FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 12-03-2008, 07:55 PM
Jochen Schulz
 
Default insserv & encrypted /home

Hi,

Short version: does anybody use cryptsetup and insserv at the same time
successfully?

I recently re-installed Debian on my laptop because I wanted to
repartition my hard drive and use an encrypted filesystem for /home.
Everything went quite smooth, but after installing and configuring
insserv, I am sometimes unable to enter the passphrase needed for
mounting my encrypted /home.

Insserv parallelizes the boot sequence which results in a nice speed
gain. However, the input prompt of /etc/init.d/cryptdisks is completely
broken by that. I usually don't see the prompt at all, I can just see
that the system sits idle, apparently waiting for me to enter the
password. What makes this worse is that sometimes I cannot even enter
the passphrase as the keys I type are echoed on the display and
apparently do not go anywhere else.

Until now, I have never been very patient and simply powered the system
of at this point. I don't know whether cryptsetup's CRYPTDISKS_TIMEOUT
would kick in in these situations, but I have lowered its value to 30
seconds and will try that on next boot. Because of #495505 I am not to
optimistic, though.

Which package should receive the bug report, insserv or cryptsetup? I
guess this is insserv's fault, but I am not sure.

J.
--
I am no longer prepared to give you the benefit of the doubt.
[Agree] [Disagree]
<http://www.slowlydownward.com/NODATA/data_enter2.html>
 
Old 12-03-2008, 08:07 PM
"Eugene V. Lyubimkin"
 
Default insserv & encrypted /home

Jochen Schulz wrote:
> Hi,
>
> Which package should receive the bug report, insserv or cryptsetup? I
> guess this is insserv's fault, but I am not sure.
I would say that it's cryptsetup problem, it has to include all needed info to be able to
show you the prompt (but I am not sure). Anyway, just file the bug, and in case the
culprit is some other package, the developers will reassign it.

--
Eugene V. Lyubimkin aka JackYF, JID: jackyf.devel(maildog)gmail.com
Ukrainian C++ developer, Debian APT contributor
 
Old 12-03-2008, 08:15 PM
Eric Gerlach
 
Default insserv & encrypted /home

Jochen Schulz wrote:

Which package should receive the bug report, insserv or cryptsetup? I
guess this is insserv's fault, but I am not sure.


I think that this would be a bug against cryptsetup. AFAIK, having
LSB-compliant initscripts is some sort of a release goal for lenny. I
don't know where parallelization fits into this, but I think it's up to
cryptsetup to make sure it plays well in that scenario (or warns the
user not to do it).


Cheers,

--
Eric Gerlach, Network Administrator
Federation of Students
University of Waterloo
p: (519) 888-4567 x36329
e: egerlach@feds.uwaterloo.ca


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 12-03-2008, 08:25 PM
subscriptions
 
Default insserv & encrypted /home

On Wed, 2008-12-03 at 21:55 +0100, Jochen Schulz wrote:
>
> Hi,
>
> Short version: does anybody use cryptsetup and insserv at the same
> time
> successfully?
>
> I recently re-installed Debian on my laptop because I wanted to
> repartition my hard drive and use an encrypted filesystem for /home.
> Everything went quite smooth, but after installing and configuring
> insserv, I am sometimes unable to enter the passphrase needed for
> mounting my encrypted /home.

You can also use a single password prompt to unlock the root partition
(/) and put a key for /home in /etc/crypttab (to open /home
automatically on start up).

Best,

Rob


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 12-03-2008, 08:44 PM
Jochen Schulz
 
Default insserv & encrypted /home

subscriptions:
> On Wed, 2008-12-03 at 21:55 +0100, Jochen Schulz wrote:
>>
>> I recently re-installed Debian on my laptop because I wanted to
>> repartition my hard drive and use an encrypted filesystem for /home.
>> Everything went quite smooth, but after installing and configuring
>> insserv, I am sometimes unable to enter the passphrase needed for
>> mounting my encrypted /home.
>
> You can also use a single password prompt to unlock the root partition
> (/) and put a key for /home in /etc/crypttab (to open /home
> automatically on start up).

This would be an option if I had encrypted /.

