Bug#726538: partman-md: Should rescan for encrypted volumes on top of raid after assembling it

To: 726538@bugs.debian.org
Subject: Bug#726538: partman-md: Should rescan for encrypted volumes on top of raid after assembling it
From: Agustin Martin <agmartin@debian.org>
Date: Thu, 17 Oct 2013 15:42:46 +0200
Message-id: <[🔎] 20131017134246.GA6735@agmartin.aq.upm.es>
Reply-to: Agustin Martin <agmartin@debian.org>, 726538@bugs.debian.org
In-reply-to: <[🔎] 20131016144108.GA22957@agmartin.aq.upm.es>
References: <[🔎] 20131016144108.GA22957@agmartin.aq.upm.es>

reassign 726538 rescue-mode
retitle  726538 rescue-mode: Should scan for encrypted volumes on top of raid after assembling it
found    726538 rescue-mode/1.41
forcemerge 484263 726538
thanks

On Wed, Oct 16, 2013 at 04:41:08PM +0200, Agustin Martin wrote:
> Package: partman-md
> Version: 67
> Severity: normal
> 
> Hi, maintainers,
> 
> Want to share a minor inconsistency when using crypto on top of RAID, mostly
> related to rescue mode.
> 
> First, what works and should be expected, a normal crypto volume, no RAID: 
> 
>  * Rescue mode
>  * After selecting time zone d-i notices there is an encrypted volume I am
>    prompted to enter a passphrase for it if I want to have it available for
>    rescue operations.
> 
> That is the expected behavior.
> 
> However things work differently when the encrypted volume is on top of a
> RAID (RAID1 in this case).
> 
>  * Rescue mode
>  * Get the "Device to use as root file system" dialog, known partitions
>    shown, no RAID is still assembled and of course nothing inside it is
>    shown, just plain /dev/sd* stuff. 
>  * I choose "Assemble RAID array", tick Automatic and proceed.
>  * However, although a crypto volume is on top of that RAID, that seems not
>    detected and I am not prompted for a passphrase to enable it for rescue.
>    Of course I can open a shell, enable luks volume and the lvm logical
>    volumes it contains, go back and continue, now with all really available
>    choices including those inside the crypto volume.
> 
>    I'd expect the same check that is automaticaly done when the encrypted
>    volume is not on top of a RAID be run right after assembling the RAID
>    so the contents of the encrypted volume (single partion or lvm stuff)
>    become available for the rescue session in a simpler way if the
>    passphrase is provided.

Some extra details I forgot to add. In the second case both components of
the RAID are detected separately as encrypted volumes and I am asked for
their (common) passphrase. If I provide it, volume contents are properly
scanned (not sure which lvm stuff is shown, it is replicated in both
devices, but only one is shown), but since the RAID is not assembled I'd
rather not use them separately. Did not try to mount it.

It is the encrypted volume on top of RAID using both devices what is not
detected as crypto and so no passphrase is asked for it and not further 
processed.

Anyway, just noticed that this has already been reported as #484263 against
rescue-mode. Thus reassigning and merging, sorry for the noise.

Regards,

-- 
Agustin

Reply to:

Follow-Ups:
- Processed: Re: Bug#726538: partman-md: Should rescan for encrypted volumes on top of raid after assembling it
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

References:
- Bug#726538: partman-md: Should rescan for encrypted volumes on top of raid after assembling it
  - From: Agustin Martin <agmartin@debian.org>

Prev by Date: Bug#712907: grub-installer: No longer installs automatically on a normal machine with one hard drive
Next by Date: Processed: Re: Bug#726538: partman-md: Should rescan for encrypted volumes on top of raid after assembling it
Previous by thread: Bug#726538: partman-md: Should rescan for encrypted volumes on top of raid after assembling it
Next by thread: Processed: Re: Bug#726538: partman-md: Should rescan for encrypted volumes on top of raid after assembling it
Index(es):
- Date
- Thread