[Bug 1872832] Re: initramfs-tools support

Tue, 14 Apr 2020 16:16:27 -0700 

** Description changed:

  [Impact]
  clevis <= 12 did not integrate with initramfs-tools. This meant that if users 
wanted to automatically decrypt a luks volume for /, they had to use dracut, 
which is poorly supported in Ubuntu (see bug 1814460).
  
  [Test Case]
  sudo apt install clevis-luks clevis-initramfs
  Bind your root luks / device to a remote tang server, e.g.:
  sudo clevis luks bind -d /dev/vda3 tang '{"url": "http://192.168.122.1"}'
  Accept the key when prompted. Reboot - your luks / should automatically 
decrypt.
+ 
+ [Fix]
+ As we've done in focal, introduce a new clevis-initramfs package. The patches 
are all from upstream, and are standalone other than minor build-system changes 
required to do the build/install.
  
  [Regression Risk]
  clevis introduced initramfs-tools support by adding a new leaf package - 
clevis-initramfs. Existing users would not have this package installed, so 
would be immune from any issues it causes by default.
  
  The eoan version of this package previously build-depended on dracut,
  and this requires an additional build-dep on initramfs-tools. dracut and
  initramfs-tools conflict, so this is an impossible situation. In focal,
  this was fixed by changing the build-dep on dracut to dracut-core and
  I've done the same here. AFAICT, the only reason for build-dep'ing on
  dracut* is that it uses pkgconfig for meson to decide whether or not to
  install dracut files at all, and the pkgconfig bits for dracut are part
  of dracut-core, not dracut. There is a risk that there is some other
  side-effect of the dracut build-dep that could cause a regression. The
  bionic build doesn't rely on the meson hinting (it hadn't been converted
  to meson yet), so build-deps weren't impacted.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1872832

Title:
  initramfs-tools support

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1872832/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to