cryptdisks & lvm2 startup sequence
I recently moved a system from Ubuntu (Hardy) to Debian (Lenny),
and while most things went smoothly, external disk box with
encrypted volume group did not wake up automatically.
I had set things up so that keys of the encrypted volumes (7 of them)
in the external box were on another (small) encrypted device, which is
mounted and unmounted via /etc/default/cryptdisks during cryptdisks-early
(and luksClose it in /etc/rc.local to hide the keys), in order to avoid
typing seven passwords at boot.
This worked fine in Hardy but failed in Lenny.
Looking at the boot sequence made the reason obvious: /etc/rcS.d had
S26cryptdisks-early
S26lvm2
S28cryptdisks
Since the volumes in question are not available until the later
cryptdisks script is done, the lvm2 script doesn't see them
and the volume groups in them aren't activated.
I can fix this in two ways (tested, both work):
(1) move the lvm2 script startup after cryptdisks, i.e.,
mv /etc/rcS.d/S26lvm2 /etc/rcS.d/S29lvm2
(2) redo necessary pieces of lvm2 startup after cryptdisks,
e.g., add to /etc/rc.local
/sbin/vgscan; /sbin/vgchange -a y; /bin/mount -a
The latter has the obvious advantage that it is less likely to
be broken by some upgrade later, but it is somewhat ugly.
So, first question: Is there a good reason for the default order
of cryptdisks-lvm2 startup?
That is, is there a (real, common) situation where lvm2 has to be
started up before (late) cryptdisks?
And second question: is anybody else using the two-stage cryptdisk
startup sequence like I do, or in some other way that opens encrypted
LVM volumes only at the late cryptdisk startup script?
If it's just me I guess I'm better off messing with rc.local,
otherwise I'll consider making a bug report/enhancement request.
--
Tapani Tarvainen
Reply to: