FS#63749 - [systemd] mount unit for keyfile device is not found
Attached to Project:
Arch Linux
Opened by nl6720 (nl6720) - Friday, 13 September 2019, 16:07 GMT
Last edited by Christian Hesse (eworm) - Sunday, 29 November 2020, 13:22 GMT
Opened by nl6720 (nl6720) - Friday, 13 September 2019, 16:07 GMT
Last edited by Christian Hesse (eworm) - Sunday, 29 November 2020, 13:22 GMT
|
Details
Description:
When using the sd-encrypt hook with a keyfile on another device I get a "degraded" state after booting because of a failed unit. In this setup the encrypted root partition /dev/sda2 is unlocked with a keyfile ( /keyfile ) that is on a ext4 file system on /dev/sdb1. # cat /proc/cmdline \\vmlinuz-linux rd.luks.name=20298c4c-820b-47ee-a66b-4468a4b2b5a0=root rd.luks.key=20298c4c-820b-47ee-a66b-4468a4b2b5a0=/keyfile:PARTLABEL=keydisk rd.luks.options=20298c4c-820b-47ee-a66b-4468a4b2b5a0=keyfile-timeout=10s root=/dev/mapper/root rw add_efi_memmap initrd=/initramfs-linux.img video=1366x768 # systemctl --failed ● run-systemd-cryptsetup-keydev\x2droot.mount not-found failed failed run-systemd-cryptsetup-keydev\x2droot.mount # systemctl status run-systemd-cryptsetup-keydev\x2droot.mount ● run-systemd-cryptsetup-keydev\x2droot.mount Loaded: not-found (Reason: Unit run-systemd-cryptsetup-keydev\x2droot.mount not found.) Active: failed (Result: signal) since Fri 2019-09-13 15:31:44 UTC; 1min 57s ago sep 13 15:31:39 archlinux systemd[1]: Mounting /run/systemd/cryptsetup/keydev-root... The mount obviously succeeded, since the root partition was unlocked in initramfs with the keyfile. But for some reason the unit persists in the booted system. It's only needed in the initramfs, and the rd.luks.* parameters should only affect the initramfs. # findmnt /run/systemd/cryptsetup/keydev-root TARGET SOURCE FSTYPE OPTIONS /run/systemd/cryptsetup/keydev-root /dev/sdb1 ext4 ro,relatime # find /run/systemd/cryptsetup/keydev-root /run/systemd/cryptsetup/keydev-root /run/systemd/cryptsetup/keydev-root/lost+found /run/systemd/cryptsetup/keydev-root/keyfile Besides the degraded state and the fact that the keydev is still mounted, there are no other issues. Additional info: * package version(s) * config and/or log files etc. * link to upstream bug report, if any systemd 243.0-1 Steps to reproduce: Create a LUKS encrypted root partition. Add a keyfile for the LUKS device. Place the keyfile on another volume. Configure kernel command line and /etc/mkinitcpio.conf following https://wiki.archlinux.org/index.php/Dm-crypt/System_configuration#rd.luks.key . Boot. |
This task depends upon
Closed by Christian Hesse (eworm)
Sunday, 29 November 2020, 13:22 GMT
Reason for closing: Fixed
Additional comments about closing: in svn trunk
Sunday, 29 November 2020, 13:22 GMT
Reason for closing: Fixed
Additional comments about closing: in svn trunk
● run-systemd-cryptsetup-keydev\x2droot.mount - /run/systemd/cryptsetup/keydev-root
Loaded: loaded (/proc/self/mountinfo)
Active: failed (Result: protocol) since Sun 2020-02-23 11:38:37 EET; 3min 11s ago
Where: /run/systemd/cryptsetup/keydev-root
What: /dev/sdb1
feb 23 11:38:35 archlinux systemd[1]: Mounting /run/systemd/cryptsetup/keydev-root...
I don't know if it's an issue of the sd-encrypt mkinitpcio hook or of systemd itself so I have not reported it the systemd project.
The keydev still remains mounted though.