=== johanbr_ is now known as johanbr | ||
bmhm | Hi, got a question about luks-support in 9.10 | 09:58 |
---|---|---|
bmhm | seems to have been altered | 09:58 |
bmhm | I got a laptop with luks-encrypted partitions. While booting with 9.04's kernel, decrypting works | 09:58 |
bmhm | doesn't work when booting with the new kernel | 09:58 |
bmhm | any ideas? | 09:58 |
hyperair | strange, it works for mine nicely | 10:08 |
hyperair | what happens when booting 9.10's kernel? | 10:09 |
hyperair | could it be that cryptsetup somehow disappeared and your initrd doesn't have it? | 10:09 |
bmhm | hmm | 10:11 |
bmhm | probably my initramfs is faulty | 10:11 |
bmhm | but how did this happen? | 10:12 |
bmhm | and how do I restore it? | 10:12 |
hyperair | wait a sec. how is your setup like? | 10:13 |
hyperair | is root on a luks partition? | 10:13 |
bmhm | yes it is | 10:13 |
bmhm | ./boot is not | 10:13 |
hyperair | ah | 10:13 |
hyperair | similar to mine thne | 10:13 |
hyperair | then* | 10:13 |
bmhm | ./ and ./home are | 10:13 |
hyperair | lvm? | 10:13 |
bmhm | no lvm | 10:13 |
hyperair | ah | 10:13 |
hyperair | so they're separate | 10:13 |
hyperair | okay, do you have your jaunty kernels around with the same installation, or is your karmic and jaunty installation separate? | 10:14 |
hyperair | (and you should leave the leading ".". "." stands for "current directory") | 10:14 |
bmhm | I cant leave . | 10:16 |
bmhm | at least in IRC | 10:16 |
bmhm | try starting a chat message with a slash | 10:16 |
bmhm | :-) | 10:16 |
bmhm | yes, it works with my jaunty kernel | 10:16 |
bmhm | I just saw some issues with ldconfi | 10:17 |
bmhm | g | 10:17 |
hyperair | /blah | 10:17 |
hyperair | ;-) | 10:17 |
hyperair | try either // or / / | 10:17 |
hyperair | well boot using your jaunty kernel and run sudo update-initramfs -u -k all | 10:18 |
hyperair | see if that works | 10:18 |
bmhm | I fixed some library-problems, maybe this is already it. Afterwards, I'll try your suggestion (currently rebooting) | 10:18 |
hyperair | good luck | 10:19 |
bmhm | at least I can now use vim again... | 10:19 |
bmhm | while updating, ldconfig said, my libavahi* and libgpg*-files were empty | 10:20 |
hyperair | heh | 10:20 |
hyperair | soudns like your isntallation's kinda knocked up | 10:20 |
bmhm | yeah | 10:20 |
hyperair | i'd install debsums and run a check | 10:20 |
bmhm | debsums? never heard of it, i'll try | 10:20 |
hyperair | it's good for detecting files which differ from what the's installed | 10:20 |
bmhm | you wouldn't guess what happened to my fathers laptop | 10:20 |
hyperair | what? | 10:21 |
hyperair | tossed it out the window and it survived? =p | 10:21 |
bmhm | /boot was full. But I couldn't remove old kernels, because dpkg --configure -a had no disk space on /boot | 10:21 |
bmhm | ... | 10:21 |
bmhm | and there was no "resume"-optin | 10:21 |
bmhm | the upgrade process just broke | 10:21 |
bmhm | how annoying | 10:23 |
hyperair | ah | 10:24 |
hyperair | you could dpkg --configure -a again | 10:24 |
bmhm | do you have a cipher= option specified in /etc/crypttab? | 10:24 |
hyperair | it'll continue from where it left off | 10:24 |
hyperair | no i don't | 10:24 |
bmhm | I see, maybe this might be an issue | 10:24 |
hyperair | cryptostuff /dev/sda2 none luks | 10:24 |
hyperair | that's the only line there | 10:24 |
hyperair | aside from the comment | 10:24 |
bmhm | I see. mayby I'll try to remove that option | 10:25 |
hyperair | it shouldn't cause issues imo | 10:26 |
hyperair | the problem is most probably because dpkg failed | 10:26 |
