[solved] cryptsetup 1.2.0 break my config

boulde · 2011-01-05 22:11:41

Hi,

following the recent update of cryptsetup (and device-mapper, udev, lvm2), my laptop refused to boot and cryptsetup did not ask the passphrase for my encrypted /home.
Installing back cryptsetup 1.1.3 solves the issue so I guess it is cryptsetup's fault ;-).

/etc/crypttab :

# NAME        SOURCE DEVICE        PASSWORD        OPTIONS
home         /dev/sda2         ASK                -c aes-cbc-essiv:sha256 -s 128

% sudo cryptsetup status home
/dev/mapper/home is active:
  cipher:  aes-cbc-essiv:sha256
  keysize: 128 bits
  device:  /dev/sda2
  offset:  1032 sectors
  size:    127779978 sectors
  mode:    read/write

I have looked at http://code.google.com/p/cryptsetup/wiki/Cryptsetup120 but I don't see what to change in my config.
Maybe this : "This change also disallows overloading of --key-size parameter which is now exclusively used for key size specification (in bits.)" is related to my "-s 128" option ?

Last edited by boulde (2011-01-10 19:44:47)

XazZ · 2011-01-06 13:58:49

Hi,

I think it's a bug in the initscripts.
If you reinstall cryptsetup 1.2 you'll probably see some error messages from cryptsetup when arch tries to do a "cryptsetup luksOpen".
This is probably due to the arguments from "$copts" (in /etc/rc.sysinit).

I didn't investigate this issue further, but setting $copts to something empty will probably work as workaround.

If you also think it's a bug in the initscripts you should open a bug report

Regards,
XazZ

boulde · 2011-01-06 20:00:24

ok thanks, I will retry the 1.2 version in the next few days to investigate this.

Dieter@be · 2011-01-09 11:53:01

your system became unbootable after a package upgrade?
you should report that on the bugtracker right away!

boulde · 2011-01-10 19:43:29

so, I just took the time to re-test.
After upgrading to 1.2.0, the boot was broken, the passphrase was not asked.
I tried to remove the "-c aes-cbc-essiv:sha256 -s 128" options from /etc/crypttab, and then my passphrase has been asked and the system boot. So the problem is solved. :-)
Dieter@be, do you still think I should report this on the bugtracker ? Maybe there is an issue in the initscript in the reading of cryptsetup options ?

Last edited by boulde (2011-01-10 19:44:28)

Arch Linux

#1 2011-01-05 22:11:41

[solved] cryptsetup 1.2.0 break my config

#2 2011-01-06 13:58:49

Re: [solved] cryptsetup 1.2.0 break my config

#3 2011-01-06 20:00:24

Re: [solved] cryptsetup 1.2.0 break my config

#4 2011-01-09 11:53:01

Re: [solved] cryptsetup 1.2.0 break my config

#5 2011-01-10 19:43:29

Re: [solved] cryptsetup 1.2.0 break my config

Board footer