15.10beta crashes encrypted swap partition
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
systemd (Ubuntu) |
Won't Fix
|
High
|
Unassigned |
Bug Description
Hi,
I'm usually using a setup with three partitions on a disk
Partition 1: plain ext4 boot partition mounted on /boot
Partition 2: luks-encrypted swap
Partition 3: luks-encrypted btrfs for / /home ...
both mentioned in /etc/crypttab like
sda2_crypt UUID=a7976d5c-
sda3_crypt UUID=339b9a90-
With several machines I have installed 15.10 beta on and in several cases I experienced the problem that the swap is not activated at boot time and that /dev/disks/by-uuid does not contain a link to the swap partition, and the previously created luks-encrypted swap is destroyed after boot: It is not a luks partition anymore and filled with random (presumably encrypted) bytes without structure.
I first thought that this is a problem of the setup process, and repaired the swap manually. But then I found the partition destroyed again. This happend several times on several machines.
I am not sure yet what exactly would destroy the partition.
ProblemType: Bug
DistroRelease: Ubuntu 15.10
Package: cryptsetup 2:1.6.6-5ubuntu2
ProcVersionSign
Uname: Linux 4.2.0-16-generic x86_64
ApportVersion: 2.19.1-0ubuntu2
Architecture: amd64
CurrentDesktop: XFCE
Date: Wed Oct 14 18:12:58 2015
InstallationDate: Installed on 2015-10-08 (5 days ago)
InstallationMedia: Xubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20150924)
SourcePackage: cryptsetup
UpgradeStatus: No upgrade log present (probably fresh install)
crypttab:
sda2_crypt UUID=a7976d5c-
sda3_crypt UUID=339b9a90-
Changed in systemd (Ubuntu): | |
status: | Incomplete → New |
Changed in systemd (Ubuntu): | |
assignee: | Martin Pitt (pitti) → nobody |
Changed in systemd (Ubuntu): | |
status: | Confirmed → Won't Fix |
The systemd package has taken over the handling of /etc/crypttab at boot from cryptsetup (without much coordination AFAICS), and it sounds like its interpretation of the crypttab is buggy.
"swap" is not synonymous with "random", and should not result in the device being clobbered, which is what is happening here. In particular, encrypted persistent swap needs to be supportable for users who wish to use this for suspend to disk, and this requires a LUKS header (with UUID).
Note however that for this use case, you *also* don't actually want to use 'swap' as an option in /etc/crypttab, because this is defined as "Run mkswap on the created device", and there's no need to do that if you have a persistent crypted swap.