[Bug 1238275] Re: cryptsetup should support block devices without filesystems

Matthew X. Economou xenophon+ubuntu at irtnog.org
Fri May 15 17:16:45 UTC 2015 

I ran into the same issue, in that cryptsetup's initramfs-tools hook
(/usr/share/initramfs-tools/hooks/cryptroot) doesn't currently handle
ZFS pools.  I've modified the hook to add this functionality.  It should
be able to handle complicated pool configurations (e.g., multiple vdevs,
ZIL, spares, etc.), but I've been able to give it only limited testing
within single-vdev pools.  I am putting my patches into the public
domain.

** Patch added: "Adds support for encrypted ZFS pools to the cryptroot initramfs-tools hook"
   https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1238275/+attachment/4398196/+files/cryptroot-add-zpool-support.patch

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1238275

Title:
  cryptsetup should support block devices without filesystems

Status in cryptsetup package in Ubuntu:
  Confirmed

Bug description:
  With the rise of newer filesystems, there are devices which may not
  actually contain a filesystem, but are used, i.e. as a caching device.

  Case in point; I have a HDD and a SSD (a combination which is getting more and more common). My HDD contains a ZFS filesystem, the SSD is used as a "cache".
  The same holds true for systems such as bcache.

  However, to be safe, one may wish to encrypt these filesystems.
  Encrypting the cache is then also a good thing, as the cache may
  contain data equally sensitive.

  However, when using a LUKS encrypted volume, the initramfs
  "cryptsetup" (in local-top) script checks the output from blkid, and
  errors out if the the device cannot be found in blkid.

  I propose an extra option passed via /etc/initramfs-
  tools/conf.d/cryptroot. I called the option "ignorefs", but feel free
  to propose a different name.

  A patch is attached to this bug report.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1238275/+subscriptions

More information about the foundations-bugs mailing list