Bug#930228: partman-crypto: cryptsetup's initramfs integration was moved to a separate package

To: Ben Hutchings <ben@decadent.org.uk>
Cc: 930228@bugs.debian.org
Subject: Bug#930228: partman-crypto: cryptsetup's initramfs integration was moved to a separate package
From: Guilhem Moulin <guilhem@debian.org>
Date: Sat, 27 Jul 2019 00:01:11 +0200
Message-id: <[🔎] 20190726220111.GA11169@debian.org>
Reply-to: Guilhem Moulin <guilhem@debian.org>, 930228@bugs.debian.org
In-reply-to: <[🔎] a7393d9e8dd2c7a800978e7f20bf89dbe2542feb.camel@decadent.org.uk>
References: <20190608200542.GA14516@debian.org> <20190608200542.GA14516@debian.org> <[🔎] 20190725040259.GA20561@debian.org> <[🔎] a7393d9e8dd2c7a800978e7f20bf89dbe2542feb.camel@decadent.org.uk> <20190608200542.GA14516@debian.org>

Control: severity -1 grave

Hi,

On Thu, 25 Jul 2019 at 22:31:36 +0100, Ben Hutchings wrote:
>> Thanks to the Recommends: d-i will automatically pull the initramfs
>> integration, at least on systems where APT::Install-Recommends hasn't
>> been turned off by preseeding.  (The Recommends: cryptsetup-run is there
>> to improve the upgrade path, cf. #932625.)  I'm therefore only raising
>> the severity to ‘normal’.
> 
> APT::Install-Recommends is only enabled after the base-installer phase.
> of installation.  I don't know what stage cryptsetup is installed at,
> but I suggest it's worth checking that this assumption is correct.

Thanks for the hint, ‘cryptsetup-initramfs’ is not pulled in indeed.  I
guess someone would have found out sooner or better, but the sooner the
better :-)

The attached patch fixes this.  I'll leave it to you if you want to
clone this bug and close -1, or alternatively downgrade its severity to
conditionally implement the initramfs integration:

| The real fix would be to have a detection logic triggering `apt-install
| cryptsetup` whenever there are crypt targets in the dm table, and
| `apt-install cryptsetup-initramfs` if any volume needs to be unlocked at
| initramfs stage, i.e., holding /, /usr, and/or the resume device(s).

Cheers,
-- 
Guilhem.

From b72b0934eb4c729d5fef462bb832aec6665513c8 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem.moulin@ens-lyon.org>
Date: Fri, 26 Jul 2019 23:24:33 +0200
Subject: [PATCH] finish.d/crypto_aptinstall: Install cryptsetup-initramfs, not
 cryptsetup.

cryptsetup's initramfs integration was moved to a separate package.
Cf. #930228.
---
 finish.d/crypto_aptinstall | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/finish.d/crypto_aptinstall b/finish.d/crypto_aptinstall
index 047d1a3..a26f5f0 100755
--- a/finish.d/crypto_aptinstall
+++ b/finish.d/crypto_aptinstall
@@ -34,6 +34,6 @@ if grep -q " device-mapper$" /proc/misc; then
     # on an LVM LV on top of an encrypted device
     if type dmsetup >/dev/null 2>&1 && \
 	   dmsetup table | cut -d' ' -f4 | grep -q "crypt" 2>/dev/null; then
-		apt-install cryptsetup || true
+		apt-install cryptsetup-initramfs || true
 	fi
 fi
-- 
2.22.0

Attachment: signature.asc
Description: PGP signature

Reply to:

References:
- Bug#930228: partman-crypto: cryptsetup's initramfs integration was moved to a separate package
  - From: Guilhem Moulin <guilhem@debian.org>
- Bug#930228: partman-crypto: cryptsetup's initramfs integration was moved to a separate package
  - From: Ben Hutchings <ben@decadent.org.uk>

Prev by Date: Bug#933125: buster-pu: package systemd/241-5+deb10u1
Next by Date: Processed: Re: Bug#930228: partman-crypto: cryptsetup's initramfs integration was moved to a separate package
Previous by thread: Bug#930228: partman-crypto: cryptsetup's initramfs integration was moved to a separate package
Next by thread: Processed: Re: Bug#930228: partman-crypto: cryptsetup's initramfs integration was moved to a separate package
Index(es):
- Date
- Thread