[Bug 1256730] Re: /usr/share/initramfs-toos/hooks/cryptroot does not honour the CRYPTSETUP variable
1256730 at bugs.launchpad.net
Fri May 13 07:50:40 UTC 2016
Ok I have booting working now. I can almost describe the steps...
I followed http://blog.nguyenvq.com/blog/2014/07/25/upgrading-
ubuntu-12-04-to-14-04-breaks-encrypted-lvm/ and created /etc/initramfs-
tools/conf.d/cryptroot (did not exist before creating). That solved the
issue. However, I finally noticed my /etc/fstab's / entry pointed to the
UUID of /dev/sda4, not the UUID of /dev/mapper/xyz. After changing the
UUID to /dev/mapper/xyz, neither /etc/initramfs-tools/conf.d/cryptroot
or the forcecryptsetup were needed anymore.
To make the story complete, right after I had really upgraded from 14.04
to 16.04, my system did not boot with any kernel, new or old, and I
needed to boot from USB and install cryptsetup + mount manually. I
tinkered around /etc/default/grub and /etc/fstab until I got it
booting... I was not using UUIDs in 14.04, that much I remember, and I
think I did not have the cryptdevice option in grub.
It's so complex topic I really have no good ideas what should be made
more robust. Obviously something broke (for me) during upgrade, and my
fix to that broke further initrd creations.
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
/usr/share/initramfs-toos/hooks/cryptroot does not honour the
Status in cryptsetup package in Ubuntu:
The patch https://launchpad.net/ubuntu/+source/cryptsetup/2:1.4.3-4ubuntu4
+if [ -n "$CRYPTSETUP" ] && [ "$CRYPTSETUP" != "n" ]; then
whether there is CRYPTSETUP=y has been set.
The description of the patch says that CRYPTSETUP=y in
/etc/initramfs-tools/initramfs.conf would be enough.
But it isn't.
update-initramfs calls mkinitramfs. CRYPTSETUP is still set to y.
Then /usr/share/initramfs-tools/hooks/cryptroot is called via
run_scripts/call_scripts. The variable is still set before the
cryptroot script is entered, but is unset in the script.
The problem is that update-initramfs does not put /sbin/cryptsetup
into initramfs. My root filesystem is unencrypted but I mount an
encrypted partition during boot, so I need cryptsetup in initramfs.
To manage notifications about this bug go to:
More information about the foundations-bugs