@Esokrarkose & @therealmarv - Right, I couldn't figure that out either.
I am still using 16.04. While systemd throws errors on bootup, the
scripts are /also/ used during init, so the root disk is set up
properly. I don't understand enough about the init system to try to get
this to work under
It doesn't work for me, the relevant files mentioned here (e.g.
/usr/share/initramfs-tools/hooks/cryptroot) have changed significantly in the
meantime.
Only specifying header= in crypttab does not work for me, the file is
not included in the initramfs.
@therealmarv: Could you tell me how you
one link was wrong formatted in last comment. Here the right one:
http://cgit.freedesktop.org/systemd/systemd/commit/?id=7376e83528
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1223622
Title:
add
no patch needed anymore on Ubuntu 16.04 (tested with an unpatched version).
It's already integrated into systemd crypttab, just use the header=... option
in crypttab
http://cgit.freedesktop.org/systemd/sys … 7376e83528
https://bugs.freedesktop.org/show_bug.cgi?id=66396
** Bug watch added:
Updating on 16.04. These patches still work. (But then, cryptsetup is
still version 1.6.6.)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1223622
Title:
add support for crypttab mounting of luks
I have gotten this to work in Ubuntu 15.10, which has cryptsetup 1.6.6.
As mentioned previously, the scripts in 1.6.6 have included the patches
from here with some modifications, along with additions for truecrypt
volumes, btrfs, and some improvement (hopefully) of situations where
it's necessary
I am attaching here the diff for the modified /usr/share/initramfs-
tools/scripts/local-top/cryptroot, to be used with cryptsetup 1.6.6,
which is the version in ubuntu 15.10. This patch corrects one error, and
includes a couple of additional comments to the maintainer.
** Patch added:
I am attaching here the diff for the modified /usr/share/initramfs-
tools/scripts/local-top/cryptroot, to be used with cryptsetup 1.6.6,
which is the version in ubuntu 15.10. This patch corrects one error, and
includes a couple of additional comments to the maintainer.
--
You received this bug
I am attaching here the diff for the modified
/lib/cryptsetup/cryptdisks.functions, to be used with cryptsetup 1.6.6,
which is the version in ubuntu 15.10. Note that this diff contains no
modification other than a comment by myself to the maintainer.
** Patch added:
I am attaching here the diff for the modified /usr/share/initramfs-
tools/hooks/cryptroot, to be used with cryptsetup 1.6.6, which is the
version in ubuntu 15.10. This patch corrects two errors, and includes a
couple of additional comments to the maintainer.
** Patch added:
security risk? that doesn't make much sense... in normal installs both
/boot and the luks headers are lying there on the disks unencrypted. i
don't see how packing the luks headers into the initramfs (/boot) could
make that any worse?
i'm not a linux guru by any means, but AFAIU:
- grub loads
@Attila - The patches from here seem to have been included (with some
changes) in the new scripts that are available in 15.10. Unfortunately,
the scripts do not include the header in the initramfs, with a note that
this is a "security risk". Hm. So I thought I might just add the
header to the
@Attila - There's a little something here with updates as of Mar 2,
2014, though I'm not sure how far it goes: https://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=716652
I did contact the maintainers about the scripts, but didn't hear back.
** Bug watch added: Debian Bug tracker #716652
it would be nice if someone could comment the debian bug URL's here, or
anything like that, so that distant wanderers like me can have an idea
how much work it is today to set up on debian jessie.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
** Patch removed: cryptsetup-1.4.3.ubuntu.raring.initrd.cryptroot-hook.patch
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1223622/+attachment/3956419/+files/cryptsetup-1.4.3.ubuntu.raring.initrd.cryptroot-hook.patch
--
You received this bug notification because you are a member
After squashing one bug, I got this working on 12.04 with a root on lvm
on luks (sans header) and boot on USB with lvm.
Usage turned out to be slightly different than I had understood:
*
Adds a valid option to crypttab:
header=filename
When the initramfs is created, filename will be
And similarly for /lib/cryptsetup/cryptdisks.functions, which works with
either cryptsetup 1.4.1 or 1.4.3, in either precise or raring.
** Patch added: cryptsetup.1.4.[13].cryptdisks.functions.patch
I am attaching here the diff for the modified /usr/share/initramfs-
tools/scripts/local-top/cryptroot, to be used with cryptsetup 1.4.3,
which is the version in raring.
** Patch added: cryptsetup.1.4.3.cryptroot.scripts.new.patch
For clarity/consistency of filenames, I am attaching here the diff for
the modified /usr/share/initramfs-tools/hooks/cryptroot, to be used with
either cryptsetup 1.4.1 or 1.4.3, in either precise or raring.
** Patch added: cryptsetup.1.4.[13].initrd.cryptroot.hooks.patch
Apparently it only takes on patch at a time, so here's the cryptroot-
hook patch.
** Patch added: cryptsetup-1.4.3.ubuntu.raring.initrd.cryptroot-hook.patch
Precise (12.04) has cryptsetup v.1.4.1, and these patches basically work
for that version also.
(1) /lib/cryptsetup/cryptdisks.functions works with no changes
(2) /usr/share/initramfs-tools/hooks/cryptroot works with no changes
(3) /usr/share/initramfs-tools/scripts/local-top/cryptroot needs a
Apparently it only takes on patch at a time, so here's the cryptroot-
hook patch.
** Patch added: cryptsetup-1.4.3.ubuntu.raring.initrd.cryptroot-hook.patch
Despite the mistaken name, the cryptroot-script.patch is for 1.4.1 and
the cryptroot-hook.patch works for both 1.4.1 and 1.4.3.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1223622
Title:
add
@Glen - please see this thread, where Jim F is concerned with the same
question (and apparently has some code of his own). You'll see he's
worked out where bugs feature requests should be made for the
cryptsetup scripts (Debian), as opposed to cryptsetup itself:
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: cryptsetup (Ubuntu)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1223622
Title:
** Changed in: cryptsetup (Ubuntu)
Importance: Undecided = Low
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1223622
Title:
add support for crypttab mounting of luks devices with detached
Here's an untested patch to allow detached header support for the root
and/or resume devices in the initrd.
** Patch added: Untested patch to allow the root device to have a detached
header
The attachment Patch to cryptdisks.functions allowing header option
seems to be a patch. If it isn't, please remove the patch flag from
the attachment, remove the patch tag, and if you are a member of the
~ubuntu-reviewers, unsubscribe the team.
[This is an automated message performed by a
28 matches
Mail list logo