2015-05-02 13:10:27 |
Jani Uusitalo |
bug |
|
|
added bug |
2015-05-02 13:11:22 |
Jani Uusitalo |
bug watch added |
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618862 |
|
2015-05-02 13:11:22 |
Jani Uusitalo |
bug task added |
|
systemd (Debian) |
|
2015-05-02 13:15:12 |
Jani Uusitalo |
description |
The setup for unlocking an encrypted volume using (only) a keyfile (on a detachable USB drive) usually calls for a keyscript to be specified as one of the encrypted volume's options. But with systemd, such encrypted volumes can only be unlocked during boot by typing in a passphrase.
Steps to reproduce:
1. Have a LUKS encrypted volume.
2. Have said volume specified in /etc/crypttab, with keyscript= option pointing to your script for outputting the unlocking key.
3. Boot.
What I expect to happen:
To have the volume unlocked by the script at boot time without manual intervention.
What happens instead:
Plymouth shows a prompt to enter a valid passphrase for the volume.
Workarounds:
Apparently the options for unlocking encrypted drives, including keyscript, can also be specified at the kernel command-line, without crypttab, and according to yaantc at Hacker News [1] this can be used to work around the issue. I haven't personally tried this.
* [1] https://news.ycombinator.com/item?id=8477913
ProblemType: Bug
DistroRelease: Ubuntu 15.04
Package: systemd 219-7ubuntu4
ProcVersionSignature: Ubuntu 3.19.0-15.15-generic 3.19.3
Uname: Linux 3.19.0-15-generic x86_64
ApportVersion: 2.17.2-0ubuntu1
Architecture: amd64
CurrentDesktop: Unity
Date: Sat May 2 15:39:07 2015
InstallationDate: Installed on 2014-10-18 (196 days ago)
InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Alpha amd64 (20140923)
MachineType: ASUSTeK COMPUTER INC. UX32A
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.19.0-15-generic.efi.signed root=UUID=2185885c-b860-49a8-973f-fa3b52d3eecf ro quiet splash vt.handoff=7
SourcePackage: systemd
UpgradeStatus: Upgraded to vivid on 2015-04-23 (8 days ago)
dmi.bios.date: 01/29/2013
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: UX32A.214
dmi.board.asset.tag: ATN12345678901234567
dmi.board.name: UX32A
dmi.board.vendor: ASUSTeK COMPUTER INC.
dmi.board.version: 1.0
dmi.chassis.asset.tag: No Asset Tag
dmi.chassis.type: 10
dmi.chassis.vendor: ASUSTeK COMPUTER INC.
dmi.chassis.version: 1.0
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrUX32A.214:bd01/29/2013:svnASUSTeKCOMPUTERINC.:pnUX32A:pvr1.0:rvnASUSTeKCOMPUTERINC.:rnUX32A:rvr1.0:cvnASUSTeKCOMPUTERINC.:ct10:cvr1.0:
dmi.product.name: UX32A
dmi.product.version: 1.0
dmi.sys.vendor: ASUSTeK COMPUTER INC. |
The setup for unlocking an encrypted volume during boot using (only) a keyfile (on a detachable USB drive) usually calls for a keyscript to be specified as one of the encrypted volume's options. But with systemd, such encrypted volumes can only be unlocked during boot by typing in a passphrase.
Steps to reproduce:
1. Have a LUKS encrypted volume.
2. Have said volume specified in /etc/crypttab, with keyscript= option pointing to your script for outputting the unlocking key.
3. Boot.
What I expect to happen:
To have the volume unlocked by the script at boot time without manual intervention.
What happens instead:
Plymouth shows a prompt to enter a valid passphrase for the volume.
Workarounds:
Apparently the options for unlocking encrypted drives, including keyscript, can also be specified at the kernel command-line, without crypttab, and according to yaantc at Hacker News [1] this can be used to work around the issue. I haven't personally tried this.
