Debian Bug report logs - #451535
debian-installer: allow to 'reuse' encrypted volumes

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Yaroslav Halchenko <debian@onerussian.com>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: debian-installer: allow to 'reuse' encrypted volumes

Date: Fri, 16 Nov 2007 12:50:05 -0500

Package: debian-installer
Version: 20070308
Severity: normal


I had first installed i386 system with encrypted /home and swap. Then I
decided to install also amd64 build -- reusing both encrypted
partitions. Although I checked out smth like 'delete data' in the
encryption setup menu, which I treated as 'preserve/don"t touch', it
did reinitialize them and I had to recreate filesystems on top.

So I think 'Delete data' must be named 'Wipe out data', and another item
in the menu should be 'Reuse' or 'Keep existing encrypted volume'

Thanks in advance!

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (900, 'testing'), (300, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-2-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Message #10 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Frans Pop <elendil@planet.nl>

To: 451535@bugs.debian.org

Cc: Yaroslav Halchenko <debian@onerussian.com>

Subject: Re: Bug#451535: debian-installer: allow to 'reuse' encrypted volumes

Date: Mon, 19 Nov 2007 13:35:43 +0100

reassign 451535 partman-crypto
severity 451535 wishlist
thanks

On Friday 16 November 2007, Yaroslav Halchenko wrote:
> I had first installed i386 system with encrypted /home and swap. Then I
> decided to install also amd64 build -- reusing both encrypted
> partitions. Although I checked out smth like 'delete data' in the
> encryption setup menu, which I treated as 'preserve/don"t touch', it
> did reinitialize them and I had to recreate filesystems on top.

It is actually possible to reuse existing encrypted LVM volumes by following 
the procedure documented on [1] just before starting the partitioner.

Well, almost.
I did have one strange issue with that procedure though: after crypto and 
LVM had been activated, partman did not recognize the existing file systems 
on the logical volumes even though they could be mounted. And even though 
the partman log _does_ indicate that the partition was recognized.

However, I completely agree that it should be possible to do this in a 
simpler way. Reassigning your suggestion to the appropriate component.

Maybe we should have a general option "Detect existing encrypted and/or 
logical volumes" on the partman main screen.

Cheers,
FJP

[1] http://wiki.debian.org/DebianInstaller/Rescue/Crypto

Message #19 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Frans Pop <elendil@planet.nl>

To: 451535@bugs.debian.org

Cc: Yaroslav Halchenko <debian@onerussian.com>

Subject: Re: Bug#451535: debian-installer: allow to 'reuse' encrypted volumes

Date: Mon, 19 Nov 2007 15:59:19 +0100

clone 451535 -1
reassign -1 partman-lvm
severity -1 normal
thanks

On Monday 19 November 2007, Frans Pop wrote:
> I did have one strange issue with that procedure though: after crypto and
> LVM had been activated, partman did not recognize the existing file
> systems on the logical volumes even though they could be mounted. And
> even though the partman log _does_ indicate that the partition was
> recognized.

This seems to be an issue in init.d/50lvm from partman-lvm. That script will 
basically always create a new loop label on a logical volume and create a 
single partition. This is not really necessary if the LV already has a 
partition and prevents existing partitions from being detected.

Cloning to partman-lvm for this issue.

Message #30 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Roy Jamison <xteejyx@googlemail.com>

To: 451535@bugs.debian.org

Date: Sun, 03 Apr 2011 11:05:54 +0100

package:partman-lvm
version: 70
This also affects Ubuntu 10.10 with partman-lvm version 70.

Message #37 received at 451535-quiet@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@ubuntu.com>

To: Christian Perrier <bubulle@debian.org>

Cc: Tobias Winter <tobias@linuxdingsda.de>, 529343@bugs.debian.org

Subject: Re: Bug#529343: debian-installer: physical volume for encryption: doesnt care if already encrypted and kills data

Date: Wed, 7 Sep 2011 15:59:16 +0100

On Tue, May 19, 2009 at 07:02:42AM +0200, Christian Perrier wrote:
> Quoting Tobias Winter (tobias@linuxdingsda.de):
> > When having to reinstall a system with an encrypted root-partition, the installer gives no means to
> > reuse a physical colume for encryption which has already been set up in a previous install.
> 
> Already reported as #451535. given the current lack of manpower
> working on partman-crypto, I doubt this is fixed unless someone comes
> up with a patch.

Here's a first pass at this.  What do people think?

The one thing I don't think I've got right yet is writing out
/etc/crypttab at the end of installation.  This needs a bit more work to
write out the correct files in the partman device directory without
causing partman to reinitialise the encrypted volume.

  * Add an "Activate existing encrypted volumes" option to the
    partman-crypto main menu.  If selected, this searches for existing
    volumes, and for each one prompts for its passphrase and attempts to
    open it; it then returns directly to the partitioning menu
    (closes: #529343, LP: #420080).

=== modified file 'choose_partition/crypto/do_option'
--- choose_partition/crypto/do_option	2009-11-10 14:20:25 +0000
+++ choose_partition/crypto/do_option	2011-09-07 14:18:17 +0000
@@ -12,6 +12,113 @@
 
 . /lib/partman/lib/crypto-base.sh
 
+find_encrypted_partitions () {
+	local ret dev num id size type fs path name
+
+	ret=1
+	for dev in $DEVICES/*; do
+		[ -d "$dev" ] || continue
+		cd "$dev"
+
+		open_dialog PARTITIONS
+		while { read_line num id size type fs path name; [ "$id" ]; }; do
+			[ "$ret" = 1 ] || continue
+			[ "$fs" != free ] || continue
+			if cryptsetup isLuks "$path" 2>/dev/null; then
+				ret=0
+			fi
+		done
+		close_dialog
+
+		if [ "$ret" = 0 ]; then
+			return 0
+		fi
+	done
+
+	return 1
+}
+
+get_passphrase () {
+	db_set partman-crypto/passphrase-existing ""
+	db_fset partman-crypto/passphrase-existing seen false
+	db_subst partman-crypto/passphrase-existing DEVICE "$1"
+	db_input critical partman-crypto/passphrase-existing
+
+	db_go || return 1
+
+	db_get partman-crypto/passphrase-existing || RET=''
+	echo -n "$RET"
+}
+
+do_cryptsetup () {
+	local id path cryptdev pass
+
+	id="$1"
+	path="$2"
+	cipher="$(cryptsetup luksDump "$path" |
+		  sed -n '/^Cipher name:/s/.*[[:space:]]//p')"
+	if [ "$cipher" ]; then
+		crypto_load_modules dm-crypt "$cipher"
+	fi
+
+	cryptdev="${path##*/}_crypt"
+	if ! cryptsetup status "$cryptdev" >/dev/null 2>&1; then
+		while :; do
+			pass="$(get_passphrase "$path")" || return 1
+			if [ -z "$pass" ]; then
+				return 1
+			fi
+			echo -n "$pass" | log-output -t partman-crypto \
+				cryptsetup -d - luksOpen "$path" "$cryptdev" \
+				&& break
+		done
+
+		echo "$cryptdev" >"$id/crypt_active"
+		db_subst partman-crypto/text/in_use DEV "${cryptdev##*/}"
+		db_metaget partman-crypto/text/in_use description
+		partman_lock_unit "$(mapdevfs "$path")" "$RET"
+	fi
+}
+
+do_activate () {
+	local dev partitions num id size type fs path name part
+
+	for dev in $DEVICES/*; do
+		[ -d "$dev" ] || continue
+		cd "$dev"
+
+		partitions=
+		open_dialog PARTITIONS
+		while { read_line num id size type fs path name; [ "$id" ]; }; do
+			[ "$fs" != free ] || continue
+			partitions="$partitions $id,$path"
+		done
+		close_dialog
+
+		for part in $partitions; do
+			id="${part%%,*}"
+			path="${part#*,}"
+
+			if cryptsetup isLuks "$path" 2>/dev/null; then
+				do_cryptsetup "$id" "$path" || continue
+			fi
+		done
+	done
+
+	# Encrypted devices as configured by d-i usually contain LVM PVs
+	export LVM_SUPPRESS_FD_WARNINGS=1
+	log-output -t partman-crypto pvscan
+	log-output -t partman-crypto vgscan
+	log-output -t partman-crypto vgchange -a y
+
+	# Tell partman to detect filesystems again.
+	rm -f /var/lib/partman/filesystems_detected
+
+	stop_parted_server
+	restart_partman
+	exit 0
+}
+
 do_create () {
 	local parts line pv output vg pathmap
 	parts=""
@@ -89,10 +196,25 @@ confirm_changes partman-crypto || exit 0
 commit_changes partman-crypto/commit_failed || exit $?
 
