You are not logged in.
- Topics: Active | Unanswered
#1 2015-11-02 20:06:51
- SirCrunkleton
- Member
- Registered: 2015-11-02
- Posts: 2
[SOLVED] Problems with an encrypted swap partition.
I'm having intermittent problems with getting my encrypted swap partition to activate on boot. Sometimes, I get no error messages and the swap partition shows up when swapon -s is issued. Other times, I get systemd errors right after entering my encrypted root filesystem password:
[FAILED] Failed to activate swap /dev/mapper/swap.
See 'systemctl status dev-mapper-swap.swap' for details.
[DEPEND] Dependency failed for Swap.Output of systemctl status dev-mapper-swap.swap:
● dev-mapper-swap.swap - /dev/mapper/swap
Loaded: loaded (/etc/fstab)
Active: failed (Result: exit-code) since Mon 2015-11-02 13:30:30 CST; 43s ago
What: /dev/mapper/swap
Docs: man:fstab(5)
man:systemd-fstab-generator(8)
Process: 435 ExecActivate=/sbin/swapon /dev/mapper/swap (code=exited, status=255)
Nov 02 13:30:30 xxx systemd[1]: Activating swap /dev/mapper/swap...
Nov 02 13:30:30 xxx swapon[435]: swapon: /dev/mapper/swap: swapon failed: Invalid argument
Nov 02 13:30:30 xxx systemd[1]: dev-mapper-swap.swap: Swap process exited, code=exited status=255
Nov 02 13:30:30 xxx systemd[1]: Failed to activate swap /dev/mapper/swap.
Nov 02 13:30:30 xxx systemd[1]: dev-mapper-swap.swap: Unit entered failed state.journalctl -b | grep -i swap:
Nov 02 13:30:30 xxx kernel: Command line: BOOT_IMAGE=/vmlinuz-linux root=UUID=aae425bd-be2c-4550-abd8-c39ad9c9d1b5 rw cryptdevice=PARTLABEL=root:root:allow-discards resume=PARTLABEL=swap elevator=deadline quiet
Nov 02 13:30:30 xxx kernel: Kernel command line: BOOT_IMAGE=/vmlinuz-linux root=UUID=aae425bd-be2c-4550-abd8-c39ad9c9d1b5 rw cryptdevice=PARTLABEL=root:root:allow-discards resume=PARTLABEL=swap elevator=deadline quiet
Nov 02 13:30:30 xxx kernel: zswap: loading zswap
Nov 02 13:30:30 xxx kernel: zswap: using zbud pool
Nov 02 13:30:30 xxx kernel: zswap: using lzo compressor
Nov 02 13:30:30 xxx kernel: PM: Checking hibernation image partition PARTLABEL=swap
Nov 02 13:30:30 xxx systemd[1]: Found device WDC_WD5000BEVT-60ZAT1 swap.
Nov 02 13:30:30 xxx systemd[1]: Starting Cryptography Setup for swap...
Nov 02 13:30:30 xxx systemd-cryptsetup[424]: Volume swap already active.
Nov 02 13:30:30 xxx mkswap[429]: mkswap: /dev/mapper/swap: warning: wiping old swap signature.
Nov 02 13:30:30 xxx systemd[1]: Found device /dev/mapper/swap.
Nov 02 13:30:30 xxx systemd[1]: Activating swap /dev/mapper/swap...
Nov 02 13:30:30 xxx swapon[435]: swapon: /dev/mapper/swap: swapon failed: Invalid argument
Nov 02 13:30:30 xxx systemd[1]: dev-mapper-swap.swap: Swap process exited, code=exited status=255
Nov 02 13:30:30 xxx systemd[1]: Failed to activate swap /dev/mapper/swap.
Nov 02 13:30:30 xxx systemd[1]: Dependency failed for Swap.
Nov 02 13:30:30 xxx systemd[1]: swap.target: Job swap.target/start failed with result 'dependency'.
