[Bug 1768171] Re: Manual partitioning with encrypted root and unencrypted swap gets stuck
Michael Hudson-Doyle
mwhudsonlp at fastmail.fm
Mon May 7 21:14:57 UTC 2018
** Project changed: subiquity => debian-installer (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to debian-installer in Ubuntu.
https://bugs.launchpad.net/bugs/1768171
Title:
Manual partitioning with encrypted root and unencrypted swap gets
stuck
Status in debian-installer package in Ubuntu:
New
Bug description:
There is an error when configuring an encrypted root with unencrypted
swap - specifically when steps are taken to resolve the 'Unsafe swap
space detected' message that (rightly) pops up. After triggering that
message, no amount of changing partitions around or re-writing the
partition table seems to work. Either the message pops up again even
with a valid configuration, or the installer fails to mount the
partition that is allocated for / (root).
To duplicate the issue, run the installer (I've been using KVM via
virt-manager) and go through the install process until disk
partitioning.
I used the following for each partition: when prompted "How to use
this free space", use "Create a new partition". Size I give in each
step below. Type is "Primary" each time, and "Location for the new
partition" is "Beginning" each time.
Steps to reproduce:
1. Choose "Manual" partitioning method.
2. Select the disk to be used - ensure any existing partition table is
empty or create a new one on the disk when prompted.
3. Add a /boot partition - 512MB ext4, size shouldn't matter.
4. Add a partition, any size, leaving some space for a swap partition.
Under "Use As" choose "physical volume for encryption". Leave all the
defaults and choose "Done setting up the partition".
5. Add a partition using the remaining space. Under "Use As" choose
"swap area".
6. Back in the main "Partition Disks" menu, select "Configure
encrypted volumes"
7. When prompted, "Write the changes to disk and configure encrypted
volumes?" choose "Yes".
8. Choose "Create encrypted volumes". Select the partition you will
use for root - in my KVM instance it is /dev/sda2. Select "Continue"
and back at the main "Encryption configuration actions" dialog, choose
"Finish".
The installer will pop up a red screen warning that "Unsafe swap space
[is] detected". Select "Continue".
9. Pick the swap partition (in my case #3), under "Use as", change it
to "physical volume for encryption". Leave all the defaults and select
"Done setting up the partition".
10. Choose "Configure encrypted volumes" again back at the main
partition menu.
11. Select "Yes" when prompted to "Keep current partition layout and
configure encrypted volumes?"
12. Choose "Create encrypted volumes", and select both /dev/sda2 and
/dev/sda3 (root, and swap partitions respectively). Choose "Continue"
and then "Finish".
Here's the bug. The "Unsafe swap space detected" alert will pop up
again, despite there being no configured swap any longer.
I tried to work around it by deleting the third partition entirely,
writing the partition table, and then configuring encrypted disks to
setup / on the allocated partition. All proceeds well, I can configure
an ext4 filesystem on the encrypted /dev/sda2 (sda2_crypt), and add
encrypted swap to sda3_crypt.
However, when finalizing the configuration that way, the installer
fails with a message "The attempt to mount a file system with type
ext4 in Encrypted volume (sda2_crypt) at / failed." At which point I'm
prompted to go back to the partitioning menu.
I should also note that this behaviour is reproducible in the Xenial
installer as well, so it is not new. I would hazard a guess that it is
present in most previous versions that have encryption support built
in.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/1768171/+subscriptions
More information about the foundations-bugs
mailing list