Hi all,I created two LUKS partitions on usb with live-rw and home-rw labels (see usb-info attachment). I boot GRML-2010.12 iso debug menu option with persistent=cryptsetup added.
1. I provide pass phrase for live-rw on first luks partition. 2. I am prompted for live-rw pass phrase for second luks. 3. I am prompted for home-rw pass phrase for first luks. 4. I get luks error on first partition (I expected it to be in use from 1 above). 5. I tell it to quit attempting home-rw with first luks. 6. I provide pass phrase for home-rw on second luks which should match and be used script repeats 4-5 above. 7. I reply ^d to both debugging shells.At the end of boot I get error messages (cmsgs.txt attachment) about trashed /home.
I have attached live.log.gz for additional information.The goal is to have persistent live usb with /etc and /home encrypted if it is lost or stolen.
Charles -- Charles Hewson <cahewson@eskimo.com> Seattle, WA. U.S.A.
Disk /dev/sdc: 515 MB, 515899392 bytes 16 heads, 62 sectors/track, 1015 cylinders Units = cylinders of 992 * 512 = 507904 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0xd5b5dff0 Device Boot Start End Blocks Id System /dev/sdc1 1 22 10881 6 FAT16 /dev/sdc2 * 23 539 256432 83 Linux /dev/sdc3 540 1015 236096 5 Extended /dev/sdc5 540 643 51553 83 Linux /dev/sdc6 644 747 51553 83 Linux /dev/sdc7 748 828 40145 83 Linux /dev/sdc8 829 909 40145 83 Linux /dev/sdc9 910 1015 52545 83 Linux home-rw e2label /dev/mapper/sdc5 live-rw e2label /dev/mapper/sdc6 mounting sdc 5 & 6 with grml-crypt to dump luks info LUKS header information for /dev/sdc5 Version: 1 Cipher name: aes Cipher mode: cbc-essiv:sha256 Hash spec: sha1 Payload offset: 2056 MK bits: 256 MK digest: a1 fe 18 28 22 51 97 55 9a 54 81 07 a4 a2 76 6e a3 6f b4 6a MK salt: 3e 0b c1 94 4a ff 1d b3 4b c8 5e 7b 07 7d c6 a5 f7 e7 a5 9d 52 14 48 b2 91 cf 9f 04 e0 5a 67 8a MK iterations: 38000 UUID: 8c0e6e55-cc83-438c-bd0c-d5bc301f2e57 Key Slot 0: ENABLED Iterations: 152499 Salt: 69 e6 4f 32 23 07 7f f6 e0 0c 0e 21 26 32 af ed f5 4e d7 56 3a 2a e7 89 41 4e c1 11 f9 b7 59 2c Key material offset: 8 AF stripes: 4000 Key Slot 1: DISABLED Key Slot 2: DISABLED Key Slot 3: DISABLED Key Slot 4: DISABLED Key Slot 5: DISABLED Key Slot 6: DISABLED Key Slot 7: DISABLED LUKS header information for /dev/sdc6 Version: 1 Cipher name: aes Cipher mode: cbc-essiv:sha256 Hash spec: sha1 Payload offset: 2056 MK bits: 256 MK digest: b0 8c f6 99 8e ac 50 6b 2b a9 fa 5b 4d 11 6d 74 92 c5 f2 f9 MK salt: f2 06 23 a8 65 11 b2 9d ed 31 71 3b b0 a3 cc 64 9e ea ee 55 49 2f 29 8b 6c 2a fc 6f 8b 75 cc 6c MK iterations: 38000 UUID: bbb27e96-31cb-4b34-b2ca-319f493385d8 Key Slot 0: ENABLED Iterations: 152409 Salt: 4a 34 cd 23 e8 1c f7 8f 63 51 76 59 7c 24 67 e9 ba 5e 55 5f 37 9c 8b 99 f6 8e f6 21 ab f0 84 b1 Key material offset: 8 AF stripes: 4000 Key Slot 1: DISABLED Key Slot 2: DISABLED Key Slot 3: DISABLED Key Slot 4: DISABLED Key Slot 5: DISABLED Key Slot 6: DISABLED Key Slot 7: DISABLED Filesystem Size Used Avail Use% Mounted on none 623M 460K 623M 1% /dev rootfs 631M 2.5M 629M 1% / /dev/sr0 686M 686M 0 100% /live/image tmpfs 631M 2.5M 629M 1% /live/cow tmpfs 631M 0 631M 0% /lib/init/rw tmpfs 631M 4.0K 631M 1% /dev/shm /dev/sdc9 50M 4.9M 43M 11% /mnt/grmlcfg /dev/dm-2 48M 4.8M 41M 11% /mnt/sdc5 /dev/dm-3 48M 4.8M 41M 11% /mnt/sdc6 # /etc/fstab - static file system information # # This file was deployed via grml-live's # /etc/grml/fai/config/scripts/GRMLBASE/30-fstab script, using # /etc/grml/fai/config/files/etc/fstab/GRMLBASE # # <filesystem> <mountpoint> <type> <options> <dump> <pass> proc /proc proc rw,nosuid,nodev,noexec 0 0 none /proc/bus/usb usbfs defaults,noauto 0 0 sysfs /sys sysfs rw,nosuid,nodev,noexec 0 0 devpts /dev/pts devpts noauto,mode=0622 0 0 /dev/fd0 /mnt/floppy auto user,noauto,exec 0 0 /dev/external /mnt/external auto user,noauto,exec,rw,uid=grml,gid=grml 0 0 /dev/external1 /mnt/external1 auto user,noauto,exec,rw,uid=grml,gid=grml 0 0 /dev/cdrom /mnt/cdrom auto user,noauto,exec,ro 0 0 /dev/dvd /mnt/dvd auto user,noauto,exec,ro 0 0 # some other examples: # /dev/hda1 /Grml ext3 dev,suid,user,noauto 0 2 # //1.2.3.4/pub /smb/pub smbfs defaults,user,noauto,uid=grml,gid=grml 0 0 # linux:/pub /beer nfs defaults 0 0 # tmpfs /tmp tmpfs size=300M 0 0 # none /proc/bus/usb usbfs defaults,nodev,noexec,nosuid,noauto,devgid=1001,devmode=664 0 0 # 192.168.1.101:/backups /mnt/nfs nfs defaults,user,wsize=8192,rsize=8192 0 0 # # Warning! Please do *not* change any lines below because they are auto-generated by rebuildfstab! # If you want to disable rebuildfstab set CONFIG_FSTAB='no' in /etc/grml/autoconfig! # See 'man grml-rebuildfstab' for more details about the following entries. # Added by GRML /dev/sdb11 /dev/sdb11 /mnt/sdb11 ext3 noauto,user,dev,suid,exec 0 0 # /dev/sdb11 # Added by GRML /dev/sdc8 LABEL=live-sn /mnt/live-sn ext3 noauto,user,dev,suid,exec 0 0 # /dev/sdc8 # Added by GRML /dev/sdb7 /dev/sdb7 /mnt/sdb7 ext3 noauto,user,dev,suid,exec 0 0 # /dev/sdb7 # Added by GRML /dev/sdb5 /dev/sdb5 /mnt/sdb5 ext3 noauto,user,dev,suid,exec 0 0 # /dev/sdb5 # Added by GRML /dev/sda1 /dev/sda1 /mnt/sda1 vfat noauto,user,dev,suid,exec,umask=000,uid=1000,gid=users 0 0 # /dev/sda1 # Added by GRML /dev/sdb3 /dev/sdb3 /mnt/sdb3 reiserfs noauto,user,dev,suid,exec 0 0 # /dev/sdb3 # Added by GRML /dev/sdb2 /dev/sdb2 /mnt/sdb2 ext3 noauto,user,dev,suid,exec 0 0 # /dev/sdb2 # Added by GRML /dev/sdc7 LABEL=home-sn /mnt/home-sn ext3 noauto,user,dev,suid,exec 0 0 # /dev/sdc7 # Added by GRML /dev/sdb6 /dev/sdb6 /mnt/sdb6 ext3 noauto,user,dev,suid,exec 0 0 # /dev/sdb6 # Added by GRML /dev/sdb1 /dev/sdb1 /mnt/sdb1 ext2 noauto,user,dev,suid,exec 0 0 # /dev/sdb1 # Added by GRML /dev/sdc1 LABEL=datastore /mnt/datastore vfat noauto,user,dev,suid,exec,umask=000,uid=1000,gid=users 0 0 # /dev/sdc1 # Added by GRML /dev/sdc9 LABEL=GRMLCFG /mnt/GRMLCFG ext3 noauto,user,dev,suid,exec 0 0 # /dev/sdc9 # Added by GRML /dev/sdb12 /dev/sdb12 /mnt/sdb12 ext3 noauto,user,dev,suid,exec 0 0 # /dev/sdb12 # Added by GRML /dev/sdb9 /dev/sdb9 /mnt/sdb9 ext3 noauto,user,dev,suid,exec 0 0 # /dev/sdb9 # Added by GRML /dev/sdc2 LABEL=grmlboot /mnt/grmlboot ext3 noauto,user,dev,suid,exec 0 0 # /dev/sdc2 # Added by GRML /dev/sdb8 /dev/sdb8 /mnt/sdb8 ext3 noauto,user,dev,suid,exec 0 0 # /dev/sdb8 # Added by GRML /dev/dm-2 LABEL=home-rw /mnt/home-rw ext3 noauto,user,dev,suid,exec 0 0 # /dev/dm-2 # Added by GRML /dev/dm-3 LABEL=live-rw /mnt/live-rw ext3 noauto,user,dev,suid,exec 0 0 # /dev/dm-3 sysfs /sys sysfs rw 0 0 none /dev devtmpfs rw,relatime,size=637632k,nr_inodes=159408,mode=755 0 0 rootfs / rootfs rw 0 0 none /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0 none /proc proc rw,nosuid,nodev,noexec,relatime 0 0 /dev/sr0 /live/image iso9660 ro,noatime 0 0 tmpfs /live/cow tmpfs rw,noatime,mode=755 0 0 tmpfs /lib/init/rw tmpfs rw,nosuid,relatime,mode=755 0 0 tmpfs /dev/shm tmpfs rw,nosuid,nodev,relatime 0 0 none /dev/pts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0 /dev/sdc9 /mnt/grmlcfg ext3 ro 0 0 /dev/dm-2 /mnt/sdc5 ext3 rw 0 0 /dev/dm-3 /mnt/sdc6 ext3 rw 0 0
m ad: 9.00 4.11 1.57 | cpu: [ cpufreq n/a ] | net: [ network n/a ]) Sun 13.03.2011 00:32 [screen is terminating] * Bootoption debug detected. Printing kernel command line: initrd=/boot/grml/initrd.gz boot=live bootid=grml201012 apm=power-off vga=791 verbose debug=vc initcall nomce persistent=cryptsetup BOOT_IMAGE=/boot/grml/linux26 chown: cannot access `/home/grml': No such file or directory rsync: mkdir "/home/grml" failed: Permission denied (13) rsync error: error in file IO (code 11) at main.c(595) [Receiver=3.0.7] rsync: connection unexpectedly closed (9 bytes received so far) [sender] rsync error: error in rsync protocol data stream (code 12) at io.c(601) [sender=3.0.7] * Finished execution of main grml startup. [ ok ] ┌────────────────────────────────────────────────────────────┐ │ Welcome to grml-quickconfig │ │ Press a highlighted key to perform an action, or press │ │ Return or q to go back to the shell. │ ├────────────────────────────────────────────────────────────┤ │ Set keyboard layout (grml-lang): de at ch es us │ │ Configure network (grml-network) │ │ -> Configure ethernet card directly (netcardconfig) │ ├────────────────────────────────────────────────────────────┤ │ Show information about grml (grml-info) │ │ Start x (grml-x) │ │ Show an application menu (pdmenu) │ │ Install Debian to hard disk (grml-debootstrap) │ └────────────────────────────────────────────────────────────┘ Press a key: Welcome to grml 2010.12 Release Codename Gebrüder Grml [2010.12.29]! New to grml? Want to read some documentation? Start via running 'grml-info'. Get tips and hints via 'grml-tips $KEYWORD'. New to zsh? Run 'zsh-help'. Switch to other consoles via alt-F<number> keys. Happy hacking! http://grml.org/ root@grml ~ #
Attachment:
live.log.gz
Description: gziped debug log for script programmers