crypt-start.sh.patch"). TARGETFILE being for example
> /lib/rcscripts/addons/dm-crypt-start.sh if you want to do a live test.
> 
I'm away,  Can't test the patch, but the fd 4 change works.
Comment 15 Mick Reed aka ykill and petlab 2009-03-12 20:13:33 UTC
(In reply to comment #14)
Yes, that final patch works correctly.  The patch applies correctly and using fd 4 works for me.  Please, someone more knowledgeable than me - verify that using file descriptor 4 is okay, (I'm a n00b.)
Comment 16 Mick Reed 2009-03-16 23:00:20 UTC
(In reply to comment #15)
> (In reply to comment #14)
> Yes, that final patch works correctly.  The patch applies correctly and using
> fd 4 works for me.  Please, someone more knowledgeable than me - verify that
> using file descriptor 4 is okay, (I'm a n00b.)
> 
Suggest to commit.
Comment 17 jannis 2009-05-22 12:10:54 UTC
I can confirm that the latest patch works. Is there any chance it will find it's way into the portage-tree (soon?)?
Comment 18 boris64 2009-06-07 02:41:35 UTC
I can also confirm that 1.0.6-r2-dm-crypt-start.sh.patch fixes
those strange errors i get when using an encrypted luks partition
together with key files on an extern usb pen drive.
Comment 19 Gef 2009-10-09 16:38:26 UTC
Patch (with fd 3) as been applied in the tree :
http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-fs/cryptsetup/files/1.0.6-r2-dm-crypt-start.sh?view=log
Comment 20 William Hubbs gentoo-dev 2009-12-06 23:36:01 UTC
I removed this from the baselayout component since it was actually an issue with dm-crypt.  The bug states that the patch has been applied in the tree, but since I don't use this software I do not feel comfortable closing the bug.  Can someone who maintains it verify that everything is working and possibly close the bug?

Thanks,

William
Comment 21 Martin Mokrejš 2021-08-28 16:16:39 UTC
Seems a stale bug, see /etc/init.d/dmcrypt:

        while read targetline <&3 ; do
                case ${targetline} in
                # skip comments and blank lines
                ""|"#"*) continue ;;
                # skip service-specific openrc configs #377927

...

                # Queue this setting for the next call to dm_crypt_execute
                eval "${targetline}"
        done 3< ${conf_file}

        # If we have a target queued up, then execute it
        dm_crypt_execute

        ewend ${cryptfs_status} "Failed to setup dm-crypt devices"