bmhm | yeah | 10:26 |
hyperair | make sure dpkg completes whatever it's doing | 10:26 |
bmhm | update-initramfs found the crypto devices | 10:26 |
hyperair | give /boot more space or whatever | 10:26 |
bmhm | let's reboot | 10:26 |
bmhm | I thought 200MiB are enough for /boot | 10:26 |
bmhm | but jaunty had a lot of kernel updates | 10:27 |
hyperair | /dev/sda1 510M 126M 359M 26% /boot | 10:27 |
bmhm | I see | 10:27 |
hyperair | 200MiB is kinda cutting it close | 10:27 |
hyperair | you can purge some of your kernels | 10:27 |
bmhm | I did | 10:27 |
hyperair | the older ones | 10:27 |
hyperair | ah | 10:27 |
bmhm | but... | 10:27 |
bmhm | I couldn't do via dpkg or aptitude | 10:27 |
bmhm | since i had to do dpkg --configure -a first | 10:28 |
bmhm | and I couldn't execute that because of low disk space | 10:28 |
bmhm | so I had to remove them via 'rm' | 10:28 |
bmhm | that's what bugging me | 10:28 |
hyperair | lol | 10:28 |
hyperair | i see | 10:28 |
hyperair | rm, dpkg --configure -a, then purge | 10:28 |
bmhm | yeah | 10:29 |
bmhm | exactly | 10:29 |
bmhm | from SLES, I know `rpm -qf </path/to/file>` and rpm tells, to which pakage this file belongs to | 10:32 |
bmhm | very handy | 10:32 |
_maks | dpkg -S file | 10:33 |
bmhm | ah | 10:35 |
bmhm | gotto remember that | 10:35 |
hyperair | or dlocate | 10:35 |
hyperair | dlocate is a very much faster dpkg -S | 10:35 |
bmhm | rpm is extremely slow | 10:35 |
bmhm | both dlocate and dpkg are probably faster | 10:36 |
hyperair | heh | 10:36 |
hyperair | well dpkg -S takes quite some time | 10:36 |
hyperair | but dlocate is almost instantaneous | 10:36 |
hyperair | it seems dlocate can also do md5sums check | 10:36 |
bmhm | I guess dlocate builds some sorta hash map | 10:36 |
hyperair | s | 10:36 |
hyperair | it does | 10:36 |
hyperair | no actually it says it keeps a text dump | 10:36 |
bmhm | o.O | 10:36 |
hyperair | it says it keeps a text dump from dpkg | 10:37 |
bmhm | dlocate -l understands regex, hooray! | 10:37 |
hyperair | and just uses grep | 10:37 |
hyperair | lol | 10:37 |
hyperair | $ wc -l dlocatedb | 10:37 |
hyperair | 408412 dlocatedb | 10:37 |
hyperair | my my, that's a lot of lines. xD | 10:37 |
bmhm | grep is fast then :-P | 10:38 |
bmhm | I had some issues using grep on AIX, but that's another story | 10:39 |
bmhm | hyperair: cryptsetup works, thanks!! | 10:39 |
hyperair | heh | 10:39 |
hyperair | np | 10:39 |
bmhm | in our company we use SLES, AIX, Solaris on servers. on AIX and Solaris there is only ksh88 available. bah! | 10:40 |
bmhm | by the way, hyperair, have you seen that recent picture of Linus Torvalds in front of a win7-store? | 10:43 |
bmhm | http://tr.im/Eqan | 10:44 |
hyperair | bmhm: i did, yes. | 10:51 |
hyperair | it was hilarious | 10:51 |
bmhm | hyperair: can you help me with another LUKS-Issue? | 10:59 |
hyperair | what's up? | 10:59 |
bmhm | as I said... no LVM. I am trying to derive keys from root. Works with swap, but won't work with home (both deriving from root) | 11:00 |
hyperair | what do you mean derive keys from root? | 11:00 |
bmhm | means using /lib/cryptsetup/scripts/decrypt_derived as option | 11:01 |
hyperair | hmm | 11:02 |
hyperair | never done anything of that sort O_o | 11:02 |
hyperair | what does it make your crypttab look like? | 11:02 |
bmhm | erhm wait a mo | 11:03 |
bmhm | hyperair: http://pastebin.ca/1660772 | 11:04 |
hyperair | bmhm: how do you create your cryptsetup volumes? | 11:17 |
bmhm | it's been some time since I created them | 11:20 |
hyperair | heh | 11:22 |
