[dm-crypt] luks, swap and crash

Francois Chenais francois.chenais at gmail.com
Tue May 3 11:24:25 CEST 2011



-- 
f c

Le 3 mai 2011 à 10:19, Arno Wagner <arno at wagner.name> a écrit :

> On Tue, May 03, 2011 at 09:28:31AM +0200, Fran?ois Chenais wrote:
>> 2011/5/3 Arno Wagner <arno at wagner.name>
>> 
>>> Ok, hard freeze is not good.
>>> 
>>> One thing you could try is a serial console. This needs only
>>> a boot option to the kernel.
>>> 
>>> CentOS 5.5 is also pretty recent.
>>> 
>>> 
>> Even if the kernel is patched, the version 2.6.18 is not so recent :P
>> The system used version 1.0.3 of cryptsetup :/
> 
> Oops, seems my version lookup-fu is badly broken. 2.6.18 is indeed
> mostly of historic interest and 1.0.3 is also pretty old.
> 
>> Unless Milan knows what is going on here, a recreation in
>>> a test machine would probably be the best next step.
>>> 
>>> Hmm, do you by any chance encrypt swap _twice_?
>>> 
>>> 
>> Hmmm, why _twice_ and what for ?
> 
> The idea was that maybe there is a full-disk encryptiopn 
> and then a partition encryption on top.
> 
Oki. But in this case, the swap is on a dedicated partition. No double encryption. 


> Arno
> 
> 
>> BTW, pretty peculiar setup. I take it this machine installs
>>> itself from an image to the encrypted filesystem (with random
>>> key) on boot? JUst out of curiosity, how long does that
>>> take?
>>> 
>>> 
>> Just temporary FS are encrypted. So the time spent depends of the size of
>> the
>> FS. But sure, it's not user friendly :D
>> 
>> 
>> Fran?ois
>> 
>> 
>> 
>> 
>>> Arno
>>> 
>>> 
>>> On Mon, May 02, 2011 at 09:21:41PM +0200, Fran?ois Chenais wrote:
>>>> 2011/5/2 Arno Wagner <arno at wagner.name>
>>>> 
>>>>> What do you mean by "crash"?
>>>>> 
>>>>> 
>>>> Crash = the computer is frozen, nothing happens. The only way to bring it
>>>> back to life is to power off/on.
>>>> 
>>>> 
>>>> I knew U'll ask me some logs but ... :)
>>>> 
>>>>  Actually, I have no logs because log files are written on encrypted
>>> file
>>>> system and the file system
>>>>  is encrypted at boot time; each time with at new unknown random key ;
>>> so I
>>>> have NO file, NO LOG, Nothing,
>>>>  as in a black hole !:P
>>>> 
>>>>  I don't have change anything because it's a production server.
>>>>  I need to take time to reproduce the crash on a test machine.
>>>> 
>>>> ... but I'm interested about the list feedback about same experience.
>>>> 
>>>> 
>>>>  The system is CentOS 5.5.
>>>> 
>>>> 
>>>> 
>>>> 
>>>>> Arno
>>>>> 
>>>>> On Mon, May 02, 2011 at 11:50:25AM +0200, Fran?ois Chenais wrote:
>>>>>> Hello,
>>>>>> 
>>>>>> I have some computers crashing while using crypted swap partition.
>>>>>> 
>>>>>> The system doesn't crash if I remove the swap.
>>>>>> The system crash again if I use a swap file on a crypted filesystem.
>>>>>> 
>>>>>> Is this a known issue ?
>>>>>> 
>>>>>> 
>>>>>> Thanks in advance for your "lights"
>>>>>> 
>>>>>>   Fran?ois
>>>>> 
>>>>>> _______________________________________________
>>>>>> dm-crypt mailing list
>>>>>> dm-crypt at saout.de
>>>>>> http://www.saout.de/mailman/listinfo/dm-crypt
>>>>> 
>>>>> 
>>>>> --
>>>>> Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
>>>>> arno at wagner.name
>>>>> GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
>>>>> 338F
>>>>> ----
>>>>> Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
>>>>> 
>>>>> If it's in the news, don't worry about it.  The very definition of
>>>>> "news" is "something that hardly ever happens." -- Bruce Schneier
>>>>> _______________________________________________
>>>>> dm-crypt mailing list
>>>>> dm-crypt at saout.de
>>>>> http://www.saout.de/mailman/listinfo/dm-crypt
>>>>> 
>>> 
>>>> _______________________________________________
>>>> dm-crypt mailing list
>>>> dm-crypt at saout.de
>>>> http://www.saout.de/mailman/listinfo/dm-crypt
>>> 
>>> 
>>> --
>>> Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
>>> arno at wagner.name
>>> GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
>>> 338F
>>> ----
>>> Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
>>> 
>>> If it's in the news, don't worry about it.  The very definition of
>>> "news" is "something that hardly ever happens." -- Bruce Schneier
>>> _______________________________________________
>>> dm-crypt mailing list
>>> dm-crypt at saout.de
>>> http://www.saout.de/mailman/listinfo/dm-crypt
>>> 
> 
>> _______________________________________________
>> dm-crypt mailing list
>> dm-crypt at saout.de
>> http://www.saout.de/mailman/listinfo/dm-crypt
> 
> 
> -- 
> Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name 
> GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
> ----
> Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
> 
> If it's in the news, don't worry about it.  The very definition of 
> "news" is "something that hardly ever happens." -- Bruce Schneier 
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt


More information about the dm-crypt mailing list