This is on debian testing (trix) ii cryptsetup 2:2.7.5-1 amd64 disk encryption support - startup scripts ii systemd 256.7-2 amd64 system and service manager So I see that for some reason systemd still uses an initscript, latest version in debian testing, and it seems like the deps are wrong, so nothing starts it. The boot also hangs and fails to succeed due to filesytems in fstab waiting to be decyrpted sauron:~# dpkg -L cryptsetup | grep /etc /etc /etc/default /etc/default/cryptdisks /etc/init.d /etc/init.d/cryptdisks /etc/init.d/cryptdisks-early systemd-sysv-generator[2541]: SysV service '/etc/init.d/cryptdisks' lacks a native systemd unit file. ~ Automatically generating a unit file for compatibility. Please update package to include a native systemd uni> systemd-sysv-generator[2541]: SysV service '/etc/init.d/cryptdisks-early' lacks a native systemd unit file. ~ Automatically generating a unit file for compatibility. Please update package to include a native syste> systemd-sysv-generator[2541]: Overwriting existing symlink /run/systemd/generator.late/cryptdisks.service with real service. It is not started by anything at boot, although it used to, but no idea how Now, I need to start it manually at boot with sauron:~# systemctl start cryptdisks.service sauron:~# dmsetup ls cryptroot (253:0) eswap (253:1) pool1 (253:2) pool2 (253:3) pool3 (253:4) pool4 (253:5) but this only works if the boot succeeds to completion. And for that to happy, I need to comment out all the filesystems in /etc/fstab that rely on decrypted filetsystems for instance: #LABEL=btrfs_pool1 /mnt/btrfs_pool1 btrfs defaults,nofail,compress=lzo,skip_balance,space_cache=v2,noatime,subvolid=0 0 0 if I uncomment it, systemd hangs on trying to mount the FS with missing device sauron:~# cat /etc/crypttab cryptroot /dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_2TB_S4Z7NG0M709677T-part7 /.cppwd luks,discard pool1 /dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_2TB_S4Z7NG0M709677T-part8 /.cppwd luks,discard So two main I don't understand are: How can I get cryptdisks.service not to refuse to start at boot and tell me what dep it's missing? if my filesystems are in /etc/fstab, they fail to mount with Oct 27 22:22:59 sauron.svh.merlins.org systemd[1]: dev-disk-by\x2dlabel-btrfs_pool1.device: Job dev-disk-by\x2dlabel-btrfs_pool1.device/start timed out. Oct 27 22:22:59 sauron.svh.merlins.org systemd[1]: Timed out waiting for device dev-disk-by\x2dlabel-btrfs_pool1.device - /dev/disk/by-label/btrfs_pool1. Oct 27 22:22:59 sauron.svh.merlins.org systemd[1]: Dependency failed for mnt-btrfs_pool1.mount - /mnt/btrfs_pool1. Oct 27 22:22:59 sauron.svh.merlins.org systemd[1]: mnt-btrfs_pool1.mount: Job mnt-btrfs_pool1.mount/start failed with result 'dependency'. that amkes sense, but if that happens, I get the emergency prompt and at that point sauron:~# systemctl start cryptdisks.service does not work. It fails and I can't find any errors in journalctl -xb or anything about a missing dependency, although I assume that's why it won't start So I'm forced to comment out all of fstab, resume the boot, let it finish only then does sauron:~# systemctl start cryptdisks.service work After that I can uncomment fstab and mount the partitions So why was it refusing to start earlier, and it's ok now? I suppose this is not great: sauron:~# systemctl enable cryptdisks.service > Synchronizing state of cryptdisks.service with SysV service script with /usr/lib/systemd/systemd-sysv-install. > Executing: /usr/lib/systemd/systemd-sysv-install enable cryptdisks > The unit files have no installation config (WantedBy=, RequiredBy=, UpheldBy=, > Also=, or Alias= settings in the [Install] section, and DefaultInstance= for > template units). This means they are not meant to be enabled or disabled using systemctl. > > Possible reasons for having these kinds of units are: > • A unit may be statically enabled by being symlinked from another unit's > .wants/, .requires/, or .upholds/ directory. > • A unit's purpose may be to act as a helper for some other unit which has > a requirement dependency on it. > • A unit may be started when needed via activation (socket, path, timer, > D-Bus, udev, scripted systemctl call, ...). > • In case of template units, the unit is meant to be enabled with some > instance name specified. The autogenerated file below probably has bad deps, so removed the old initscript copied /lib/systemd/system/cryptdisks.service to /lib/systemd/system/cryptdisks.service then I had a look at systemctl list-dependencies and now have > isauron:~# cat /lib/systemd/system/cryptdisks.service > # Automatically generated by systemd-sysv-generator > > [Unit] > Documentation=man:systemd-sysv-generator(8) > SourcePath=/etc/init.d/cryptdisks > Description=LSB: Setup remaining encrypted block devices. > Before=local-fs.target > > [Service] > Type=forking > Restart=no > TimeoutSec=5min > IgnoreSIGPIPE=no > KillMode=process > GuessMainPID=no > RemainAfterExit=yes > SuccessExitStatus=5 6 > ExecStart=/etc/init.d/cryptdisks start > ExecStop=/etc/init.d/cryptdisks stop > ExecReload=/etc/init.d/cryptdisks reload while the autogenerated one, was: > /lib/systemd/system/cryptdisks.service: > # Automatically generated by systemd-sysv-generator > > [Unit] > Documentation=man:systemd-sysv-generator(8) > SourcePath=/etc/init.d/cryptdisks > Description=LSB: Setup remaining encrypted block devices. > Before=checkfs.service > After=checkroot.service > After=cryptdisks-early.service > After=udev.service > After=mdadm-raid.service > After=lvm2.service > > [Service] > Type=forking > Restart=no > TimeoutSec=5min > IgnoreSIGPIPE=no > KillMode=process > GuessMainPID=no > RemainAfterExit=yes > SuccessExitStatus=5 6 > ExecStart=/etc/init.d/cryptdisks start > ExecStop=/etc/init.d/cryptdisks stop > ExecReload=/etc/init.d/cryptdisks reload > > sauron:~# cat /etc/default/cryptdisks > # Run cryptdisks initscripts at startup? Default is Yes. > CRYPTDISKS_ENABLE=Yes > > # Mountpoints to mount, before cryptsetup is invoked at initscripts. Takes > # mountpoins which are configured in /etc/fstab as arguments. Separate > # mountpoints by space. > # This is useful for keyfiles on removable media. Default is unset. > CRYPTDISKS_MOUNT="" > > # Default check script. Takes effect, if the 'check' option is set in crypttab > # without a value. > CRYPTDISKS_CHECK=blkid Thanks, Marc -- "A mouse is a device used to point at the xterm you want to type in" - A.S.R. Home page: http://marc.merlins.org/ | PGP 7F55D5F27AAF9D08
after systemd upgrade, cryptdisks won't start except with systemctl start cryptdisks.service but that doesn't work if boot goes to failsafe
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: after systemd upgrade, cryptdisks won't start except with systemctl start cryptdisks.service but that doesn't work if boot goes to failsafe
- From: Marc MERLIN <marc@xxxxxxxxxxx>
- Date: Mon, 28 Oct 2024 00:19:10 -0700
- Follow-Ups:
- Prev by Date: CFP is open for FOSDEM 2025 - Image-Based Linux and Boot Integrity Devroom
- Next by Date: Re: system is not match systemd.link configs
- Previous by thread: CFP is open for FOSDEM 2025 - Image-Based Linux and Boot Integrity Devroom
- Next by thread: Re: after systemd upgrade, cryptdisks won't start except with systemctl start cryptdisks.service but that doesn't work if boot goes to failsafe
- Index(es):
 |