You are not logged in.

#1 2010-02-25 21:51:39

Valheru
Member
Registered: 2005-02-06
Posts: 49

Can't mount LUKS volume after recent update

Booted up today to kernel error message involving the crypto parameter not being set and there not being a valid LUKS volume. Right I think, massive amounts of cock are about to ensue in a typical Linux update with half the system breaking, but nothing we haven't seen before.

So I boot from a recovery CD, get into the encrypted volumes and update to see if anything b0rked was hotfixed by the devs. Hmm, nothing. It would appear that the cryptsetup params have changed once again, as they are wont to do every few years. We now have a new parameter that must be specified, crypto=:::: by default. Default doesn't work for me since I must have been in a highly delusional paranoid state when I created my partitions hmm I think I used AES when I created it, with TripleDES/Blowfish/Serpent or something along those lines.

I can't seem to find any documentation about the parameter either, the cryptsetup website looks like monkeys with hammers got to it before the devs could fend them off and now the devs are lying on the floor in puddles of monkey semen while their SVN is being pillaged sad

Does anyone have a quick hint of what needs to be specified to get back into my encrypted root? I don't feel like dredging through half the Internets again, last time it took me a half a day to find out I needed to add the cryptdevice parameter roll

Offline

#2 2010-02-27 11:56:02

Valheru
Member
Registered: 2005-02-06
Posts: 49

Re: Can't mount LUKS volume after recent update

It would seem the cryptsetup in the initrd image is borked. When it fails to unlock the root partition, it dumps me into the recovery terminal. When I try and run cryptsetup manually from there, it segfaults with the message that it is missing libpopt.so.

I tried with the crypto=ripemd160:"aes-cbc-essiv:sha256":128:1032: parameter (which has to be specified after the cryptdevice= but before the root= parameters - thanks for documenting that roll ). These parameters are correct for my partition and should unlock it, but fails because cryptsetup is linked against libpopt.so. WTF is that? You'd want a statically linked cryptsetup for your initrd. Who was smoking crack when they wrote the mkinitcpio script? I'm not even sure I need the crypto flag if cryptsetup runs properly.

Offline

#3 2010-02-27 13:13:49

xduugu
Member
Registered: 2008-10-16
Posts: 292

Re: Can't mount LUKS volume after recent update

Valheru wrote:

IThese parameters are correct for my partition and should unlock it, but fails because cryptsetup is linked against libpopt.so. WTF is that? You'd want a statically linked cryptsetup for your initrd. Who was smoking crack when they wrote the mkinitcpio script?

Why? Since mkinitcpio 0.6 we have glibc and busybox in the initramfs, so there is no need for statically linked binaries anymore. And by the way, cryptsetup works great here.

$ bsdtar tvf /boot/kernel26.img | grep libpopt.so.0
lrwxrwxrwx  1 0      0          26 Feb 24 01:44 /usr/lib/libpopt.so.0 -> /usr/lib/libpopt.so.0.0.0
-rwxr-xr-x  1 0      0       47749 Okt  4 02:05 /usr/lib/libpopt.so.0.0.0

Offline

#4 2010-02-27 21:22:42

Valheru
Member
Registered: 2005-02-06
Posts: 49

Re: Can't mount LUKS volume after recent update

Yeah, I saw that that today. I looked inside the kernel26.img with bsdtar. It seems my libpopt.so.0 is in /usr/lib64, while all the rest is in /usr/lib. It would seem to be that this is causing my problems.
Cryptsetup fails systematically during the boot process since it can't find libpopt.so.0. It doesn't seem I need the crypto= parameter, I took a look at the boot script and it would seem that that error is spurious in my case - I don't need to specify it.

libpopt.so.0 is in /usr/lib64 on my machine - why can't cryptsetup in my initrd find it then? Could it be that there is something wrong with the ld.cache/ld.conf in my initrd image?

Offline

#5 2010-02-27 22:26:53

xduugu
Member
Registered: 2008-10-16
Posts: 292

Re: Can't mount LUKS volume after recent update

It's strange there actually is an /usr/lib64 on your system.

p -Ql | grep lib64
glibc /lib64/
glibc /lib64/ld-2.11.1.so
glibc /lib64/ld-linux-x86-64.so.2

Maybe you should check the output of "pacman -Ql | grep lib64" and "pacman -Qk" and reinstall all packages causing warnings or owning files in /usr/lib64. I assume your system is up-to-date, of course.

Offline

#6 2010-02-27 23:20:38

Valheru
Member
Registered: 2005-02-06
Posts: 49

Re: Can't mount LUKS volume after recent update

Yes, my system is up to date. I'll try what you recommended and see if it helps.

Offline

#7 2010-02-27 23:45:28

Valheru
Member
Registered: 2005-02-06
Posts: 49

Re: Can't mount LUKS volume after recent update

That fixed it. I had installed rpm for doing some dev stuff a while ago, and that included libpopt.so - installed to /usr/lib64. The core package popt of arch installs it to /usr/lib. Odd that it doesn't figure out for itself where it is though using ld.cache though. Anyway, it's working again now, until the next system update breaks things again. Thanks for the tip.

Offline

Board footer

Powered by FluxBB