installer in LVM mode sets up broken encrypted swap, using duplicate unencrypted swap
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
eCryptfs |
New
|
Undecided
|
Unassigned | ||
ecryptfs-utils (Ubuntu) |
Fix Released
|
High
|
Martin Pitt | ||
Trusty |
Triaged
|
Medium
|
Unassigned | ||
Utopic |
Won't Fix
|
High
|
Unassigned | ||
Vivid |
Fix Released
|
High
|
Unassigned | ||
Wily |
Fix Released
|
High
|
Martin Pitt |
Bug Description
When installing Ubuntu with "Use LVM" (but not encryption!), and "encrypt my home dir", the installer adds the original unencrypted swap to fstab. Then, ecryptfs-setup-swap keeps that, and additionally configures an encrypted swap via an UUID and without offset (which would trigger bug 953875 again!), so that you end up with *two* swap configs for one and the same partition, once unencrypted and once encrypted:
fstab:
/dev/mapper/
/dev/mapper/
crypttab:
cryptswap1 UUID=f636d7ef-
(UUID is for ubuntubuntu-
SRU TEST CASE:
--------------
- Install 15.04 with LVM (no encryption) and select "encrypt my home dir"
- Boot will ask you for a (nonexisting) passphrase for the swap partition; press Enter
- Install the update
- Reboot and verified that the bogus passphrase question is gone
- Verify that "swapon -s" has a swap partition (usually dm-2), and that /dev/mapper/
summary: |
- Keeps asking for cryptswap password when booting (GPT + LVM + encrypted - home dir) + Keeps asking for cryptswap password when booting (LVM + encrypted home + dir) |
tags: | added: systemd-boot |
summary: |
- Keeps asking for cryptswap password with using the same swap partition - encrypted and unencrypted + installer in LVM mode sets up broken encrypted swap, using duplicate + unencrypted swap |
affects: | systemd → ecryptfs |
Changed in ecryptfs-utils (Ubuntu Wily): | |
milestone: | none → ubuntu-15.07 |
Changed in ecryptfs-utils (Ubuntu Trusty): | |
milestone: | none → ubuntu-14.04.3 |
importance: | Undecided → High |
Changed in ecryptfs-utils (Ubuntu Utopic): | |
importance: | Undecided → High |
Changed in ecryptfs-utils (Ubuntu Vivid): | |
importance: | Undecided → High |
Changed in ecryptfs-utils (Ubuntu Trusty): | |
status: | New → Triaged |
Changed in ecryptfs-utils (Ubuntu Utopic): | |
status: | New → Triaged |
Changed in ecryptfs-utils (Ubuntu Vivid): | |
status: | New → Triaged |
Changed in ecryptfs-utils (Ubuntu Wily): | |
status: | Triaged → In Progress |
assignee: | nobody → Martin Pitt (pitti) |
tags: | added: patch |
Changed in ecryptfs-utils (Ubuntu Wily): | |
milestone: | ubuntu-15.07 → none |
Changed in ecryptfs-utils (Ubuntu Trusty): | |
milestone: | ubuntu-14.04.3 → ubuntu-14.04.4 |
Changed in ecryptfs-utils (Ubuntu Vivid): | |
milestone: | none → vivid-updates |
OK, so you actually have one unencrypted swap partition on an LVM LV: ubuntu- -vg-swap_ 1: UUID="bfa46f63- 6942-4d4b- b1ce-b7c3df4f38 18" TYPE="swap"
/dev/mapper/
and your /etc/fstab configures just that. But your crypttab configures an encrypted swap device which isn't in fstab:
cryptswap1 /dev/dm-1 /dev/urandom swap,cipher= aes-cbc- essiv:sha256
That's presumably what's causing the password prompt. Let's check which LV dm-1 actually is, can you please get me the output of "ls -lR /dev/mapper"? I am 95% sure it's /dev/mapper/ ubuntu- -vg-swap_ 1 and thus this swap partition is used as *both* an encrypted and unencrypted one, and the former fails because of the latter:
mei 11 07:32:36 Denny-HP systemd- cryptsetup[ 748]: Set cipher aes, mode cbc-essiv:sha256, key size 256 bits for device /dev/dm-1. cryptsetup[ 748]: Failed to activate with key file '/dev/urandom': Device or resource busy
mei 11 07:32:36 Denny-HP systemd-
So this looks like an LVM variant of bug 953875, not of bug 1447282; this looks independent of GPT.
Thanks!