Same experience as daniloaz using 111-0ubuntu1.1 (Ubuntu 16.04.2 LTS)
and I have the same thing on another laptop running 17.04
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not
I renamed a partition other than swap partition from a gpt disk with
"parted name 9 " and in the next reboot I started to be asked to
enter a passprase for the swap partition. So this is another way to
reproduce this thread's issue that I think was not mentioned.
My version of ecryptfs-utils
GPT partition with encrypted /home.
Same error occurs if / gets a label or /home gets resized.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using
I encountered the same issue as well on Ubuntu 16.04.
In particular, this seems to occur only after I create a LUKS Encrypted
partition by the disk util.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Bug doesn't seem to be fixed. I upgraded to ecryptfs-utils - 111-0ubuntu1 (see
post by Launchpad Janitor (janitor) of 2016-07-14 - marking it as fixed).
However, the system keeps asking for a password for cryptswap1.
I rebuilt my swap as grosso did; however no success.
--
You received this bug
I rebuild my swap and now the 'passphrase' message is gone; i'm sorry
for the wrong comment.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT
Grosso - can you open a new bug and include the following information:
Attach /etc/fstab and /etc/crypttab
Run the following commands and include their output:
$ sudo blkid
$ swapon -s
$ printf "x\np\n" | sudo fdisk /dev/sda
$ ls -l /run/systemd/generator/
--
You received this bug
This don't solve the issue for me, it asks for
Please enter passphrase for disk XX (cryptswap1) on none!
on boot.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does
This bug was fixed in the package ecryptfs-utils - 111-0ubuntu2
---
ecryptfs-utils (111-0ubuntu2) yakkety; urgency=medium
* SECURITY UPDATE: Information exposure via unencrypted swap partitions. The
swap partition was not configured to use encryption when GPT partitioning
** Description changed:
- I'm still sorting out the details and eliminating variables, but as far
- as I can tell:
+ CVE Request: http://openwall.com/lists/oss-security/2016/07/13/2
+
+
+ I'm still sorting out the details and eliminating variables, but as far as I
can tell:
Steps to
This bug was fixed in the package ecryptfs-utils - 111-0ubuntu1.1
---
ecryptfs-utils (111-0ubuntu1.1) xenial-security; urgency=medium
* SECURITY UPDATE: Information exposure via unencrypted swap partitions. The
swap partition was not configured to use encryption when GPT
** Changed in: ecryptfs-utils (Ubuntu Yakkety)
Assignee: Martin Pitt (pitti) => Tyler Hicks (tyhicks)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap
** Branch linked: lp:ecryptfs
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning + encrypted
home directory (ecryptfs)
To manage
** Branch linked: lp:~tyhicks/ecryptfs/lp1597154-packaging
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning + encrypted
home
@diwic - I agree, there have been problems in multiple places causing
this.
Yesterday I sorted out one of them. If you have swap on a GPT
partitioned NVMe or MMC drive, ecryptfs-setup-swap isn't correctly
marking the partition as non-auto-mounting, which leads the the user
erroneously being
Just in case it helps someone:
This symptom seems to have more than one root cause. For me, I had more
than one entry in /etc/crypttab, one being completely wrong. It was
probably a left-over from me switching hard drives a while ago, but then
the symptom only started to appear after a 14.04 ->
still present in 16.04
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning + encrypted
home directory (ecryptfs)
To manage
Any chance this can get fixed in Xenial in time for 16.04.1?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning + encrypted
home
I'm experiencing this bug too, and my partitions are /dev/sda* type, so
the workaround in comment #74 has no effect. With the other issues in
boot and upgrade I have notice that my boot last until I stop or restart
any service
XX-laptop:~$ systemd-analyze
Bootup is not yet finished. Please try
** Changed in: ecryptfs-utils (Ubuntu Xenial)
Status: In Progress => Triaged
** Changed in: ecryptfs-utils (Ubuntu Yakkety)
Status: In Progress => Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Thank you Ben, your solution worked like a charm...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning + encrypted
home directory
** Changed in: ecryptfs-utils (Ubuntu Xenial)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning +
Nicely spotted, Ben! Thanks, will prepare an update on Monday.
** Also affects: ecryptfs-utils (Ubuntu Yakkety)
Importance: High
Assignee: Martin Pitt (pitti)
Status: Fix Released
** Also affects: ecryptfs-utils (Ubuntu Xenial)
Importance: Undecided
Status: New
**
Re-tested today/yesterday with 16.04 LTS (official release), with
existing partitions deleted.
HP Stream 11 Pro G2 notebook (Braswell SoC, Celeron N3050), with 64GB
eMMC (SSD) storage.
Issue still occurs, with prompt (black box) on startup. No pauses (for
at command line) doing update/upgrade,
I meant sfdisk in the above message, whoops.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning + encrypted
home directory
I believe the issue lies in the line;
drive="${phys_dev%[0-9]*}"
This matches fine for /dev/sda* type partitions but not /dev/nvme*n*p*
or /dev/mmcblk*p* resulting in a device that fdisk doesn't know about
and cant proceed to set the no-auto flag.
This is what I did to set the flag after
I just installed 16.04 and this issue still persists.
I have NVMe for some info.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT
Re-tested today/yesterday with 16.04 LTS (xenial-desktop-amd64, daily-
build, 11-Apr), with existing partitions deleted, or SSD secure erased.
(a.) HP ProDesk 600 G2 SFF (Skylake, Core i5), with 256GB SSD (SATA 3
interface) storage.
No issue occurred.
(b.) HP Stream 11 Pro G2 notebook (Braswell
Correction:
This could still be specific to 'NVMe' and 'eMMC' SSD media (which do
NOT use the simple /sda /sdb /sdc for path), as this appear to be a
common feature.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Output from following commands:
sudo blkid
swapon -s
printf "x\np\n" | sudo fdisk /dev/mmcblk0
ls -l /run/systemd/generator/
cat /etc/fstab
cat /etc/crypttab
--
Welcome to Ubuntu Xenial Xerus (development branch) (GNU/Linux
4.4.0-17-generic x86_64)
$ sudo blkid
/dev/mmcblk0:
Re-tested today with 16.04 LTS (xenial-desktop-amd64, daily-build,
07-Apr), and still occurring.
I have an HP Stream 11 Pro G2 notebook with 64GB eMMC (SSD) storage, and
existing partitions were deleted.
Minor issue: Notebook stalled with 'sda' (USB used for install) cache
/pass-thru error,
I just did a fresh install, using the 07-Apr-2016 amd64 Desktop ISO, and
have an encrypted swap.
$ sudo blkid /dev/sda
/dev/sda: PTUUID="ecd421a6-9bf6-40d5-a94e-c87ac47a479d" PTTYPE="gpt"
$ sudo blkid
/dev/sda1: UUID="50D0-7B1F" TYPE="vfat"
PARTUUID="b2e2fef6-36c8-4d66-a57f-231672b9d5bb"
Same behavior here with 16.04. On boot and on upgrades the systems ask
me for the password. If I use solution from #59 the system don't ask for
the password anymore but the system takes 2 minutes to boot.
lino@pioneer:~$ sudo blkid
/dev/nvme0n1p6: UUID="d987f11f-51ab-446c-9cad-65f27200bd1f"
Details from /etc/fstab and /etc/crypttab ::
$ cat /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed.
Output from following commands:
sudo blkid
swapon -s
printf "x\np\n" | sudo fdisk /dev/sda
ls -l /run/systemd/generator/
--
Welcome to Ubuntu Xenial Xerus (development branch) (GNU/Linux
4.4.0-16-generic x86_64)
$ sudo blkid
/dev/mmcblk0: PTUUID="964e28b5-d6c2-47c6-badd-de7725281f53"
Sorry, been busy with work.
--
Re-tested today, with 16.04 LTS beta2, and still occurring. Also
repeatedly stop for at command line, doing update/upgrade.
I have an HP notebook with 64GB eMMC (SSD) storage, and existing
partitions were already deleted.
--
You received this bug notification
I had to move forward on this topic and went for a reinstallation using
full disk encryption so sadly I can't provide the requested information
anymore. Hopefully it will be reproducible within a VM by anyone.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
FTR, in comment 57 I pretty much did the same steps as Thomas in comment
61, but it worked for me. :(
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when
@Dirk: In comment 61, what's the output of "blkid"? Is there any actual
partition with UUID=xxx that /etc/crypttab takes as source? I suppose
/dev/nvme0n1p3 is the physical swap partition on which the installer was
meant to put the encrypted partition. Does that appear in /etc/fstab?
