Am 12.06.2015 um 23:27 schrieb Jan Kowalsky: > Am 11.06.2015 um 16:12 schrieb chals: >> On Thu, Jun 11, 2015 at 11:58 AM, Jan Kowalsky >> <jan...@datenkollektiv.net> wrote: >>> Hi all, >>> >>> I try to build a live system with luks encrypted persistence. It fails, >>> because inside the initramfs the cryptsetup binaries don't exist. In the >>> past - from wheezy I was able to build an encrypted system as long as I >>> took the live-boot-initramfs-tools from jessie. >>> >>> Is it possible to include some packages inside the initramfs? Where >>> would be the place to configure? >>> >> This section of live-manual might be of some help --> >> http://live.debian.net/manual/current/html/live-manual.en.html#590 >> > Thanks for the hint. I was looking at the stable manual which still > seems to refer to wheezy and doesn't face crypted persistence. But > anyway, that's exactly, what I've done. And in this way I did it in the > past with success. > > The problem is: the cryptsetup binary exists in the chroot - but not in > the initramdisk. > > Any further idea? Anybody of you was able to build an image with crypted > persistence with the live helpers in wheezy? > > Is there anyway to specify which additional packages should reach the > initramfs?
The reason cryptsetup doesn't find it's way into initramfs anymore is the probably following: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714104 Since jessie the cryptsetup-package changed the cryptoroot hook: (/usr/share/initramfs-tools/hooks/cryptroot) Now it includes cryptsetup in the initramfs only if it detects an configuration of an crypted _root_ filesystem in /etc/fstab or /etc/crypttab. Since this is not the case inside the live chroot the binaries aren't included. This Bug-Report gave me an idea, how to fix this: https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1256730 So I try to include an usr/share/initramfs-tools/conf-hooks.d/forcecryptsetup with export CRYPTSETUP=y in the includes.chroot and build the image again and it works. The live-initramfs packages should maybe export this variable somewhere. I don't know what's the best place for that. But maybe this should be mentioned in the documentation until it is fixed in the next version. Best regards Jan -- To UNSUBSCRIBE, email to debian-live-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/55804f40.90...@datenkollektiv.net
