Configure encrypted volumes destroys existing data

Bug #420080 reported by Callum Macdonald on 2009-08-27
130
This bug affects 16 people
Affects Status Importance Assigned to Milestone
Release Notes for Ubuntu
Undecided
Colin Watson
partman-crypto (Debian)
New
Unknown
partman-crypto (Ubuntu)
Critical
Colin Watson
Natty
High
Unassigned
Oneiric
High
Colin Watson

Bug Description

Binary package hint: debian-installer

I was running Ubuntu 8.10 32-bit, with an encrypted partition and LVM. I went to install Ubuntu 9.04 64-bit, hoping to reuse the same LVM volumes, just replacing the volume for /, leaving /home and so on intact.

I fired up the 9.04 installer, got to partitioning. I chose manual, saw my two partitions listed, both marked "do not use". I activated the second partition and chose "physical volume for encryption". Now to see the data, I selected "Configure encrypted volumes". At this point a message appears asking me if I'm happy with the partitions, I choose yes, I'm asked for an encryption passphrase, I enter it, twice. At this point, I'm suspicious, I reboot to my existing 8.04 installation. My encrypted partition has been completely destroyed, there is no LVM available and no data.

The text in the installer should make it absolutely clear that when you choose yes at the "Configure encrypted volumes" option, this will destroy any encrypted data on the partition.

Thankfully I had sufficient backups. What seemed like a routine install actually destroyed all my data. :-(

Jochen Gruse (lpnet) wrote :

I wish I had found this bug report sooner... Please take a look at my workaround in
https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/285890

Quietly reinitializing the crypt partition is a release critical bug, IMHO.

Changed in debian-installer (Ubuntu):
importance: Undecided → Critical
status: New → Triaged
assignee: nobody → Canonical Foundations Team (canonical-foundations)
Brian Murray (brian-murray) wrote :

There was an email to the bug squad mailing list about this issue (https://lists.ubuntu.com/archives/ubuntu-bugsquad/2011-April/003176.html) which references a thread on the dm-crypt mailing list (http://dir.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt) where a couple of people have also lost their encrypted partitions.

Changed in debian-installer (Debian):
status: Unknown → New
Changed in debian-installer (Ubuntu Oneiric):
importance: Undecided → Critical
status: New → Triaged
Changed in debian-installer (Ubuntu Natty):
status: Triaged → Won't Fix
Changed in debian-installer (Ubuntu Oneiric):
status: Triaged → Confirmed
assignee: nobody → Evan Dandrea (ev)
milestone: none → oneiric-alpha-1
Robbie Williamson (robbiew) wrote :

I certainly can see how running into this issue is a severe issue, however we're unfortunately past both UserInterfaceFreeze [1] and DocumentationStringFreeze [2] in Natty, and while hitting this is a PITA, it doesn't impact enough of our users to warrant a freeze exception at this time. We will address this issue in Oneiric, and I have assigned and targeted the bug to ensure it.

Changed in debian-installer (Ubuntu Natty):
assignee: Canonical Foundations Team (canonical-foundations) → nobody
importance: Critical → High
Changed in debian-installer (Ubuntu Oneiric):
importance: Critical → High
Colin Watson (cjwatson) wrote :

As mentioned in the linked Debian bug, selecting "Configure encrypted volumes" ought to make it possible to use your existing encrypted volumes after entry of a passphrase, rather than merely saying "is it OK if we destroy your data?".

affects: debian-installer (Debian) → partman-crypto (Debian)
affects: debian-installer (Ubuntu) → partman-crypto (Ubuntu)
Colin Watson (cjwatson) wrote :

 * Selecting "Configure encrypted volumes" in the alternate/server installer initialises encrypted volumes from scratch, and will destroy any encrypted data that was previously present. There is no way to reuse an existing encrypted volume at installation time at the moment, although we do consider this a bug that will be fixed in a future release. (Bug:420080)

Changed in ubuntu-release-notes:
assignee: nobody → Colin Watson (cjwatson)
status: New → Fix Released
Colin Watson (cjwatson) wrote :

(release-noted)

Colin Watson (cjwatson) on 2011-06-15
Changed in partman-crypto (Ubuntu):
assignee: Canonical Foundations Team (canonical-foundations) → nobody
Changed in partman-crypto (Ubuntu Oneiric):
assignee: nobody → Evan Dandrea (ev)
Changed in partman-crypto (Ubuntu Oneiric):
milestone: oneiric-alpha-1 → oneiric-alpha-3

Retargetted to beta 1 and release noted for A3.