 while :; do
+	CHOICES=
+	DESCRIPTIONS=
+	add_choice () {
+		CHOICES="${CHOICES:+$CHOICES, }$1"
+		db_metaget "partman-crypto/mainmenu/$1" description
+		DESCRIPTIONS="${DESCRIPTIONS:+$DESCRIPTIONS, }$RET"
+	}
+	if find_encrypted_partitions; then
+		add_choice activate
+	fi
+	add_choice create
+	add_choice finish
+	db_subst partman-crypto/mainmenu CHOICES "$CHOICES"
+	db_subst partman-crypto/mainmenu DESCRIPTIONS "$DESCRIPTIONS"
 	db_input critical partman-crypto/mainmenu
 	db_go || exit 10
 	db_get partman-crypto/mainmenu
 	case $RET in
+	    activate)	do_activate ;; # does not return
 	    create)	do_create ;;
 	    finish)	break ;;
 	    *)

=== modified file 'debian/partman-crypto.templates'
--- debian/partman-crypto.templates	2009-12-05 22:29:36 +0000
+++ debian/partman-crypto.templates	2011-09-06 23:21:59 +0000
@@ -364,6 +364,14 @@ _Description: Use weak passphrase?
  You entered a passphrase that consists of less than ${MINIMUM} characters,
  which is considered too weak. You should choose a stronger passphrase.
 
+Template: partman-crypto/passphrase-existing
+Type: password
+# :sl3:
+_Description: Passphrase for ${DEVICE}:
+ Please enter the passphrase for the encrypted volume ${DEVICE}.
+ .
+ If you don't enter anything, the volume will not be activated.
+
 Template: partman-crypto/entropy
 Type: entropy
 # :sl3:
@@ -430,15 +438,35 @@ _Description: Proceed to install crypto
 
 Template: partman-crypto/mainmenu
 Type: select
-Choices-C: create, finish
+Choices-C: ${CHOICES}
+Choices: ${DESCRIPTIONS}
+# :sl3:
+_Description: Encryption configuration actions
+ This menu allows you to configure encrypted volumes.
+
+Template: partman-crypto/mainmenu/activate
+Type: text
 # Note to translators : Please keep your translations of the choices
 # below a 65 columns limit (which means 65 characters
 # in single-byte languages)
 # :sl3:
-__Choices: Create encrypted volumes, Finish
+_Description: Activate existing encrypted volumes
+
+Template: partman-crypto/mainmenu/create
+Type: text
+# Note to translators : Please keep your translations of the choices
+# below a 65 columns limit (which means 65 characters
+# in single-byte languages)
 # :sl3:
-_Description: Encryption configuration actions
- This menu allows you to configure encrypted volumes.
+_Description: Create encrypted volumes
+
+Template: partman-crypto/mainmenu/finish
+Type: text
+# Note to translators : Please keep your translations of the choices
+# below a 65 columns limit (which means 65 characters
+# in single-byte languages)
+# :sl3:
+_Description: Finish
 
 Template: partman-crypto/create/partitions
 Type: multiselect

-- 
Colin Watson                                       [cjwatson@ubuntu.com]

Message #42 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@ubuntu.com>

To: Christian Perrier <bubulle@debian.org>

Cc: Tobias Winter <tobias@linuxdingsda.de>, 451535@bugs.debian.org, 529343-quiet@bugs.debian.org

Subject: Re: Bug#529343: debian-installer: physical volume for encryption: doesnt care if already encrypted and kills data

Date: Fri, 9 Sep 2011 14:13:36 +0100

On Wed, Sep 07, 2011 at 03:59:16PM +0100, Colin Watson wrote:
> Here's a first pass at this.  What do people think?

I meant to send my previous version to the first of the merged bug set,
#451535.  I'll send further mails only there rather than to #529343 as
well.

> The one thing I don't think I've got right yet is writing out
> /etc/crypttab at the end of installation.  This needs a bit more work to
> write out the correct files in the partman device directory without
> causing partman to reinitialise the encrypted volume.

Well.  Yes.  That turned out to be the second 90% of the work!  After
trying a few alternatives, I ended up with a new 'crypto_keep' method
and then tried to let init.d/crypto do as much of the work as possible,
while still being careful to avoid reinitialising the contents of
encrypted volumes.

In the process, I also decided that it was better to always have the
Activate option present, without trying to detect existing volumes
first.  That way, we can actively warn people that this method only
works with LUKS where we have a useful encrypted volume header and that
they should back up their data before attempting an installation, rather
than having them get confused into destroying their data as before.

I'm fairly happy with this now, and am inclined to commit it if there
are no objections.  The one problem I've found is that the check for an
unencrypted /boot doesn't work properly when activating existing
LVM-on-crypto volumes, but I think that's actually a pre-existing bug so
I'm not going to let that block this change.

  * Add an "Activate existing encrypted volumes" option to the
    partman-crypto main menu.  If selected, this searches for existing
    volumes, and for each one prompts for its passphrase and attempts to
    open it; it then returns directly to the partitioning menu (closes:
    #451535, LP: #420080).

