* Query about GRUB_ENABLE_CRYPTODISK
@ 2014-12-09 12:35 Barry Jackson
2014-12-09 18:27 ` Andrei Borzenkov
0 siblings, 1 reply; 7+ messages in thread
From: Barry Jackson @ 2014-12-09 12:35 UTC (permalink / raw)
To: grub-devel
Hello,
In Mageia it has been proposed that GRUB_ENABLE_CRYPTODISK=y be made the
default setting in /etc/default/grub for all installations, whether they
use encryption or not.
The bug report is here:
https://bugs.mageia.org/show_bug.cgi?id=14741
I already had a useful reply on IRC from Jordan (copied in report) who
suggested asking here as well in case this raises other issues.
This is fairly urgent as we are in version freeze for the next release
of the distro.
Any comments would be appreciated.
Barry
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Query about GRUB_ENABLE_CRYPTODISK
2014-12-09 12:35 Query about GRUB_ENABLE_CRYPTODISK Barry Jackson
@ 2014-12-09 18:27 ` Andrei Borzenkov
2014-12-09 22:36 ` Barry Jackson
0 siblings, 1 reply; 7+ messages in thread
From: Andrei Borzenkov @ 2014-12-09 18:27 UTC (permalink / raw)
To: Barry Jackson; +Cc: grub-devel
В Tue, 09 Dec 2014 12:35:20 +0000
Barry Jackson <zen25000@zen.co.uk> пишет:
> Hello,
> In Mageia it has been proposed that GRUB_ENABLE_CRYPTODISK=y be made the
> default setting in /etc/default/grub for all installations, whether they
> use encryption or not.
The discussion happens every now and then.
http://lists.gnu.org/archive/html/grub-devel/2013-12/msg00112.html
> The bug report is here:
>
> https://bugs.mageia.org/show_bug.cgi?id=14741
>
> I already had a useful reply on IRC from Jordan (copied in report) who
> suggested asking here as well in case this raises other issues.
>
> This is fairly urgent as we are in version freeze for the next release
> of the distro.
>
> Any comments would be appreciated.
>
> Barry
>
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Query about GRUB_ENABLE_CRYPTODISK
2014-12-09 18:27 ` Andrei Borzenkov
@ 2014-12-09 22:36 ` Barry Jackson
2014-12-09 23:27 ` Barry Jackson
0 siblings, 1 reply; 7+ messages in thread
From: Barry Jackson @ 2014-12-09 22:36 UTC (permalink / raw)
To: Andrei Borzenkov; +Cc: grub-devel
On 09/12/14 18:27, Andrei Borzenkov wrote:
> В Tue, 09 Dec 2014 12:35:20 +0000
> Barry Jackson <zen25000@zen.co.uk> пишет:
>
>> Hello,
>> In Mageia it has been proposed that GRUB_ENABLE_CRYPTODISK=y be made the
>> default setting in /etc/default/grub for all installations, whether they
>> use encryption or not.
>
> The discussion happens every now and then.
>
> http://lists.gnu.org/archive/html/grub-devel/2013-12/msg00112.html
OK, thanks for the link.
In the case of Mageia the default installation puts everything required
by grub under /boot, so AFAICT this should not cause a problem.
Am I correct Andrei in thinking that you originally packaged grub2 for
Mandriva? (There is/was a comment with "(bor)" in the spec which made me
wonder) :)
Regards,
Barry
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Query about GRUB_ENABLE_CRYPTODISK
2014-12-09 22:36 ` Barry Jackson
@ 2014-12-09 23:27 ` Barry Jackson
2014-12-10 3:25 ` Andrei Borzenkov
0 siblings, 1 reply; 7+ messages in thread
From: Barry Jackson @ 2014-12-09 23:27 UTC (permalink / raw)
To: grub-devel
On 09/12/14 22:36, Barry Jackson wrote:
> On 09/12/14 18:27, Andrei Borzenkov wrote:
>> В Tue, 09 Dec 2014 12:35:20 +0000
>> Barry Jackson <zen25000@zen.co.uk> пишет:
>>
>>> Hello,
>>> In Mageia it has been proposed that GRUB_ENABLE_CRYPTODISK=y be made the
>>> default setting in /etc/default/grub for all installations, whether they
>>> use encryption or not.
