** Description changed: + [ Impact ] + When updating the initramfs, error messages will be displayed: + cryptsetup: ERROR: Couldn't resolve device rpool/ROOT/ubuntu_fvdajm + cryptsetup: WARNING: Couldn't determine root device + + This is due to ZFS not having MAJ/MIN device numbers, which causes issues with + cryptsetup detecting the root FS. + + [ Test Plan ] + The best way I've found to test this is to setup the LUKS devices from an + existing Ubuntu installation (or e.g. the Desktop Live ISO), and debootstrap a + focal system on it. This seems to replicate a new install very closely, and the + issue can be trivially reproduced by updating the initramfs: + + root@ubuntu20.04:/# lsblk + vda 252:0 0 25G 0 disk + ├─vda1 252:1 0 512M 0 part /boot/efi + ├─vda2 252:2 0 500M 0 part + ├─vda3 252:3 0 2G 0 part + └─vda4 252:4 0 22G 0 part + └─luks1 253:0 0 22G 0 crypt + root@ubuntu20.04:/# zpool status -P rpool + pool: rpool + state: ONLINE + status: ... + action: ... + config: + + NAME STATE READ WRITE CKSUM + rpool ONLINE 0 0 0 + /dev/mapper/luks1 ONLINE 0 0 0 + + root@ubuntu20.04:/# update-initramfs -u + update-initramfs: Generating /boot/initrd.img-5.4.0-205-generic + cryptsetup: ERROR: Couldn't resolve device rpool/ROOT/ubuntu_fvdajm + cryptsetup: WARNING: Couldn't determine root device + + After backporting the ZFS patch for initramfs-tools/hooks/cryptroot from newer + Ubuntu releases: + root@ubuntu20.04:/# update-initramfs -u + update-initramfs: Generating /boot/initrd.img-5.4.0-205-generic + root@ubuntu20.04:/# + + [ Where Problems Could Occur ] + Potential issues would likely show up during initramfs creation for systems that + have LUKS devices, as that's where we have changes. + We now return an empty device number for ZFS, and ignore devices that don't have + a devno. This could cause issues with other filesystem types that also don't + have device number information, and potentially expose other issues with + LUKS-encrypted ZFS partitions. + + + [ Other Information ] + The fix has been cherry-picked from mwhudson's cryptsetup merge, to be aligned + with other Ubuntu releases (specifically, commit 8a583307a038 [0]). Focal is the + only release still missing this patch, so it's the only one we need to target. + + [0] + https://git.launchpad.net/~mwhudson/ubuntu/+source/cryptsetup/commit/?id=8a583307a0386febc8d29c0c592d5d312b176e34 + + -- Hi there, There is a missing functionality in the following file: /usr/share/initramfs-tools/hooks/cryptroot resulting in the following error message: cryptsetup: ERROR: Couldn't resolve device <zfs-mountpoint> cryptsetup: WARNING: Couldn't determine root device under the following condition: update-initramfs -c -k all when: trying to resolve for encrypted zfs devices so here is a patch to solve it, based off Package: cryptsetup-initramfs Version: 2:2.1.0-1ubuntu1 diff -Naur a/usr/share/initramfs-tools/hooks/cryptroot b/usr/share/initramfs-tools/hooks/cryptroot --- a/usr/share/initramfs-tools/hooks/cryptroot 2019-05-22 18:34:12.116097472 +0100 +++ b/usr/share/initramfs-tools/hooks/cryptroot 2019-05-22 20:13:02.159138688 +0100 @@ -72,19 +72,28 @@ - # take the last mountpoint if used several times (shadowed) - unset -v devnos - spec="$(printf '%b' "$spec")" + # take the last mountpoint if used several times (shadowed) + unset -v devnos + spec="$(printf '%b' "$spec")" - resolve_device "$spec" || continue # resolve_device() already warns on error - fstype="$(printf '%b' "$fstype")" + fstype="$(printf '%b' "$fstype")" - if [ "$fstype" = "btrfs" ]; then - # btrfs can span over multiple devices - if uuid="$(device_uuid "$DEV")"; then - for dev in "/sys/fs/$fstype/$uuid/devices"/*/dev; do - devnos="${devnos:+$devnos }$(cat "$dev")" - done - else - cryptsetup_message "ERROR: $spec: Couldn't determine UUID" + if [ "$fstype" = "zfs" ]; then + # zfs can span over multiple devices + for dev in $(zpool status -L -P | grep -o "/dev/[^ ]*"); do + MAJ="$(printf "%d\n" 0x$(stat -L -c"%t" -- "$dev"))" + MIN="$(printf "%d\n" 0x$(stat -L -c"%T" -- "$dev"))" + devnos="${devnos:+$devnos }$MAJ:$MIN" + done + else + resolve_device "$spec" || continue # resolve_device() already warns on error + if [ "$fstype" = "btrfs" ]; then + # btrfs can span over multiple devices + if uuid="$(device_uuid "$DEV")"; then + for dev in "/sys/fs/$fstype/$uuid/devices"/*/dev; do + devnos="${devnos:+$devnos }$(cat "$dev")" + done + else + cryptsetup_message "ERROR: $spec: Couldn't determine UUID" + fi + elif [ -n "$fstype" ]; then + devnos="$MAJ:$MIN" - fi + fi - elif [ -n "$fstype" ]; then - devnos="$MAJ:$MIN" - fi - fi - done </proc/mounts + fi + fi + done </proc/mounts - - Which works, I have tested it. However by solving this error message, the script can now continue further. And it then prints out some new messages that should not be there either. Unfortunately I could not track down the source of those subsequent warnings! + Which works, I have tested it. However by solving this error message, + the script can now continue further. And it then prints out some new + messages that should not be there either. Unfortunately I could not + track down the source of those subsequent warnings! They say: # update-initramfs -c -k all update-initramfs: Generating /boot/initrd.img-5.0.0-15-generic cryptsetup: WARNING: crypt_rpool1: ignoring unknown option 'nofail' - cryptsetup: WARNING: crypt_rpool1: ignoring unknown option - 'x-systemd.device-timeout' + cryptsetup: WARNING: crypt_rpool1: ignoring unknown option + 'x-systemd.device-timeout' - - So clearly there is something which does not recognize the fstab mounting options of: + So clearly there is something which does not recognize the fstab + mounting options of: 'nofail' and 'x-systemd.device-timeout' However those options are indeed valid, and were found to have a working effect. They were tested also. So the warning is something else, somewhere else. And I cannot grep it. Cannot google it. Nothing happening in strace. It is pretty mysterious, as to where it is come from. Mysterious messages! Anyhow please take the first patch if you can. Or use those lines to make your own version to improve as you please.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1830110 Title: patch for finding zfs, solves: cryptsetup: WARNING: Couldn't determine root device To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1830110/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
