Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora User (http://www.linux-archive.org/fedora-user/)
-   -   F17 luks weirdness (http://www.linux-archive.org/fedora-user/670178-f17-luks-weirdness.html)

Peter A 05-23-2012 06:09 PM

F17 luks weirdness
 
All,

I'm having an issue with encrypted disk setup on my Dell M6600 laptop.
During boot of Fedora 17 (originally installed from alpha, yum updated
current ever since), I get prompted for the password but the device
shown in the prompt changes. If it ends up picking md127p1 the boot
device is not decrypted the devices but instead fails with a luks error
trying to access the device. If I get prompted for the pass phrase for
any other device, boot up is successful, including mounting the md127p1
partition.


I've got four drives in the system: Two MSATA (one in the optical bay in
a sata to msata converter) 120GB disks for OS and most other stuff (sdc
and sdd), two Momentus XT 750GB for data (sda and sdb). They are set up
as two mirrors in the Intel bios (Intel 82801 in a QM67).


The boot raid consists of sdc and sdd. The drives are partitioned into 3
partitions:

Number Start End Size File system Name Flags
1 1049kB 2097kB 1049kB bios_grub
2 2097kB 526MB 524MB ext4 ext4 boot
3 526MB 120GB 120GB
Mount point for p2 is /boot, for 3 /

The other raid consists of sda and sdb. The drives are partitioned into
2 partitions:

Number Start End Size File system Name Flags
1 1049kB 17.2GB 17.2GB
2 17.2GB 750GB 733GB
First partition is swap, the second is mounted under my home as
/home/loony/data


MD seems to look good too
# cat /proc/mdstat
Personalities : [raid1]
md124 : active raid1 sda[1] sdb[0]
732571648 blocks super external:/md125/0 [2/2] [UU]

md126 : active raid1 sdc[1] sdd[0]
117218304 blocks super external:/md127/0 [2/2] [UU]

md127 : inactive sdc[1](S) sdd[0](S)
4776 blocks super external:imsm

md125 : inactive sdb[1](S) sda[0](S)
5608 blocks super external:imsm

unused devices: <none>

Dracut related boot messages from a successful boot are:
[ 3.399954] dracut: dracut-018-35.git20120510.fc17
[ 3.494352] dracut: rd.lvm=0: removing LVM activation
[ 4.763255] dracut: Starting plymouth daemon
[ 4.891705] dracut: rd.dm=0: removing DM RAID activation
[ 5.322356] dracut: luksOpen /dev/md126p3
luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160 none
[ 11.592058] dracut: Checking ext4:
/dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160
[ 11.596940] dracut: issuing e2fsck -a
/dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160
[ 11.615698] dracut:
/dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160: clean,
481162/7299072 files, 7478284/29175296 blocks
[ 11.622597] dracut: Remounting
/dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160 with -o ro
[ 11.653308] dracut: Mounted root filesystem
/dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160

[ 11.787906] dracut: Switching root

The grub entry for the kernel is:
linux /vmlinuz-3.3.4-5.fc17.x86_64
root=/dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160 ro
rd.md.uuid=19fdc234:857a89e5:8831880f:c92180dc rd.lvm=0 rd.dm=0
SYSFONT=True rd.md.uuid=39828da2:5ba3ed07:e158fca9:b46f3ac3 KEYTABLE=us
rd.md.uuid=92c96695:945f79c8:050bcb03:353f85c5
rd.luks.uuid=luks-6fbe3ef9-b08b-4d59-92fa-c4a4746c6817
rd.md.uuid=b0b5044d:22352807:56f708f9:0264f70c
rd.luks.uuid=luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160 LANG=en_US.UTF-8



The issue I have is that I get randomly asked at boot time for pass
phrases for md127p1 (does not work), or for any of the other encrypted
partitions (works).
The error I'm getting with md127p1 appears only after 15-20 seconds and
says that /dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160 wasn't
found.


If I enter a incorrect password when prompted for md127p1 it works as
expected and prompts again after a second or two. Only if I enter the
correct password, I see this error..


So, I have two issues. For one, why am I prompted for a different device
on boot up? Shouldn't I always be prompted for the same device? And
second, why does md127p1 fail?