>>
>> The discussion happens every now and then.
>>
>> http://lists.gnu.org/archive/html/grub-devel/2013-12/msg00112.html
>
> OK, thanks for the link.
>
> In the case of Mageia the default installation puts everything required
> by grub under /boot, so AFAICT this should not cause a problem.
... but it does.
I found time to do some testing, and adding it to the config on a system
with no encryption at all causes an error message:
error: device name required.
this seems to be triggered by this line which grub-mkconfig adds to
grub.cfg:
cryptomount -u
this causes a "Press any key to continue" message.
In practice the boot continues after about a 10 second delay without
pressing a key.
I have confirmed this in VM and real h/w.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Query about GRUB_ENABLE_CRYPTODISK
2014-12-09 23:27 ` Barry Jackson
@ 2014-12-10 3:25 ` Andrei Borzenkov
2014-12-10 20:48 ` Barry Jackson
2015-03-27 15:28 ` Vladimir 'φ-coder/phcoder' Serbinenko
0 siblings, 2 replies; 7+ messages in thread
From: Andrei Borzenkov @ 2014-12-10 3:25 UTC (permalink / raw)
To: Barry Jackson; +Cc: grub-devel
В Tue, 09 Dec 2014 23:27:49 +0000
Barry Jackson <zen25000@zen.co.uk> пишет:
> On 09/12/14 22:36, Barry Jackson wrote:
> > On 09/12/14 18:27, Andrei Borzenkov wrote:
> >> В Tue, 09 Dec 2014 12:35:20 +0000
> >> Barry Jackson <zen25000@zen.co.uk> пишет:
> >>
> >>> Hello,
> >>> In Mageia it has been proposed that GRUB_ENABLE_CRYPTODISK=y be made the
> >>> default setting in /etc/default/grub for all installations, whether they
> >>> use encryption or not.
> >>
> >> The discussion happens every now and then.
> >>
> >> http://lists.gnu.org/archive/html/grub-devel/2013-12/msg00112.html
> >
> > OK, thanks for the link.
> >
> > In the case of Mageia the default installation puts everything required
> > by grub under /boot, so AFAICT this should not cause a problem.
>
> ... but it does.
>
> I found time to do some testing, and adding it to the config on a system
> with no encryption at all causes an error message:
> error: device name required.
>
> this seems to be triggered by this line which grub-mkconfig adds to
> grub.cfg:
>
> cryptomount -u
>
Does patch below help?
From: Andrei Borzenkov <arvidjaar@gmail.com>
Subject: [PATCH] do not emit cryptomount without crypto UUID
---
util/grub-mkconfig_lib.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util/grub-mkconfig_lib.in b/util/grub-mkconfig_lib.in
index 29ef865..60b31ca 100644
--- a/util/grub-mkconfig_lib.in
+++ b/util/grub-mkconfig_lib.in
@@ -145,7 +145,7 @@ prepare_grub_to_access_device ()
done
if [ x$GRUB_ENABLE_CRYPTODISK = xy ]; then
- for uuid in "`"${grub_probe}" --device $@ --target=cryptodisk_uuid`"; do
+ for uuid in `"${grub_probe}" --device $@ --target=cryptodisk_uuid`; do
echo "cryptomount -u $uuid"
done
fi
--
tg: (bac5d1a..) u/mkconfig-cryptomount (depends on: master)
^ permalink raw reply related [flat|nested] 7+ messages in thread* Re: Query about GRUB_ENABLE_CRYPTODISK
2014-12-10 3:25 ` Andrei Borzenkov
@ 2014-12-10 20:48 ` Barry Jackson
2015-03-27 15:28 ` Vladimir 'φ-coder/phcoder' Serbinenko
1 sibling, 0 replies; 7+ messages in thread
From: Barry Jackson @ 2014-12-10 20:48 UTC (permalink / raw)
To: Andrei Borzenkov; +Cc: grub-devel
On 10/12/14 03:25, Andrei Borzenkov wrote:
>
> Does patch below help?
