FS#24700 - [cryptsetup] no decrypt when device changed (UUID-support)

Attached to Project: Arch Linux
Opened by Andrwe (Andrwe) - Sunday, 12 June 2011, 18:00 GMT
Last edited by Dave Reisner (falconindy) - Friday, 01 June 2012, 18:05 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Tobias Powalowski (tpowa)
Thomas Bächler (brain0)
Dave Reisner (falconindy)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 2
Private No

Details

Description:
If the path of crypdevice changes due to BIOS e.g. /dev/sdb2 -> /dev/sdc2 the system-root can't be decrypted because the device can't be found.
Because UUIDs are more reliable I've written a patch for the encrypt-hook of initcpio.

With the patch you can set
cryptdevice=UUID=<UUID>:root
and the given UUID will be resolved by blkid to the real device-path.

Additional info:
cryptsetup 1.3.1-1
   0001-UUID-support-for-kernel-... (2 KiB)
This task depends upon

Closed by  Dave Reisner (falconindy)
Friday, 01 June 2012, 18:05 GMT
Reason for closing:  Implemented
Additional comments about closing:  cryptsetup 1.4.2-2
Comment by Thomas Bächler (brain0) - Tuesday, 08 November 2011, 19:22 GMT
This was assigned incorrectly, and I just found this bug report.

This is already possible by using cryptdevice=/dev/disk/by-uuid/... if udev is running.

I'll consider including this into the hook anyway.
Comment by Dave Reisner (falconindy) - Tuesday, 15 May 2012, 02:22 GMT
Adding myself, since this is mkinitcpio related... support for this (and more) will be coming in some form or another in the "Near Future" and will support LABEL and PARTUUID on top of UUID (the additional code required is miniscule).
Comment by Dave Reisner (falconindy) - Friday, 01 June 2012, 18:05 GMT
This works in cryptsetup 1.4.2-2 for both cryptdevice as well as cryptkey (which can also be identified by LABEL or PARTUUID).

Loading...