On Sun, Jun 5, 2022 at 2:28 PM Barry Scott <barry@xxxxxxxxxxxxxxxx> wrote: > > I have setup a tang server to offer up the unlock key for > by fedora systems that uses encrypted disks. > > This works great with my file server that uses LVM and ext4. > > But my desktop system that uses the btrfs does not unlock the > disk automatically. I see the logs on the tang server that show > that there are transactions to ask for the key but it does not work. > > I'm jumping to the difference being btrfs, but admit that I'm far > from having evidence to show that is the problem. > > I used the exact same setup steps for both systems so I'm reasonably > confident that the config is good. > > Anyone else see this issue? Need logs. And it might help to have the exact same binaries available in A vs B config, i.e. LUKS LVM ext4 vs LUKS Btrfs, but both are Fedora 36. I don't know that much about tang or clevis, but my understanding is the central aspect is `clevis luks unlock` and once the LUKS volume is unlocked, then libblkid should see the btrfs volume on it, and then possible to mount it. While the LUKS volume is locked, the Btrfs volume in effect is invisible (all ciphertext) so the fact it's btrfs is obscured and can't be a factor until the LUKS volume is unlocked. So I'm thinking unlock problems are unrelated to the fs selection, and it's some other factor (package versions, network latency, race condition). -- Chris Murphy _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
