FS#43141 - [mkinitcpio] Activate LVM logical volumes when possible
Attached to Project:
Arch Linux
Opened by John Lane (starfry) - Wednesday, 17 December 2014, 13:02 GMT
Last edited by Dave Reisner (falconindy) - Saturday, 02 July 2016, 14:56 GMT
Opened by John Lane (starfry) - Wednesday, 17 December 2014, 13:02 GMT
Last edited by Dave Reisner (falconindy) - Saturday, 02 July 2016, 14:56 GMT
|
Details
When the root device is a logical volume on LVM that is part
of a
volume group containing multiple physical volumes, it won't be activated until all those physical volumes are online. In cases where only the pv containing root is available, do an explicit activation as long as the required logical volume is healthy (i.e. it must be wholly located on the available physical volume). The reason for doing this is to allow boot to continue when this scenario occurs, as otherwise the emergency shell prompt would appear because the required root device never becomes available. An example of how this can occur is when the LVM physical volumes are encrypted and the only one that the boot process can unlock is the physical volume containing the root logical volume. The patch checks that the required device is a device mapper and then checks for the presence of lvm in the initramfs and only activates a healthy volume that is not already active. It does nothing if the device isn't lvm. |
This task depends upon
Closed by Dave Reisner (falconindy)
Saturday, 02 July 2016, 14:56 GMT
Reason for closing: Fixed
Additional comments about closing: Detached headers are supported by systemd's (>=219) cryptsetup tooling.
Saturday, 02 July 2016, 14:56 GMT
Reason for closing: Fixed
Additional comments about closing: Detached headers are supported by systemd's (>=219) cryptsetup tooling.
FS#41833orFS#37346.The specific scenario I was implementing was to handle early boot with the root filesystem on a LV contained within a VG comprised of multiple PVs on encrypted disks. The boot hooks are able to unlock the disk containing the required LV, allowing lvmetad to process the PV. Early boot has no need to unlock anything else. The LV is wholly contained and, as reflected by the health attribute, safe and can be activated without issue by "lvchange", which is what the patch does.
When the system boots, the remaining PV is unlocked via /etc/crypttab during the main systemd startup sequence. When the remaining PV comes online, the remaining LVs auto activate.
$ pkgfile /usr/lib/initcpio/install/sd-encrypt
core/cryptsetup
Anyway, yes. using systemd would appear to be more flexible and I have it working that way now. I didn't originally use systemd because it isn't really documented that way in the wiki, but I guess it's new ground. Not needing to pass crypto parameters as kernel boot options is also nice.
Using systemd allows all PVs to be decrypted, thereby removing the issue but it does require that the keys for the other PVs are exposed to the early boot layer. That wasn't necessary before.
However... I found the systemd crypto tool lacking because it doesn't support the full range of options that "cryptsetup" does. I had to write my own unit to overcome that. Unforutnately the sd-encrypt hook doesn't include "cryptsetup" so I had to add it to BINARIES. Would it be possible for sd-encrypt to include cryptsetup so that the full range of options can be used?
I would still like to be able to do this without over-exposing keys. So, not wanting to be defeated, I wanted to write a unit that would basically do what my patch did so that the root LV could be unlocked when its PV comes online but I cannot work out what units to make it a dependency of. I am looking for a target that is activated when a PV comes on line because that's the event that should trigger the manual activation of the LV. Would you know what I should hook this into?
As far as I understand it, systemd runs "systemd-cryptsetup-generator" which parses /etc/cryptab and writes unit files that use "systemd-cryptsetup" to open crypt devices. Because "systemd-cryptsetup" doesn't have the capability to handle most of the "cryptsetup" options, neither does /etc/crypttab.
I would think adding cryptsetup to the Arch hook would be trivial and would make the main cryptsetup interface accessible during boot, just like it is without systemd. This would allow people to cater for use-cases supported by cryptsetup but not by systemd. Right now, you can do things with the "encrypt" hook that you cannot do with the "sd-encrypt" hook.
I've done that myself as I have explained so it isn't really a burning issue for me because I have configured my way around the problem, but it would be nice if the "sd-encrypt" hook provided the same tools as the "encrypt" hook.
Do you have any thoughts on my last comment, about getting a unit to trigger on a LVM physical volume being activated? I can't work that one out at all!
You'd need to create device units for the PVs by tagging them with 'systemd'.
Systemd 219 did indeed introduce the --header option so, for the immediate problem of being able to use detached headers in systemd, this issue is resolved.
I am not in a position right now to rebuild without my work-arounds in place so I can't be 100% certain that /etc/crypttab correctly supports detached headers now. However, having just taken a quick look, I see no reason why that would not be the case.