Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
dmcrypt encrypted swap fails on boot
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
haarp
Guru
Guru


Joined: 31 Oct 2007
Posts: 372

PostPosted: Sat May 18, 2013 4:37 pm    Post subject: dmcrypt encrypted swap fails on boot Reply with quote

Hey. every time I boot, dmcrypt fails to add my swap. This is /etc/conf.d/dmcrypt:
Code:
swap=cswap
source='/swap'

However, it scrolls by too fast for me to make out the actual error and it's too early in the boot process to get logged.

If I manually restart dmcrypt after the system has booted however, it works flawlessly. Any ideas what might be the issue?
Back to top
View user's profile Send private message
Hu
Watchman
Watchman


Joined: 06 Mar 2007
Posts: 9167

PostPosted: Sat May 18, 2013 4:45 pm    Post subject: Reply with quote

Without the error text, it is very difficult for us to help you. Can you use scroll lock to pause the output? Can you page back through the output to read it after boot completes?
Back to top
View user's profile Send private message
khayyam
Advocate
Advocate


Joined: 07 Jun 2012
Posts: 2335

PostPosted: Sat May 18, 2013 6:05 pm    Post subject: Reply with quote

haarp ....

As your swap seems to be a file rather than a device I wonder if this isn't a case of the script running prior to the availablity of filesysem on which the swapfile is located ... dmcrypt is run early so the filesystems are not yet mounted.

best ... khay
Back to top
View user's profile Send private message
haarp
Guru
Guru


Joined: 31 Oct 2007
Posts: 372

PostPosted: Sat May 18, 2013 6:10 pm    Post subject: Reply with quote

Hu wrote:
Without the error text, it is very difficult for us to help you. Can you use scroll lock to pause the output? Can you page back through the output to read it after boot completes?

Paging is not possible as the login prompt will clear the screen once it has booted. I'll try scroll lock next time I boot.

khayyam wrote:
haarp ....

As your swap seems to be a file rather than a device I wonder if this isn't a case of the script running prior to the availablity of filesysem on which the swapfile is located ... dmcrypt is run early so the filesystems are not yet mounted.

best ... khay

I only have / itself. And seeing as init scripts are being run at that point (and grabbing configs from /etc), the swapfile in /swap must also be accessible.
Back to top
View user's profile Send private message
khayyam
Advocate
Advocate


Joined: 07 Jun 2012
Posts: 2335

PostPosted: Sat May 18, 2013 6:36 pm    Post subject: Reply with quote

haarp wrote:
I only have / itself. And seeing as init scripts are being run at that point (and grabbing configs from /etc), the swapfile in /swap must also be accessible.

haarp ... doh! yes, I'd had a mental picture of encrypted root, which of course would require an initramfs and so make the dmcrypt rcscript pointless. Anyhow, with only a rootfs, isn't an encypted swap rather redundent?

best ... khay
Back to top
View user's profile Send private message
Hu
Watchman
Watchman


Joined: 06 Mar 2007
Posts: 9167

PostPosted: Sat May 18, 2013 8:45 pm    Post subject: Reply with quote

haarp wrote:
Hu wrote:
Without the error text, it is very difficult for us to help you. Can you use scroll lock to pause the output? Can you page back through the output to read it after boot completes?

Paging is not possible as the login prompt will clear the screen once it has booted.
That is configurable. The behavior of wiping the screen is relatively new. Most old-timers prefer to turn it off by passing --noclear to the getty process.
Back to top
View user's profile Send private message
haarp
Guru
Guru


Joined: 31 Oct 2007
Posts: 372

PostPosted: Sat May 18, 2013 9:28 pm    Post subject: Reply with quote

Scroll lock worked! Error message is "mkswap: fsync failed". Makes me wonder if / is maybe read-only at this point of the boot process...

khayyam wrote:
Anyhow, with only a rootfs, isn't an encypted swap rather redundent?

There are additional ecryptfs, but those are mounted when they're needed.
Back to top
View user's profile Send private message
Hu
Watchman
Watchman


Joined: 06 Mar 2007
Posts: 9167

PostPosted: Sat May 18, 2013 11:50 pm    Post subject: Reply with quote

Why are you using a swap file instead of a swap partition? A swap partition has fewer dependencies, and might work at this stage. If you cannot switch to a swap partition, you might be able to solve this by using an RC_NEED statement to force dm-crypt to run later.
Back to top
View user's profile Send private message
haarp
Guru
Guru


Joined: 31 Oct 2007
Posts: 372

PostPosted: Sun May 19, 2013 8:37 am    Post subject: Reply with quote

Hu wrote:
Why are you using a swap file instead of a swap partition? A swap partition has fewer dependencies, and might work at this stage. If you cannot switch to a swap partition, you might be able to solve this by using an RC_NEED statement to force dm-crypt to run later.

Yes, but a swap file is more flexible. I can easily reduce its size should I run out of disk space, for instance.

Modifying the runscript dependencies worked. Thanks!
I added this to /etc/rc.conf:
Code:
# Start dmcrypt later so / is writable
rc_dmcrypt_before="!checkfs !fsck swapfiles"
rc_dmcrypt_after="localmount"
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum