[arch-general] New - systemd 234 - luks partition fails to ask for password
This has been working for years - starting on recent reboots systemd is failing to ask for password for luks encrypted /home partition and boot halts. Fully updated from testing repos - when I reboot now, systemd no longer asks for password to unlock luks partition. There is no hesitation at all and no password prompt at all. The boot runs through and gives an error that crypt set up failed. Root is not encrypted just /home. I'm then prompted to press Ctl D or give root password and drop to single user mode - doing that then I can manually do: cryptsetup open /dev/sdxx home which prompts for password and succeeds After I do above, then the error goes away evidenced by: systemctl status systemd-cryptsetup@home.service shows all is normal - exiting from single user 'repair' mode - then boot continues and completes normally. And /home gets mounted via /dev/mapper as normal The issue is with latest systemd that I no longer get prompted for a password for the luks encrypted partition. Thoughts: systemd password agents: running systemd-ask-password by hand does indeed ask for password in the console. /run/systemd/ask-password is empty directory. the journal contains this: systemd-cryptsetup[316]: Failed to query password: Timer expired systemd[1]: Failed to start Cryptography Setup for home. (Its possible that the bug is in systemd-cryptsetup in latest release?) Versions: # pacman -Q linux systemd linux 4.12.1-2 systemd 234.0-2 cryptsetup 1.7.5-1 I googled but was no able to find any relevant bugs - checked systemd github issues but found nothing similar. thanks. -- Gene lists@sapience.com
I have a work around which is to add timeout=90 It seems the timeout=0, which is the default) and is supposed to mean wait indefinitely) is now treated as dont prompt or wait at all. I cannot say if this is a change in behavior which is intentional and the man pages need to be updated (man crypttab) or a bug causing the change - but changing to use a non-zero timeout does now prompt for password. -- Gene lists@sapience.com
Could wel be related: https://github.com/systemd/systemd/pull/6264 -- Gene lists@sapience.com
On Sat, Jul 15, 2017 at 6:21 PM, Genes Lists via arch-general < arch-general@archlinux.org> wrote:
I have a work around which is to add timeout=90
Where to add this?
On 2017-07-17 06:38, SanskritFritz via arch-general wrote:
On Sat, Jul 15, 2017 at 6:21 PM, Genes Lists via arch-general < arch-general@archlinux.org> wrote:
I have a work around which is to add timeout=90
Where to add this?
To the kernel parameters, with luks.options= key. B
On Mon, Jul 17, 2017 at 07:57:18AM +0200, Bartłomiej Piotrowski wrote:
On 2017-07-17 06:38, SanskritFritz via arch-general wrote:
On Sat, Jul 15, 2017 at 6:21 PM, Genes Lists via arch-general < arch-general@archlinux.org> wrote:
I have a work around which is to add timeout=90
Where to add this?
To the kernel parameters, with luks.options= key.
Yes, see "man systemd-cryptsetup-generator" and "man cryptsetup" for details. Cheers, -- Leonid Isaev
On Mon, Jul 17, 2017 at 12:16 PM, Leonid Isaev via arch-general < arch-general@archlinux.org> wrote:
On Mon, Jul 17, 2017 at 07:57:18AM +0200, Bartłomiej Piotrowski wrote:
On 2017-07-17 06:38, SanskritFritz via arch-general wrote:
On Sat, Jul 15, 2017 at 6:21 PM, Genes Lists via arch-general < arch-general@archlinux.org> wrote:
I have a work around which is to add timeout=90
Where to add this?
To the kernel parameters, with luks.options= key.
Yes, see "man systemd-cryptsetup-generator" and "man cryptsetup" for details.
Thanks guys.
On Mon, 2017-07-17 at 06:38 +0200, SanskritFritz wrote:
On Sat, Jul 15, 2017 at 6:21 PM, Genes Lists via arch-general <arch-g eneral@archlinux.org> wrote:
I have a work around which is to add timeout=90
Where to add this?
in /etc/crypttab at the end of the line -- Gene lists@sapience.com
On Mon, Jul 17, 2017 at 1:59 PM, Genes Lists <lists@sapience.com> wrote:
On Mon, 2017-07-17 at 06:38 +0200, SanskritFritz wrote:
On Sat, Jul 15, 2017 at 6:21 PM, Genes Lists via arch-general <arch-g eneral@archlinux.org> wrote:
I have a work around which is to add timeout=90
Where to add this?
in /etc/crypttab at the end of the line
Ah, thanks man.
I'm also running cryptsetup 1.7.5-1, but with an out-of-date linux kernel and systemd (4.11.9-1 and 233.75-3, respectively) and it's working fine; it's plausibly a regression with one of those two. Is this bug also present on the linux-lts kernel? I've found some issues I've had go away with a different kernel. On Jul 15, 2017 16:07, "Genes Lists via arch-general" < arch-general@archlinux.org> wrote: This has been working for years - starting on recent reboots systemd is failing to ask for password for luks encrypted /home partition and boot halts. Fully updated from testing repos - when I reboot now, systemd no longer asks for password to unlock luks partition. There is no hesitation at all and no password prompt at all. The boot runs through and gives an error that crypt set up failed. Root is not encrypted just /home. I'm then prompted to press Ctl D or give root password and drop to single user mode - doing that then I can manually do: cryptsetup open /dev/sdxx home which prompts for password and succeeds After I do above, then the error goes away evidenced by: systemctl status systemd-cryptsetup@home.service shows all is normal - exiting from single user 'repair' mode - then boot continues and completes normally. And /home gets mounted via /dev/mapper as normal The issue is with latest systemd that I no longer get prompted for a password for the luks encrypted partition. Thoughts: systemd password agents: running systemd-ask-password by hand does indeed ask for password in the console. /run/systemd/ask-password is empty directory. the journal contains this: systemd-cryptsetup[316]: Failed to query password: Timer expired systemd[1]: Failed to start Cryptography Setup for home. (Its possible that the bug is in systemd-cryptsetup in latest release?) Versions: # pacman -Q linux systemd linux 4.12.1-2 systemd 234.0-2 cryptsetup 1.7.5-1 I googled but was no able to find any relevant bugs - checked systemd github issues but found nothing similar. thanks. -- Gene lists@sapience.com
participants (5)
-
Bartłomiej Piotrowski
-
Genes Lists
-
Leonid Isaev
-
Noah Schoem
-
SanskritFritz