J.
--
In idle moments I remember former lovers with sentimental tenderness.
[Agree] [Disagree]
<http://www.slowlydownward.com/NODATA/data_enter2.html>
 
Old 12-03-2008, 08:55 PM
subscriptions
 
Default insserv & encrypted /home

On Wed, 2008-12-03 at 22:44 +0100, Jochen Schulz wrote:
>
> > On Wed, 2008-12-03 at 21:55 +0100, Jochen Schulz wrote:
> >>
> >> I recently re-installed Debian on my laptop because I wanted to
> >> repartition my hard drive and use an encrypted filesystem
> for /home.
> >> Everything went quite smooth, but after installing and configuring
> >> insserv, I am sometimes unable to enter the passphrase needed for
> >> mounting my encrypted /home.
> >
> > You can also use a single password prompt to unlock the root
> partition
> > (/) and put a key for /home in /etc/crypttab (to open /home
> > automatically on start up).
>
> This would be an option if I had encrypted /.

One can still do that at this stage, if you know the way with moving
files, chroot and grub [even splashy will work!]

Best,

Rob


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 12-03-2008, 09:10 PM
Jochen Schulz
 
Default insserv & encrypted /home

Eric Gerlach:
> Jochen Schulz wrote:
>> Which package should receive the bug report, insserv or cryptsetup? I
>> guess this is insserv's fault, but I am not sure.
>
> I think that this would be a bug against cryptsetup.

Ok, see #507722.

J.
--
In the west we kill people like chickens.
[Agree] [Disagree]
<http://www.slowlydownward.com/NODATA/data_enter2.html>
 
Old 12-07-2008, 09:30 AM
Michael Wagner
 
Default insserv & encrypted /home

* Jochen Schulz <ml@well-adjusted.de> 03.12.2008
>
> I recently re-installed Debian on my laptop because I wanted to
> repartition my hard drive and use an encrypted filesystem for /home.
> Everything went quite smooth, but after installing and configuring
> insserv, I am sometimes unable to enter the passphrase needed for
> mounting my encrypted /home.
>
> Insserv parallelizes the boot sequence which results in a nice speed
> gain. However, the input prompt of /etc/init.d/cryptdisks is completely
> broken by that. I usually don't see the prompt at all, I can just see
> that the system sits idle, apparently waiting for me to enter the
> password. What makes this worse is that sometimes I cannot even enter
> the passphrase as the keys I type are echoed on the display and
> apparently do not go anywhere else.

Hello Jochen,

from "man insserv"

-----------------------------snip--------------------------------------
# Services which need to be interactive
<interactive> boot.crypto

Names starting with a `+' sign are marked as optional. If the service
with the name after the plus sign is available it will be used, if not
available it is ignored silently. Words beginning with < and ending
with > are keywords. Currently <interactive> is the only know keyword
for marking a service as an interactive one, e.g. a service which
requires a passphrase or password input during boot or runlevel change.
-----------------------------snap--------------------------------------

I installed "insserv" for the first time a few days ago and I have no
encrypted filesystems, but I think with the above information it's
possible to find a solution.

Hth Michael

--
"There are no shortcuts to any place worth going."
 
Old 12-07-2008, 02:17 PM
Jochen Schulz
 
Default insserv & encrypted /home

Michael Wagner:
>
> -----------------------------snip--------------------------------------
> # Services which need to be interactive
> <interactive> boot.crypto
>
> Names starting with a `+' sign are marked as optional. If the service
> with the name after the plus sign is available it will be used, if not
> available it is ignored silently. Words beginning with < and ending
> with > are keywords. Currently <interactive> is the only know keyword
> for marking a service as an interactive one, e.g. a service which
> requires a passphrase or password input during boot or runlevel change.
> -----------------------------snap--------------------------------------

Thanks for the hint, I already found that configuration snippet. But I
am not sure on how to use that information.

I added 'cryptdisks' to the <interactive> line ('cryptdisks' is not only
the name of the init script, but also the name of the system facility it
provides). Unfortunately, the behaviour doesn't change. The same goes
for cryptdisks-early, which appears to be responsible for mounting my
/home.

J.
--
I am worried that my dreams pale in comparison beside TV docu-soaps.
[Agree] [Disagree]
<http://www.slowlydownward.com/NODATA/data_enter2.html>
 

Thread Tools




All times are GMT. The time now is 06:18 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org