From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from v6.tansi.org (ns.km31936-01.keymachine.de [87.118.116.4]) by mail.server123.net (Postfix) with ESMTP for ; Mon, 4 Aug 2014 03:13:32 +0200 (CEST) Received: from gatewagner.dyndns.org (77-57-44-24.dclient.hispeed.ch [77.57.44.24]) by v6.tansi.org (Postfix) with ESMTPA id 51DE920DC1E9 for ; Mon, 4 Aug 2014 03:13:31 +0200 (CEST) Date: Mon, 4 Aug 2014 03:13:30 +0200 From: Arno Wagner Message-ID: <20140804011330.GA3313@tansi.org> References: <20140801035717.GA28952@tansi.org> <53DB31A5.6010508@gmail.com> <20140803000116.GA17450@tansi.org> <53DE907A.1020805@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <53DE907A.1020805@gmail.com> Subject: Re: [dm-crypt] Kernel update: "Failed to access temporary keystore device." List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On Sun, Aug 03, 2014 at 21:41:46 CEST, Milan Broz wrote: > On 08/03/2014 02:01 AM, Arno Wagner wrote: > >> Can you paste the command with added --debug? > > > > See below, both for 1.6.1 and 1.6.5, which unloaks without > > error (well, without error that gets propagated to the user), > > but never creates the entry in /dev/mapper/. Likely > > a bug in 1.6.5, as it probably should tell the user that > > things went wrong. > > The 1.6.5 uses different code here (it reads device directly > when decrypting keyslot) and it need more user friendly error > messages here, my bad... > > Anyway, seems like in both cases read of device really returns > I/O error while reading keyslot area. > Could you send me strace of the command? > (No need to enter correct password at all.) Looks like it. Strace output from a test container comes in separate email. > BTW if not already there, it is another nice item to FAQ > - warn people that strace and similar debugging output can > easily leak keys or passwords. And yes, people sometimes > post these to lists :) Good idea. Added as Item 4.5 and to the warnings at the start. > > > >> Can you try to boot Debian provided kernel - does it work? > > > > Not easily. But it does work with 3.10.51, so the 3.2.x that > > Debian stable is stuck at should probably work too. > > > > Come to think of it, I have /usr/src/linux pointing to a 3.4.67 > > source tree, as gcc kernel includes in Debian stable are really > > messed up with 3.5.x and later and I failed to fix it manually. > > (Sometimes I really wonder what the Kernel devs are thinking or > > whether they are thinking at all...) Could that be the problem? > > Don't think so... kernel should use own includes while compiling > and what's failing here is just plain read (I think). > > > I usually run testing, except that I really do not want systemd, > > so until I am sure I can do that update without getting that > > atrocity, no update to jessy for me. > > There is a lot of discussion about this on debian devel, > IIRC systemd-shim is possible the way to avoid systemd as init. > (dunno if this will be supported). We will see. I have a suspicion that the sudden long-term support for pre-systemd Debian is not an accident. > > Anyways, if we do not figure this one out, I will just stay > > with 3.10.x, it is a longterm-kernel after all. I just > > tried 3.14.15 because I have some network issues and wanted to > > see whether they may be gone with a newer kernel. > > Well, it would be interesting to find what's wrong here. Ok, so lets keep poking at it. > You are using MD device - what kind of raid is that? > (lsblk -t can say more info about storage stack topology as well). It is a 3-way md RAID1 (on 2.5" laptop drives, about one firmware crash per year...). "lsblk -t" does not say a lot: NAME ALIGNMENT MIN-IO OPT-IO PHY-SEC LOG-SEC ROTA SCHED RQ-SIZE md10 0 4096 0 4096 512 1 128 Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. - Plato