touch-packages team mailing list archive

Thread
Date
[Bug 1453912] Re: systemd does not unlock dm-crypt password

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Bob Ziuchkovski <1453912@xxxxxxxxxxxxxxxxxx>
Date: Sat, 26 Dec 2015 17:31:08 -0000
Reply-to: Bug 1453912 <1453912@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
I can confirm the exact same behavior: if /etc/crypttab has entries for
non-root devices, then the only way to unlock with a password is to
force plymouth to run with the "splash" boot option.

I've been trying to test luks-encrypted data volumes (non-root) on
ubuntu-server and have hit this problem for 15.04, 15.10, and 16.04
daily...basically ever since the switch to systemd.  Worse, adding
"splash" doesn't actually resolve the problem on ubuntu-server...perhaps
due to a broken/incomplete plymouth install?

I ended up testing ubuntu-desktop 15.10 on a whim with "splash" and that
was the first time I was able to enter the password to unlock the
devices.

It seems like this is a problem with the systemd-ask-password-console
service.  I've tried to test the theory by creating an extremely simple
"oneshot" service script that requires systemd-ask-password-console and
runs "/bin/systemd-ask-password --no-tty 'Test'".  I've tried all manner
of systemd service options and I can't for the life of me get systemd-
ask-password-console to prompt for a password.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1453912

Title:
  systemd does not unlock dm-crypt password

Status in systemd package in Ubuntu:
  New

Bug description:
  Since upgrading from version 14.10 to Kubuntu 15.04, my system does
  not boot normally any more.

  Maybe it's only a stupid oversight on my part, but not being a systemd
  pro, I'm currently at a loss of how to debug this any further.

  Hints and pointers to appropriate documentation are welcome!

  Kubuntu 15.04 quickly boots to a specific point where it seems to try
  to enable a dm-crypt partition which also carries /home, beside other
  data, and simply stalls.

  I'm not asked to enter my crytpdisk password and I also cannot enter
  it blindly without being asked.

  You can see the point where it stalls in the attached "screenshot"
  (photo of my screen).

  I can then press Ctrl+Alt+Del to cleanly restart the system but I
  could not find a way to get beyond this point with systemd.

  Using the alternative boot option with upstart works flawlessly.
  (Although booting with this boot option is really slow and it takes a
  while to reach the graphical login screen - it basically looks as if
  the system is waiting for some name resolving timeouts during boot,
  but that's a different issue, if've not debugged it further and maybe
  it's just gone once systemd works to boot my machine.)

  Further info about my setup:

  $ cat /etc/crypttab                                                                                                
  crypt /dev/mapper/main-cryptstore none luks,noearly,discard  

  $ mount | egrep crypt
  /dev/mapper/crypt on /mnt/crypt type ext4 (rw,relatime,data=ordered)
  /dev/mapper/crypt on /home type ext4 (rw,relatime,data=ordered)
  /dev/mapper/crypt on /var/lib/mysql type ext4 (rw,relatime,data=ordered)

  Here the first entry is the actual mount point while the other mount
  points are bind mounts:

  $ cat /etc/fstab | egrep crypt
  /dev/mapper/crypt       /mnt/crypt      ext4    defaults        0       2                                                           
  /mnt/crypt/home                 /home           none    bind    0       0                                                           
  /mnt/crypt/var_lib_mysql        /var/lib/mysql  none    bind    0       0

  ProblemType: Bug
  DistroRelease: Ubuntu 15.04
  Package: systemd 219-7ubuntu4
  ProcVersionSignature: Ubuntu 3.19.0-16.16-generic 3.19.3
  Uname: Linux 3.19.0-16-generic x86_64
  ApportVersion: 2.17.2-0ubuntu1
  Architecture: amd64
  CurrentDesktop: KDE
  Date: Mon May 11 20:28:18 2015
  MachineType: Sony Corporation SVS13A3W9ES
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-3.19.0-16-generic root=/dev/mapper/main-root ro quiet init=/sbin/upstart
  SourcePackage: systemd
  SystemdDelta:
   [EXTENDED]   /lib/systemd/system/systemd-timesyncd.service -> /lib/systemd/system/systemd-timesyncd.service.d/disable-with-time-daemon.conf
   
   1 overridden configuration files found.
  UpgradeStatus: Upgraded to vivid on 2015-04-28 (13 days ago)
  dmi.bios.date: 03/13/2013
  dmi.bios.vendor: Insyde Corp.
  dmi.bios.version: R1021C8
  dmi.board.asset.tag: N/A
  dmi.board.name: VAIO
  dmi.board.vendor: Sony Corporation
  dmi.board.version: N/A
  dmi.chassis.asset.tag: N/A
  dmi.chassis.type: 10
  dmi.chassis.vendor: Sony Corporation
  dmi.chassis.version: N/A
  dmi.modalias: dmi:bvnInsydeCorp.:bvrR1021C8:bd03/13/2013:svnSonyCorporation:pnSVS13A3W9ES:pvrC60BRBTW:rvnSonyCorporation:rnVAIO:rvrN/A:cvnSonyCorporation:ct10:cvrN/A:
  dmi.product.name: SVS13A3W9ES
  dmi.product.version: C60BRBTW
  dmi.sys.vendor: Sony Corporation

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1453912/+subscriptions
References

[Bug 1453912] [NEW] systemd does not allow to boot with /home on dm-crypt
From: Gunter Ohrner, 2015-05-11