From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:470:142:3::10]:36524) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1im90l-0002WI-R6 for guix-patches@gnu.org; Mon, 30 Dec 2019 23:20:04 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1im90k-00015d-GR for guix-patches@gnu.org; Mon, 30 Dec 2019 23:20:03 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:55931) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1im90k-00014t-AA for guix-patches@gnu.org; Mon, 30 Dec 2019 23:20:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1im90k-0006Ym-1e for guix-patches@gnu.org; Mon, 30 Dec 2019 23:20:02 -0500 Subject: [bug#38826] doc: Mention no LUKS2 for luks-device-mapping Resent-Message-ID: Received: from eggs.gnu.org ([2001:470:142:3::10]:50261) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1im8Ux-0007iS-Pq for guix-patches@gnu.org; Mon, 30 Dec 2019 22:47:12 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1im8Uw-0005NL-KR for guix-patches@gnu.org; Mon, 30 Dec 2019 22:47:11 -0500 Received: from sender4-op-o19.zoho.com ([136.143.188.19]:17918) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1im8Uw-0005FM-8i for guix-patches@gnu.org; Mon, 30 Dec 2019 22:47:10 -0500 Date: Mon, 30 Dec 2019 21:47:01 -0600 From: David Trudgian Message-ID: <20191231034701.GA10716@lappy> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="M9NhX3UHpAaciwkO" Content-Disposition: inline List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 38826@debbugs.gnu.org --M9NhX3UHpAaciwkO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline I spent a bit of time trying to mount some existing LUKS2 devices on boot in a Guix system. They worked to open and mount manually in a booted system, but not on boot with luks-device-mapping. Eventually worked out LUKS2 is not supported by the code that inspects the superblock directly for the (LUKS1) UUID. A mention LUKS2 is not supported in the docs might be nice. Cheers, Dave Trudgian --M9NhX3UHpAaciwkO Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="0001-Mention-no-LUKS2-in-luks-device-mapping-doc.patch" >From 97ed4c1859e797adf4ba813ac7db3d1b8261a569 Mon Sep 17 00:00:00 2001 From: David Trudgian Date: Mon, 30 Dec 2019 21:37:35 -0600 Subject: [PATCH] Mention no LUKS2 in luks-device-mapping doc --- doc/guix.texi | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/doc/guix.texi b/doc/guix.texi index 70e3dfea6a..232d99d508 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -69,6 +69,7 @@ Copyright @copyright{} 2019 Jakob L. Kreuze@* Copyright @copyright{} 2019 Kyle Andrews@* Copyright @copyright{} 2019 Alex Griffin@* Copyright @copyright{} 2019 Guillaume Le Vaillant@* +Copyright @copyright{} 2019 David C. Trudgian@* Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -11470,6 +11471,10 @@ This must be a @code{mapped-device-kind} object, which specifies how This defines LUKS block device encryption using the @command{cryptsetup} command from the package with the same name. It relies on the @code{dm-crypt} Linux kernel module. + +Note that currently only LUKS1 encrypted devices are supported. Existing +LUKS2 devices can be opened and mounted after boot, using +@code{cryptsetup luksOpen}. @end defvr @defvr {Scheme Variable} raid-device-mapping -- 2.24.1 --M9NhX3UHpAaciwkO--