1

I am trying to enable systemd's libcryptsetup module in order to decrypt a drive at bootup through crypttab. It seems crypttab is not present because the systemd-cryptsetup-generator is missing from the systemd (216) build.

I have tried specifying the "cryptsetup" option in the PACKAGECONFIG?? statement and also specifying --enable-libcryptsetup as argument in the build but the option is disabled by the config script bitbake uses (it appends automatically --disable-cryptsetup after my enable statement)

I suspect this is because configure detected some missing dependency, therefore I tried specifying that the systemd recipe depends on the cryptsetup recipe but I ended in a recipe loop (cryptsetup depends on lvm2 which depends on systemd, so cryptsetup will not be buildable before systemd is built).

Does anyone have any suggestion or encountered a similar issue? Thanks!

Alexandru Bogdan
  • 33
  • 7

1 Answers1

0

Adding "cryptsetup" to PACKAGECONFIG either via a direct change in the recipe, or a bbappend or local.conf, should do the trick. What release of OE are you using, can you paste your changes, and ideally the beginning of the log.do_configure where it shows what the configure options are.

And you'll see --enable --disable if you attempted to enable it directly in EXTRA_OECONF but didn't delete the PACKAGECONFIG[cryptsetup] line which it thinks is disabled (so adds the disabled flag for you).

Ross Burton
  • 3,516
  • 13
  • 12
  • 1
    Hi, here is the log.do_configure: http://pastebin.com/F0zXt9J3. This is build with the following systemd recipe: http://pastebin.com/qV49d9v8. As you can see, EXTRA_OECONF contains --enable-libcryptsetup but in the log.do_configure, after this option is specified, --disable-libcryptsetup is appended automatically. If I add to PACKAGECONFIG ??= "xz" "cryptsetup", then I run in a dependency loop while baking: http://pastebin.com/VEU6pZTY. And this as far as I understand is because cryptsetup depends on lvm2 and lvm2 depends on systemd => cryptsetup cannot be built before systemd. Thanks! – Alexandru Bogdan Jul 07 '15 at 10:40
  • 1
    So I was right about why you're getting --enable --disable: don't attempt to put options in EXTRA_OECONF yourself when PACKAGECONFIG is going to do the same anyway. Just set PACKAGECONFIG="xz cryptosetup". The dependency cycle sounds reasonable, and that's probably one of the reasons why cryptsetup is disabled by default. You'll need to either disable LVM2's systemd support, or have a copy of the LVM2 recipe that builds just the libraries without systemd support for systemd to link against. Yes, dependency cycles are a pain. – Ross Burton Jul 08 '15 at 10:48
  • Hi @RossBurton I also want to decrypt my rootfs partition at boot up time. I am adding this line in my local.conf IMAGE_INSTALL_append= " cryptsetup cryptodev-module cryptodev-tests lvm2 coreutils keyutils util-linux " but /etc/crypttab is not generated. Also kernel config is as shown: CONFIG_BLK_DEV_RAM=m CONFIG_BLK_DEV_RAM_COUNT=16 CONFIG_BLK_DEV_RAM_SIZE=16384 CONFIG_DM_CRYPT=m CONFIG_CRYPTO_ESSIV=m – Meera Apr 06 '23 at 05:34