Nov 02 13:30:30 xxx systemd[1]: dev-mapper-swap.swap: Unit entered failed state.
Nov 02 13:30:30 xxx mkswap[429]: Setting up swapspace version 1, size = 32 GiB (34357637120 bytes)
Nov 02 13:30:30 xxx mkswap[429]: no label, UUID=44454270-5dd8-4567-bfd7-c6894a75e037
Nov 02 13:30:30 xxx systemd[1]: Started Cryptography Setup for swap./etc/fstab:
/dev/mapper/root / ext4 rw,noatime,discard,data=ordered 0 1
PARTLABEL=esp /boot vfat rw,relatime,noauto,nodev,noexec,nosuid 0 2
/dev/mapper/var /var ext4 rw,relatime,data=ordered,nodev,noexec,nosuid 0 2
/dev/mapper/wd-data /data/wd ext4 rw,relatime,data=ordered,nodev,noexec,nosuid 0 2
/dev/mapper/swap none swap defaults 0 0/etc/crypttab:
var PARTLABEL=var /etc/keyfile.var
wd-data PARTLABEL=wd-data /etc/keyfile.wd-data
swap PARTLABEL=swap /etc/keyfile.swap swapI've tried a number of things, including changing the swap partition type to 8300 and commenting out the swap line in /etc/fstab as has been suggested to other people experiencing similar issues. No luck so far. All of the other partitions in crypttab mount perfectly fine each time.
Any thoughts?
Last edited by SirCrunkleton (2015-11-02 21:59:34)
Offline
#2 2015-11-02 20:24:46
- frostschutz
- Member
- Registered: 2013-11-15
- Posts: 1,636
Re: [SOLVED] Problems with an encrypted swap partition.
How did you encrypt var, wd-data, swap?
The standard method would be something like luksFormat (passphrase), luksAddKey (keyfile), luksOpen, mkfs / mkswap, ...
Assuming you used the same method for all three, your error was adding the swap option to the crypttab. Remove it and re-do the encryption for the swap partition and you should be fine.
The swap option causes the partition to be formatted, encrypted using plain mode with god knows what default cipher, ... it's normally only used along with /dev/urandom as a random key that is lost on shutdown.
Does the resume partlabel swap actually work? It would require the initramfs to be smart enough to figure out it should be using the crypt mapper device instead of literally the partlabel swap device which is not swap at all but encrypted.
Last edited by frostschutz (2015-11-02 20:31:00)
Offline
#3 2015-11-02 21:58:37
- SirCrunkleton
- Member
- Registered: 2015-11-02
- Posts: 2
Re: [SOLVED] Problems with an encrypted swap partition.
How did you encrypt var, wd-data, swap?
The standard method would be something like luksFormat (passphrase), luksAddKey (keyfile), luksOpen, mkfs / mkswap, ...
Assuming you used the same method for all three, your error was adding the swap option to the crypttab. Remove it and re-do the encryption for the swap partition and you should be fine.
The swap option causes the partition to be formatted, encrypted using plain mode with god knows what default cipher, ... it's normally only used along with /dev/urandom as a random key that is lost on shutdown.
Thanks. That worked perfectly.
Does the resume partlabel swap actually work? It would require the initramfs to be smart enough to figure out it should be using the crypt mapper device instead of literally the partlabel swap device which is not swap at all but encrypted.
Once I changed the parameter to resume=/dev/mapper/swap it worked perfectly. (Following the instructions at https://wiki.archlinux.org/index.php/Dm … cpio_hook).
Last edited by SirCrunkleton (2015-11-02 22:04:16)
Offline
#4 2015-11-02 21:59:47
- jasonwryan
- Anarchist
- From: .nz
- Registered: 2009-05-09
- Posts: 30,426
- Website
Re: [SOLVED] Problems with an encrypted swap partition.
Please remember to mark your thread as [Solved] by editing your first post and prepending it to the title.
Offline