[Bug 1256730] Re: /usr/share/initramfs-toos/hooks/cryptroot does not honour the CRYPTSETUP variable

Timo Jyrinki 1256730 at bugs.launchpad.net
Fri May 13 07:50:40 UTC 2016

Ok I have booting working now. I can almost describe the steps...

I followed http://blog.nguyenvq.com/blog/2014/07/25/upgrading-
ubuntu-12-04-to-14-04-breaks-encrypted-lvm/ and created /etc/initramfs-
tools/conf.d/cryptroot (did not exist before creating). That solved the
issue. However, I finally noticed my /etc/fstab's / entry pointed to the
UUID of /dev/sda4, not the UUID of /dev/mapper/xyz. After changing the
UUID to /dev/mapper/xyz, neither /etc/initramfs-tools/conf.d/cryptroot
or the forcecryptsetup were needed anymore.

To make the story complete, right after I had really upgraded from 14.04
to 16.04, my system did not boot with any kernel, new or old, and I
needed to boot from USB and install cryptsetup + mount manually. I
tinkered around /etc/default/grub and /etc/fstab until I got it
booting... I was not using UUIDs in 14.04, that much I remember, and I
think I did not have the cryptdevice option in grub.

It's so complex topic I really have no good ideas what should be made
more robust. Obviously something broke (for me) during upgrade, and my
fix to that broke further initrd creations.

You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.

  /usr/share/initramfs-toos/hooks/cryptroot does not honour the
  CRYPTSETUP variable

Status in cryptsetup package in Ubuntu:

Bug description:
  The patch https://launchpad.net/ubuntu/+source/cryptsetup/2:1.4.3-4ubuntu4
  checks via

  +if [ -n "$CRYPTSETUP" ] && [ "$CRYPTSETUP" != "n" ]; then
  +    setup="yes"

  whether there is CRYPTSETUP=y has been set.

  The description of the patch says that CRYPTSETUP=y in
  /etc/initramfs-tools/initramfs.conf would be enough.
  But it isn't.

  update-initramfs calls mkinitramfs. CRYPTSETUP is still set to y.
  Then /usr/share/initramfs-tools/hooks/cryptroot is called via
  run_scripts/call_scripts. The variable is still set before the
  cryptroot script is entered, but is unset in the script.

  The problem is that update-initramfs does not put /sbin/cryptsetup
  into initramfs. My root filesystem is unencrypted but I mount an
  encrypted partition during boot, so I need cryptsetup in initramfs.

  Ubuntu 13.10


To manage notifications about this bug go to:

More information about the foundations-bugs mailing list