Random Software Updates request password for encrypted partition

Please run (with the encrypted partition not mounted);

sudo apt-get install --reinstall cups-browsed

Do you get asked for thr partition's password?

Yes. (Note that at each password request I simply pressed the enter key.)

molly@molly:~$ sudo apt-get install --reinstall cups-browsed
[sudo] password for molly:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libp11-kit-gnome-keyring:i386 wine-gecko2.21 wine-gecko2.21:i386
  wine-mono0.0.8
Use 'apt-get autoremove' to remove them.
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 0 not upgraded.
Need to get 0 B/60.6 kB of archives.
After this operation, 0 B of additional disk space will be used.
(Reading database ... 532972 files and directories currently installed.)
Preparing to unpack .../cups-browsed_1.0.67-0ubuntu2.4_amd64.deb ...
Please enter passphrase for disk Samsung_SSD_850_EVO_250GB (luks-sda5)!
Unpacking cups-browsed (1.0.67-0ubuntu2.4) over (1.0.67-0ubuntu2.4) ...
Processing triggers for man-db (2.7.0.2-5) ...
Processing triggers for systemd (219-7ubuntu6) ...
Processing triggers for ureadahead (0.100.0-19) ...
ureadahead will be reprofiled on next reboot

Broadcast message from root@molly (Sat 2015-08-29 13:40:33 BST):

Password entry required for 'Please enter passphrase for disk Samsung_SSD_850_EVO_250GB (luks-sda5)!' (PID 513).
Please enter password with the systemd-tty-ask-password-agent tool!

Setting up cups-browsed (1.0.67-0ubuntu2.4) ...
Please enter passphrase for disk Samsung_SSD_850_EVO_250GB (luks-sda5)!
molly@molly:~$
Broadcast message from root@molly (Sat 2015-08-29 13:40:51 BST):

Password entry required for 'Please enter passphrase for disk Samsung_SSD_850_EVO_250GB (luks-sda5)!' (PID 513).
Please enter password with the systemd-tty-ask-password-agent tool!

molly@molly:~$

Is cups-browsed after this re-install with always only hitting Enter on password prompts correctly installed and working?

What is the mount point of your encrypted drive?

Strange is that already the simple unpacking of the cups-browsed package causes the prompt. All files of the package are in system locations.

I have no idea whether it is installed and working! :-(

Mount point: /media/molly/enc1

A package never tries to access something like /media/molly/enc1 when installing. It seems to be some coincidence or a bug in apt or so. What also gives the impression that the password prompts are not caused by the package is that after the package had finished to install and the prompt came back another password prompt appeared.

This is not a bug in the individual package (cups). Nor is it a bug in the package manager (apt, update-manager) or in cryptsetup: none of these packages are generating this prompt.

The only package which handles cryptsetup prompting when booting with systemd is systemd itself. Reassigning.

Note that if you want to avoid all boot prompting for this device you should use the 'noauto' option for it in /etc/crypttab. However, systemd is still doing something un-clever here and that should be fixed.

This sounds like a duplicate of one of the ecryptfs-setup-swap bugs. Can you please copy&paste the output of the following commands:

  cat /etc/fstab
  cat /etc/crypttab
  sudo blkid

Thanks!

Coincidentally, today as the machine was starting up I saw a password request flash up on tty7 (the graphical interface) between the screen changing from black to colour and before the login manager was displayed.

Never noticed that in the 10 weeks the the encrypted partition has been installed.

Output of commands is as follows:

===================
cat /etc/scftab
UUID=a7ec58a8-8bcd-4e03-b380-a49a0dd82884 / ext4 errors=remount-ro 0 1
/dev/md0 /data ext4 defaults 0 0

/dev/disk/by-uuid/37e1f51f-a028-48ab-890f-c4477abf97a9 /media/molly/enc1 auto nosuid,nodev,nofail,noexec,user 0 0

 =================
cat /etc/crypttab
# <target name> <source device> <key file> <options>
luks-sda5 UUID=b882f339-5b12-4a5f-9ff5-88ae4f268a44 none nofail

