From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
Subject: Re: GuixSD encrypted root?
Date: Sun, 24 Apr 2016 22:22:10 +0200
Message-ID: <8737qadafh.fsf@gnu.org>
References: <20160418230558.11a1c86f@scratchpost.org> <8760v7gk87.fsf@gnu.org>
	<20160424180425.69bbe050@scratchpost.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:37918)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1auQXp-00082m-7F
	for guix-devel@gnu.org; Sun, 24 Apr 2016 16:22:18 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1auQXl-0007z4-7Q
	for guix-devel@gnu.org; Sun, 24 Apr 2016 16:22:17 -0400
In-Reply-To: <20160424180425.69bbe050@scratchpost.org> (Danny Milosavljevic's
	message of "Sun, 24 Apr 2016 18:04:25 +0200")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Danny Milosavljevic <dannym@scratchpost.org>
Cc: guix-devel@gnu.org

Hey,

Danny Milosavljevic <dannym@scratchpost.org> skribis:

> Yeah, but even using a non-required-for-boot encrypted filesystem (i.e. n=
ot an encrypted root, just encrypted home) doesn't work. As soon as I add "=
mount? #t" it hangs.
>
> I'm now using a workaround where it's specified using "mount? #f" and I m=
ount it using a autorun script in my homedir (using "mount /x"). That works=
 fine.
>
> You're using an encrypted home, right? Does it work for you?

Yes.  My configuration looks like this:

  (operating-system
    ;; =E2=80=A6
    (mapped-devices (list (mapped-device
                           (source (uuid "cb67fc72-0d54-4c88-9d4b-b225f30b0=
f44"))
                           (target "home")
                           (type luks-device-mapping))))

    (file-systems (cons* (file-system
                           (device "root")
                           (title 'label)
                           (mount-point "/")
                           (type "ext3"))
                         (file-system
                           (device "/dev/mapper/home")
                           (mount-point "/home")
                           (type "ext3"))
                         %base-file-systems)))

What about yours?

> It's always very broken when I try - both guix reconfigure and sometimes =
the next boot process (!) hang.

Earlier you wrote:

> system reconfigure hangs at
>
>   guix system: shepherd: Removing service 'file-system-/x'...
>   guix system: shepherd: Done.
>   guix system: loading new services: file-system-/x...
>   guix system: shepherd: Evaluating user expression (register-services (p=
rimitive-load "/gnu/s...")).

At this point, shepherd loads and starts the service for file system /x,
which does what appears in =E2=80=98file-system-shepherd-service=E2=80=99 i=
n (gnu
services base).  Roughly, it runs fsck and then proceeds to mount /x.

If you=E2=80=99re out of luck, fsck could take ages.  Could it be what happ=
ened
here?

At any rate, the upgrade is complete before the Shepherd has loaded the
new services.  That is, on the next reboot, you end up in the new
configuration.

HTH!

Ludo=E2=80=99.