[Bug 1525724] Re: boot hangs with more than 1 luks device in crypttab

Thomas Mayer 1525724 at bugs.launchpad.net
Tue Dec 4 23:41:29 UTC 2018 

In 18.04.1 Server, I was able to freshly install with two luks encrypted
devices which I already added during the partitioning step.

Later on, I changed the generated /dev/mapper/... names in /etc/crypttab
and /etc/fstab and continued with a

dmsetup rename OLD_NAME1 NEW_NAME1 #avoids errors in later commands
dmsetup rename OLD_NAME2 NEW_NAME2 #avoids errors in later commands
update-initramfs -c -t -k all
update-grub
reboot

Both update-* commands ran without issues.

The result was that I get asked for one of the two passwords and then it
gets into some lvm loop and fails booting.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1525724

Title:
  boot hangs with more than 1 luks device in crypttab

Status in cryptsetup package in Ubuntu:
  Confirmed

Bug description:
  When /etc/crypttab has more than one luks device, the boot process
  locks up (hangs) after the decryption of the first luks device. A
  password prompt for the second luks device never appears.

  Affected:
  Ubuntu 15.04 (vivid)
  Ubuntu 15.10 (wily)

  Works fine in:
  Ubuntu 14.10 (utopic)

  When upgrading utopic to vivid in the affected configuration, the bug
  is triggered as well (first boot into vivid).

  
  Testcase:
  - install (text mode) from ubuntu-15.10-server-amd64.iso
  - manually partition the disk (see attached installer-partitions.png):
    -> sda1: 512mb ext2 for /boot/ (unencrypted)
    -> sda2: 4GB encrypted (luks) -> sda2_crypt
    -> sda3: 2GB encrypted (luks) -> sda3_crypt
    -> sda2_crypt: ext4 for /
    -> sda3_crypt: ext4 for /tmp

  boot will hang (boot-hang.png) after decrypting sda2.

  My real use-case is to encrypt multiple physical hard drivers, which
  fails exactly the same way (the test config doesn't make much sense,
  but its simple to reproduce).

  
  Commenting sda3_crypt in /etc/fstab and adding a the option nofail to sda3_crypt in /etc/crypttab makes the OS boot.

  
  # cat /etc/crypttab
  sda2_crypt UUID=b41558ee-eb5b-463a-a1a5-34e1cc6b05e9 none luks,discard
  sda3_crypt UUID=c1c660d3-2e70-4761-85a2-6f635719f8cd none luks,discard

  # cat /etc/fstab
  # <file system> <mount point>   <type>  <options>       <dump>  <pass>
  /dev/mapper/sda2_crypt /               ext4    errors=remount-ro 0       1
  # /boot was on /dev/sda1 during installation
  UUID=56e38284-0cef-4e8a-b933-c82f70ef4588 /boot           ext2    defaults        0       2
  #/dev/mapper/sda3_crypt /tmp            ext4    defaults        0       2

  # blkid
  /dev/mapper/sda2_crypt: UUID="8413bc48-13e7-4b19-aabc-42b6b19101a5" TYPE="ext4"
  /dev/sda1: UUID="56e38284-0cef-4e8a-b933-c82f70ef4588" TYPE="ext2" PARTUUID="ec85536d-0bb5-44c8-a3ba-93ae539e4ef1"
  /dev/sda2: UUID="b41558ee-eb5b-463a-a1a5-34e1cc6b05e9" TYPE="crypto_LUKS" PARTUUID="4f76f8cb-b170-4a07-a412-832ba2964377"
  /dev/sda3: UUID="c1c660d3-2e70-4761-85a2-6f635719f8cd" TYPE="crypto_LUKS" PARTUUID="ef6c816c-71d3-4d36-88e7-eb2ddae2a06a"

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1525724/+subscriptions

More information about the foundations-bugs mailing list