Package: systemd Version: 254.22-1~bpo12+1 Severity: minor X-Debbugs-Cc: none, Łukasz Stelmach <[email protected]>
Dear Maintainer, Since there is some discrepancy between crypttab options (4th column) supported by systemd-cryptsetup-generator and Debian's script running in the initrd to set up encrypted volumes. The attached patch makes the generator skip any entry from crypttab if its 4th column contains Debian specific options. This probably won't fix all the possible problems occurring in Debian due to using two different tools but it will help eliminating some. The problem I hit was caused by the keyscript option and how the key column is formatted. See also bug #618862[1]. [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618862 -- Kind regard, Łukasz Stelmach
From 55da1d8029129ce1d668e1aefebc4bd9042bd9f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Stelmach?= <[email protected]> Date: Mon, 17 Feb 2025 20:35:52 +0100 Subject: [PATCH] Ignore Debian specific crypttab option --- src/cryptsetup/cryptsetup-generator.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c index 702b2615e2..723356c776 100644 --- a/src/cryptsetup/cryptsetup-generator.c +++ b/src/cryptsetup/cryptsetup-generator.c @@ -345,6 +345,16 @@ static int create_disk( "Device '%s' cannot be both 'tmp' and 'swap'. Ignoring.", name); + /* These are Debian specific options described in crypttab(5) from the cryptsetup package which are + * not supported by systemd-cryptsetup-generator. Let's ignore entries containing them as they are + * probably handled by Debian's initramfs scripts. */ + r = fstab_filter_options(options, "check\0" "checkargs\0" "fvault\0" "initramfs\0" "keyscript\0" + "keyslot\0" "loud\0" "noearly\0" "quiet\0" "same-cpu-crypt\0" "veracrypt\0" + "verify\0", + NULL, NULL, NULL, NULL); + if (r) + return 0; + name_escaped = specifier_escape(name); if (!name_escaped) return log_oom(); -- 2.39.5
signature.asc
Description: PGP signature
