after upgrading to 20.04, my encrypted disk doesn't get decrypted on boot. I'm not asked for any password, so it obviously can't find any partition and boots into initrd prompt.
What might be the reason: /cryptroot/crypttab in the initrd image is completely empty.
I can open luks manually and chroot into the system. This is the content of my /etc/crypttab in the real root directory:
nvme0n1p3_crypt UUID=<some uuid> none luks
(The UUIDs are all correct, everywhere)
When I run update-initramfs -c -k all, the output is:
cryptsetup: WARNING: target 'nvme0n1p3_crypt' not found in /etc/crypttab
Which is a bit weird, because it's exactly the target name of the only single entry in that file. It's also listed in /dev/mapper as a link to ../dm-0 which also seems to be correct.
I tried renaming the device to crypt only using dmsetup rename ... but that didn't help of course.
I assume that this is the root cause of my problem.
Fyi, I got it fixed. It was so weird, I would've never find out if someone didn't have told me.
The problem is with the file
/etc/crypttab: It needs an EOF at the end!Whoah! How can this be? This is the first time in the last 25 years that some linux needs ecpects an EOF in a text file. Gosh!
Anyway, now it's fixed, after more than one week testing.
Here is the generation routine: https://salsa.debian.org/gpiccoli/cryptsetup/-/blob/master/debian/functions#L526
Another gotcha (others may say it's intended) is that your
/etc/crypttabTARGET (= name) must be the one currently used for the root you intend to generate the initramfs for.Eg: If you:
Then
foo'setc/crypttab'sTARGETmust be foo too otherwise you'd see:Although it's barely visible with
update-initramfs -v.