[Bug 78062] Kernel update crashes "cryptsetuped" Ubuntu systems

Matthai matthai at owca.info
Fri Jan 26 15:43:02 UTC 2007 

Public bug reported:

Kernel update completely crashes Ubuntu systems with encrypted root
partition. This is a CRITICAL bug, which can be easly solved as
described belov.

I have Ubuntu 6.06 with full disk encryption. I have a small /boot
partition, which is unencrypted, and /, /home and /swap encrypted with
crytpsetup.

This is how my system looks like:
/etc/fstab:
# /etc/fstab: static file system information.
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
proc            /proc           proc    defaults        0       0
/dev/mapper/croot       /               ext3    defaults,errors=remount-ro 0       1
/dev/mapper/cswap	none	swap	sw	0	0
/dev/mapper/chome	/home	ext3	defaults	0	0
/dev/hda1       /boot           ext3    defaults        0       2
/dev/hdc        /media/cdrom0   udf,iso9660 user,noauto     0       0
/dev/fd0        /media/floppy0  auto    rw,user,noauto  0       0

AND

/etc/crypttab:
# <target name>	<source device>		<key file>	<options>
croot	/dev/hda4	none
cswap 	/dev/hda2	/dev/urandom	swap
chome	/dev/hda3	/etc/keys/home.key

Procedure for setting-up the system is quite straight
1. Create 4 partitions: /boot, temporary root partition (which will become future /swap), future /home and future root partition.
2. Install server version of Ubuntu on temporary root partition.
3. Install cryptsetup and yaird packages.
4. Create and format encrypted partitions on "future /home" and "future root partition".
5. Copy existing root partition to future root partition.
6. Chroot into "future root partition" and change /etc/fstab and /etc/crypttab files.
7. Make new initrd with mkinitrd.yaird
8. Set /swap to be on temporary root partition
9. Reboot.

OK, the system is working, but when I receive the kernel update, system
crashes after reboot.

I found out the problem. The problem is, that after installing kernel
update, Ubuntu copies his own initrd scripts. If I run mkinitrd.yaird
before system reboot, system do not crash.

This is a fatal error for those running whole system encryption on their
system, but can be easily solved if Ubuntu will run mkinitrd after each
kernel update (as Debian do).

Is it possible to solve this?

** Affects: linux-source-2.6.15 (Ubuntu)
     Importance: Undecided
         Status: Unconfirmed

-- 
Kernel update crashes "cryptsetuped" Ubuntu systems
https://launchpad.net/bugs/78062

More information about the kernel-bugs mailing list