From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from v6.tansi.org (ns.km31936-01.keymachine.de [87.118.116.4]) by mail.server123.net (Postfix) with ESMTP for ; Thu, 21 Aug 2014 01:40:59 +0200 (CEST) Received: from gatewagner.dyndns.org (77-57-44-24.dclient.hispeed.ch [77.57.44.24]) by v6.tansi.org (Postfix) with ESMTPA id 3923620DC1EA for ; Thu, 21 Aug 2014 01:40:59 +0200 (CEST) Date: Thu, 21 Aug 2014 01:40:58 +0200 From: Arno Wagner Message-ID: <20140820234058.GA3474@tansi.org> References: <20140801035717.GA28952@tansi.org> <53DB31A5.6010508@gmail.com> <20140803000116.GA17450@tansi.org> <53DE907A.1020805@gmail.com> <20140804011330.GA3313@tansi.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20140804011330.GA3313@tansi.org> Subject: Re: [dm-crypt] Kernel update: "Failed to access temporary keystore device." List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Hi, just resolved this. I did indeed screw up the kernel config update. After a second try, cryptsetup works fine with stock kernel.org 3.14.15. Gr"usse, Arno On Mon, Aug 04, 2014 at 03:13:30 CEST, Arno Wagner wrote: > On Sun, Aug 03, 2014 at 21:41:46 CEST, Milan Broz wrote: > > On 08/03/2014 02:01 AM, Arno Wagner wrote: > > >> Can you paste the command with added --debug? > > > > > > See below, both for 1.6.1 and 1.6.5, which unloaks without > > > error (well, without error that gets propagated to the user), > > > but never creates the entry in /dev/mapper/. Likely > > > a bug in 1.6.5, as it probably should tell the user that > > > things went wrong. > > > > The 1.6.5 uses different code here (it reads device directly > > when decrypting keyslot) and it need more user friendly error > > messages here, my bad... > > > > Anyway, seems like in both cases read of device really returns > > I/O error while reading keyslot area. > > Could you send me strace of the command? > > (No need to enter correct password at all.) > > Looks like it. Strace output from a test container comes > in separate email. > > > BTW if not already there, it is another nice item to FAQ > > - warn people that strace and similar debugging output can > > easily leak keys or passwords. And yes, people sometimes > > post these to lists :) > > Good idea. Added as Item 4.5 and to the warnings at the start. > > > > > > >> Can you try to boot Debian provided kernel - does it work? > > > > > > Not easily. But it does work with 3.10.51, so the 3.2.x that > > > Debian stable is stuck at should probably work too. > > > > > > Come to think of it, I have /usr/src/linux pointing to a 3.4.67 > > > source tree, as gcc kernel includes in Debian stable are really > > > messed up with 3.5.x and later and I failed to fix it manually. > > > (Sometimes I really wonder what the Kernel devs are thinking or > > > whether they are thinking at all...) Could that be the problem? > > > > Don't think so... kernel should use own includes while compiling > > and what's failing here is just plain read (I think). > > > > > I usually run testing, except that I really do not want systemd, > > > so until I am sure I can do that update without getting that > > > atrocity, no update to jessy for me. > > > > There is a lot of discussion about this on debian devel, > > IIRC systemd-shim is possible the way to avoid systemd as init. > > (dunno if this will be supported). > > We will see. I have a suspicion that the sudden long-term support > for pre-systemd Debian is not an accident. > > > > Anyways, if we do not figure this one out, I will just stay > > > with 3.10.x, it is a longterm-kernel after all. I just > > > tried 3.14.15 because I have some network issues and wanted to > > > see whether they may be gone with a newer kernel. > > > > Well, it would be interesting to find what's wrong here. > > Ok, so lets keep poking at it. > > > You are using MD device - what kind of raid is that? > > (lsblk -t can say more info about storage stack topology as well). > > It is a 3-way md RAID1 (on 2.5" laptop drives, about one firmware > crash per year...). > > "lsblk -t" does not say a lot: > > NAME ALIGNMENT MIN-IO OPT-IO PHY-SEC LOG-SEC ROTA SCHED RQ-SIZE > md10 0 4096 0 4096 512 1 128 > > Arno > > -- > Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name > GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 > ---- > A good decision is based on knowledge and not on numbers. - Plato > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. - Plato