 =================
sudo blkid
/dev/sda1: UUID="a7ec58a8-8bcd-4e03-b380-a49a0dd82884" TYPE="ext4" PARTUUID="0007ff10-01"
/dev/sda5: UUID="b882f339-5b12-4a5f-9ff5-88ae4f268a44" TYPE="crypto_LUKS" PARTUUID="0007ff10-05"
/dev/sdb1: UUID="d359b975-5de8-f828-fcc7-0993cc19e4ba" UUID_SUB="14403c39-4f34-4d86-1838-04cb02a3da7e" LABEL="molly:0" TYPE="linux_raid_member" PARTUUID="df7318c0-01"
/dev/sdc1: UUID="d359b975-5de8-f828-fcc7-0993cc19e4ba" UUID_SUB="dc1204f2-2dfe-9a21-f63e-e9dfd3430081" LABEL="molly:0" TYPE="linux_raid_member" PARTUUID="da4827b0-01"
/dev/sdd1: UUID="d359b975-5de8-f828-fcc7-0993cc19e4ba" UUID_SUB="ad15845d-c978-000a-1048-e6956508f2a7" LABEL="molly:0" TYPE="linux_raid_member" PARTUUID="f668aaf9-01"
/dev/md0: UUID="c7666242-e844-47e5-ab8f-1c09c207d879" TYPE="ext4"
/dev/zram0: UUID="ab2358f5-ca32-497d-a643-1e88477a94ab" TYPE="swap"
/dev/zram1: UUID="c8745370-2a23-4e7e-a5e4-e81cdc6d27fe" TYPE="swap"
/dev/zram2: UUID="d9366f7f-62f3-43b4-a9d1-ec6f317e9cc3" TYPE="swap"
/dev/zram3: UUID="9e96ead1-906f-4d9c-be4a-706bffb4641d" TYPE="swap"
molly@molly:~$

 =================

Regarding the message during start up, which may be a different issue, here is a snippet from my log file:

Aug 30 10:39:01 molly CRON[1620]: (root) CMD ( [ -x /usr/lib/php5/sessionclean ] && /usr/lib/php5/sessionclean)
Aug 30 10:39:20 molly systemd[1]: Job dev-disk-by\x2duuid-37e1f51f\x2da028\x2d48ab\x2d890f\x2dc4477abf97a9.device/start timed out.
Aug 30 10:39:20 molly systemd[1]: Timed out waiting for device dev-disk-by\x2duuid-37e1f51f\x2da028\x2d48ab\x2d890f\x2dc4477abf97a9.device.
Aug 30 10:39:20 molly systemd[1]: Dependency failed for /media/molly/enc1.
Aug 30 10:39:20 molly systemd[1]: Job media-molly-enc1.mount/start failed with result 'dependency'.
Aug 30 10:39:20 molly systemd[1]: Job dev-disk-by\x2duuid-37e1f51f\x2da028\x2d48ab\x2d890f\x2dc4477abf97a9.device/start failed with result 'timeout'.
Aug 30 10:39:20 molly systemd[1]: Job dev-mapper-luks\x2dsda5.device/start timed out.
Aug 30 10:39:20 molly systemd[1]: Timed out waiting for device dev-mapper-luks\x2dsda5.device.
Aug 30 10:39:20 molly systemd[1]: Dependency failed for Cryptography Setup for luks-sda5.
Aug 30 10:39:20 molly systemd[1]: Job systemd-cryptsetup@luks\x2dsda5.service/start failed with result 'dependency'.
Aug 30 10:39:20 molly systemd[1]: Startup finished in 9.936s (kernel) + 1min 30.372s (userspace) = 1min 40.308s.
Aug 30 10:39:20 molly systemd[1]: Job dev-mapper-luks\x2dsda5.device/start failed with result 'timeout'.

/dev/disk/by-uuid/37e1f... does not exist (for /media/molly/enc1), so I suppose this is the UUID of the unencrypted LUKS partition whose encrypted one is b882f3. This one does exist in blkid, but apparently was never unlocked at boot. Did you get asked for the passphrase of luks-sda5 at boot? If so, did you not enter the passphrase deliberately? If not, this is a bug indeed. After a clean boot, can you please do

  sudo journalctl -b > /tmp/journal.txt

and attach /tmp/journal.txt here?

output of journalctl -b attached.
FYI, I ran the command before graphical log in.

Running software updates today has resulted in a password request whilst installing irqbalance.

I pressed enter (i.e. do not enetr password) on the request from irqbalance, I then get requests from apport, thermald, apport again (setting up), network-manager (setting up), thermald (setting up).

I do not enter the password for any of these.
As far as I can tell the software updates all processed successfully.

I've seen the prompt on two different machines now. Both machines have two encrypted disks, one encrypted with a passphrase, the other encrypted with a key file stored on the first disk.
I only seem to get the prompt for containers encrypted with a key file (<key file> in /etc/crypttab is not "none").

This is now working correctly for me in Ubuntu 15.10.

[Expired for systemd (Ubuntu) because there has been no activity for 60 days.]