Ubuntu
cryptsetup package

initrd does not contain conf/conf.d/cryptroot file for encrypted root

Bug #317442 reported by Shiv V
6
Affects Status Importance Assigned to Milestone
cryptsetup (Ubuntu)
New
Undecided
Unassigned

Bug Description

Binary package hint: cryptsetup

Ubuntu Jaunty amd64, cryptsetup 2:1.0.6-7ubuntu1, initramfs-tools 0.92bubuntu18, udev 136-4

I have an encrypted root so the initrd has to decrypt it during boot. Previously, initrds generated with initramfs-tools had a conf/conf.d/cryptroot file containing information parsed from /etc/crypttab relating to the device containing the root filesystem. This file is not being generated after the update from 2:1.0.6-6ubuntu2.1 -> 2:1.0.6-7ubuntu1. I tracked it down to the file /usr/share/initramfs-tools/hooks/cryptroot which is called by mkinitramfs/update-initramfs. The code here looks in /etc/fstab to find the root device (UUID=<uuid> in my case). It then tries to determine the relevant device node by looking at /dev/disk/by-uuid/<uuid>, which points to /dev/md-<number>. I'm guessing this used to point to /dev/mapper/<name> instead because the code ignores UUIDs which do not point to /dev/mapper/<name>.

Changing /dev/disk/by-uuid/ab1bfbaf-30f7-4319-bdc0-ab45fd007b5c -> ../../dm-5
to /dev/disk/by-uuid/ab1bfbaf-30f7-4319-bdc0-ab45fd007b5c -> ../../mapper/root

fixes the issue and this was not necessary before the update. I noticed udev rules have changed some in the last update. Could that be the source of the issue?

Revision history for this message
Shiv V (svenkata) wrote :

Despite there being a NAME="mapper/$env{DM_NAME}" rule in /lib/udev/rules.d/65-dmsetup.rules, udevadm test /devices/virtual/block/dm-5 either does not get to it or does not apply it. Instead I get:
[ ... snip ... ]
udev_event_execute_rules: no node name set, will use kernel name 'dm-5'
[ ... snip ... ]

Revision history for this message
Shiv V (svenkata) wrote :

I took a look at all the rules in /lib/udev/rules.d and noticed that every 'NAME=' assignment is preceeded by a conditional (e.g. KERNEL== or SUBSYSTEM==). Adding a conditional seems to make the rule apply. Here's what I did:

--- a/lib/udev/rules.d/65-dmsetup.rules 2009-01-09 06:02:58.000000000 -0800
+++ b/lib/udev/rules.d/65-dmsetup.rules 2009-01-15 10:55:14.000000000 -0800
@@ -11,7 +11,8 @@
 ENV{DM_NAME}=="temporary-cryptsetup-*", OPTIONS="ignore_device"

 # Make the device take the /dev/mapper name
-OPTIONS+="string_escape=none", NAME="mapper/$env{DM_NAME}"
+#KERNEL=="dm-*", OPTIONS+="string_escape=none", NAME="mapper/$env{DM_NAME}"
+KERNEL=="dm-*", NAME="mapper/$env{DM_NAME}"
 SYMLINK+="disk/by-id/dm-name-$env{DM_NAME}"
 ENV{DM_UUID}=="?*", SYMLINK+="disk/by-id/dm-uuid-$env{DM_UUID}"

The weird thing is that it would not work with OPTIONS+=... even with KERNEL==... I don't understand this at all but udevadm test now applies the NAME rule. Perhaps I should poke around in the udev source

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.