What is the failed dependency during cryptography setup of systemd?

Question

I'm using Ubuntu 16.04 LTS Server in a VM with one unencrypted hard disk for / and an additional LUKS-encrypted one for some arbitrary data. The encrypted disk is opened and mounted with a password manually at the shell after the system has bootet properly and I logged in. This works as expected.

The problem is that systemd is trying to do something with this encrypted drive during boot already, fails, runs into timeouts and moves forward afterwards, which costs more than a minute of boot time.

In former versions of Ubuntu it automatically asked for a key to unlock the drive, but this didn't work properly anymore for UB 14.04 already and doesn't now as well. systemd is not printing any text that I should input a password, there's no prompt or else. It just recognizes errors in something it wants to do and continues after some time.

What I don't understand is what the problem actually is and why systemd wants to do anything at all, even if it doesn't prompt for a password or such. It would be great if someone could put me in the right direction on either how I can get systemd to properly prompt for a password or get it to not do what it does with my device at all. Not sure what I prefer currently. ;-)

The error systemd prints:

May  1 01:28:23 example.org systemd[1]: dev-disk-by\x2duuid-7d39d2ed\x2df91f\x2d456e\x2daa31\x2d851cfe48de1b.device: Job dev-disk-by\x2duuid-7d39d2ed\x2df91f\x2d456e\x2daa31\x2d851cfe48de1b.device/start timed out.
May  1 01:28:23 example.org systemd[1]: Timed out waiting for device dev-disk-by\x2duuid-7d39d2ed\x2df91f\x2d456e\x2daa31\x2d851cfe48de1b.device.
May  1 01:28:23 example.org systemd[1]: Dependency failed for Cryptography Setup for mnt_luks_crypt.
May  1 01:28:23 example.org systemd[1]: Dependency failed for dev-mapper-mnt_luks_crypt.device.
May  1 01:28:23 example.org systemd[1]: dev-mapper-mnt_luks_crypt.device: Job dev-mapper-mnt_luks_crypt.device/start failed with result 'dependency'.
May  1 01:28:23 example.org systemd[1]: systemd-cryptsetup@mnt_luks_crypt.service: Job systemd-cryptsetup@mnt_luks_crypt.service/start failed with result 'dependency'.
May  1 01:28:23 example.org systemd[1]: dev-disk-by\x2duuid-7d39d2ed\x2df91f\x2d456e\x2daa31\x2d851cfe48de1b.device: Job dev-disk-by\x2duuid-7d39d2ed\x2df91f\x2d456e\x2daa31\x2d851cfe48de1b.device/start failed with result 'timeout'.

It tells something about failed dependencies, but I don't see anywhere what those are. Of course I didn't configure systemd itself to do anything with this device. The only thing I did was adding an entry in /etc/fstab like the following:

/dev/mapper/mnt_luks_crypt /mnt/luks ext4 errors=remount-ro,noauto 0 2

I know that systemd processes those, but from what I've read in the docs it should honor noauto as well. So is there simply something wrong with my options?

Didn't try yet, but I guess I could workaround the long waiting time using the following two options:

x-systemd.device-timeout=
x-systemd.mount-timeout=

Or is there some way to disable automount for that line altogether? x-systemd.automount seems to be a flag only, nothing regarding false.

Thanks!

I am coming across this issue on a Debian 10 build. The solution in my case, was to add a ',noauto' to crypttab but this seems odd since if I use a passphrase instead of a key on a USB stick to open the volume, there are no issues. If I change to key on USB, then this happens. — Pedro, May 04 '20 at 09:51

Thorsten Schöning · Answer 1 · 2018-08-23T09:55:27.443

I'm somewhat sure now that noauto in /etc/fstab was not properly/fully honoured because it was not specified for /etc/crypttab as well:

https://www.freedesktop.org/software/systemd/man/crypttab.html#noauto

After adding it there too, the error has changed slightly:

Aug 22 22:27:07 example.org systemd[1]: dev-disk-by\x2duuid-7d39d2ed\x2df91f\x2d456e\x2daa31\x2d851cfe48de1b.device: Job dev-disk-by\x2duuid-7d39d2ed\x2df91f\x2d456e\x2daa31\x2d851cfe48de1b.device/start timed out.
Aug 22 22:27:07 example.org systemd[1]: Timed out waiting for device dev-disk-by\x2duuid-7d39d2ed\x2df91f\x2d456e\x2daa31\x2d851cfe48de1b.device.
Aug 22 22:27:07 example.org systemd[1]: Dependency failed for Cryptography Setup for mnt_luks_crypt.
Aug 22 22:27:07 example.org systemd[1]: systemd-cryptsetup@mnt_luks_crypt.service: Job systemd-cryptsetup@mnt_luks_crypt.service/start failed with result 'dependency'.
Aug 22 22:27:07 example.org systemd[1]: dev-disk-by\x2duuid-7d39d2ed\x2df91f\x2d456e\x2daa31\x2d851cfe48de1b.device: Job dev-disk-by\x2duuid-7d39d2ed\x2df91f\x2d456e\x2daa31\x2d851cfe48de1b.device/start failed with result 'timeout'.

The lines containing dev-mapper-mnt_luks_crypt.device are gone now. But there is still something happening and failing I don't understand and systemd lacks to log details for.

score 0 · Answer 2 · edited Feb 19 '20 at 19:45

0

For me it was erroneous line in fstab. The wrong line was completely unrelated to crypttab or encrypted volume, which makes it more confusing.

Try reverting anything you have changed or commenting out any added line. Then reboot and go back to editing fstab; remount manually to confirm that your changes are fine.

edited Feb 19 '20 at 19:45

Alexander Tolkachev

4,513
3
14
23

answered Feb 19 '20 at 18:52

Tomasz Posłuszny

101
1

What was the problem exactly? It might help other people.... – Balázs Börcsök Jan 29 '22 at 19:53
@BalázsBörcsök `fstab` had a line, which could not be parsed correctly. I do not remember what was that back then ;) probably misspelled option name or no comma between options etc. – Tomasz Posłuszny Jan 30 '22 at 21:50

score 0 · Answer 3 · answered Dec 18 '20 at 17:27

0

For me, the device names (sda, sdb) changed after booting from a USB device, so the device specified in /etc/crypttab was not correct anymore...

Pretty simple problem but took me a while to find it

answered Dec 18 '20 at 17:27

John Doe

1

What is the failed dependency during cryptography setup of systemd?

3 Answers3