leapp upgrade fails when LUKS devices are present even though TPM2 is used to decrypt them
Issue
-
Trying to upgrade a system having LUKS devices bound to the TPM2 device, rebooting for the upgrade to occur drops to Emergency prompt due to not finding the LUKS devices, as shown in the example below
Disk layout:
# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sr0 11:0 1 1024M 0 rom vda 252:0 0 30G 0 disk ├─vda1 252:1 0 200M 0 part /boot/efi ├─vda2 252:2 0 1G 0 part /boot └─vda3 252:3 0 28.8G 0 part ├─rhel-root 253:0 0 14.8G 0 lvm │ └─luks-522b7104-47c1-4300-b49a-f5603cddea77 253:2 0 14.8G 0 crypt / ├─rhel-swap 253:1 0 1G 0 lvm │ └─luks-e983569c-1255-44dd-8201-6de51ca5385d 253:3 0 1008M 0 crypt [SWAP] ├─rhel-opt 253:4 0 1G 0 lvm │ └─luks-aecc6a62-900f-4bf5-9808-33f54c76499b 253:11 0 1008M 0 crypt /opt ├─rhel-tmp 253:5 0 1G 0 lvm │ └─luks-b8e94c2d-855e-43bf-9511-2d530dacfb51 253:15 0 1008M 0 crypt /tmp ├─rhel-var_tmp 253:6 0 1G 0 lvm │ └─luks-d3542a15-11ba-4e6e-85b8-ed646e3c8425 253:13 0 1008M 0 crypt /var/tmp ├─rhel-var_log_audit 253:7 0 1G 0 lvm │ └─luks-aab625bb-4f80-4f26-97be-10a28f75ffc9 253:10 0 1008M 0 crypt /var/log/audit ├─rhel-var_log 253:8 0 1G 0 lvm │ └─luks-c32cdc66-3697-416b-8563-3e0f677ab6fe 253:14 0 1008M 0 crypt /var/log └─rhel-var 253:9 0 8G 0 lvm └─luks-da585fa3-1b96-4e27-bd1e-8e6bfd8b4000 253:12 0 8G 0 crypt /varBoot on
RHEL-Upgrade-Initramfsentry:[ 26.800888] /dev/mapper/luks-aecc6a62-900f-4bf5-9808-33f54c76499b: Can't lookup blockdev [ 26.801568] /dev/mapper/luks-b8e94c2d-855e-43bf-9511-2d530dacfb51: Can't lookup blockdev [ 26.698390] upgrade[1211]: mount: /opt: special device /dev/mapper/luks-aecc6a62-900f-4bf5-9808-33f54c76499b does not exist. [ 26.802713] /dev/mapper/luks-da585fa3-1b96-4e27-bd1e-8e6bfd8b4000: Can't lookup blockdev [ 26.699467] upgrade[1211]: mount: /tmp: special device /dev/mapper/luks-b8e94c2d-855e-43bf-9511-2d530dacfb51 does not exist. [ 26.700544] upgrade[1211]: mount: /var: special device /dev/mapper/luks-da585fa3-1b96-4e27-bd1e-8e6bfd8b4000 does not exist. [ 26.701150] upgrade[1211]: mount: /var/log: mount point does not exist. [ 26.701516] upgrade[1211]: mount: /var/log/audit: mount point does not exist. [ 26.701915] upgrade[1211]: mount: /var/tmp: mount point does not exist. [ 26.921544] upgrade[1221]: Traceback (most recent call last): [ 26.922029] upgrade[1221]: File "/usr/bin/leapp", line 11, in <module> [ 26.922439] upgrade[1221]: load_entry_point('leapp==0.20.0', 'console_scripts', 'leapp')() [ 26.922928] upgrade[1221]: File "/usr/lib/python3.6/site-packages/leapp/cli/__init__.py", line 50, in main [ 26.923455] upgrade[1221]: with leapp_lock(): [ 26.923723] upgrade[1221]: File "/usr/lib/python3.6/site-packages/leapp/utils/lock.py", line 73, in __enter__ [ 26.924305] upgrade[1221]: self.fd = os.open(self.lockfile, os.O_CREAT | os.O_RDWR, 0o600) [ 26.924794] upgrade[1221]: FileNotFoundError: [Errno 2] No such file or directory: '/var/run/leapp.pid'
Environment
- Red Hat Enterprise Linux 8 and 9
- leapp
- LUKS and TPM2
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