I somehow have the suspicion that the answer is in the grub kernel entry
but I can't find any documentation if multiple rd.luks.uuid entries are
valid, if the order matters and what is the appropriate entry to be there...


Thanks,

Peter.





--
http://www.meaninglessrelic.com

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Rick Stevens 05-23-2012 06:19 PM

F17 luks weirdness
 
On 05/23/2012 11:09 AM, Peter A wrote:

All,

I'm having an issue with encrypted disk setup on my Dell M6600 laptop.
During boot of Fedora 17 (originally installed from alpha, yum updated
current ever since), I get prompted for the password but the device
shown in the prompt changes. If it ends up picking md127p1 the boot
device is not decrypted the devices but instead fails with a luks error
trying to access the device. If I get prompted for the pass phrase for
any other device, boot up is successful, including mounting the md127p1
partition.

I've got four drives in the system: Two MSATA (one in the optical bay in
a sata to msata converter) 120GB disks for OS and most other stuff (sdc
and sdd), two Momentus XT 750GB for data (sda and sdb). They are set up
as two mirrors in the Intel bios (Intel 82801 in a QM67).

The boot raid consists of sdc and sdd. The drives are partitioned into 3
partitions:
Number Start End Size File system Name Flags
1 1049kB 2097kB 1049kB bios_grub
2 2097kB 526MB 524MB ext4 ext4 boot
3 526MB 120GB 120GB
Mount point for p2 is /boot, for 3 /

The other raid consists of sda and sdb. The drives are partitioned into
2 partitions:
Number Start End Size File system Name Flags
1 1049kB 17.2GB 17.2GB
2 17.2GB 750GB 733GB
First partition is swap, the second is mounted under my home as
/home/loony/data

MD seems to look good too
# cat /proc/mdstat
Personalities : [raid1]
md124 : active raid1 sda[1] sdb[0]
732571648 blocks super external:/md125/0 [2/2] [UU]

md126 : active raid1 sdc[1] sdd[0]
117218304 blocks super external:/md127/0 [2/2] [UU]

md127 : inactive sdc[1](S) sdd[0](S)
4776 blocks super external:imsm

md125 : inactive sdb[1](S) sda[0](S)
5608 blocks super external:imsm

unused devices: <none>

Dracut related boot messages from a successful boot are:
[ 3.399954] dracut: dracut-018-35.git20120510.fc17
[ 3.494352] dracut: rd.lvm=0: removing LVM activation
[ 4.763255] dracut: Starting plymouth daemon
[ 4.891705] dracut: rd.dm=0: removing DM RAID activation
[ 5.322356] dracut: luksOpen /dev/md126p3
luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160 none
[ 11.592058] dracut: Checking ext4:
/dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160
[ 11.596940] dracut: issuing e2fsck -a
/dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160
[ 11.615698] dracut:
/dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160: clean,
481162/7299072 files, 7478284/29175296 blocks
[ 11.622597] dracut: Remounting
/dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160 with -o ro
[ 11.653308] dracut: Mounted root filesystem
/dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160
[ 11.787906] dracut: Switching root

The grub entry for the kernel is:
linux /vmlinuz-3.3.4-5.fc17.x86_64
root=/dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160 ro
rd.md.uuid=19fdc234:857a89e5:8831880f:c92180dc rd.lvm=0 rd.dm=0
SYSFONT=True rd.md.uuid=39828da2:5ba3ed07:e158fca9:b46f3ac3 KEYTABLE=us
rd.md.uuid=92c96695:945f79c8:050bcb03:353f85c5
rd.luks.uuid=luks-6fbe3ef9-b08b-4d59-92fa-c4a4746c6817
rd.md.uuid=b0b5044d:22352807:56f708f9:0264f70c
rd.luks.uuid=luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160 LANG=en_US.UTF-8


The issue I have is that I get randomly asked at boot time for pass
phrases for md127p1 (does not work), or for any of the other encrypted
partitions (works).
The error I'm getting with md127p1 appears only after 15-20 seconds and
says that /dev/mapper/luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160 wasn't
found.