Changed in partman-crypto (Ubuntu Oneiric):
milestone: oneiric-alpha-3 → ubuntu-11.10-beta-1
Colin Watson (cjwatson) on 2011-08-24
Changed in partman-crypto (Ubuntu Oneiric):
assignee: Evan Dandrea (ev) → Colin Watson (cjwatson)
Colin Watson (cjwatson) on 2011-08-26
Changed in partman-crypto (Debian):
status: New → Unknown
Colin Watson (cjwatson) on 2011-08-26
Changed in partman-crypto (Ubuntu Oneiric):
status: Confirmed → In Progress
Changed in partman-crypto (Debian):
status: Unknown → New
Martin Pitt (pitti) on 2011-08-31
Changed in partman-crypto (Ubuntu):
milestone: ubuntu-11.10-beta-1 → ubuntu-11.10-beta-2
Brad Figg (brad-figg) on 2011-09-02
tags: added: rls-mgr-o-tracking
Colin Watson (cjwatson) wrote :

I'm making good progress on this, but have a little bit more to clean up before I can upload it. See:

  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529343#21

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package partman-crypto - 47ubuntu3

---------------
partman-crypto (47ubuntu3) oneiric; urgency=low

  * Add an "Activate existing encrypted volumes" option to the
    partman-crypto main menu. If selected, this searches for existing
    volumes, and for each one prompts for its passphrase and attempts to
    open it; it then returns directly to the partitioning menu (closes:
    #451535, LP: #420080).
 -- Colin Watson <email address hidden> Fri, 09 Sep 2011 14:15:32 +0100

Changed in partman-crypto (Ubuntu Oneiric):
status: In Progress → Fix Released
Jochen Gruse (lpnet) wrote :

Hi Colin,

thanks for your work on this! Unfortunately, there's a problem with the nightly alternate Kubuntu oneiric images (installer can't load kernel modules), so I can only report that yes, the "Activate existing volumes" option is there and asks for the passphrase to the existing crypto partition. Opening the partition fails because of missing modules, I presume.

I'll test the next few nightlies and will report success or failure here.

Jochen

On Mon, Sep 12, 2011 at 08:00:03AM -0000, Jochen Gruse wrote:
> thanks for your work on this! Unfortunately, there's a problem with the
> nightly alternate Kubuntu oneiric images (installer can't load kernel
> modules), so I can only report that yes, the "Activate existing volumes"
> option is there and asks for the passphrase to the existing crypto
> partition. Opening the partition fails because of missing modules, I
> presume.

Hmm. I did see something like this a while back but thought I'd fixed
it. Could you extract /var/log/syslog from the running installer after
this failure (you can use "Save debug logs" from the main menu, or else
run 'anna-install openssh-client-udeb' and then scp it somewhere) and
attach it here?

Jochen Gruse (lpnet) wrote :
Jochen Gruse (lpnet) wrote :

The last lines in the above syslog at the time that the installer says "No kernel modules were found" are

Sep 12 09:53:49 cdrom-retriever: warning: File /cdrom/dists/oneiric/main/debian-installer/binary-amd64/Packages does not exist.
Sep 12 09:53:49 cdrom-retriever: warning: File /cdrom/dists/oneiric/restricted/debian-installer/binary-amd64/Packages does not exist.
Sep 12 09:53:49 anna[6902]: WARNING **: no packages matching running kernel 3.0.0-11-generic in archive

The mentioned files "Packages" do not exist, but there are files named "Packages.gz". Is that the source of the error? The installer expecting uncompressed files or these files being erroneously compressed?

Colin Watson (cjwatson) wrote :

No, this happened because images were built with out-of-sync kernel
versions. Could you update to the images I manually rebuilt this
morning and try again?

