From mboxrd@z Thu Jan  1 00:00:00 1970
From: Danny Milosavljevic <dannym@scratchpost.org>
Subject: Re: GuixSD encrypted root?
Date: Mon, 25 Apr 2016 03:24:13 +0200
Message-ID: <20160425032413.49810648@scratchpost.org>
References: <20160418230558.11a1c86f@scratchpost.org> <8760v7gk87.fsf@gnu.org>
	<20160424180425.69bbe050@scratchpost.org> <8737qadafh.fsf@gnu.org>
	<87lh42bt1g.fsf@gnu.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:53266)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <dannym@scratchpost.org>) id 1auVGA-0000KO-6d
	for guix-devel@gnu.org; Sun, 24 Apr 2016 21:24:22 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <dannym@scratchpost.org>) id 1auVG7-0004Rn-0h
	for guix-devel@gnu.org; Sun, 24 Apr 2016 21:24:22 -0400
In-Reply-To: <87lh42bt1g.fsf@gnu.org>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Ludovic =?UTF-8?B?Q291cnTDqHM=?= <ludo@gnu.org>
Cc: guix-devel@gnu.org

Hi,

> Or, as Leo suggests, it could be that shepherd starts the device-mapping
> service, which runs =E2=80=9Ccryptsetup luksOpen=E2=80=9D, which never co=
mpletes because
> you don=E2=80=99t know it=E2=80=99s waiting for you to enter a passphrase.

I doubt that it's that. The only change I have to do for it to work just fi=
ne is to add "(mount? #f)". So I suspect that the cryptsetup works. (The on=
ly thing I have to type manually is "mount /x" later - and that works, too)

But I didn't know that Guix would run fsck on guix reconfigure. Maybe I jus=
t have to wait longer as it's a huge partition (with almost nothing on it, =
though). Also, I've checked gnu/services/base.scm and it seems to hard-code=
 e2fsprogs. I use btrfs, though.

My config (which is working fine because of the "(mount #f)") is:

(define dayas-sys (mapped-device
                         (source (uuid "cedd378f-329c-44c4-ab40-f74f0c1701a=
2"))
                         (target "dayas-sys")
                         (type luks-device-mapping)))

(operating-system
  ;; ...
  (mapped-devices (list dayas-sys))
  (file-systems (cons* (file-system
                        (device "/dev/sda1")
                        (title 'dayas:/)
                        (mount-point "/")
                        (type "ext4")
                        (needed-for-boot? #t))
                       (file-system
                        (device "/dev/mapper/dayas-sys")
                        (mount-point "/x")
                        (type "btrfs")
                        (needed-for-boot? #f)
                        (mount? #f) ; otherwise does not work.
                        (dependencies (list dayas-sys)))
                       %base-file-systems))
  ;...
)

How come yours doesn't have a "dependencies" entry? Is it somehow computed =
by examining the "device" (/dev/mapper/...) entry?