Removing LUKS encrypted swap from initrd nash script
Using Fedora 9, I had initially installed with my swap in an LVM
logical volume using LUKS encryption. I've since changed that so
it just uses dmcrypt directly without LUKS (using /dev/random as
the key in the /etc/crypttab; and this is a desktop so I'm not worried
about the hibernate issues)
But still at boot time, it is prompting for the LUKS passphrase,
which will obviously fail because the logical volume is no longer
managed with LUKS. I've even completely overwritten the entire
logical volume thinking that the "cryptsetup isLuks" might still
be confused when it probes the logical volume.
The /etc/rc.sysinit script handles this fine though. It re-creates and
maps the swap using plain dmcrypt with a random key, without
me ever seeing a prompt. I also checked the /etc/blkid/blkid.tab
to make sure it wasn't cached there.
I've finally traced this back to being an embedded cryptsetup
command in the initrd's nash script "init" (which runs before
echo Setting up disk encryption: /dev/mapper/vg0-lv01
cryptsetup luksOpen /dev/mapper/vg0-lv01 luks-vg0-lv01
What is the recommended way to rebuild the initrd to remove
this now-unnecessary luksOpen from the initrd? I'm also not
sure what the "resume" command is supposed to be doing,
but it obviously can't stay either.
Also, more for curiosity, why was that even in the initrd to
begin with? I didn't think swap was ever used or enabled
until after the rc.sysinit got control. So why would initrd
need that logical volume luksOpen'ed?
fedora-list mailing list
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list