Which
I tried it again today with the Beta 2 of Xenial. These are the steps I
did:
* Downloaded Beta 2 of Xenial and created bootable USB stick
* Select: Try Ubuntu without installing
* (I tried the option to install directly but that always hangs after
selecting "Erase disk and install Ubuntu" and
@Dirk: What's your /etc/fstab and /etc/crypttab?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning + encrypted
home directory
The solution describe here
(http://zeroset.mnim.org/2015/05/10/ubuntu-15-04-vivid-vervet-please-
enter-passphrase-for-disk-cryptswap1-on-none/) which uses the device
path instead of the UUID made it work for me.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
I just installed todays daily build of Xenial with EFI and ran into the
same problem.
$ sudo blkid
/dev/nvme0n1: PTUUID="7b6240b1-61b5-4fc7-939a-6a78708bdaad" PTTYPE="gpt"
/dev/nvme0n1p1: UUID="30E3-3A90" TYPE="vfat" PARTLABEL="EFI System Partition"
I just did an installation with today's xenial amd64 desktop image with
EFI, and things come out alright. I have an encrypted swap partition and
the unencrypted fake/stub swap partition is not touched.
Please be more specific how exactly you installed, and give me the
output of the following
Re-tested with latest daily (07-Mar), and still occurring.
Also issue at command line, doing update, with halt for 'enter password'
occurs several times.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This issue is present for current daily ISO for 16.04 LTS (Xenial
Xerus).
Will test further ..
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using
Same bug on fully updated 15.10 on HP laptop. Are there any good work-
arounds?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning
I confirm, brand new laptop installation of Ubuntu 15.10, happens
repeatedly during apt-get upgrade etc.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap
Also, affects installation in GUI, when basically nothing indicates a
password (or just pressing Enter key) is required ans system waits and
waits until user opens console details and see what's happening. Quite
annoying for users unaware of this as package installation waits for
user interaction
I think there may be a regression on this issue: I just got this same
exact behavior (asking for a cryptswap passphrase during boot) on a
brand new Ubuntu 15.10 system76 laptop with updates applied. I've
contacted System76 support to let them know.
I'm also having some problems with LXC that may
** Project changed: ecryptfs-utils = ecryptfs
** Changed in: ecryptfs
Status: New = Confirmed
** Changed in: ecryptfs
Status: Confirmed = Fix Committed
** Changed in: ecryptfs
Assignee: (unassigned) = Dustin Kirkland (kirkland)
--
You received this bug notification
** Changed in: ecryptfs-utils
Importance: Undecided = High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning + encrypted
home
I didn't read the whole thing now, me it affected affected after I
activated the swap (not mapper) entry in fstab. I've done because I
thought, what the f***, I ran without swap all the time?
Then this entry appeared before lightdm and swapon --summary showed me
/dev/sdXX. Disabling the classic
I didn't read the whole thing now, me it affected affected after I
activated the swap (not mapper) entry in fstab. I've done because I
thought, what the f***, I ran without swap all the time?
Then this entry appeared before lightdm and swapon --summary showed me
/dev/sdXX. Disabling the classic
** Branch linked: lp:ubuntu/ecryptfs-utils
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning + encrypted
home directory
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: systemd (Ubuntu Vivid)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: systemd (Ubuntu)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
** No longer affects: systemd (Ubuntu Vivid)
** No longer affects: systemd (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT
** Also affects: systemd (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning +
Martin: see Bug #1453738
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning + encrypted
home directory (ecryptfs)
To manage
JuanYang, Martin, etc.: Your situation seems different, as you use LVM.
I don't know yet whether you also use GPT, but as it's a sufficiently
different case, please file a new bug about this. Please include the
following:
- output of sudo blkid
- attach /etc/fstab and /etc/crypttab
- run sudo
Oh no, stay away from the Linux books. You'll just get cranky.
I am quite new myself; roughly 15 years now.
I fixed it by removing the swap partition everywhere ... swapoff -a;
cryptsetup remove everything that looks strange to you!
gut out: /etc/fstab
rm everything with crypt here
I have the same touble, fresh install of 15.04, encrypted home dir, and
the message every time I reboot: please enter passphrase for disk
ubuntu--vg-swap_1(cryptswap1) on none!
$ sudo apt-cache policy ecryptfs-utils
ecryptfs-utils:
Installed: 107-0ubuntu1.1
Candidate: 107-0ubuntu1.1
Version
@w-martin-h
Yeah, I get the same message as you after running that command.
Must admit, this bug is very frustrating for a newbie like me. I guess I
should just get a good Linux book and dive in so things like this are
more intuitive.
Until then I hope using MBR will work. I'll be back to let
Thanks for the help Jason but that didn't work either.
Upon reboot it still gave the 'please enter passphrase for disk ubuntu
--vg-swap_1(cryptswap1) on none!' message.
Since this was a fresh install I don't have much on my computer yet so I
wont mind redoing it. I want to try again using MBR
@jun-yang - I haven't been able to reproduce your issue. I tried:
1) OEM mode install on an Intel-GPU system
2) OEM mode install on an Nvidia-GPU system
In all cases, encrypted home directory seemed to work fine for me and I
was never prompted for a passphrase to unlock the cryptoswap (note that
** Attachment added: error-msg.png
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282/+attachment/4393368/+files/error-msg.png
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
One more thing.
After just now rebooting my system again I've come to realize that my
please enter passphase message is slightly different from the one
Jason pictured (IMG_7979_01.jpg) in post #1.
Jason's message says: 'please enter passphrase for disk
primary(cryptswap1) on none!'
Mines on the
Hey guys,
I'm still having trouble with this bug. Perhaps because I'm still fairly
new (~1 year) to linux.
I first noticed the please enter passphase error after the initial
install however, I didn't pay it any mind. Fast forward a few hours and
I decided to run the system updater because I did
This bug was fixed in the package ecryptfs-utils - 107-0ubuntu1.1
---
ecryptfs-utils (107-0ubuntu1.1) vivid; urgency=medium
* Add setup-swap-mark-gpt-noauto.patch: In ecryptfs-setup-swap, mark the
fake underlying unencrypted swap partition as no-auto Without that, the
swap
This bug was fixed in the package ecryptfs-utils - 107-0ubuntu1.1
---
ecryptfs-utils (107-0ubuntu1.1) vivid; urgency=medium
* Add setup-swap-mark-gpt-noauto.patch: In ecryptfs-setup-swap, mark the
fake underlying unencrypted swap partition as no-auto Without that, the
swap
@jderose :-) Thanks for the follow-up.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning + encrypted
home directory (ecryptfs)
Just in case anyone else comes across this before the fix is released:
Booting without the normal splash screen, i.e. /etc/default/grub
contains:
GRUB_CMDLINE_LINUX_DEFAULT=
and not:
GRUB_CMDLINE_LINUX_DEFAULT=quiet splash
can result in the boot hanging waiting for input without a prompt.
--
@akgrant0710 - I haven't been able to reproduce your issues.
I started with an OEM mode install, installed all the updates currently
in Vivid proposed, created a user account with encrypted home directory,
confirmed that encrypted swap was working as expected.
Then I changed the
@akgrant0710 - oops, never mind, you were talking about the pre-fix
scenario, sorry for the confusion :D
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap
Martin, you've marked bug #1449555 as a duplicate of this bug, but this
bug is assigned to ecryptfs-utils. The problem described in bug
#1449555 does *not* require ecryptfs-utils to be installed in order to
reproduce. All that's required is to configure a line in /etc/crypttab
for /dev/urandom
Steve, given that the original reporter here confirmed that the fix
works, I'm marking this back as v-done. Bug 1449555 has a description
which is exactly the same as here: where the user selects to encrypt
their home directory, they will get a password prompt during boot and at
other times on the
Okay, if you apply all the updates currently in proposed using update-
manger (when you have an encrypted home directory setup), update-manager
will hang while configuring udev.
The only way to tell that's it's prompting for your cryptoswap
passphrase (which gets ignored anyway) is to expand the
I suppose one work-around is to just land the ecryptfs-utils SRU first,
then wait on the systemd SRU for a few days to minimize the number of
users effecting by updating both at the same time. Actually, I'll test
that scenario now just to double check.
