live-boot not getting dm-crypt module in initramfs

Thu, 19 Jul 2018 15:36:16 -0700 



I have been trying for the last couple of days to get encrypted persistence 
working with a custom debian live build image I'm building and have not had 
any luck.


During boot I see these two messages:

Warning: Unable to load module dm-crypt
Warning: cryptsetup in unavailable


I'm assuming that if dm-crypt/cryptsetup would run, it would ask me for the 
password to decrypt the persistence partition and process persistence.conf, 
but I'm never prompted.



Once booting is completed I am able to mount the encrypted persistence 
partition fine. I've tried it with both a luks loopback file (named 
persistence, and containing an ext2 partition also labeled persistence) and 
a luks-formatted partition (containing an ext2 partition labeled persistence).


It seems very similar to:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765729
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767195

But those are almost 4 years old, and i assume wouldn't be a problem any more?


I followed those threads and tried a couple of different methods of setting 
CRYPTSETUP=yes for the initramfs command, but it didn't change anything. I 
assume this hook should be taking care of that anyway:


https://github.com/debian-live/live-build/blob/debian/share/hooks/normal/0030-enable-cryptsetup.hook.chroot

I also see these messages inside of the chroot during build:

[2018-07-12 15:42:27] lb chroot_hacks
P: Begin executing hacks...
update-initramfs: Generating /boot/initrd.img-4.16.0-2-amd64
cryptsetup: WARNING: Couldn't determine root device
cryptsetup: ERROR: Couldn't resolve device /dev/sda3
cryptsetup: WARNING: The initramfs image may not contain cryptsetup binaries
nor crypto modules. If that's on purpose, you may want to uninstall the
'cryptsetup-initramfs' package in order to disable the cryptsetup initramfs
integration and avoid this warning.


I don't know if that matters or know. I don't know why the inside of the 
chroot would care about /dev/sda3 or whatever.



I have tried the build several different ways, including inside a vanilla 
debian sid VM, inside a debian sid docker image I have built for the 
purpose, and simply as root on my host machine.



I'm running debian unstable, with live-build version 20180618 installed 
from that repository. Kernel is 4.16.0-2-amd64.



I've followed the instructions pretty well to the letter from the Live 
Systems Manual, as far as creating the image goes and creating the luks 
volumes. I'm out of ideas at this time. Any ideas?


Thanks,

-SG
















    











					Reply via email to