[18.04] Installation boot failure. WARNING: invalid line in /etc/crypttab
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cryptsetup |
In Progress
|
Undecided
|
Unassigned | ||
cryptsetup (Ubuntu) |
Incomplete
|
Critical
|
Unassigned |
Bug Description
I worked with "TJ-" on Ubuntu IRC (#ubuntu) on April 27th in order to debug this. On a new Ubuntu 18.04 installation, it is not possible to decrypt the volume when it's installed on an NVMe device with the encryption selected. Changing the device-mapper name to the luks-$UUID format apparently did something to correct it, but there's still something else going on.
--- update from Tj ---
Dylan repeatedly installed 18.04 Desktop setting up F.D.E. with (originally) a complex passphrase but later also a simple (all ASCII) phrase.
At boot-time the installed system fails to unlock the device during initial ramdisk processing, getting stuck in a loop and seemingly never dropping to the shell for user diagnosis and correction.
Original messages (copied from the attached photo):
Please unlock disk nvme0n1p3_crypt: <--- types passphrase
Volume group "ubuntu-vg" not found
Cannot process volume group ubuntu-vg
device-mapper: reload ioctl on failed: invalid argument <--- note multiple space gap
Failed to setup dm-crypt key mapping for device /dev/disk/
Check that kernel supports aes-xts-plain64 cipher (check syslog for more info).
The volume is accessible from the Try Ubuntu session (unlocks correctly).
My [Tj] suspicion was a keyboard mapping issue or initrd.img missing required kernel modules for cryptographic functions.
We used a chroot environment to investigate and added "set -x" to the start of /usr/share/
update-initramfs -uv |& tee /tmp/uir.log
The resulting log (see attached 'broken' log) shows the warning in the title of this bug twice and the root device ignored as far as configuring the initrd.img goes:
WARNING: invalid line in /etc/crypttab
Analysing the log of the shell commands shows an awk command failing to recognise the sole crypttab entry because it is expecting the device-mapper name format to be "luks-${UUID}" not "nvme0n1p3_crypt".
Dylan made a back-up then changed the entry to use the seemingly correct name format and rebuilt the initrfd.img (see attached 'working' log). There is no warning now and the cryptroot hook goes ahead and adds kernel modules and tooling to the initrd.img.
The system still fails to boot but with different messages:
Please unlock device luks-98c2ce02-
[ timestamp ] device-mapper: table: 253:0: crypt: unknown target type
device-mapper: reload ioctol on failed: Invalid argument
Failed to setup dm-crypt key mapping for device /dev/disk/
Check that kernel supports aes-xts-plain64 cipher (check syslog for more info).
cryptsetup (luks-98c2ce02-
Changed in cryptsetup (Ubuntu): | |
status: | New → In Progress |
assignee: | nobody → TJ (tj) |
importance: | Undecided → Critical |
summary: |
- WARNING: invalid line in /etc/crypttab + [18.04] Installation boot failure. WARNING: invalid line in + /etc/crypttab |
description: | updated |
description: | updated |
tags: | added: id-5bb295aa6470a80a24501f0f |
Changed in cryptsetup: | |
assignee: | TJ (tj) → nobody |
Changed in cryptsetup (Ubuntu): | |
assignee: | TJ (tj) → nobody |
My usual passphrase is something complex similar to "--[-Word# Word.A# More#Words* 123*Word- ]--", with all of those symbols included, but with the passphrase abcdefg12, I still hit this issue.
Devices: https:/ /paste. ubuntu. com/p/QMSmBgtnD 9/ /paste. ubuntu. com/p/5NSRGqJHY 5/ /paste. ubuntu. com/p/cP6Cj8W59 j/
fstab: https:/
logs from "update-initramfs -vu -k 4.15.0-20-generic |& tee /tmp/uir.log" https:/