[Bug 1896509] Re: initramfs always tries to bring up the network even when unnecessary
This bug was fixed in the package clevis - 12-1ubuntu2.2 --- clevis (12-1ubuntu2.2) focal; urgency=medium * initramfs: Fix parsing of interface names when bringing the network back down in local-bottom, which also avoids a mess of "ip: can't find device '/sys/class/net/$iface'" errors on the console. LP: #1896294. * initramfs: Warn users with multiple interfaces that they should consider specifying an 'ip=' parameter for reliable operation. LP: #1896289. As a side-effect, also fix interface parsing while bringing links up. LP: #1873593. * initramfs: Wait for interface to appear before attempting configuration. LP: #1873914. * initramfs: Make network configuration as-needed. This functionality depends on the new clevis-luks-list command which is also backported. LP: #1896509. -- dann frazier Tue, 13 Oct 2020 17:00:47 -0600 ** Changed in: clevis (Ubuntu Focal) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1896509 Title: initramfs always tries to bring up the network even when unnecessary To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1896509/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1896509] Re: initramfs always tries to bring up the network even when unnecessary
This bug was fixed in the package clevis - 8-1ubuntu0.2 --- clevis (8-1ubuntu0.2) bionic; urgency=medium * initramfs: Fix parsing of interface names when bringing the network back down in local-bottom, which also avoids a mess of "ip: can't find device '/sys/class/net/$iface'" errors on the console. LP: #1896294. * initramfs: Warn users with multiple interfaces that they should consider specifying an 'ip=' parameter for reliable operation. LP: #1896289. As a side-effect, also fix interface parsing while bringing links up. LP: #1873593. * initramfs: Wait for interface to appear before attempting configuration. LP: #1873914. * initramfs: Make network configuration as-needed. This functionality depends on the new clevis-luks-list command which is also backported. LP: #1896509. Requires new build-dep on asciidoctor in order to build the clevis-luks-list manpage. -- dann frazier Wed, 14 Oct 2020 11:23:01 -0600 ** Changed in: clevis (Ubuntu Bionic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1896509 Title: initramfs always tries to bring up the network even when unnecessary To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1896509/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1896509] Re: initramfs always tries to bring up the network even when unnecessary
= bionic verification = == Regression test a system that is online and uses a tang pin. == = bionic verification = Begin: Running /scripts/init-premount ... done. Begin: Mounting root file system ... Begin: Running /scripts/local-top ... WARNING: Failed to connect to lvmetad. Falling back to device scanning. Volume group "clevis-bionic-vg" not found Cannot process volume group clevis-bionic-vg WARNING: Failed to connect to lvmetad. Falling back to device scanning. Volume group "clevis-bionic-vg" not found Cannot process volume group clevis-bionic-vg Please unlock disk vda3_crypt: clevis: Warning: multiple network interfaces available but no ip= parameter provided. IP-Config: enp1s0 hardware address 52:54:00:d7:51:6a mtu 1500 DHCP RARP IP-Config: enp7s0 hardware address 52:54:00:43:d0:14 mtu 1500 DHCP RARP IP-Config: no response after 2 secs - giving up IP-Config: enp1s0 hardware address 52:54:00:d7:51:6a mtu 1500 DHCP RARP IP-Config: enp7s0 hardware address 52:54:00:43:d0:14 mtu 1500 DHCP RARP IP-Config: enp1s0 complete (dhcp from 192.168.122.1): address: 192.168.122.29 broadcast: 192.168.122.255 netmask: 255.255.255.0 gateway: 192.168.122.1 dns0 : 192.168.122.1 dns1 : 0.0.0.0 rootserver: 192.168.122.1 rootpath: filename : [ 16.033245] NET: Registered protocol family 38 WARNING: Failed to connect to lvmetad. Falling back to device scanning. Reading all physical volumes. This may take a while... Found volume group "clevis-bionic-vg" using metadata type lvm2 WARNING: Failed to connect to lvmetad. Falling back to device scanning. 