bmhm | dunno, does it really matter? | 11:24 |
bmhm | hyperair: it works when I remove the script-part from the /home-line. I just have to type the password twice | 11:25 |
hyperair | hmm | 11:25 |
hyperair | is there documentation on this script? | 11:25 |
bmhm | hyperair: just found the issue | 11:30 |
bmhm | to use a derrived key, it has to be added to the luks header first | 11:30 |
hyperair | ? | 11:30 |
hyperair | luks header? | 11:30 |
hyperair | what do you mean? | 11:30 |
bmhm | the partition header created by luks | 11:30 |
bmhm | it has to be added via cryptsetup luksAddKey | 11:31 |
hyperair | i don't understand | 11:32 |
hyperair | dion't you mean luksFormat? | 11:32 |
hyperair | oh i get it | 11:33 |
hyperair | i understand now. | 11:33 |
hyperair | % /lib/cryptsetup/scripts/decrypt_derived crypt-part > /mnt/crypt-part/key-file | 11:33 |
hyperair | 2.% cryptsetup luksAddKey /dev/sda7 /mnt/crypt-part/key-file | 11:34 |
hyperair | aha. | 11:34 |
bmhm | yeah | 11:34 |
bmhm | i took it from german ubuntuusers-wiki | 11:34 |
hyperair | ah | 11:34 |
hyperair | well i faced that problem at first, so i used lvm instead | 11:34 |
hyperair | i don't regret it, since lvm makes it extremely easy to resize partitions. | 11:34 |
hyperair | or create new ones | 11:34 |
hyperair | resizing cryptsetup volumes are kinda.. @_@ | 11:35 |
bmhm | Yeah, true | 11:35 |
bmhm | but when I created my luks partitions about 1.5 years ago, there was no appropriate tutorial | 11:35 |
hyperair | 1.5 years? | 11:36 |
hyperair | that's about the same time i created mine | 11:36 |
hyperair | there were cryptsetup/lvm tutorials lying around | 11:36 |
bmhm | well... | 11:37 |
hyperair | it's a good thing i used lvm anyway, i learnt loads about lvm (and use it for sg.releases.ubuntu.com now) | 11:37 |
bmhm | true | 11:37 |
bmhm | LVM really is a good thing to have | 11:37 |
hyperair | yep | 11:37 |
bmhm | btrfs will have some interesting features as well, which will interact with LVM | 11:38 |
hyperair | hmm | 11:38 |
hyperair | is it? | 11:38 |
hyperair | interact with LVM? i thought it was going to provide all kinds of LVM which will make LVM rather useless for it | 11:38 |
bmhm | ah perhaps that's what I meant | 11:39 |
bmhm | this is where I get my information from: | 11:40 |
bmhm | http://www.h-online.com/open/features/The-Btrfs-file-system-746597.html | 11:40 |
bmhm | it's a translation of the german site "heise.de", which is the publisher of the best-known german computer magazine (called "c't"). | 11:41 |
bmhm | btrfs has also raid built in. I wonder what happens to md, | 11:41 |
hyperair | it'll be around for legacy file systems i suppose | 11:47 |
bmhm | do you know "the h"? great page imho | 11:50 |
hyperair | nope | 11:56 |
hyperair | what's that | 11:56 |
bmhm | the page i just posted an article from | 12:06 |
bmhm | well anyway. got to go | 12:09 |
bmhm | thanks for helping | 12:09 |
=== maco_ is now known as maco | ||
=== maco_ is now known as maco | ||
=== nightwis- is now known as nightwish | ||
=== kees__ is now known as kees | ||
=== BenC2 is now known as BenC | ||
=== maco_ is now known as maco | ||
dtchen | apw: should I modify build-mkschroot to accept lucid as a valid $SUITE, too? | 20:42 |
dtchen | ugh, this is going to require kludging in a newer debootstrap, too | 20:42 |
dtchen | ...which of course doesn't exist yet. | 20:43 |
=== SEJeff_ is now known as SEJeff | ||
Ng | lool: have you had any complete kernel panics on your 301 in karmic, particularly recently? | 23:20 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!