[Bug 1453738] Re: installer in LVM mode sets up broken encrypted swap, using duplicate unencrypted swap

Vindicator 1453738 at bugs.launchpad.net
Thu Jul 16 01:13:45 UTC 2015 

How does one  test this when it happens during installation? Does the
15.04 installer ISO get updated? Can we specify the Live Installer flash
drive to apply the package via "dpkg" or "apt-get"?

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1453738

Title:
  installer in LVM mode sets up broken encrypted swap, using duplicate
  unencrypted swap

Status in eCryptfs:
  New
Status in ecryptfs-utils package in Ubuntu:
  Fix Released
Status in ecryptfs-utils source package in Trusty:
  Triaged
Status in ecryptfs-utils source package in Utopic:
  Won't Fix
Status in ecryptfs-utils source package in Vivid:
  Fix Committed
Status in ecryptfs-utils source package in Wily:
  Fix Released

Bug description:
  When installing Ubuntu with "Use LVM" (but not encryption!), and
  "encrypt my home dir", the installer adds the original unencrypted
  swap to fstab. Then, ecryptfs-setup-swap keeps that, and additionally
  configures an encrypted swap via an UUID and without offset (which
  would trigger bug 953875 again!), so that you end up with *two* swap
  configs for one and the same partition, once unencrypted and once
  encrypted:

  fstab:
  /dev/mapper/ubuntu--vg-swap_1 none swap sw 0 0
  /dev/mapper/cryptswap1 none swap sw 0 0

  crypttab:
  cryptswap1 UUID=f636d7ef-9405-482d-a90a-5ba67026fcfb /dev/urandom swap,offset=1024,cipher=aes-xts-plain64

  (UUID is for ubuntubuntu--vg-swap_1). This can't work, as the
  unencrypted one is faster, so trying to set up the encrypted one
  fails.

  SRU TEST CASE:
  --------------
  - Install 15.04 with LVM (no encryption) and select "encrypt my home dir"
  - Boot will ask you for a (nonexisting) passphrase for the swap partition; press Enter
  - Install the update
  - Reboot and verified that the bogus passphrase question is gone
  - Verify that "swapon -s" has a swap partition (usually dm-2), and that /dev/mapper/cryptswap1 points to that. It should NOT be the unencrypted /dev/mapper/ubuntu--vg-swap_1!.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ecryptfs/+bug/1453738/+subscriptions

More information about the foundations-bugs mailing list