* [1] https://news.ycombinator.com/item?id=8477913
ProblemType: Bug
DistroRelease: Ubuntu 15.04
Package: systemd 219-7ubuntu4
ProcVersionSignature: Ubuntu 3.19.0-15.15-generic 3.19.3
Uname: Linux 3.19.0-15-generic x86_64
ApportVersion: 2.17.2-0ubuntu1
Architecture: amd64
CurrentDesktop: Unity
Date: Sat May 2 15:39:07 2015
InstallationDate: Installed on 2014-10-18 (196 days ago)
InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Alpha amd64 (20140923)
MachineType: ASUSTeK COMPUTER INC. UX32A
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.19.0-15-generic.efi.signed root=UUID=2185885c-b860-49a8-973f-fa3b52d3eecf ro quiet splash vt.handoff=7
SourcePackage: systemd
UpgradeStatus: Upgraded to vivid on 2015-04-23 (8 days ago)
dmi.bios.date: 01/29/2013
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: UX32A.214
dmi.board.asset.tag: ATN12345678901234567
dmi.board.name: UX32A
dmi.board.vendor: ASUSTeK COMPUTER INC.
dmi.board.version: 1.0
dmi.chassis.asset.tag: No Asset Tag
dmi.chassis.type: 10
dmi.chassis.vendor: ASUSTeK COMPUTER INC.
dmi.chassis.version: 1.0
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrUX32A.214:bd01/29/2013:svnASUSTeKCOMPUTERINC.:pnUX32A:pvr1.0:rvnASUSTeKCOMPUTERINC.:rnUX32A:rvr1.0:cvnASUSTeKCOMPUTERINC.:ct10:cvr1.0:
dmi.product.name: UX32A
dmi.product.version: 1.0
dmi.sys.vendor: ASUSTeK COMPUTER INC. |
|
2015-05-02 13:19:25 |
Bug Watch Updater |
systemd (Debian): status |
Unknown |
Confirmed |
|
2015-05-02 14:40:03 |
Launchpad Janitor |
systemd (Ubuntu): status |
New |
Confirmed |
|
2015-05-02 15:01:33 |
Martin Pitt |
systemd (Ubuntu): status |
Confirmed |
Triaged |
|
2015-05-02 15:01:43 |
Martin Pitt |
summary |
keyscript option in crypttab ignored |
keyscript option in crypttab not implemented |
|
2015-05-03 17:05:25 |
Alberto Salvia Novella |
systemd (Ubuntu): importance |
Undecided |
Medium |
|
2015-05-03 17:06:36 |
Alberto Salvia Novella |
marked as duplicate |
|
1432265 |
|
2015-05-03 17:06:59 |
Alberto Salvia Novella |
bug |
|
|
added subscriber Martin Pitt |
2015-05-05 05:15:29 |
Martin Pitt |
removed duplicate marker |
1432265 |
|
|
2015-05-05 14:33:34 |
André Colomb |
bug |
|
|
added subscriber André Colomb |
2015-08-31 00:51:04 |
TJ |
bug |
|
|
added subscriber TJ |
2016-03-20 22:40:33 |
Julien Bonjean |
bug |
|
|
added subscriber Julien Bonjean |
2016-07-10 21:42:54 |
Soqaris |
bug |
|
|
added subscriber Soqaris |
2016-10-18 19:42:35 |
Ryan Castellucci |
bug |
|
|
added subscriber Ryan Castellucci |
2017-02-18 12:55:23 |
Arthur Blair |
bug |
|
|
added subscriber Arthur Blair |
2018-01-02 16:30:32 |
Martin |
bug |
|
|
added subscriber Martin |
2019-02-19 02:58:00 |
Andy Sayler |
bug |
|
|
added subscriber Andy Sayler |
2019-05-21 11:41:00 |
Albert Zak |
bug |
|
|
added subscriber Albert Zak |
2021-06-30 19:25:14 |
Dan Streetman |
systemd (Ubuntu): status |
Triaged |
Invalid |
|
2021-09-26 13:35:10 |
Bug Watch Updater |
systemd (Debian): status |
Confirmed |
Fix Released |
|