Cryptsetup test packages to fix cryptroot issues
Ilkka Tuohela
hile at iki.fi
Sat Mar 31 09:04:21 BST 2007
Sorry for the delay, I was on a short holiday in Bahrain :)
> Hm, the problem is that I cannot conviniently test your packages. Could
> you perhaps provide sources+binary packages somewhere and ask on the
> mailing lists ubuntu-devel@ and ububntu-motu@ for having them tested?
> I'd feel much better if at least another developer could confirm that
> this actually works for them.
No problem - http://ner.dy.fi/deb/cryptsetup/ in feisty and edgy
directories I have all sources and patches against 1.0.4+svn26 version.
Feisty version:
- Patched with the exact feisty patches I sent you earlier
Edgy version:
- Patched with
- the README note for encrypted LVM PV
- with patch to wait for encrypted root device node
- with patch to run cryptroot script before lvm scripts (this
was another LVM crypto issue with edgy packages which hasn't been
patched).
So please, anyone interested in encrypted root filesystem fixes, please
test these package versions with either feisty or edgy. I myself tested
this with a encrypted LVM PV setup only, on both feisty and edgy.
>> Oh, btw, same 'wait for root device' problem exists in edgy as well, and
>> same 'wait for device' fix works there. The maximum wait time is maybe
>> silly (360*0.5 seconds, i.e. 3 minutes), I think maximum of 30 seconds
>> should be really fine.
>
> This can be adjusted with the option rootdelay=20 as kernel parameter.
Hmm, this variable does not affect cryptroot script - remember, this is
not really waiting for root device as I said above, this is waiting for
the encrypted device, which may be LVM PV or directly encrypted root
device: in both cases you lose if the device is not available when the
cryptroot script is executed and the device just isn't there yet. We
just fail with rootdelay later, because the encryption could not be
opened earlier :=)
Maybe we should use rootdelay variable as well for maximum wait time for
encrypted root device node? Now it is not done.
*hile*
More information about the Ubuntu-motu
mailing list