| 1 |
On Sat, Sep 21, 2013 at 4:49 PM, Canek Peláez Valdés <caneko@×××××.com> |
| 2 |
wrote: |
| 3 |
[...] |
| 4 |
> The problem, that I believe Stefan and Frank hinted, is that the |
| 5 |
> encrypted swap did not activated properly, sometimes resulting in huge |
| 6 |
> boot times (in the order of 1 minute). But only if you specify the |
| 7 |
> swap partition in fstab. |
| 8 |
> |
| 9 |
> The problem is, I think, that systemd tries to activate as soon as |
| 10 |
> possible the swap partitions, even before |
| 11 |
> systemd-cryptsetup activates the devices in /dev/mapper. |
| 12 |
> |
| 13 |
> The solution is to move the swap partition from fstab, and create a |
| 14 |
> system unit for it which has to wait until systemd-cryptsetup does its |
| 15 |
> job: |
| 16 |
|
| 17 |
I was a little too quick to reach that conclusion: the problem is a little |
| 18 |
more complex, but it has a clean solution. |
| 19 |
|
| 20 |
Following the reports in [1] and [2], I discovered that I had missed two |
| 21 |
kernel options required by LVM2: |
| 22 |
|
| 23 |
CONFIG_UEVENT_HELPER_PATH="" |
| 24 |
CONFIG_DM_UEVENT=y |
| 25 |
|
| 26 |
Also, the system where I am doing my experiments is a virtual machine with |
| 27 |
almost nothing installed; therefore, I forgot to set USE=udev, and |
| 28 |
cryptsetup needs it. |
| 29 |
|
| 30 |
With those things out of the way, everything works as expected; there is no |
| 31 |
need for an explicit unit for the swap partition, and I can set it in fstab: |
| 32 |
|
| 33 |
/dev/mapper/swap none swap sw 0 0 |
| 34 |
|
| 35 |
I would like to use a label for the swap partition, but when the swap is |
| 36 |
encrypted systemd does mkswap in the partition without any parameter [3]. I |
| 37 |
could wrote a patch, I guess; but I don't think is worth it. |
| 38 |
|
| 39 |
Anyhow, I can get a Gentoo install with mdraid+LVM2+LUKS+systemd working as |
| 40 |
intended, and without hacks nor workarounds. |
| 41 |
|
| 42 |
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT |
| 43 |
sr0 11:0 1 1024M 0 rom |
| 44 |
vda 253:0 0 5G 0 disk |
| 45 |
└─vda1 253:1 0 5G 0 part |
| 46 |
└─md127 9:127 0 15G 0 raid5 |
| 47 |
├─vg-vol1 (dm-0) 254:0 0 200M 0 lvm /boot |
| 48 |
├─vg-vol3 (dm-1) 254:1 0 2G 0 lvm / |
| 49 |
├─vg-vol4 (dm-2) 254:2 0 8G 0 lvm /usr |
| 50 |
├─vg-vol2 (dm-3) 254:3 0 2G 0 lvm |
| 51 |
│ └─swap (dm-5) 254:5 0 2G 0 crypt [SWAP] |
| 52 |
└─vg-vol5 (dm-4) 254:4 0 2.8G 0 lvm |
| 53 |
└─home (dm-6) 254:6 0 2.8G 0 crypt /home |
| 54 |
vdb 253:16 0 5G 0 disk |
| 55 |
└─vdb1 253:17 0 5G 0 part |
| 56 |
└─md127 9:127 0 15G 0 raid5 |
| 57 |
├─vg-vol1 (dm-0) 254:0 0 200M 0 lvm /boot |
| 58 |
├─vg-vol3 (dm-1) 254:1 0 2G 0 lvm / |
| 59 |
├─vg-vol4 (dm-2) 254:2 0 8G 0 lvm /usr |
| 60 |
├─vg-vol2 (dm-3) 254:3 0 2G 0 lvm |
| 61 |
│ └─swap (dm-5) 254:5 0 2G 0 crypt [SWAP] |
| 62 |
└─vg-vol5 (dm-4) 254:4 0 2.8G 0 lvm |
| 63 |
└─home (dm-6) 254:6 0 2.8G 0 crypt /home |
| 64 |
vdc 253:32 0 5G 0 disk |
| 65 |
