From fd888e850cf413955483bfb993aeeea5ea611289 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 17 Apr 2024 10:06:26 +0200 Subject: Adding debian version 2:2.6.1-4~deb12u2. Signed-off-by: Daniel Baumann --- debian/README.debug | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 debian/README.debug (limited to 'debian/README.debug') diff --git a/debian/README.debug b/debian/README.debug new file mode 100644 index 0000000..7a627bf --- /dev/null +++ b/debian/README.debug @@ -0,0 +1,72 @@ +Debugging Cryptsetup issues +=========================== + +Cryptsetup is responsible for unlocking dm-crypt devices. The cryptsetup Debian +provide a whole slew of helper scripts that integrate cryptsetup into the +Debian operating system. The most important ones are the `cryptdisks` init +script and the `cryptroot` initramfs scripts, both implementing support for the +`/etc/crypttab` configuration file and for automatic unlocking of encrypted +devices during the boot process. + +This page collects information on debugging different features of the Debian +cryptsetup packages in case of problems. + +Debug cryptroot initramfs script +-------------------------------- + +In order to debug the cryptroot initramfs script during initramfs stage, the +following steps are required: + +* Boot into the initramfs rescue shell by adding `break=premount` as kernel + option during boot + + In grub, this can be done interactively from the grub boot menu: `` to + edit, and `+` to boot once you've edited the kernel line. + + See + for details. + +* Append `-x` to the shebang (first line) of cryptroot initramfs script: + + sed -i -e '1s,^#!/bin/sh,& -x,' /scripts/local-top/cryptroot + +* Run the cryptroot initramfs script manually, redirecting output to a log file: + + /scripts/local-top/cryptroot 2>&1 | tee /run/initramfs/cryptroot.debug + + **Please note:** if the boot process is broken, you might need to mount an + external storage device (e.g. a USB flash drive) inside the initramfs and + redirect the output to a log files on this external device. + +* Continue the boot process (by pressing `+`) and save a copy of the + debug log file to `/run/initramfs/cryptroot.debug`. The content of `/run/` + will be lost after reboot. + +Sometimes, debugging the initramfs directly can be helpful as well. See + for details. + +Gather debugging information in the initramfs rescue shell +---------------------------------------------------------- + +Useful commands to gather information from initramfs rescue shell: + +* Check for device-mapper support (these directories/symlinks exist only if + kernel has device-mapper support): + + ls -l /sys/class/misc/device-mapper /sys/devices/virtual/misc/device-mapper + +* Check whether dm-crypt kernel module is loaded: + + lsmod | grep dm-crypt + +* Display cryptroot configuration and list loaded kernel modules: + + cat /cryptroot/crypttab + lsmod + +* Gather information about the available block devices: + + blkid + ls -l /dev/disk/by-*/ + + -- Jonas Meurer , Wed 25 Dec 2019 02:58:00 PM CET -- cgit v1.2.3