initrd does not contain conf/conf.d/cryptroot file for encrypted root

Bug #317442 reported by Shiv V on 2009-01-15
6
Affects Status Importance Assigned to Milestone
cryptsetup (Ubuntu)
Undecided
Unassigned

Bug Description

Binary package hint: cryptsetup

Ubuntu Jaunty amd64, cryptsetup 2:1.0.6-7ubuntu1, initramfs-tools 0.92bubuntu18, udev 136-4

I have an encrypted root so the initrd has to decrypt it during boot. Previously, initrds generated with initramfs-tools had a conf/conf.d/cryptroot file containing information parsed from /etc/crypttab relating to the device containing the root filesystem. This file is not being generated after the update from 2:1.0.6-6ubuntu2.1 -> 2:1.0.6-7ubuntu1. I tracked it down to the file /usr/share/initramfs-tools/hooks/cryptroot which is called by mkinitramfs/update-initramfs. The code here looks in /etc/fstab to find the root device (UUID=<uuid> in my case). It then tries to determine the relevant device node by looking at /dev/disk/by-uuid/<uuid>, which points to /dev/md-<number>. I'm guessing this used to point to /dev/mapper/<name> instead because the code ignores UUIDs which do not point to /dev/mapper/<name>.

Changing /dev/disk/by-uuid/ab1bfbaf-30f7-4319-bdc0-ab45fd007b5c -> ../../dm-5
to /dev/disk/by-uuid/ab1bfbaf-30f7-4319-bdc0-ab45fd007b5c -> ../../mapper/root

fixes the issue and this was not necessary before the update. I noticed udev rules have changed some in the last update. Could that be the source of the issue?

Shiv V (svenkata) wrote :

Despite there being a NAME="mapper/$env{DM_NAME}" rule in /lib/udev/rules.d/65-dmsetup.rules, udevadm test /devices/virtual/block/dm-5 either does not get to it or does not apply it. Instead I get:
[ ... snip ... ]
udev_event_execute_rules: no node name set, will use kernel name 'dm-5'
[ ... snip ... ]

Shiv V (svenkata) wrote :

I took a look at all the rules in /lib/udev/rules.d and noticed that every 'NAME=' assignment is preceeded by a conditional (e.g. KERNEL== or SUBSYSTEM==). Adding a conditional seems to make the rule apply. Here's what I did:

--- a/lib/udev/rules.d/65-dmsetup.rules 2009-01-09 06:02:58.000000000 -0800
+++ b/lib/udev/rules.d/65-dmsetup.rules 2009-01-15 10:55:14.000000000 -0800
@@ -11,7 +11,8 @@
 ENV{DM_NAME}=="temporary-cryptsetup-*", OPTIONS="ignore_device"

 # Make the device take the /dev/mapper name
-OPTIONS+="string_escape=none", NAME="mapper/$env{DM_NAME}"
+#KERNEL=="dm-*", OPTIONS+="string_escape=none", NAME="mapper/$env{DM_NAME}"
+KERNEL=="dm-*", NAME="mapper/$env{DM_NAME}"
 SYMLINK+="disk/by-id/dm-name-$env{DM_NAME}"
 ENV{DM_UUID}=="?*", SYMLINK+="disk/by-id/dm-uuid-$env{DM_UUID}"

The weird thing is that it would not work with OPTIONS+=... even with KERNEL==... I don't understand this at all but udevadm test now applies the NAME rule. Perhaps I should poke around in the udev source

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers