[arch-general] Error message with full disk encryption
Hi, I've followed the arch wiki and deployed a full disk encrypted install. Everything works fine and am able to boot properly into the install. While trying to shutdown my system, systemd displays an error which says "systemd: stopped (with error) /dev/mapper/crypt-boot". 'crypt-boot' is the device mapper name for the encrypted boot partition. Could someone explain this. Do I need to be concerned of any data loss in the boot partition? - Solomon
On Sat, Feb 13, 2016 at 10:49 AM, PeLo L <pelo99@outlook.com> wrote:
Hi,
I've followed the arch wiki and deployed a full disk encrypted install. Everything works fine and am able to boot properly into the install. While trying to shutdown my system, systemd displays an error which says "systemd: stopped (with error) /dev/mapper/crypt-boot". 'crypt-boot' is the device mapper name for the encrypted boot partition. Could someone explain this. Do I need to be concerned of any data loss in the boot partition?
I've seen this on old and newly installed root-luks systems myself. Here it's always dm1 and I'm not sure if it's luks-root or luks-swap, but it looks like a bug in systemd or one of the units because this appeared sometime in the last 6 months or less.
On Sat, 2016-02-13 at 13:47 +0100, Carsten Mattner wrote:
On Sat, Feb 13, 2016 at 10:49 AM, PeLo L <pelo99@outlook.com> wrote:
Hi,
I've followed the arch wiki and deployed a full disk encrypted install. Everything works fine and am able to boot properly into the install. While trying to shutdown my system, systemd displays an error which says "systemd: stopped (with error) /dev/mapper/crypt-boot". 'crypt-boot' is the device mapper name for the encrypted boot partition. Could someone explain this. Do I need to be concerned of any data loss in the boot partition?
I've seen this on old and newly installed root-luks systems myself. Here it's always dm1 and I'm not sure if it's luks-root or luks-swap, but it looks like a bug in systemd or one of the units because this appeared sometime in the last 6 months or less.
I have also seen this issue come up on my system. It doesn't seem to affect anything except causing a slightly longer shutdown time. Still, would be good to see this fixed.
On Sat, Feb 13, 2016 at 4:51 PM, Yaro Kasear <yaro@marupa.net> wrote:
On Sat, 2016-02-13 at 13:47 +0100, Carsten Mattner wrote:
On Sat, Feb 13, 2016 at 10:49 AM, PeLo L <pelo99@outlook.com> wrote:
Hi,
I've followed the arch wiki and deployed a full disk encrypted install. Everything works fine and am able to boot properly into the install. While trying to shutdown my system, systemd displays an error which says "systemd: stopped (with error) /dev/mapper/crypt-boot". 'crypt-boot' is the device mapper name for the encrypted boot partition. Could someone explain this. Do I need to be concerned of any data loss in the boot partition?
I've seen this on old and newly installed root-luks systems myself. Here it's always dm1 and I'm not sure if it's luks-root or luks-swap, but it looks like a bug in systemd or one of the units because this appeared sometime in the last 6 months or less.
I have also seen this issue come up on my system. It doesn't seem to affect anything except causing a slightly longer shutdown time. Still, would be good to see this fixed.
There's also some message bus errors on shutdown that are intermittent, but even though it may sounds stupid, I've grown to ignore systemd shutdown and startup issues for the most part, because they happen occasionally and sometimes they don't. Nothing to write home about, just growing pains or Kinderkrankheiten as they say in Germany :).
El 13/02/2016 a las 4:49 a. m., PeLo L escribió:
Hi,
I've followed the arch wiki and deployed a full disk encrypted install. Everything works fine and am able to boot properly into the install. While trying to shutdown my system, systemd displays an error which says "systemd: stopped (with error) /dev/mapper/crypt-boot". 'crypt-boot' is the device mapper name for the encrypted boot partition. Could someone explain this. Do I need to be concerned of any data loss in the boot partition?
- Solomon
As you are shutting down, the filesystem becomes unreadable for the systemd process, you need to add the shutdown hook to mkinitcpio in order to have a copy of the initramfs at shutdown time. -- Pedro A. López-Valencia http://about.me/palopezv/ Recession is when a neighbor loses his job. Depression is when you lose yours. -Ronald Reagan
Hi,
As you are shutting down, the filesystem becomes unreadable for the systemd process, you need to add the shutdown hook to mkinitcpio in order to have a copy of the initramfs at shutdown time.
I thought this was obsolete since mkinitcpio 16? See https://lists.archlinux.org/pipermail/arch-dev-public/2013-December/025742.h... (I'm not sure, just curious...) @OP: I had a similar issue a few months ago and fixed it, see second post of this: https://bbs.archlinux.org/viewtopic.php?id=205275 (But I still haven't understood *why* that fixed it...) Best Regards, mearon
El 13/02/2016 a las 6:28 p. m., Merlin Büge escribió:
Hi,
I thought this was obsolete since mkinitcpio 16? See https://lists.archlinux.org/pipermail/arch-dev-public/2013-December/025742.h... (I'm not sure, just curious...) @OP: I had a similar issue a few months ago and fixed it, see second post of this: https://bbs.archlinux.org/viewtopic.php?id=205275 (But I still haven't understood *why* that fixed it...) Best Regards, mearon
Well, it doesn't happen to me unless I add the hook. Probably it was true three years ago, but it got broken along the way. I customarily replace the udev hook with the systemd hook and not even then is the initramfs copy created on /run/initramfs unless I add the sd-shutdown hook. Or keep the udev hook and add the shutdown hook. Both work for me. :-) -- Pedro A. López-Valencia http://about.me/palopezv/ Recession is when a neighbor loses his job. Depression is when you lose yours. -Ronald Reagan
El 13/02/2016 a las 6:44 p. m., P. A. López-Valencia escribió:
Well, it doesn't happen to me unless I add the hook. Probably it was true three years ago, but it got broken along the way. I customarily replace the udev hook with the systemd hook and not even then is the initramfs copy created on /run/initramfs unless I add the sd-shutdown hook. Or keep the udev hook and add the shutdown hook. Both work for me. :-)
I correct myself. I was under the impression that the sd-systemd hook worked but it doesn't. Stick to the old udev and shutdown hooks. -- Pedro A. López-Valencia http://about.me/palopezv/ Recession is when a neighbor loses his job. Depression is when you lose yours. -Ronald Reagan
adding 'shutdown' hook doesn't seem to work. Modifying '/etc/fstab' and replacing the UUID with '/dev/mapper/crypt-boot' did the trick. ________________________________________ From: arch-general <arch-general-bounces@archlinux.org> on behalf of P. A. López-Valencia <vorbote@outlook.com> Sent: Sunday, February 14, 2016 05:18 To: arch-general@archlinux.org Subject: Re: [arch-general] Error message with full disk encryption El 13/02/2016 a las 6:44 p. m., P. A. López-Valencia escribió:
Well, it doesn't happen to me unless I add the hook. Probably it was true three years ago, but it got broken along the way. I customarily replace the udev hook with the systemd hook and not even then is the initramfs copy created on /run/initramfs unless I add the sd-shutdown hook. Or keep the udev hook and add the shutdown hook. Both work for me. :-)
I correct myself. I was under the impression that the sd-systemd hook worked but it doesn't. Stick to the old udev and shutdown hooks. -- Pedro A. López-Valencia http://about.me/palopezv/ Recession is when a neighbor loses his job. Depression is when you lose yours. -Ronald Reagan
On Sun, Feb 14, 2016 at 5:23 PM, PeLo L <pelo99@outlook.com> wrote:
adding 'shutdown' hook doesn't seem to work. Modifying '/etc/fstab' and replacing the UUID with '/dev/mapper/crypt-boot' did the trick.
I've never used UUID volume id and still see the bug.
El 14/02/2016 a las 1:49 p. m., Carsten Mattner escribió:
On Sun, Feb 14, 2016 at 5:23 PM, PeLo L <pelo99@outlook.com> wrote:
adding 'shutdown' hook doesn't seem to work. Modifying '/etc/fstab' and replacing the UUID with '/dev/mapper/crypt-boot' did the trick. I've never used UUID volume id and still see the bug.
That's truly weird. I like a good murder mystery so I'll be doing some on-hands experimentation and report a bug if needed. -- Pedro A. López-Valencia http://about.me/palopezv/ Recession is when a neighbor loses his job. Depression is when you lose yours. -Ronald Reagan
On 02/14/2016 01:04 PM, P. A. López-Valencia wrote:
El 14/02/2016 a las 1:49 p. m., Carsten Mattner escribió:
On Sun, Feb 14, 2016 at 5:23 PM, PeLo L <pelo99@outlook.com> wrote:
adding 'shutdown' hook doesn't seem to work. Modifying '/etc/fstab' and replacing the UUID with '/dev/mapper/crypt-boot' did the trick. I've never used UUID volume id and still see the bug.
That's truly weird. I like a good murder mystery so I'll be doing some on-hands experimentation and report a bug if needed.
Good for you. There is something going on, and ignoring the shutdown message will just lead to further problems down the road. Thanks. -- David C. Rankin, J.D.,P.E.
On Sun, Feb 14, 2016 at 07:49:59PM +0100, Carsten Mattner wrote:
On Sun, Feb 14, 2016 at 5:23 PM, PeLo L <pelo99@outlook.com> wrote:
adding 'shutdown' hook doesn't seem to work. Modifying '/etc/fstab' and replacing the UUID with '/dev/mapper/crypt-boot' did the trick.
I've never used UUID volume id and still see the bug.
Which you using, the encrypted boot volume's UUID or its label on the fstab entry? Upon looking into [1], it seems that there's no need for the 'shutdown' hook, as long as the boot loader is configured properly. Thought I might share the links, as I know the full system encryption page can be a bit confusing to follow, regardless of your experience. [1] https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#Co... [2] https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#Co... Best regards, Jonathan
On Mon, Feb 15, 2016 at 4:40 AM, Jonathan Horacio Villatoro Córdoba <lacho8713@gmail.com> wrote:
On Sun, Feb 14, 2016 at 07:49:59PM +0100, Carsten Mattner wrote:
On Sun, Feb 14, 2016 at 5:23 PM, PeLo L <pelo99@outlook.com> wrote:
adding 'shutdown' hook doesn't seem to work. Modifying '/etc/fstab' and replacing the UUID with '/dev/mapper/crypt-boot' did the trick.
I've never used UUID volume id and still see the bug.
Which you using, the encrypted boot volume's UUID or its label on the fstab entry?
Upon looking into [1], it seems that there's no need for the 'shutdown' hook, as long as the boot loader is configured properly.
Thought I might share the links, as I know the full system encryption page can be a bit confusing to follow, regardless of your experience.
[1] https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#Co... [2] https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#Co...
I've identified dm-1 to be the luks-swap partition, and it's the only one mounted via fstab, because / is mounted via initrd and the kernel cmdline. So I have /dev/mapper/swap in fstab with the matching entry in /etc/crypttab, using a random key for re-initializing the swap luks device. As a bootloader I use syslinux.
participants (7)
-
Carsten Mattner
-
David C. Rankin
-
Jonathan Horacio Villatoro Córdoba
-
Merlin Büge
-
P. A. López-Valencia
-
PeLo L
-
Yaro Kasear