--
You received this bug notification
I just updated ecryptfs-utils to 107-0ubuntu1.1, without the other
updates in proposed. This seems to be working fine.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use
The ecryptfs-utils update itself seems fine. However, the systemd update
in proposed seems to have problems when encrypted home directory is
being used, whether or not you've installed the ecryptfs-utils update
first (and even rebooted) prior to installing the other packages in
proposed.
I need
Some more details: I tested 3 scenarios, all starting with an OEM mode
install. The first 2 worked fine, the 3rd seems to have some issues:
1) Install all current updates in proposed from the OEM account, then
prepare for shipping to user, then create a user account with an
encrypted home
Okay, if you update ecryptfs-utils, libecryptfs0 first *and* reboot
prior to installing the other updates currently in proposed, then there
are no issues.
I'm removing the verification-needed tag as from the perspective of
this ecryptfs-utils SRU itself, things are all good in my book. But
folks
Jason Gerard DeRose [2015-04-29 19:23 -]:
I suppose one work-around is to just land the ecryptfs-utils SRU first,
then wait on the systemd SRU for a few days to minimize the number of
users effecting by updating both at the same time. Actually, I'll test
that scenario now just to double
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning +
Hello Jason, or anyone else affected,
Accepted ecryptfs-utils into vivid-proposed. The package will build now
and be available at http://launchpad.net/ubuntu/+source/ecryptfs-
utils/107-0ubuntu1.1 in a few hours, and then in the -proposed
repository.
Please help us by testing this new package.
** Changed in: ecryptfs-utils (Ubuntu Vivid)
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT
Martin,
I just built ecryptfs-utils with your updated patch, and it seem solid,
no issues found. FYI, I tested in OEM mode where the customer chooses
encrypted home directory during the first-run-user-config, as that's the
scenario that's most important for System76.
Thanks!
--
You received
Fixed debdiff which drops the erroneous sudo (debugging leftover) and
uses printf instead of /bin/echo.
** Patch added: vivid debdiff
https://bugs.launchpad.net/ecryptfs-utils/+bug/1447282/+attachment/4386259/+files/ecryptfs-utils_107-0ubuntu1_107-0ubuntu1.1.diff
** Patch removed: vivid
** Description changed:
I'm still sorting out the details and eliminating variables, but as far
as I can tell:
Steps to reproduce
===
1) Install Ubuntu using GPT partitioning for the OS drive[*]
2) Choose require my password to login, and check encrypt my home
Two ideas how to fix that:
* ecryptfs-setup-swap should change the partition type UUID to not be swap
any more so that we don't try and auto-activate it. This is my preferred
solution if it works.
* ecryptfs-setup-swap creates an override .swap unit which disables the
auto-mounting. But as
So it is as I suspected:
* ecryptfs-setup-swap creates cryptswap1 at 512KiB offset of the former real
swap partition (vda3), and adds that to /etc/crypttab; as we need/want the
UUID, we keep the original swap header
* During boot, systemd-gpt-generator sees the apparent unencrypted swap
For w-series and upstream we need to fix this in ecryptfs-setup-swap
directly -- either mark the partition as such, or better yet, stop
having a swap partition in the first place. This has created an
inordinate amount of pain and breakage so far :-(
** Also affects: ecryptfs-utils
Importance:
This is the debdiff I uploaded to the vivid-proposed review queue.
WARNING: the code will make your eyes pop out :-(
I tested this under various scenarios to make sure it doesn't destroy
anything unrelated, and it does fix this issue.
** Patch added: vivid debdiff
For the record, this horrible echo | fstab construction is apparently
the only thing (apart from dd) which can change GPT partition flags. I
talked to upstream util-linux, and Karel will work on adding support for
GPT to sfdisk, so that this will look less hideous.
--
You received this bug
Martin,
I just built ecryptfs-utils with your patch, and it fixed the problem!
I'll beat up on it more through the day, see if I come across any corner
cases where there are still issues.
And you're right... that's some seriously scary looking shell scripting
in there. But it works :D
Thanks!
** Tags added: patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1447282
Title:
Does not use encrypted swap when using GPT partitioning + encrypted
home directory (ecryptfs)
To manage
97 matches
Mail list logo