Preseeding encrypted lvm fails instead of asking for password

Bug #1386131 reported by Dariusz Gadomski on 2014-10-27
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ubiquity (Ubuntu)
Medium
Mathieu Trudel-Lapierre
Trusty
Medium
Mathieu Trudel-Lapierre

Bug Description

[Impact]
Ubuntu installations, even using the graphical installer, are often scripted in order to reduce the burden on administrators. With the increasing importance of security now in enterprise environments, scripted installations may be used to set up fully-encrypted desktop systems, which in the end need to be fed a custom password for full-disk encryption; by the end user or otherwise, which may need to explicitly not be scripted.

[Test case]
Use the included preseed file: one could customize a CD to include it in preseed/.
1 - Boot on the CD
2 - Press F6 to see the full command-line
3 - Edit the command-line to point to the custom preseed
4 - Add "only-ubiquity automatic-ubiquity" to boot in the installer, set up for automatic install.
5 - Start the system by hitting the Enter key.

The installation should complete succesfully. Without the patch, it will crash, and show an error message repeatedly.

[Regression Potential]
This affects the encryption page of the installer only, so could cause issues in the rendering of that page, or cause properly-scripted encryption settings to be missing in case of a regression.

--

I was trying to preseed creating encrypted lvm for enabling unattended installation with ubiquity 2.18.8.2 (in trusty).

The encryption password has NOT been preseeded. I was expecting a UI with a password prompt.

The installation fails before partitioning with a message box:
"Keyfile creation failed. An error occurred while creating the keyfile."

ProblemType: Bug
DistroRelease: Ubuntu 14.10
Package: ubiquity (not installed)
ProcVersionSignature: Ubuntu 3.16.0-23.31-generic 3.16.4
Uname: Linux 3.16.0-23-generic x86_64
ApportVersion: 2.14.7-0ubuntu8
Architecture: amd64
CurrentDesktop: Unity
Date: Mon Oct 27 11:05:16 2014
SourcePackage: ubiquity
UpgradeStatus: No upgrade log present (probably fresh install)

This issue is similar to #1386113 but the cause it different, because the patch provided for the other issue does not fix this problem.

Related branches

Dariusz Gadomski (dgadomski) wrote :
Colin Watson (cjwatson) wrote :

I looked at popping up a separate dialog here, but I think that's going to involve an unreasonable amount of code duplication. I think the right answer here is probably to detect the situation and present the user with the usual automatic partitioning page, but with the relevant preseeded entries filled in and just the password entry boxes left blank. This is still going to be some work to get right.

Changed in ubiquity (Ubuntu):
status: New → Triaged
importance: Undecided → Medium

I have a small patch that seems to do the trick at least for the preseeded install so far, and doesn't appear to be breaking the non-preseeded case. It's written for trusty for now, so I'll first need to adapt it to vivid and spend more time testing it before we can look into a SRU for the fix.

Changed in ubiquity (Ubuntu):
status: Triaged → In Progress
assignee: nobody → Mathieu Trudel-Lapierre (mathieu-tl)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubiquity - 2.21.8

---------------
ubiquity (2.21.8) vivid; urgency=medium

  * Automatic update of included source packages: grub-installer
    1.78ubuntu24, partman-auto 118ubuntu5, partman-efi 62ubuntu1.
  * ubiquity/plugins/ubi-partman.py: allow prompting for a missing passphrase
    on preseeded installs, if they are requesting to setup crypto.
    (LP: #1386131)
  * Add a fallback for a Greybird-themed background for the panel, for Xubuntu.
    Thanks to Simon Steinbeiß for the patch.
 -- Mathieu Trudel-Lapierre <email address hidden> Wed, 04 Feb 2015 16:49:35 -0500

Changed in ubiquity (Ubuntu):
status: In Progress → Fix Released
Changed in ubiquity (Ubuntu Trusty):
status: New → Triaged
importance: Undecided → Medium
assignee: nobody → Mathieu Trudel-Lapierre (mathieu-tl)
description: updated
Changed in ubiquity (Ubuntu Trusty):
status: Triaged → In Progress

Hello Dariusz, or anyone else affected,

Accepted ubiquity into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/ubiquity/2.18.8.8 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in ubiquity (Ubuntu Trusty):
status: In Progress → Fix Committed
tags: added: verification-needed

Here's a preseed file I've used to verify the fix here before uploading the SRU: http://people.ubuntu.com/~mathieu-tl/preseed/crypto.cfg

Dariusz Gadomski (dgadomski) wrote :

Hello Mathieu,

I find it partially working with that config. It prompts for the password correctly, however I get an error:
"No modifications can be made to the device Encrypted volume (sda5_crypt) for the following reasons:
In use by LVM volume group crypt".

Will attach logs.

Dariusz Gadomski (dgadomski) wrote :
Dariusz Gadomski (dgadomski) wrote :
Dariusz Gadomski (dgadomski) wrote :

I have used the trusty-proposed repo and was testing it on a trusty iso.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubiquity - 2.18.8.8

---------------
ubiquity (2.18.8.8) trusty; urgency=medium

  * ubiquity/plugins/ubi-partman.py: allow prompting for a missing passphrase
    on preseeded installs, if they are requesting to setup crypto.
    (LP: #1386131)
  * Go forward rather than back in response to partman-crypto/passphrase and
    partman-crypto/passphrase-again questions if the UI is not available but
    they have been preseeded (LP: #1386113).
 -- Mathieu Trudel-Lapierre <email address hidden> Tue, 10 Mar 2015 22:29:37 -0400

Changed in ubiquity (Ubuntu Trusty):
status: Fix Committed → Fix Released
tags: added: amd64 utopic
removed: verification-needed
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers