crypttab by-id entries not processed automatically at startup despite upstart files

== Regression details ==
Discovered in version: 2:1.1.0~rc2-1ubuntu11
Last known good version: 2:1.0.6+20090405.svn49-1ubuntu7.2

I reinstalled Ubuntu with a later daily image and now the device is created at boot.
This time I installed in non-expert mode. Previously I had installed in expert mode and had selected to create a custom initrd. What is the default initrd type for the non-expert install? If it is the more inclusive 'generic' initrd, that may explain the problem.

What exactly was the option letting you select a custom initrd? This doesn't seem to be a question that comes from the initramfs-tools package.

After reinstall, did you use the same syntax in /etc/crypttab? I think the issue here is that the cryptdisks-udev job handles UUID=, LABEL=, or /dev/sd* as source devices, but is not configured to handle /dev/disk/by-id. So this device will only be brought up if it's caught by the cryptdisks-enable catch-all job, which is racy.

(I don't consider this incomplete, the question about initramfs selection is most likely orthogonal to cryptsetup not supporting /dev/disk/by-uuid syntax)

On Sun, 2010-02-21 at 18:55 +0000, Steve Langasek wrote:
> (I don't consider this incomplete, the question about initramfs
> selection is most likely orthogonal to cryptsetup not supporting
> /dev/disk/by-uuid syntax)
>
> ** Changed in: cryptsetup (Ubuntu)
> Status: Incomplete => New
>

http://code.google.com/p/cryptsetup/

The packaged cryptsetup in Lucid is a Release Candidate. (1.1.0-rc2)
Since then rc-3, rc-4 and the final 1.1.0 has been released.
There have been at least a dozen bugs fixed since rc-2. I suggest
upgrading the package to the final stable version. While it may not fix
any of the experienced problems, it can at the very least attempt to
rule out the actual cryptsetup package as the problem. Furthermore it
may also prevent further since that have already been fixed and the
1.1.0 is marked as stable. I would like to see this package updated.
I will be testing cryptsetup for Lucid, however I will be using
non-default modes (aes-xts-benbi). This is off topic but the XTS code
has been in the kernel for a while, and it computes test vectors
correctly. I have used XTS mode with no problems. Switching to something
that is *standardized* rather than just created to counter CBC attacks
(ESSIV) would be preferred. XTS has most likely received more attention.
It is also *standardized* in IEEE P1619. "CBC-HMAC-SHA" is also
standardized in P1619, which is similar to ESSIV algorithm. However the
ESSIV algorithm is more complex, from what i have read simple is good
for an algorithm. AES is a good choice for the default encryption
algorithm, however with the recent AES 192-256 attacks AES128 seems to
be a better choice. AES128 is faster and 128 bits more then enough
security for most peoples needs. I also have a question about the Lucid
defaults. Since hashes besides SHA1 (--hash) are now accepted will
SHA256 be used by default?

My two cents.

> This is off topic

Your entire follow-up is off-topic, this is a bug related to Ubuntu's cryptsetup upstart jobs.

I re-installed and took a screen shot of the choice about which initrd to make. (generic or custom) I hope to be able to locate it and upload it in the next few days.

The configuration file is identical. I backed it up and restored it after re-install.

My last attempt to retest this in the advanced install was hindered by grub2 bug(s).

From the description of what devices are available at boot, it sounds unfortunately inadequate for the majority of use cases for potential users:
LABEL and UUID are unavailable since they come from the FileSystem, which is still, encrypted.
The /dev/sd* devices can vary in ordering. What is sdb in one boot can be sdc the next.

So even if this bug is invalid due to being about unsupported by-id devices, it sounds like setting status to 'WishList' for support of by-id devices is ... a wish.

As far as I can recall, this always works with the non-advanced install.
I suppose that if I find out how, I can reconfigure my existing system to use a custom initrd and see whether the problem appears.

> LABEL and UUID are unavailable since they come from the FileSystem, which is still, encrypted.

No, they don't. A LUKS container also has a UUID, and I guess there's some sort of support for setting labels as well.

I found adding the line:

start on starting mountall

after the other start line in /etc/init/cryptdisks-enable.conf fixed this.

I think you probably have a different bug, then.