If I enter a incorrect password when prompted for md127p1 it works as
expected and prompts again after a second or two. Only if I enter the
correct password, I see this error..

So, I have two issues. For one, why am I prompted for a different device
on boot up? Shouldn't I always be prompted for the same device? And
second, why does md127p1 fail?

I somehow have the suspicion that the answer is in the grub kernel entry
but I can't find any documentation if multiple rd.luks.uuid entries are
valid, if the order matters and what is the appropriate entry to be
there...


Technically, this doesn't belong on this list as F17 hasn't been
released yet. It belongs on the fedora test list
(test@lists.fedoraproject.org).
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, AllDigital ricks@alldigital.com -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- Silence! Or I shall replace you with a very small shell script! -
- - The Wizard of OS -
----------------------------------------------------------------------
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Reindl Harald 05-23-2012 06:22 PM

F17 luks weirdness
 
Am 23.05.2012 20:19, schrieb Rick Stevens:
> On 05/23/2012 11:09 AM, Peter A wrote:

<a lot of informations>

> Technically, this doesn't belong on this list as F17 hasn't been
> released yet. It belongs on the fedora test list
> (test@lists.fedoraproject.org).
> ----------------------------------------------------------------------
> - Rick Stevens, Systems Engineer, AllDigital ricks@alldigital.com -
> - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
> - -
> - Silence! Or I shall replace you with a very small shell script! -
> - - The Wizard of OS -
> ----------------------------------------------------------------------

if you are pedantic stop FULL-QUOTING and remove your fun-signature

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Bruno Wolff III 05-23-2012 06:25 PM

F17 luks weirdness
 
On Wed, May 23, 2012 at 14:09:59 -0400,
Peter A <loony@loonybin.org> wrote:

All,

I'm having an issue with encrypted disk setup on my Dell M6600
laptop. During boot of Fedora 17 (originally installed from alpha,
yum updated current ever since), I get prompted for the password but
the device shown in the prompt changes. If it ends up picking md127p1
the boot device is not decrypted the devices but instead fails with a
luks error trying to access the device. If I get prompted for the
pass phrase for any other device, boot up is successful, including
mounting the md127p1 partition.


I would take a look at /etc/crypttab and make sure it appears to be correct.
You can use blkid to get uuids and make sure they match up properly.
If you change /etc/crypttab, you'll want to rerun dracut so that a good
copy ends up in the initramfs file.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Peter A 05-23-2012 10:36 PM

F17 luks weirdness
 
Bruno,

my /etc/cryptotab consists of the following 3 entries.
luks-6fbe3ef9-b08b-4d59-92fa-c4a4746c6817
UUID=6fbe3ef9-b08b-4d59-92fa-c4a4746c6817 none
luks-d1122665-ef96-4731-8745-31a1dd8aed09
UUID=d1122665-ef96-4731-8745-31a1dd8aed09 none
luks-a417a2f6-988b-49bf-be2e-e2cf34dcc160
UUID=a417a2f6-988b-49bf-be2e-e2cf34dcc160 none


The first line is my swap, the 2nd entry is the data partition, the 3rd
root. It all seems to be correct to me.


Thanks,


Peter.


On 05/23/2012 02:25 PM, Bruno Wolff III wrote:

On Wed, May 23, 2012 at 14:09:59 -0400,
Peter A <loony@loonybin.org> wrote:

All,

I'm having an issue with encrypted disk setup on my Dell M6600
laptop. During boot of Fedora 17 (originally installed from alpha,
yum updated current ever since), I get prompted for the password but
the device shown in the prompt changes. If it ends up picking md127p1
the boot device is not decrypted the devices but instead fails with a
luks error trying to access the device. If I get prompted for the
pass phrase for any other device, boot up is successful, including
mounting the md127p1 partition.


I would take a look at /etc/crypttab and make sure it appears to be
correct. You can use blkid to get uuids and make sure they match up
properly. If you change /etc/crypttab, you'll want to rerun dracut so
that a good copy ends up in the initramfs file.





--
http://www.meaninglessrelic.com

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org


All times are GMT. The time now is 12:19 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.