Bug#767195: live-boot: Encrypted persistence not possible at boot time
On Wed, Oct 29, 2014 at 6:09 PM, Evgeni Golov <evgeni@grml.org> wrote:
> Hi,
>
> On 10/29/2014 08:20 AM, Rajko Albrecht wrote:
>>
>> it ask for password and setup the encryption, thats ok. But boot time
>> persistence works only for unencrypted storage.
>
> You will need to do something like this:
> https://github.com/grml/grml-live/commit/58a338919b4df58539afbc119d34244626a45e1b
>
> cryptsetup now requires CRYPTSETUP=y being set when building the initrd.
>
> Btw, I think this is not a bug in live-boot but the initrd generator of
> Debian Live, no idea which this is, though.
>
Hi Evgeni and Rajko,
I can confirm, after testing it with latest live-build 4.0.3-1 (latest
in git too), that adding CRYPTSETUP=y makes encrypted persistence work
as expected (and as explained in live-manual
http://live-systems.org/manual/current/html/live-manual.en.html#590).
I am replying just because I had been doing some trial and error
trying to find out what was wrong with it after someone (User_k)
raised the problem on the irc channel. My research didn't shed any
light on the matter so far.
So thank you very much :)
p.s: What I did was adding CRYPTSETUP=y to
/usr/lib/live/build/chroot_hacks line 79 like so:
Chroot chroot "${UPDATE_INITRAMFS_OPTIONS} CRYPTSETUP=y
update-initramfs -k all -t -u"
There must be a better way to do it, that is for sure, I just patched
it in a hurry to test the fix ;)
--
chals
www.chalsattack.com
chals@chalsattack.com
Reply to: