Systemd fails to unlock encrypted partitions (except root) during boot

lastchancetosee · 2022-05-27 18:45:07

Hi,
my system suddenly stopped being able to unlock encrypted partitions during startup.

I have 3 encrypted btrfs volumes, root file system (incl. boot), a storage disk and a volume containing a Fedora install. All three are decrypted during startup via the same keyfile using systemd-cryptsetup-generator and luks.uuid et. al. kernel command line options. This has worked flawlessly since it was set up (in 2017?), yet since I did a system upgrade Wednesday systemd fails to unlock the *non-root* partitions.

The behaviour in detail:
1) if I specify all three & the keyfile on the kernel cmdline, root gets decrypted without issue via the keyfile, but then the boot stalls forever at *stopping* the decryption job for storage & fedora partitions (A stop job is running for ...).

2) If I only specify the root partition and put the others in crypttab the boot hangs at *starting* the decryption of storage & fedora (A start job is running for ...), times out after 1:30 and continues to boot without decrypting the volumes.

In all cases the root partition is decrypted using the keyfile without issues. If I don't set the keyfile on the kernel cmdline I get asked for the password and it is again decrypted without issues. It's just the non-system partitions that fail.
Once I have a running system (only with (2), since (1) just hangs forever) I can decrypt the other partitions manually without any issues, with passphrase or keyfile.

To be honest, I'm completely stumped by this. Any help and/or pointers appreciated.

/etc/default/grub (this is the 'only root'-version, the other partitions are commented)
/etc/mkinitcpio.conf
/etc/crypttab

Arch Linux

#1 2022-05-27 18:45:07

Systemd fails to unlock encrypted partitions (except root) during boot

Board footer