Jochen Gruse (lpnet) wrote :

Hmm, I downloaded the image this morning. Well, I'll try again, just a mo'...

Jochen Gruse (lpnet) wrote :

Alright, the images with timestamp "12-Sep-2011 09:59" are OK! Right now the installation is running. Crypto partition was found, activated, contained LVM PV found, LVM activated. Great! I'll report back when the installation is done.

Jochen Gruse (lpnet) wrote :

There's still a problem. While installing the base system, no installable kernel was found in the configured APT sources. I've included the syslog as before.

Colin Watson (cjwatson) wrote :

Later this morning :-)

Jochen Gruse (lpnet) wrote :

Hmmm?!? There's no newer image available. I downloaded oneiric-alternate-amd64.iso from http://cdimage.ubuntu.com/kubuntu/daily/current/, the Ubuntu oneiric images are even older. Some timezone problems?

Well, doesn't really matter. I'll download the new nightly build tomorrow morning and try that image, OK? Apart from that, partitioning worked like a charm, so I'm really happy. Thanks again, Colin!

Colin Watson (cjwatson) wrote :

Our mails crossed in the post. I meant later than the one you
originally tested.

I'll have to poke the kernel people about the secondary problem you
found.

Jochen Gruse (lpnet) wrote :

Ah well, crossed mails explain it... B^)

Downloaded the current daily build (Kubuntu oneriric amd64, Timestamp "13-Sep-2011 05:20", size below 700MB, yay!). Partitioner working as expected, but still "No installable kernel found". A check from a shell shows already populated file systems below /target, so that part is definitely working. I'll try the next dailies too and will post here if successfull.

Should I open a new bug for a nonworking alternate install ISO? Is there anywhere to provide additional information like debug logs etc. if needed?

Colin Watson (cjwatson) wrote :

I've filed bug 848907 for the installation failure.

We can't quite assume that this works until we can get a complete installation, because it's important to make sure that your /etc/crypttab and /etc/fstab are correct. But the current problem is definitely unrelated to partman-crypto, as I reproduced it with a straightforward use-entire-disk installation.

Jochen Gruse (lpnet) wrote :

Sorry for the delay, but you'll get a success as an excuse! B^)

Tried Kubuntu Oneiric alternate amd64 daily, Timestamp "15-Sep-2011 05:23". Partitioner works great, Oneiric installs, reboots and runs, /etc/fstab and /etc/crypttab are correct.

Two points I'd like to address:
* /etc/fstab uses "/dev/mapper/system-root2" instead of UUID=... This works OK, but is it what you expect it to be?
* GRUB installs OK, but reports an error after update-grub run. Choosing "Continue without installing a bootloader" finishes the installation and Kubunto reboots successfully into Oneiric, i.e. GRUB works. It's really the new installation of grub as it shows the menu to choose between 11.04 and 11.10.

I didn't find a fitting bug report. Want me to open a bug for that?

Colin Watson (cjwatson) wrote :

On Thu, Sep 15, 2011 at 02:03:27PM -0000, Jochen Gruse wrote:
> Tried Kubuntu Oneiric alternate amd64 daily, Timestamp "15-Sep-2011
> 05:23". Partitioner works great, Oneiric installs, reboots and runs,
> /etc/fstab and /etc/crypttab are correct.

Fantastic, thanks!

> Two points I'd like to address:
> * /etc/fstab uses "/dev/mapper/system-root2" instead of UUID=... This
> works OK, but is it what you expect it to be?

Yes, that's intentional. That's a stable name, and we only use UUIDs
when we don't have stable names.

> * GRUB installs OK, but reports an error after update-grub run.
> Choosing "Continue without installing a bootloader" finishes the
> installation and Kubunto reboots successfully into Oneiric, i.e. GRUB
> works. It's really the new installation of grub as it shows the menu
> to choose between 11.04 and 11.10.

That indeed sounds like a bug. Please file it separately, attaching
/var/log/installer/syslog and /var/log/installer/partman.

Jochen Gruse (lpnet) wrote :

Opened bug 851704 for the GRUB problem.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.