touch-packages team mailing list archive

Thread
Date
[Bug 1447282] Re: Prompted for cryptoswap passphrase when using GPT partitioning + encrypted home directory (ecrptfs)

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Jason Gerard DeRose <jason@xxxxxxxxxxxx>
Date: Wed, 22 Apr 2015 18:17:41 -0000
Reply-to: Bug 1447282 <1447282@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Info from fstab, crypttab, and journalctl:

$cat /etc/fstab 
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system>  <mount point>  <type>  <options>  <dump>  <pass>

# /dev/sda2
UUID=e6c5aea5-d57c-410d-abce-66e96175e946  /  ext4  noatime,errors=remount-ro  0  1

# /dev/sda3
#UUID=8fcddb3d-a96d-4230-9844-cf08107d73f0 none  swap  sw  0  0


$ cat /etc/crypttab 
cryptswap1 UUID=8fcddb3d-a96d-4230-9844-cf08107d73f0 /dev/urandom swap,offset=1024,cipher=aes-xts-plain64


$ journalctl | grep -i swap
Apr 22 11:34:38 jason-Kudu-Professional systemd[1]: Activating swap Swap Partition...
Apr 22 11:34:38 jason-Kudu-Professional systemd[1]: Activated swap Swap Partition.
Apr 22 11:34:38 jason-Kudu-Professional kernel: Adding 4194300k swap on /dev/sda3.  Priority:-1 extents:1 across:4194300k SSFS
Apr 22 11:34:38 jason-Kudu-Professional systemd[1]: Starting Cryptography Setup for cryptswap1...
Apr 22 11:38:31 jason-Kudu-Professional systemd[1]: systemd-cryptsetup@cryptswap1.service: main process exited, code=exited, status=1/FAILURE
Apr 22 11:38:31 jason-Kudu-Professional systemd[1]: Failed to start Cryptography Setup for cryptswap1.
Apr 22 11:38:31 jason-Kudu-Professional systemd[1]: Dependency failed for dev-mapper-cryptswap1.device.
Apr 22 11:38:31 jason-Kudu-Professional systemd[1]: Dependency failed for /dev/mapper/cryptswap1.
Apr 22 11:38:31 jason-Kudu-Professional systemd[1]: Dependency failed for Swap.
Apr 22 11:38:31 jason-Kudu-Professional systemd[1]: Job swap.target/start failed with result 'dependency'.
Apr 22 11:38:31 jason-Kudu-Professional systemd[1]: Job dev-mapper-cryptswap1.swap/start failed with result 'dependency'.
Apr 22 11:38:31 jason-Kudu-Professional systemd[1]: Job dev-mapper-cryptswap1.device/start failed with result 'dependency'.
Apr 22 11:38:31 jason-Kudu-Professional systemd[1]: Unit systemd-cryptsetup@cryptswap1.service entered failed state.
Apr 22 11:38:31 jason-Kudu-Professional systemd[1]: systemd-cryptsetup@cryptswap1.service failed.
Apr 22 11:38:31 jason-Kudu-Professional systemd[1]: Starting Cryptography Setup for cryptswap1...

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1447282

Title:
  Prompted for cryptoswap passphrase when using GPT partitioning +
  encrypted home directory (ecryptfs)

Status in systemd package in Ubuntu:
  New

Bug description:
  I'm still sorting out the details and eliminating variables, but as
  far as I can tell:

  Steps to reproduce
  ===============

  1) Install Ubuntu using GPT partitioning for the OS drive[*]

  2) Choose "require my password to login", and check "encrypt my home
  directory"

  Expected behavior
  ===============

  No special user interaction should be required to initialized the
  crytposwap other than normally logging in

  Actual behavior
  ============

  Prior to lightdm coming up, you will be prompted to enter your
  passphrase to unlock the cryptoswap, similar to how you would be
  prompted to unlock the OS drive when using full disk encryption (see
  attached photo).

  When lightdm comes up, you have to enter your password/passphrase
  again to login.

  Work-arounds
  ===========

  1) This only seems to happen when using GTP partitioning, not MBR...
  so use MBR if you can

  2) Even with GTP partitioning, booting with init=/sbin/upstart seems
  to reliably fix the problem, so it certainly seems systemd related

  Notes
  =====

  * As far as I can tell, there isn't a way to force Ubiquity to create
  a GPT partition table when the OS drive is < 2TB, but it will
  automatically use GPT partitioning when the OS drive is >= 2TB. My
  particular test was done using the System76 imaging server, which by
  default uses GPT partitioning even when the OS drive is < 2TB.

  ProblemType: Bug
  DistroRelease: Ubuntu 15.04
  Package: systemd 219-7ubuntu3
  ProcVersionSignature: Ubuntu 3.19.0-15.15-generic 3.19.3
  Uname: Linux 3.19.0-15-generic x86_64
  ApportVersion: 2.17.2-0ubuntu1
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Wed Apr 22 11:40:29 2015
  EcryptfsInUse: Yes
  MachineType: System76, Inc. Kudu Professional
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.19.0-15-generic root=UUID=e6c5aea5-d57c-410d-abce-66e96175e946 ro quiet splash vt.handoff=7
  SourcePackage: systemd
  UdevLog: Error: [Errno 2] No such file or directory: '/var/log/udev'
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 01/15/2014
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: 1.03.03RS76
  dmi.board.asset.tag: Tag 12345
  dmi.board.name: Kudu Professional
  dmi.board.vendor: System76, Inc.
  dmi.board.version: kudp1
  dmi.chassis.asset.tag: No Asset Tag
  dmi.chassis.type: 9
  dmi.chassis.vendor: System76, Inc.
  dmi.chassis.version: kudp1
  dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr1.03.03RS76:bd01/15/2014:svnSystem76,Inc.:pnKuduProfessional:pvrkudp1:rvnSystem76,Inc.:rnKuduProfessional:rvrkudp1:cvnSystem76,Inc.:ct9:cvrkudp1:
  dmi.product.name: Kudu Professional
  dmi.product.version: kudp1
  dmi.sys.vendor: System76, Inc.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1447282/+subscriptions
References

[Bug 1447282] [NEW] Prompted for cryptoswap passphrase when using GPT partitioning + encrypted home directory (ecryptfs)
From: Jason Gerard DeRose, 2015-04-22