Public bug reported:
[Impact]
clevis <= 12 did not integrate with initramfs-tools. This meant that if users
wanted to automatically decrypt a luks volume for /, they had to use dracut,
which is poorly supported in Ubuntu (see bug 1814460).
[Test Case]
sudo apt install clevis-luks clevis-initramfs
Bind your root luks / device to a remote tang server, e.g.:
sudo clevis luks bind -d /dev/vda3 tang '{"url": "http://192.168.122.1"}'
Accept the key when prompted. Reboot - your luks / should automatically decrypt.
[Regression Risk]
clevis introduced initramfs-tools support by adding a new leaf package -
clevis-initramfs. Existing users would not have this package installed, so
would be immune from any issues it causes by default.
** Affects: clevis (Ubuntu)
Importance: Undecided
Status: Fix Released
** Affects: clevis (Ubuntu Bionic)
Importance: Undecided
Assignee: dann frazier (dannf)
Status: In Progress
** Affects: clevis (Ubuntu Eoan)
Importance: Undecided
Assignee: dann frazier (dannf)
Status: In Progress
** Also affects: clevis (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: clevis (Ubuntu Eoan)
Importance: Undecided
Status: New
** Changed in: clevis (Ubuntu)
Status: New => Fix Released
** Changed in: clevis (Ubuntu Bionic)
Assignee: (unassigned) => dann frazier (dannf)
** Changed in: clevis (Ubuntu Eoan)
Assignee: (unassigned) => dann frazier (dannf)
** Changed in: clevis (Ubuntu Bionic)
Status: New => In Progress
** Changed in: clevis (Ubuntu Eoan)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1872832
Title:
initramfs-tools support
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clevis/+bug/1872832/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
