[Bug 1768171] [NEW] Manual partitioning with encrypted root and unencrypted swap gets stuck

Launchpad Bug Tracker 1768171 at bugs.launchpad.net
Mon May 7 21:14:59 UTC 2018 

You have been subscribed to a public bug:

There is an error when configuring an encrypted root with unencrypted
swap - specifically when steps are taken to resolve the 'Unsafe swap
space detected' message that (rightly) pops up. After triggering that
message, no amount of changing partitions around or re-writing the
partition table seems to work. Either the message pops up again even
with a valid configuration, or the installer fails to mount the
partition that is allocated for / (root).

To duplicate the issue, run the installer (I've been using KVM via virt-
manager) and go through the install process until disk partitioning.

I used the following for each partition: when prompted "How to use this
free space", use "Create a new partition". Size I give in each step
below. Type is "Primary" each time, and "Location for the new partition"
is "Beginning" each time.

Steps to reproduce:

1. Choose "Manual" partitioning method.

2. Select the disk to be used - ensure any existing partition table is
empty or create a new one on the disk when prompted.

3. Add a /boot partition - 512MB ext4, size shouldn't matter.

4. Add a partition, any size, leaving some space for a swap partition.
Under "Use As" choose "physical volume for encryption". Leave all the
defaults and choose "Done setting up the partition".

5. Add a partition using the remaining space. Under "Use As" choose
"swap area".

6. Back in the main "Partition Disks" menu, select "Configure encrypted
volumes"

7. When prompted, "Write the changes to disk and configure encrypted
volumes?" choose "Yes".

8. Choose "Create encrypted volumes". Select the partition you will use
for root - in my KVM instance it is /dev/sda2. Select "Continue" and
back at the main "Encryption configuration actions" dialog, choose
"Finish".

The installer will pop up a red screen warning that "Unsafe swap space
[is] detected". Select "Continue".

9. Pick the swap partition (in my case #3), under "Use as", change it to
"physical volume for encryption". Leave all the defaults and select
"Done setting up the partition".

10. Choose "Configure encrypted volumes" again back at the main
partition menu.

11. Select "Yes" when prompted to "Keep current partition layout and
configure encrypted volumes?"

12. Choose "Create encrypted volumes", and select both /dev/sda2 and
/dev/sda3 (root, and swap partitions respectively). Choose "Continue"
and then "Finish".

Here's the bug. The "Unsafe swap space detected" alert will pop up
again, despite there being no configured swap any longer.

I tried to work around it by deleting the third partition entirely,
writing the partition table, and then configuring encrypted disks to
setup / on the allocated partition. All proceeds well, I can configure
an ext4 filesystem on the encrypted /dev/sda2 (sda2_crypt), and add
encrypted swap to sda3_crypt.

However, when finalizing the configuration that way, the installer fails
with a message "The attempt to mount a file system with type ext4 in
Encrypted volume (sda2_crypt) at / failed." At which point I'm prompted
to go back to the partitioning menu.

I should also note that this behaviour is reproducible in the Xenial
installer as well, so it is not new. I would hazard a guess that it is
present in most previous versions that have encryption support built in.

** Affects: debian-installer (Ubuntu)
     Importance: Undecided
         Status: New

-- 
Manual partitioning with encrypted root and unencrypted swap gets stuck
https://bugs.launchpad.net/bugs/1768171
You received this bug notification because you are a member of Ubuntu Foundations Bugs, which is subscribed to debian-installer in Ubuntu.

More information about the foundations-bugs mailing list