Package: initrd-tools Version: 0.1.82 Followup-For: Bug #296464
found 296464 0.1.82 tags 296464 + patch thanks This is still a problem for me with a /dev/random keyed swap partition and linux-image-2.6-686 version 2.6.12-10. I'm running with version 0.1.82 of initrd-tools and cryptsetup version 20050111-3. i applied a minor variant of the patch offered by Leonardo Serra [0] in order to fix this. Thanks, Leonardo! The logic of Leonardo's patch is this: When constructing an initrd that wants to get a passphrase for a volume, ignore any volume with a keyfile specified in /etc/crypttab. We implicitly expect /etc/init.d/cryptdisks to take card of creating that device and mounting it appropriately. my patch is only slightly different from Leonardo's in that it uses a simple awk statement instead of the huge, scary sed construction, and i've tuned the commentary message emitted by this case. Does the logic for this patch work in all obscure cases? i'm not certain. it definitely does the trick for me. a downside of this, of course, is that the swap isn't loaded until /etc/rcS.d/S28cryptdisks -- but i see no way around that. if you are crypting swap from /dev/random (or any other file) you need that file to be present in order to build the device so that you can swapon. [0] http://bugs.debian.org/cgi-bin/bugreport.cgi/mkinitrd.patch?bug=296464;msg=30;att=1 -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (700, 'testing'), (700, 'stable'), (600, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-1-686 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages initrd-tools depends on: ii coreutils [fileutils] 5.2.1-2.1 The GNU core utilities ii cpio 2.6-6 GNU cpio -- a program to manage ar ii cramfsprogs 1.1-6 Tools for CramFs (Compressed ROM F ii dash 0.5.2-7 The Debian Almquist Shell ii util-linux 2.12p-4sarge1 Miscellaneous system utilities initrd-tools recommends no packages. -- no debconf information
--- /usr/sbin/mkinitrd.0.1.82 2005-10-03 23:15:13.000000000 -0400 +++ /usr/sbin/mkinitrd 2005-10-03 23:24:28.000000000 -0400 @@ -325,8 +325,14 @@ } dmcrypt() { - local cipher_mode devname submajor subminor + local key cipher_mode devname submajor subminor + key=$(grep -m 1 "^$dmname[[:space:]]" /etc/crypttab | awk '{ print $3 }') + if [ "x$key" != "x" ] && [ "x$key" != "xnone" ]; then + echo \'$dmname\' has a key file in /etc/crypttab so we won\'t try it during initrd >&2 + return + fi + if ! command -v cryptsetup > /dev/null 2>&1; then echo Root is on a DM crypt device, but cryptsetup not installed >&2 fi