>
> From: Andrei Borzenkov <arvidjaar@gmail.com>
> Subject: [PATCH] do not emit cryptomount without crypto UUID
>
> ---
> util/grub-mkconfig_lib.in | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/util/grub-mkconfig_lib.in b/util/grub-mkconfig_lib.in
> index 29ef865..60b31ca 100644
> --- a/util/grub-mkconfig_lib.in
> +++ b/util/grub-mkconfig_lib.in
> @@ -145,7 +145,7 @@ prepare_grub_to_access_device ()
> done
>
> if [ x$GRUB_ENABLE_CRYPTODISK = xy ]; then
> - for uuid in "`"${grub_probe}" --device $@ --target=cryptodisk_uuid`"; do
> + for uuid in `"${grub_probe}" --device $@ --target=cryptodisk_uuid`; do
> echo "cryptomount -u $uuid"
> done
> fi
>
Yes that fixes it. Thanks :)
^ permalink raw reply [flat|nested] 7+ messages in thread* Re: Query about GRUB_ENABLE_CRYPTODISK
2014-12-10 3:25 ` Andrei Borzenkov
2014-12-10 20:48 ` Barry Jackson
@ 2015-03-27 15:28 ` Vladimir 'φ-coder/phcoder' Serbinenko
1 sibling, 0 replies; 7+ messages in thread
From: Vladimir 'φ-coder/phcoder' Serbinenko @ 2015-03-27 15:28 UTC (permalink / raw)
To: The development of GNU GRUB
Please commit this patch
On 10.12.2014 04:25, Andrei Borzenkov wrote:
> В Tue, 09 Dec 2014 23:27:49 +0000
> Barry Jackson <zen25000@zen.co.uk> пишет:
>
>> On 09/12/14 22:36, Barry Jackson wrote:
>>> On 09/12/14 18:27, Andrei Borzenkov wrote:
>>>> В Tue, 09 Dec 2014 12:35:20 +0000
>>>> Barry Jackson <zen25000@zen.co.uk> пишет:
>>>>
>>>>> Hello,
>>>>> In Mageia it has been proposed that GRUB_ENABLE_CRYPTODISK=y be made the
>>>>> default setting in /etc/default/grub for all installations, whether they
>>>>> use encryption or not.
>>>>
>>>> The discussion happens every now and then.
>>>>
>>>> http://lists.gnu.org/archive/html/grub-devel/2013-12/msg00112.html
>>>
>>> OK, thanks for the link.
>>>
>>> In the case of Mageia the default installation puts everything required
>>> by grub under /boot, so AFAICT this should not cause a problem.
>>
>> ... but it does.
>>
>> I found time to do some testing, and adding it to the config on a system
>> with no encryption at all causes an error message:
>> error: device name required.
>>
>> this seems to be triggered by this line which grub-mkconfig adds to
>> grub.cfg:
>>
>> cryptomount -u
>>
>
> Does patch below help?
>
> From: Andrei Borzenkov <arvidjaar@gmail.com>
> Subject: [PATCH] do not emit cryptomount without crypto UUID
>
> ---
> util/grub-mkconfig_lib.in | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/util/grub-mkconfig_lib.in b/util/grub-mkconfig_lib.in
> index 29ef865..60b31ca 100644
> --- a/util/grub-mkconfig_lib.in
> +++ b/util/grub-mkconfig_lib.in
> @@ -145,7 +145,7 @@ prepare_grub_to_access_device ()
> done
>
> if [ x$GRUB_ENABLE_CRYPTODISK = xy ]; then
> - for uuid in "`"${grub_probe}" --device $@ --target=cryptodisk_uuid`"; do
> + for uuid in `"${grub_probe}" --device $@ --target=cryptodisk_uuid`; do
> echo "cryptomount -u $uuid"
> done
> fi
>
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2015-03-27 15:27 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-12-09 12:35 Query about GRUB_ENABLE_CRYPTODISK Barry Jackson
2014-12-09 18:27 ` Andrei Borzenkov
2014-12-09 22:36 ` Barry Jackson
2014-12-09 23:27 ` Barry Jackson
2014-12-10 3:25 ` Andrei Borzenkov
2014-12-10 20:48 ` Barry Jackson
2015-03-27 15:28 ` Vladimir 'φ-coder/phcoder' Serbinenko
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).