Public bug reported:
[Impact]
There's a race condition in the clevis initramfs-hook that can cause noisy
errors on the console. This is 100% reproducible when / is a dm_crypt device
that is *not* bound to clevis, but seems like timing could cause it to happen
when bound as well.
[Test Case]
Install & boot using a dm-crypt device that is not bound to clevis as /.
You'll see:
Volume group "ubuntu-vg" not found
Cannot process volume group ubuntu-vg
Please unlock disk dm_crypt-0:
/scripts/local-top/clevis: line 135: /proc/398/environ: No such file or
directory
/scripts/local-top/clevis: line 135: local: `': not a valid identifier
cryptsetup: dm_crypt-0: set up successfully
Regression test is to bind a device and reboot and make sure it still
unlocks automatically. To bind:
sudo clevis luks bind -d /dev/vda3 tang '{"url": "http://$tangserver"}'
[Fix]
https://github.com/latchset/clevis/commit/e2fd826ceeabbb7af665c9401d6c3120b4847bab
[Regression Risk]
A bug could cause a system to not automatically boot. Regression tested as
described above to mitigate.
** Affects: clevis (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1875984
Title:
console noise when / is not bound
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1875984/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
