Re: [dm-crypt] luks, swap and crash

From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] luks, swap and crash
Date: Tue, 3 May 2011 10:19:55 +0200	[thread overview]
Message-ID: <20110503081955.GA2739@tansi.org> (raw)
In-Reply-To: <BANLkTikNOR6==J1Z+6fp=xGjtirYeb8zNw@mail.gmail.com>

On Tue, May 03, 2011 at 09:28:31AM +0200, Fran?ois Chenais wrote:
> 2011/5/3 Arno Wagner <arno@wagner.name>
> 
> > Ok, hard freeze is not good.
> >
> > One thing you could try is a serial console. This needs only
> > a boot option to the kernel.
> >
> > CentOS 5.5 is also pretty recent.
> >
> >
> Even if the kernel is patched, the version 2.6.18 is not so recent :P
> The system used version 1.0.3 of cryptsetup :/

Oops, seems my version lookup-fu is badly broken. 2.6.18 is indeed
mostly of historic interest and 1.0.3 is also pretty old.

>  Unless Milan knows what is going on here, a recreation in
> > a test machine would probably be the best next step.
> >
> > Hmm, do you by any chance encrypt swap _twice_?
> >
> >
> Hmmm, why _twice_ and what for ?

The idea was that maybe there is a full-disk encryptiopn 
and then a partition encryption on top.

Arno

> BTW, pretty peculiar setup. I take it this machine installs
> > itself from an image to the encrypted filesystem (with random
> > key) on boot? JUst out of curiosity, how long does that
> > take?
> >
> >
> Just temporary FS are encrypted. So the time spent depends of the size of
> the
> FS. But sure, it's not user friendly :D
> 
> 
> Fran?ois
> 
> 
> 
> 
> >  Arno
> >
> >
> > On Mon, May 02, 2011 at 09:21:41PM +0200, Fran?ois Chenais wrote:
> > > 2011/5/2 Arno Wagner <arno@wagner.name>
> > >
> > > > What do you mean by "crash"?
> > > >
> > > >
> > > Crash = the computer is frozen, nothing happens. The only way to bring it
> > > back to life is to power off/on.
> > >
> > >
> > > I knew U'll ask me some logs but ... :)
> > >
> > >   Actually, I have no logs because log files are written on encrypted
> > file
> > > system and the file system
> > >   is encrypted at boot time; each time with at new unknown random key ;
> > so I
> > > have NO file, NO LOG, Nothing,
> > >   as in a black hole !:P
> > >
> > >   I don't have change anything because it's a production server.
> > >   I need to take time to reproduce the crash on a test machine.
> > >
> > > ... but I'm interested about the list feedback about same experience.
> > >
> > >
> > >   The system is CentOS 5.5.
> > >
> > >
> > >
> > >
> > > > Arno
> > > >
> > > > On Mon, May 02, 2011 at 11:50:25AM +0200, Fran?ois Chenais wrote:
> > > > > Hello,
> > > > >
> > > > > I have some computers crashing while using crypted swap partition.
> > > > >
> > > > > The system doesn't crash if I remove the swap.
> > > > > The system crash again if I use a swap file on a crypted filesystem.
> > > > >
> > > > > Is this a known issue ?
> > > > >
> > > > >
> > > > > Thanks in advance for your "lights"
> > > > >
> > > > >    Fran?ois
> > > >
> > > > > _______________________________________________
> > > > > dm-crypt mailing list
> > > > > dm-crypt@saout.de
> > > > > http://www.saout.de/mailman/listinfo/dm-crypt
> > > >
> > > >
> > > > --
> > > > Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> > > > arno@wagner.name
> > > > GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
> > > > 338F
> > > > ----
> > > > Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
> > > >
> > > > If it's in the news, don't worry about it.  The very definition of
> > > > "news" is "something that hardly ever happens." -- Bruce Schneier
> > > > _______________________________________________
> > > > dm-crypt mailing list
> > > > dm-crypt@saout.de
> > > > http://www.saout.de/mailman/listinfo/dm-crypt
> > > >
> >
> > > _______________________________________________
> > > dm-crypt mailing list
> > > dm-crypt@saout.de
> > > http://www.saout.de/mailman/listinfo/dm-crypt
> >
> >
> > --
> > Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> > arno@wagner.name
> > GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
> > 338F
> > ----
> > Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
> >
> > If it's in the news, don't worry about it.  The very definition of
> > "news" is "something that hardly ever happens." -- Bruce Schneier
> > _______________________________________________
> > dm-crypt mailing list
> > dm-crypt@saout.de
> > http://www.saout.de/mailman/listinfo/dm-crypt
> >

> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 