[Bug 1313326] [NEW] Crypted swap doesn't work any more
pinus
pinus at dokom.net
Sun Apr 27 12:34:10 UTC 2014
Public bug reported:
I upgraded to Ubuntu 14.04 via fresh install and copied my configuration
if possible.
I installed with full disk encryption, without swap partition. Now I
want to use a swap partition on a data drive, which is configured
manually after installation. I used such a setup with my old
installation but it doesn't work any more with 14.04.
crypttab:
cryptswap1 UUID=42640352-427f-4b99-99bf-9f80baca5e16 /dev/urandom swap,cipher=aes-cbc-essiv:sha256
Calling /etc/init.d/cryptdisks reload tells me everything is ok, but
there is no swap!
I messed around with the cryptdisks.functions, see >>> log entries
below. I see no error and swapon -s reports no swap.
root at my-pc /e/crypttab.key# /etc/init.d/cryptdisks reload
* Stopping remaining crypto disks... * sdb2_crypt (busy)... * cryptswap1 (stopping)... [ OK ]
* Starting remaining crypto disks... * sdb2_crypt (running)... * cryptswap1 (starting)..
* >>> do_noluks(): check=, params= --key-file=/dev/urandom, lukesparams=, src=/dev/disk/by-uuid/42640352-427f-4b99-99bf-9f80baca5e16, dst=cryptswap1
# cryptsetup 1.6.1 processing "cryptsetup -v --debug -c aes-cbc-essiv:sha256 --key-file=/dev/urandom create cryptswap1_unformatted /dev/disk/by-uuid/42640352-427f-4b99-99bf-9f80baca5e16"
# Running command open.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating crypt device /dev/disk/by-uuid/42640352-427f-4b99-99bf-9f80baca5e16 context.
# Trying to open and read device /dev/disk/by-uuid/42640352-427f-4b99-99bf-9f80baca5e16.
# Initialising device-mapper backend library.
# Timeout set to 0 miliseconds.
# Password retry count set to 3.
# Formatting device /dev/disk/by-uuid/42640352-427f-4b99-99bf-9f80baca5e16 as type PLAIN.
# Crypto backend (gcrypt 1.5.3) initialized.
# Activating volume cryptswap1_unformatted [keyslot -1] using keyfile /dev/urandom.
# dm version OF [16384] (*1)
# dm versions OF [16384] (*1)
# Detected dm-crypt version 1.13.0, dm-ioctl version 4.27.0.
# Device-mapper backend running with UDEV support enabled.
# dm status cryptswap1_unformatted OF [16384] (*1)
# File descriptor passphrase entry requested.
# Calculated device size is 33556480 sectors (RW), offset 0.
# Trying to activate PLAIN device cryptswap1_unformatted using cipher aes-cbc-essiv:sha256.
# DM-UUID is CRYPT-PLAIN-cryptswap1_unformatted
# Udev cookie 0xd4dc323 (semid 1376256) created
# Udev cookie 0xd4dc323 (semid 1376256) incremented to 1
# Udev cookie 0xd4dc323 (semid 1376256) incremented to 2
# Udev cookie 0xd4dc323 (semid 1376256) assigned to CREATE task(0) with flags (0x0)
# dm create cryptswap1_unformatted CRYPT-PLAIN-cryptswap1_unformatted OF [16384] (*1)
# dm reload cryptswap1_unformatted OFW [16384] (*1)
# dm resume cryptswap1_unformatted OFW [16384] (*1)
# cryptswap1_unformatted: Stacking NODE_ADD (252,1) 0:6 0660 [verify_udev]
# cryptswap1_unformatted: Stacking NODE_READ_AHEAD 256 (flags=1)
# Udev cookie 0xd4dc323 (semid 1376256) decremented to 1
# Udev cookie 0xd4dc323 (semid 1376256) waiting for zero
# Udev cookie 0xd4dc323 (semid 1376256) destroyed
# cryptswap1_unformatted: Processing NODE_ADD (252,1) 0:6 0660 [verify_udev]
# cryptswap1_unformatted: Processing NODE_READ_AHEAD 256 (flags=1)
# cryptswap1_unformatted (252:1): read ahead is 256
# cryptswap1_unformatted (252:1): Setting read ahead to 256
# Releasing crypt device /dev/disk/by-uuid/42640352-427f-4b99-99bf-9f80baca5e16 context.
# Releasing device-mapper backend.
# Unlocking memory.
Befehl erfolgreich.
* >>> do_noluks(): /dev/mapper/cryptswap1_unformatted EXISTS
* cryptswap1 (started)...
I found the following code in the skript, the comment says it triggers a
mountall. It is called, I checked with a logging statement. But nothing
is mounted! I found a comment about udevadm in the latest release
comments, this might have a connection.
# Rename the device from its temp name to its final name, which will
# trigger mountall
finalize_device () {
if command -v udevadm >/dev/null 2>&1; then
udevadm settle
fi
dmsetup rename "${dst}_unformatted" "$dst"
}
** Affects: cryptsetup (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1313326
Title:
Crypted swap doesn't work any more
Status in “cryptsetup” package in Ubuntu:
New
Bug description:
I upgraded to Ubuntu 14.04 via fresh install and copied my
configuration if possible.
I installed with full disk encryption, without swap partition. Now I
want to use a swap partition on a data drive, which is configured
manually after installation. I used such a setup with my old
installation but it doesn't work any more with 14.04.
crypttab:
cryptswap1 UUID=42640352-427f-4b99-99bf-9f80baca5e16 /dev/urandom swap,cipher=aes-cbc-essiv:sha256
Calling /etc/init.d/cryptdisks reload tells me everything is ok, but
there is no swap!
I messed around with the cryptdisks.functions, see >>> log entries
below. I see no error and swapon -s reports no swap.
root at my-pc /e/crypttab.key# /etc/init.d/cryptdisks reload
* Stopping remaining crypto disks... * sdb2_crypt (busy)... * cryptswap1 (stopping)... [ OK ]
* Starting remaining crypto disks... * sdb2_crypt (running)... * cryptswap1 (starting)..
* >>> do_noluks(): check=, params= --key-file=/dev/urandom, lukesparams=, src=/dev/disk/by-uuid/42640352-427f-4b99-99bf-9f80baca5e16, dst=cryptswap1
# cryptsetup 1.6.1 processing "cryptsetup -v --debug -c aes-cbc-essiv:sha256 --key-file=/dev/urandom create cryptswap1_unformatted /dev/disk/by-uuid/42640352-427f-4b99-99bf-9f80baca5e16"
# Running command open.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating crypt device /dev/disk/by-uuid/42640352-427f-4b99-99bf-9f80baca5e16 context.
# Trying to open and read device /dev/disk/by-uuid/42640352-427f-4b99-99bf-9f80baca5e16.
# Initialising device-mapper backend library.
# Timeout set to 0 miliseconds.
# Password retry count set to 3.
# Formatting device /dev/disk/by-uuid/42640352-427f-4b99-99bf-9f80baca5e16 as type PLAIN.
# Crypto backend (gcrypt 1.5.3) initialized.
# Activating volume cryptswap1_unformatted [keyslot -1] using keyfile /dev/urandom.
# dm version OF [16384] (*1)
# dm versions OF [16384] (*1)
# Detected dm-crypt version 1.13.0, dm-ioctl version 4.27.0.
# Device-mapper backend running with UDEV support enabled.
# dm status cryptswap1_unformatted OF [16384] (*1)
# File descriptor passphrase entry requested.
# Calculated device size is 33556480 sectors (RW), offset 0.
# Trying to activate PLAIN device cryptswap1_unformatted using cipher aes-cbc-essiv:sha256.
# DM-UUID is CRYPT-PLAIN-cryptswap1_unformatted
# Udev cookie 0xd4dc323 (semid 1376256) created
# Udev cookie 0xd4dc323 (semid 1376256) incremented to 1
# Udev cookie 0xd4dc323 (semid 1376256) incremented to 2
# Udev cookie 0xd4dc323 (semid 1376256) assigned to CREATE task(0) with flags (0x0)
# dm create cryptswap1_unformatted CRYPT-PLAIN-cryptswap1_unformatted OF [16384] (*1)
# dm reload cryptswap1_unformatted OFW [16384] (*1)
# dm resume cryptswap1_unformatted OFW [16384] (*1)
# cryptswap1_unformatted: Stacking NODE_ADD (252,1) 0:6 0660 [verify_udev]
# cryptswap1_unformatted: Stacking NODE_READ_AHEAD 256 (flags=1)
# Udev cookie 0xd4dc323 (semid 1376256) decremented to 1
# Udev cookie 0xd4dc323 (semid 1376256) waiting for zero
# Udev cookie 0xd4dc323 (semid 1376256) destroyed
# cryptswap1_unformatted: Processing NODE_ADD (252,1) 0:6 0660 [verify_udev]
# cryptswap1_unformatted: Processing NODE_READ_AHEAD 256 (flags=1)
# cryptswap1_unformatted (252:1): read ahead is 256
# cryptswap1_unformatted (252:1): Setting read ahead to 256
# Releasing crypt device /dev/disk/by-uuid/42640352-427f-4b99-99bf-9f80baca5e16 context.
# Releasing device-mapper backend.
# Unlocking memory.
Befehl erfolgreich.
* >>> do_noluks(): /dev/mapper/cryptswap1_unformatted EXISTS
* cryptswap1 (started)...
I found the following code in the skript, the comment says it triggers
a mountall. It is called, I checked with a logging statement. But
nothing is mounted! I found a comment about udevadm in the latest
release comments, this might have a connection.
# Rename the device from its temp name to its final name, which will
# trigger mountall
finalize_device () {
if command -v udevadm >/dev/null 2>&1; then
udevadm settle
fi
dmsetup rename "${dst}_unformatted" "$dst"
}
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1313326/+subscriptions
More information about the foundations-bugs
mailing list