└─vdc1 253:33 0 5G 0 part |
| 66 |
└─md127 9:127 0 15G 0 raid5 |
| 67 |
├─vg-vol1 (dm-0) 254:0 0 200M 0 lvm /boot |
| 68 |
├─vg-vol3 (dm-1) 254:1 0 2G 0 lvm / |
| 69 |
├─vg-vol4 (dm-2) 254:2 0 8G 0 lvm /usr |
| 70 |
├─vg-vol2 (dm-3) 254:3 0 2G 0 lvm |
| 71 |
│ └─swap (dm-5) 254:5 0 2G 0 crypt [SWAP] |
| 72 |
└─vg-vol5 (dm-4) 254:4 0 2.8G 0 lvm |
| 73 |
└─home (dm-6) 254:6 0 2.8G 0 crypt /home |
| 74 |
vdd 253:48 0 5G 0 disk |
| 75 |
└─vdd1 253:49 0 5G 0 part |
| 76 |
└─md127 9:127 0 15G 0 raid5 |
| 77 |
├─vg-vol1 (dm-0) 254:0 0 200M 0 lvm /boot |
| 78 |
├─vg-vol3 (dm-1) 254:1 0 2G 0 lvm / |
| 79 |
├─vg-vol4 (dm-2) 254:2 0 8G 0 lvm /usr |
| 80 |
├─vg-vol2 (dm-3) 254:3 0 2G 0 lvm |
| 81 |
│ └─swap (dm-5) 254:5 0 2G 0 crypt [SWAP] |
| 82 |
└─vg-vol5 (dm-4) 254:4 0 2.8G 0 lvm |
| 83 |
└─home (dm-6) 254:6 0 2.8G 0 crypt /home |
| 84 |
|
| 85 |
lvm ~ # systemd-analyze blame |
| 86 |
2.948s systemd-cryptsetup@××××.service |
| 87 |
765ms systemd-udev-settle.service |
| 88 |
199ms systemd-cryptsetup@××××.service |
| 89 |
170ms systemd-fsck-root.service |
| 90 |
154ms systemd-udev-trigger.service |
| 91 |
145ms systemd-logind.service |
| 92 |
136ms dhcpcd@××××××.service |
| 93 |
129ms sshd.service |
| 94 |
108ms systemd-modules-load.service |
| 95 |
100ms systemd-fsck@dev-disk-by\x2dlabel-Home.service |
| 96 |
99ms lvm2-activation-early.service |
| 97 |
99ms lvm2-activation.service |
| 98 |
75ms dev-mqueue.mount |
| 99 |
74ms mdadm.service |
| 100 |
72ms systemd-sysctl.service |
| 101 |
67ms systemd-fsck@dev-disk-by\x2dlabel-Boot.service |
| 102 |
61ms systemd-ask-password-wall.service |
| 103 |
60ms dev-hugepages.mount |
| 104 |
58ms systemd-vconsole-setup.service |
| 105 |
57ms systemd-tmpfiles-clean.service |
| 106 |
51ms systemd-tmpfiles-setup-dev.service |
| 107 |
47ms systemd-random-seed-load.service |
| 108 |
47ms sys-kernel-debug.mount |
| 109 |
45ms systemd-remount-fs.service |
| 110 |
44ms systemd-user-sessions.service |
| 111 |
43ms systemd-tmpfiles-setup.service |
| 112 |
37ms boot.mount |
| 113 |
33ms systemd-udevd.service |
| 114 |
27ms systemd-journal-flush.service |
| 115 |
22ms tmp.mount |
| 116 |
15ms dev-mapper-swap.swap |
| 117 |
15ms home.mount |
| 118 |
|
| 119 |
The almost 3 seconds pause is me entering the passphrase for the /home |
| 120 |
partition; the system takes less than a second to boot. |
| 121 |
|
| 122 |
Let me reiterate: the problem was that I didn't pay attention when I |
| 123 |
emerged LVM2 and cryptsetup; otherwise everything should have worked |
| 124 |
immediately. |
| 125 |
|
| 126 |
Regards. |
| 127 |
|
| 128 |
[1] https://bugzilla.redhat.com/show_bug.cgi?id=979695 |
| 129 |
[2] https://bugzilla.redhat.com/show_bug.cgi?id=759402 |
| 130 |
[3] |
| 131 |
http://cgit.freedesktop.org/systemd/systemd/tree/src/cryptsetup/cryptsetup-generator.c#n166 |
| 132 |
-- |
| 133 |
Canek Peláez Valdés |
| 134 |
Posgrado en Ciencia e Ingeniería de la Computación |
| 135 |
Universidad Nacional Autónoma de México |
Archives