2 logical volume(s) in volume group "clevis-bionic-vg" now active cryptsetup (vda3_crypt): set up successfully done. Begin: Running /scripts/local-premount ... [ 18.369789] Btrfs loaded, crc32c=crc32c-intel Scanning for Btrfs filesystems done. Begin: Will now check root file system ... fsck from util-linux 2.31.1 [/sbin/fsck.ext4 (1) -- /dev/mapper/clevis--bionic--vg-root] fsck.ext4 -a -C0 /dev/mapper/clevis--bionic--vg-root /dev/mapper/clevis--bionic--vg-root: clean, 111545/840480 files, 663482/3360768 blocks done. [ 18.566842] EXT4-fs (dm-1): mounted filesystem with ordered data mode. Opts: (null) done. Begin: Running /scripts/local-bottom ... /scripts/local-top/clevis: line 117: 502 Terminated sleep 5 done. == Test a system using a tang pin that is offline, and confirm the user is prompted with a passphrase prompt without delay == Begin: Mounting root file system ... Begin: Running /scripts/local-top ... WARNING: Failed to connect to lvmetad. Falling back to device scanning. Volume group "clevis-bionic-vg" not found Cannot process volume group clevis-bionic-vg WARNING: Failed to connect to lvmetad. Falling back to device scanning. Volume group "clevis-bionic-vg" not found Cannot process volume group clevis-bionic-vg Please unlock disk vda3_crypt: ipconfig: no devices to configure ipconfig: no devices to configure ipconfig: no devices to configure ipconfig: no devices to configure ipconfig: no devices to configure ipconfig: no devices to configure ipconfig: no devices to configure ipconfig: no devices to configure ipconfig: no devices to configure ipconfig: no devices to configure no search or nameservers found in /run/net-.conf /run/net-*.conf /run/net6-*.conf cryptsetup (vda3_crypt): cryptsetup failed, bad password or options? Please unlock disk vda3_crypt: [ 11.784797] NET: Registered protocol family 38 WARNING: Failed to connect to lvmetad. Falling back to device scanning. Reading all physical volumes. This may take a while... Found volume group "clevis-bionic-vg" using metadata type lvm2 WARNING: Failed to connect to lvmetad. Falling back to device scanning. 2 logical volume(s) in volume group "clevis-bionic-vg" now active cryptsetup (vda3_crypt): set up successfully done. == Test a system that does not use a tang pin and verify that network config is not attempted. == Begin: Mounting root file system ... Begin: Running /scripts/local-top ... WARNING: Failed to connect to lvmetad. Falling back to device scanning. Volume group "clevis-bionic-vg" not found Cannot process volume group clevis-bionic-vg WARNING: Failed to connect to lvmetad. Falling back to device scanning. Volume group "clevis-bionic-vg" not found Cannot process volume group clevis-bionic-vg Please unlock disk vda3_crypt: [ 11.292238] NET: Registered protocol family 38 WARNING: Failed to connect to lvmetad. Falling back to device scanning. Reading all physical volumes. This may take a while... Found volume group "clevis-bionic-vg" using metadata type lvm2 WARNING: Failed to connect to lvmetad. Falling back to device scanning. 2 logical volume(s) in volume group "clevis-bionic-vg" now active cryptsetup (vda3_crypt): set up successfully done. ** Tags removed: verification-needed verification-needed-bionic ** Tags added: verification-done verification-done-bionic -- You received this bug notification because you are a
[Bug 1896509] Re: initramfs always tries to bring up the network even when unnecessary
= focal verification = == Regression test a system that is online and uses a tang pin. == Begin: Mounting root file system ... Begin: Running /scripts/local-top ... Volume group "ubuntu-vg" not found Cannot process volume group ubuntu-vg [ 3.927883] pcieport :00:02.5: pciehp: Failed to check link status Please unlock disk dm_crypt-0: Begin: clevis: Waiting for interface enp1s0 to become available ... done. IP-Config: enp1s0 hardware address 52:54:00:a0:ea:b7 mtu 1500 DHCP RARP IP-Config: no response after 2 secs - giving up IP-Config: enp1s0 hardware address 52:54:00:a0:ea:b7 mtu 1500 DHCP RARP IP-Config: enp1s0 complete (dhcp from 192.168.122.1): address: 192.168.122.155 broadcast: 192.168.122.255 netmask: 255.255.255.0 gateway: 192.168.122.1 dns0 : 192.168.122.1 dns1 : 0.0.0.0 rootserver: 192.168.122.1 rootpath: filename : cryptsetup: dm_crypt-0: set up successfully done. Begin: Running /scripts/local-premount ... [ 18.436541] Btrfs loaded, crc32c=crc32c-intel Scanning for Btrfs filesystems done. Warning: fsck not present, so skipping root file system [ 18.613839] EXT4-fs (dm-1): mounted filesystem with ordered data mode. Opts: (null) done. Begin: Running /scripts/local-bottom ... Terminated done. <...> Begin: Mounting root file system ... Begin: Running /scripts/local-top ... Volume group "ubuntu-vg" not found Cannot process volume group ubuntu-vg [ 3.927883] pcieport :00:02.5: pciehp: Failed to check link status Please unlock disk dm_crypt-0: Begin: clevis: Waiting for interface enp1s0 to become available ... done. IP-Config: enp1s0 hardware address 52:54:00:a0:ea:b7 mtu 1500 DHCP RARP IP-Config: no response after 2 secs - giving up IP-Config: enp1s0 hardware address 52:54:00:a0:ea:b7 mtu 1500 DHCP RARP IP-Config: enp1s0 complete (dhcp from 192.168.122.1): address: 192.168.122.155 broadcast: 192.168.122.255 netmask: 255.255.255.0 gateway: 192.168.122.1 dns0 : 192.168.122.1 dns1 : 0.0.0.0 rootserver: 192.168.122.1 rootpath: filename : cryptsetup: dm_crypt-0: set up successfully done. Begin: Running /scripts/local-premount ... [ 18.436541] Btrfs loaded, crc32c=crc32c-intel Scanning for Btrfs filesystems done. Warning: fsck not present, so skipping root file system [ 18.613839] EXT4-fs (dm-1): mounted filesystem with ordered data mode. Opts: (null) done. Begin: Running /scripts/local-bottom ... Terminated done. == Test a system using a tang pin that is offline, and confirm the user is prompted with a passphrase prompt without delay == Begin: Running /scripts/init-premount ... done. Begin: Mounting root file system ... Begin: Running /scripts/local-top ... Volume group "ubuntu-vg" not found[3.720164] pcieport :00:02.5: pciehp: Failed to check link status Cannot process volume group ubuntu-vg Please unlock disk dm_crypt-0: Begin: clevis: Waiting for interface enp1s0 to become available ... Failure: clevis: Interface enp1s0 did not appear in time done. cryptsetup: dm_crypt-0: set up successfully done. Begin: Running /scripts/local-premount ... [ 15.374107] Btrfs loaded, crc32c=crc32c-intel Scanning for Btrfs filesystems done. Warning: fsck not present, so skipping root file system [ 15.549809] EXT4-fs (dm-1): mounted filesystem with ordered data mode. Opts: (null) done. Begin: Running /scripts/local-bottom ... Terminated done. Begin: Running /scripts/init-bottom ... ipconfig: enp1s0: SIOCGIFINDEX: No such device ipconfig: no devices to configure ipconfig: enp1s0: SIOCGIFINDEX: No such device ipconfig: no devices to configure ipconfig: enp1s0: SIOCGIFINDEX: No such device ipconfig: no devices to configure ipconfig: enp1s0: SIOCGIFINDEX: No such device ipconfig: no devices to configure ipconfig: enp1s0: SIOCGIFINDEX: No such device ipconfig: no devices to configure ipconfig: enp1s0: SIOCGIFINDEX: No such device ipconfig: no devices to configure ipconfig: enp1s0: SIOCGIFINDEX: No such device ipconfig: no devices to configure ipconfig: enp1s0: SIOCGIFINDEX: No such device ipconfig: no devices to configure ipconfig: enp1s0: SIOCGIFINDEX: No such device ipconfig: no devices to configure ipconfig: enp1s0: SIOCGIFINDEX: No such device ipconfig: no devices to configure no search or nameservers found in /run/net-enp1s0.conf /run/net-*.conf /run/net6-*.conf done. == Test a system that does not use a tang pin and verify that network config is not attempted. == Begin: Mounting root file system ... Begin: Running /scripts/local-top ... Volume group "ubuntu-vg" not found Cannot process volume group ubuntu-vg [3.853031] pcieport :00:02.5: pciehp: Failed to check link status Please unlock disk dm_crypt-0: cryptsetup: dm_crypt-0: set up successfully done. Begin: Running /scripts/local-premount ... [9.853782] Btrfs loaded, crc32c=crc32c-intel Scanning for Btrfs filesystems done. Warning: fsck not present, so skipping root file system [9.980780] EXT4-fs (dm-1): mounted filesystem with ordered data mode. Opts: (null) done. ** Tags removed:
[Bug 1896509] Re: initramfs always tries to bring up the network even when unnecessary
Hello dann, or anyone else affected, Accepted clevis into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/clevis/8-1ubuntu0.2 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-bionic. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: clevis (Ubuntu Bionic) Status: Triaged => Fix Committed ** Tags added: verification-needed-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1896509 Title: initramfs always tries to bring up the network even when unnecessary To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1896509/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1896509] Re: initramfs always tries to bring up the network even when unnecessary
Hello dann, or anyone else affected, Accepted clevis into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/clevis/12-1ubuntu2.2 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-focal. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: clevis (Ubuntu Focal) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1896509 Title: initramfs always tries to bring up the network even when unnecessary To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1896509/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1896509] Re: initramfs always tries to bring up the network even when unnecessary
** Description changed: [Impact] - Currently if you install clevis-initramfs, it will always try to bring up networking even in cases where it is unnecessary. It's not necessary if, say, the volume is to be unlocked via TPM, or perhaps no pin at all and clevis just happens to be installed. In those cases, the user is stuck waiting for configure_networking() to finish before they get prompted for a passphrase, - and that will take nearly 5 minutes to timeout if the system is offline. It is also not clear to users that it *will* eventually timeout, which they may interpret as leaving their system unbootable w/o a network connection. + Currently if you install clevis-initramfs, it will always try to bring up networking even in cases where it is unnecessary. It's not necessary if, say, the volume is to be unlocked via TPM, or perhaps no pin at all and clevis just happens to be installed. In those cases, the user is stuck waiting for configure_networking() to finish before they get prompted for a passphrase, which will take nearly 5 minutes to timeout if the system is offline. It is also not clear to users that it *will* eventually timeout, which they may interpret as leaving their system unbootable w/o a network connection. [Test Case] - Regression test a system that is online and uses a tang pin. - Test a system using a tang pin that is offline, and confirm the user is prompted with a passphrase prompt without delay. - Test a system that does not use a tang pin and verify that network config is not attempted. [Fix] Backport of this upstream patch series: https://github.com/latchset/clevis/commit/adaef407265479cd1067c4fbf69fdaa0dd6ae586 https://github.com/latchset/clevis/commit/ee369808473945165a3f3b79a52c1d10f29eb5c4 https://github.com/latchset/clevis/commit/780eb30986323613f5b192c03c881caecae8cd7b [Regression Potential] If the tang pin detection is buggy, it's possible that systems will fail to auto-unlock using a tang server. It's also possible (but seemingly unlikely) that users have been relying on network access in the initramfs as a side-effect of having clevis installed, and that could no longer be the case if clevis determines it is not necessary for its own purposes. ** Changed in: clevis (Ubuntu Focal) Status: Triaged => In Progress ** Changed in: clevis (Ubuntu Focal) Assignee: (unassigned) => dann frazier (dannf) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1896509 Title: initramfs always tries to bring up the network even when unnecessary To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1896509/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1896509] Re: initramfs always tries to bring up the network even when unnecessary
** Changed in: clevis (Ubuntu Groovy) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1896509 Title: initramfs always tries to bring up the network even when unnecessary To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1896509/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1896509] Re: initramfs always tries to bring up the network even when unnecessary
** Changed in: clevis (Ubuntu Focal) Status: New => Confirmed ** Changed in: clevis (Ubuntu Bionic) Status: New => Confirmed ** Changed in: clevis (Ubuntu Groovy) Assignee: (unassigned) => dann frazier (dannf) ** Changed in: clevis (Ubuntu Focal) Status: Confirmed => Triaged ** Changed in: clevis (Ubuntu Bionic) Status: Confirmed => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1896509 Title: initramfs always tries to bring up the network even when unnecessary To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1896509/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1896509] Re: initramfs always tries to bring up the network even when unnecessary
** Changed in: clevis (Ubuntu Groovy) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1896509 Title: initramfs always tries to bring up the network even when unnecessary To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1896509/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1896509] Re: initramfs always tries to bring up the network even when unnecessary
** Also affects: clevis (Ubuntu Groovy) Importance: Undecided Status: New ** Also affects: clevis (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: clevis (Ubuntu Bionic) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1896509 Title: initramfs always tries to bring up the network even when unnecessary To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1896509/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
