From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail01.freesources.org (mail01.freesources.org [80.237.252.149]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Mon, 8 Mar 2010 23:37:59 +0100 (CET) Received: from dslb-094-219-181-130.pools.arcor-ip.net ([94.219.181.130] helo=resivo.wgnet.de) by mail01.freesources.org with esmtpsa (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from ) id 1NolaH-0004WS-5e for dm-crypt@saout.de; Mon, 08 Mar 2010 22:37:58 +0000 Received: from resivo by resivo.wgnet.de with local (Exim 4.71) (envelope-from ) id 1Nola9-0007MI-SG for dm-crypt@saout.de; Mon, 08 Mar 2010 23:37:49 +0100 Date: Mon, 8 Mar 2010 23:37:49 +0100 From: Jonas Meurer Message-ID: <20100308223749.GA26748@resivo.wgnet.de> References: <4B81691C.9020500@gmail.com> <6294c32a1002211218t25c774fft28e990bf9e2237f0@mail.gmail.com> <20100221205328.GA19030@resivo.wgnet.de> <6294c32a1002212259q8641692g6355b4418177897a@mail.gmail.com> <20100222111353.GA4661@resivo.wgnet.de> <6294c32a1002221340x7b538bf8g73c866b540328dd2@mail.gmail.com> <20100222231224.GB15780@resivo.wgnet.de> <6294c32a1003051136r2518f983t18afdb057f7dd081@mail.gmail.com> <20100308115251.GA4756@resivo.wgnet.de> <6294c32a1003081335n47c1b72cn93a2270afddea78c@mail.gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="pWyiEgJYm5f9v55/" Content-Disposition: inline In-Reply-To: <6294c32a1003081335n47c1b72cn93a2270afddea78c@mail.gmail.com> Subject: Re: [dm-crypt] configuration files List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de --pWyiEgJYm5f9v55/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable hey selim, in short: you're correct, this is a race condition. the usb device is not available at the point cryptsetup tries to open it. this has been fixed in subsequent cryptsetup package releases. read below for further information. On 08/03/2010 Selim Levy wrote: > On 8 March 2010 06:52, Jonas Meurer wrote: > > On 05/03/2010 Selim Levy wrote: > > > There is no relevant output at the boot process. If I wait long enou= gh > > > for busybox to appear, then all its info appears... > > > > > > The only initramfs errors are the ones I mentioned before: > > > cryptsetup: WARNING: invalid line in /etc/crypttab - > > > > > > Just on a random whim, and despite my better judgement, I decided to > > > modify my crypttab again. I removed the (original) 'sdb3_crypt' > > > target (which was > > > a name given automatically by Debian upon installation) and renamed i= t to > > > something that makes more sense to me: 'rescue'. Lo and behold, I no= w no > > > longer have an error upon updating initramfs. Why or how should simp= ly > > > the target (name) change anything? > > > > > > Well, at least now I get somewhere. Upon booting, I get the typical: > > > > > > cryptsetup: source device not found > > > message. > > > > this message does not exist. please paste the _exact_ error message. >=20 > This message does exist, because that is what I am getting. In fact, tha= nks > to your reply, below, I found it in > /usr/share/initramfs-tools/scripts/local-top/cryptroot at line 199. I > cannot copy and paste it as it occurs after the grub boot selection but > before the actual booting process. ah, now i get the picture. you're using the cryptsetup package from lenny/stable, right? the initramfs cryptroot scripts have evolved since then. among others, the error message is replaced by a new one. but more importantly, the script now has code to wait for usb devices to appear in case that they don't exist. i suggest that you either upgrade the cryptsetup package to a version from testing/unstable, or at least copy the initramfs cryptroot script from a newer package to your system. you can find the most recent version of scripts/local-top/cryptroot at http://svn.debian.org/wsvn/pkg-cryptsetup/cryptsetup/trunk/debian/initramfs= /cryptroot-script > The error I get is: > cryptsetup: source device not found >=20 > I could attach a low-res photo taken from a cell phone, if you wish. not necessary any more. > > simply modify the initramfs cryptroot script at > > /usr/share/initramfs-tools/scripts/local-top/cryptroot. the code which > > invokes cryptsetup begins at line 280. after modifying the script, don't > > forget to update the initramfs with 'update-initramfs -u'. > > >=20 >=20 > Ok. I added a printout of the /dev/sd* devices (and also the /dev/hd* just > in case that was the issue) just after > message "cryptsetup: source device $cryptsource not found" > on line 199 and before the > return 1 > of line 200. The only /dev/sd* devices found at that point are my /dev/s= da* > partitions, which are my internal harddrive partitions (and there are no > /dev/hd*). The devices relevant to my external hard drive (the /dev/sdb*) > haven't been populated yet; however, I'm clearly accessing one of those > partitions at that point (as my boot partition is on /dev/sdb2). yes, some usb devices aren't available immediately. therefore, recent versions of the initramfs cryptroot script loop up to 3 minutes before they fail to setup the encrypted device. > So now I'm thinking that this could be a USB module problem... Looking at > my working/internal hd's /proc/modules with my external hd mounted, I not= ice > that I have various modules which don't appear in my external/rescue hd's > /proc/modules. Some of the ones that jump out at me are: hid, usbhid and > usb_storage. So I recopied my /proc/modules to the external drive's > /proc/modules and compared the two files again. It seems as though many = of > the /proc/modules aren't copied to the new location. What the hell?!? S= o I > copied it by doing a `cat /proc/modules > [the external > harddrive]/proc/modules`. Finally the files compare equal. I reboot and= =2E.. > nothing. Same error as above indicating that the source device isn't fou= nd. you already mentioned, that unlocking the device with cryptsetup manually once you're in the busybox emergency shell works without any problems. that clearly indicates that your initramfs doesn't miss any drivers. you discovered a race condition. > I know very little about initramfs and inserting modules into it, but I > think that that is the next thing for me to research. Comments or > suggestions? copy the initramfs cryptroot script from the svn url above to /usr/share/initramfs-tools/scripts/local-top/cryptroot, update the initramfs with 'update-initramfs -u', and hopefully your rescue system finally works. > > I should mention that if I wait about 5 minutes for the busybox prompt= , I > > > can manually luksOpen the drive in question. Could this be some sort= of > > a > > > race condition that gets resolved with enough patience? > > > > it could be possible, but the cryptroot script already contains loops in > > order to wait for the source device to become available. see the > > beginning of setup_mapping() in the script. > > >=20 > Following my above comments and looking into this file, I agree with you. >=20 >=20 > Thanks for your continued and unfaltering support! sometimes it's hard to spot a simple problem. but at least both of us should have learned from it ;-) greetings, jonas --pWyiEgJYm5f9v55/ Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBCAAGBQJLlXw2AAoJEHUY1PcOVR4z5lwH/2HhMgfRo4fAwiye1DwYFWIo 1iWZkRAab7JKpPOwEfIuXU4QjC4i92lXCK1k+VJQMPkgEIDskHyWy+1c9fUrH1MF EQL1hP1e4PUWrhKrSfw5DYlYG9B2JOJNaa6J5x+PEeRPLW2hwkmQMhYoRfpcF1g4 GIgxjpjASv/kljGu14+qhB64biFU962dbTHSlEBaO+jSvguhQWspDdKJrAruh+zo qaR6RpQ+si2MNoj8zbpu87aF+DhurHKpejXGedbDjyuD4Up0BhDeHaqWl1gkwRKs pbuaVT/Zh6RwAUyjXWrevgkhYCIH9mqfHRzzpJ+4pd6jykoo3VvBpR3WvqsY6w0= =CRKk -----END PGP SIGNATURE----- --pWyiEgJYm5f9v55/--