[Bug 2084251] Re: LUKS not detected or prompted for on boot
Andreas Hasenack
2084251 at bugs.launchpad.net
Thu Nov 7 16:57:03 UTC 2024
I think it's best to remove the priority change then, because:
a) that seems to have been the agreement with an AA before;
b) making it priority important could have other implications we haven't thought through
But then DEP8 hell will happen, it will be days before this can be
released...
Perhaps can the AA who you talked with comment here in the bug, and give
a +1 or -1 for the systemd package currently in proposed which has the
priority change?
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/2084251
Title:
LUKS not detected or prompted for on boot
Status in cryptsetup package in Ubuntu:
Invalid
Status in systemd package in Ubuntu:
In Progress
Status in cryptsetup source package in Oracular:
Invalid
Status in systemd source package in Oracular:
Fix Committed
Bug description:
[Impact]
Upgrades from Noble to Oracular do not pull systemd-cryptsetup in by
default. Users that rely on e.g. cryptswap, or something else in
/etc/crypttab that was previously handled by systemd-cryptsetup, they
will face regressions on upgrades.
Users that install 24.10 as ZFS + encryption also see issues due to
missing systemd-cryptsetup. Note that this patch for systemd does not
itself fix the installation issue.
[Test Plan]
1. The systemd-cryptsetup package should be installed on upgrades from
Noble to Oracular:
$ lxc launch ubuntu:noble noble
$ lxc exec noble bash
Then, in the container:
$ cat > /etc/apt/sources.list.d/proposed.sources << EOF
Types: deb
URIs: http://us.archive.ubuntu.com/ubuntu/
Suites: noble-proposed
Components: main restricted universe multiverse
Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg
EOF
cat <<EOF >/etc/apt/preferences.d/proposed-updates
# Make sure that after we re-write sources, the correct version is pulled in.
Package: *
Pin: release a=oracular-proposed
Pin-Priority: 500
EOF
$ do-release-upgrade
...
$ apt policy systemd-cryptsetup
Without the fix, systemd-cryptsetup would not be installed
automatically during the upgrade.
### Edit: The deboostrap test is not applicable, because I wrongly
assumed we would adjust the priorities in SRU, but after consulting an
AA, it is not worth doing for oracular.
2. The systemd-cryptsetup package should be installed when
bootstrapping oracular:
$ debootstrap --extra-suites=oracular-proposed oracular oracular
...
$ systemd-nspawn -D oracular
Then, in the container:
$ apt policy systemd-cryptsetup
Without the fix, systemd-cryptsetup would not be installed during the
bootstrap.
[Where problems could occur]
The patch is to change the Priority to important for systemd-
cryptsetup, and to add Recommends: systemd-cryptsetup back to systemd.
Hence, issues would be related to installing systemd, or maybe
bootstrapping.
We should make sure there are no typos in the patch :)
[Original Description]
Hi,
I just upgraded from Noble to Oracular. It seems post-upgrade, only a
single LUKS device is decrypted on boot.
My `/etc/crypttab` is as follows:
| nvme0n1p3_crypt UUID=c82c8c6c-e363-473f-a655-a325d4e6cf3b none luks,discard
| nvme0n1p4_crypt UUID=3de219b7-3e0c-437b-a0eb-d3cb8087d74e none luks,discard
`lsblk -o +UUID` showing UUIDs:
| ├─nvme0n1p3 259:3 0 384G 0 part c82c8c6c-e363-473f-a655-a325d4e6cf3b
| │ └─nvme0n1p3_crypt 252:0 0 384G 0 crypt / f48e2583-013f-474c-9f57-5deabef8d833
| └─nvme0n1p4 259:4 0 546.8G 0 part 3de219b7-3e0c-437b-a0eb-d3cb8087d74e
| └─nvme0n1p4_crypt 252:1 0 546.7G 0 crypt /home dfea2d4c-f43e-4ef9-8938-3255f7987dfa
I can confirm that the `crypttab` entry is correct because I can run
`cryptdisks_start nvme0n1p4_crypt` on the recovery prompt and it
decrypts it.
I haven't yet tried downgrading `cryptsetup`, will give that a try
tomorrow.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/2084251/+subscriptions
More information about the foundations-bugs
mailing list