Welcome to the Linux Foundation Forum!

22.1 Disk Encryption - Missing Arugments

Hi guys,
I'm trying to do exercise for 22.1. I do not have any issues with steps 1 through 8, however step 9, "Validate the entire configuration by rebooting", produces the following message before dumping into a recovery shell:
[....] Starting early crypto disks...cryptsetup: WARNING: 'secret-disk' is missing some arguments, see crypttab(5)
done.
[....] Starting remaining crypto disks...cryptsetup: WARNING: 'secret-disk' is missing some arguments, see crypttab(5)
done.
[....] Checking file systems...fsck from util-linux 2.33.1
fsck.ext4: No suck file or directory while trying to open /dev/mapper/secret-disk
Possibly non-existent device?
fsck exited with status code 8
failed (code 8).

My /etc/crypttab file contains the line
secret-disk /dev/sdb1
(I have also tried it replacing /dev/sdb1 with UUID=[my UUID])

My /etc/fstab file contains the line
/dev/mapper/secret-disk /mnt/secret ext4 defaults 1 2

Any idea what I'm not doing correctly?

System notes:
VirtualBox, running antiX (based on Debian)

Comments

  • coop
    coop Posts: 915

    debian based distros like ubuntu seem to behave differently than other distros as to what is needed in /etc/crypttab. Everytime we have revised the course to take care of each distro the upstream changes. Luis or Lee might know better the current state for your distro. What is there does work on some distros.

  • Hi @rroberts ,

    The last time I tried it on Ubuntu 18.04 it worked the first time. I found a similar error (not sure if there are the same than you are experiencing) on Debian and Mint, so it might be related to the distro:

    https://unix.stackexchange.com/questions/107810/why-my-encrypted-lvm-volume-luks-device-wont-mount-at-boot-time

    In that case, the generated initramfs file doesn't work.

    So, before I try it on Debian, can you test it on Ubuntu 20 and/or CentOS 8, please?

    Regards,
    Luis.

  • I'm much more concerned with the fact that the steps I was taking were correct than actually getting it to work at the moment (as I plan on deleting it after validating it works) so don't feel the need to spend a ton of time troubleshooting this.

    That said, I don't have Ubuntu or CentOS, but I do have openSUSE, so I tried it there. Through my testing, I found that if I have /etc/crypttab setup as above but do not have /etc/fstab setup, the system prompts me for my the password I setup in cryptsetup, and I can validate after booting that it creates the /dev/mapper/secret-disk directory. However, if I setup /etc/fstab it doesn't even get far enough to prompt for the cryptsetup password and takes me to a recovery shell. (openSUSE provides much less info while starting up, so I don't have error messages).

  • Hi @rroberts ,

    Well, it's not rare that some things works slightly different between distros (even for different versions on a same distros, for specific stuff). A similar thing happens when working with PAM modules, for example.

    Luis.

  • lee42x
    lee42x Posts: 380

    I confirmed that Ubuntu2004 and OpenSUSE Leap function as documented.
    The only change I used was to use "0" "0" for fields 5 and 6 in /etc/fstab. I did test " 1 2 " as documented as well.

    By chance was there any "cut and paste" involved? My configuration files were typed in fresh. I can post my files and commands if you like, but they are the same as already posted.

    Regards Lee

Categories

Upcoming Training