Summary

To correct race conditions seen in Ubuntu 9.10 between X startup and unlocking of encrypted volumes, the cryptsetup package must be integrated with udev and plymouth.

Release Note

The cryptsetup package now integrates with udev and plymouth to handle prompting for passphrases asynchronously when using whole-disk encryption, solving various problems with boot-time hangs reported in Ubuntu 9.10. Users who worked around this issue in 9.10 by adding bootwait to /etc/fstab or noauto to /etc/crypttab can safely remove these options again.

Rationale

Users who have configured their systems to use encrypted volumes in the past expect these volumes to continue to be usable when upgrading to newer Ubuntu releases. This has not been the case for Ubuntu 9.10, where late-appearing disks have caused boot-time hangs for users. This should be addressed for Ubuntu 10.04 LTS, and a best effort made to backport any suitable fixes to 9.10.

User stories

Design

Implementation

upstart job for lucid

  start on block-device-added ID_FS_USAGE=crypto
  instance $DEVICE
  task
  script
    grep -q "$DEVICE" /etc/crypttab || { stop; exit 0; }
    exec plymouth ask-for-password --prompt="Please to be telling me secrets for $DEVICE" --command="cryptsetup $DEVICE"
  end script

fixes for karmic

Test/Demo Plan

It's important that we are able to test new features, and demonstrate them to users. Use this section to describe a short plan that anybody can follow that demonstrates the feature is working. This can then be used during testing, and to show off after release. Please add an entry to http://testcases.qa.ubuntu.com/Coverage/NewFeatures for tracking test coverage.

This need not be added or completed until the specification is nearing beta.


CategorySpec

FoundationsTeam/Specs/CryptsetupWithUpstart (last edited 2009-12-02 02:54:18 by minbar)