OEM setup asks disk encryption passphrase after completed OEM setup
Closed, ResolvedPublic
Actions

Description

Latest OEM ISO image: http://downloads.puri.sm/oem/gnome/2018-08-10/

OEM procedure:

Boot OEM disk, GNOME initial setup starts
After GNOME initial setup is complete, the installer starts
Select automatic partitioning, WITH encryption, use password 12345678
The installer is done, restart

What should happen:

When the computer is started again, it should boot into a desktop without asking for any password to unlock the disk.

What actually happens:

When the computer is started again, system is asking for a password to unlock the encrypted disk! Entering the temporary password 12345678 works, disk is unlocked and desktop is started.

Related Objects

Mentioned In: T547: Installer crashes when unticking "Encrypt system"
T482: Installer does not add proper locale to locale.gen, GNOME settings can't see any language
T428: OEM installer did not install UK/British "Formats"

Event Timeline

mladen assigned this task to mak.Aug 10 2018, 12:44

mladen created this task.

mladen created this object with edit policy "Restricted Project (Project)".

Not a high priority because this only affects a playground OEM image. Needs to be fixed though before we update the image (which should happen soonish).

mak mentioned this in T428: OEM installer did not install UK/British "Formats".Aug 13 2018, 07:46

mak mentioned this in T482: Installer does not add proper locale to locale.gen, GNOME settings can't see any language.Aug 13 2018, 07:49

chris.lamb mentioned this in T547: Installer crashes when unticking "Encrypt system".Aug 16 2018, 01:17

Also confirmed, as expected, with https://downloads.puri.sm/playground/2018-08-10/.

Tracked the issue down to a ton of regressions in cryptsetup starting with 2:2.0.3-2 - so maybe a fix for this will just be rebuilding the image :-)

mak raised the priority of this task from Normal to High.Aug 23 2018, 11:57

A new image was built and I installed it (https://downloads.puri.sm/playground/2018-08-23/pureos-8.0-gnome-oem_20180823-amd64.hybrid.iso) in virt manager. After the install completed, I was prompted to reboot. Right after the reboot, I was prompted to enter the disk encryption password:

mak merged a task: T543: GUI passphrase window is missing.Aug 24 2018, 09:50

mak added subscribers: james.rufer, mak, • hazybluedot.

Since I am quite out of ideas on this one now, I reported the issue with all information that I figured out so far against cryptsetup at Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907201

The actual issue is only a second prompt showing unconditionally for the rootfs (even for password-file LUKS disk unlocks!), no matter how the system encryption was set up.

This is resolved in the latest OEM and Live images, please test them! (for the oem image: https://downloads.puri.sm/oem/gnome/2018-08-25/, the live image is currently building)

I also proposed a patch for this against Calamares:
https://github.com/calamares/calamares/pull/1022

OEM setup asks disk encryption passphrase after completed OEM setupClosed, ResolvedPublicActions

Description

Related Objects

Event Timeline

OEM setup asks disk encryption passphrase after completed OEM setup
Closed, ResolvedPublic
Actions