=== modified file 'check.d/crypto_check_mountpoints'
--- check.d/crypto_check_mountpoints	2008-03-14 19:25:59 +0000
+++ check.d/crypto_check_mountpoints	2011-09-08 19:20:22 +0000
@@ -43,7 +43,7 @@ for dev in $DEVICES/*; do
 		[ -f $realdevdir/method ] || continue
 		method=$(cat $realdevdir/method)
 		type=$(cat $realdevdir/crypto_type)
-		[ $method = crypto ] || continue
+		[ $method = crypto ] || [ $method = crypto_keep ] || continue
 
 		# Check 1 - Is cryptoroot possible?
 		if [ "$mnt" = / ]; then

=== modified file 'choose_partition/crypto/do_option'
--- choose_partition/crypto/do_option	2009-11-10 14:20:25 +0000
+++ choose_partition/crypto/do_option	2011-09-09 11:30:35 +0000
@@ -12,6 +12,118 @@
 
 . /lib/partman/lib/crypto-base.sh
 
+get_passphrase () {
+	db_set partman-crypto/activate/passphrase-existing ""
+	db_fset partman-crypto/activate/passphrase-existing seen false
+	db_subst partman-crypto/activate/passphrase-existing DEVICE "$1"
+	db_input critical partman-crypto/activate/passphrase-existing
+
+	db_go || return 1
+
+	db_get partman-crypto/activate/passphrase-existing || RET=''
+	echo -n "$RET"
+}
+
+do_cryptsetup () {
+	local dev num id size path
+	local dump cipher keysize ivalgorithm keytype keyhash
+	local cryptdev pass
+
+	dev=$1
+	num=$2
+	id=$3
+	size=$4
+	path=$5
+
+	dump="$(cryptsetup luksDump "$path")"
+	cipher="$(echo "$dump" | sed -n '/^Cipher name:/s/.*[[:space:]]//p')"
+	if [ "$cipher" ]; then
+		crypto_load_udebs "cdebconf-$DEBIAN_FRONTEND-entropy" \
+				  partman-crypto-dm
+		crypto_check_required_tools dm-crypt
+		crypto_load_modules dm-crypt "$cipher"
+	fi
+	keysize="$(echo "$dump" | sed -n '/^MK bits:/s/.*[[:space:]]//p')"
+	ivalgorithm="$(echo "$dump" | sed -n '/^Cipher mode:/s/.*[[:space:]]//p')"
+	keytype=passphrase
+	keyhash="$(echo "$dump" | sed -n '/^Hash spec:/s/.*[[:space:]]//p')"
+
+	cryptdev="${path##*/}_crypt"
+	if ! cryptsetup status "$cryptdev" >/dev/null 2>&1; then
+		while :; do
+			pass="$(get_passphrase "$path")" || return 1
+			if [ -z "$pass" ]; then
+				return 1
+			fi
+			echo -n "$pass" | log-output -t partman-crypto \
+				cryptsetup -d - luksOpen "$path" "$cryptdev" \
+				&& break
+		done
+
+		cryptdev="/dev/mapper/$cryptdev"
+		echo dm-crypt > $id/crypto_type
+		echo "$keysize" > $id/keysize
+		echo "$ivalgorithm" > $id/ivalgorithm
+		echo "$keytype" > $id/keytype
+		echo "$keyhash" > $id/keyhash
+		echo cipher > $id/cipher
+		echo crypto_keep > $id/method
+		echo "$cryptdev" > $id/crypt_active
+
+		db_subst partman-crypto/text/in_use DEV "${cryptdev##*/}"
+		db_metaget partman-crypto/text/in_use description
+		partman_lock_unit "$(mapdevfs "$path")" "$RET"
+	fi
+}
+
+do_activate () {
+	local found_luks dev partitions num id size type fs path name part
+
+	found_luks=0
+	for dev in $DEVICES/*; do
+		[ -d "$dev" ] || continue
+		cd "$dev"
+
+		partitions=
+		open_dialog PARTITIONS
+		while { read_line num id size type fs path name; [ "$id" ]; }; do
+			[ "$fs" != free ] || continue
+			partitions="$partitions $id,$path"
+		done
+		close_dialog
+
+		for part in $partitions; do
+			id="${part%%,*}"
+			path="${part#*,}"
+
+			if cryptsetup isLuks "$path" 2>/dev/null; then
+				found_luks=1
+				do_cryptsetup "$dev" "$num" "$id" "$size" \
+					"$path" || continue
+			fi
+		done
+	done
+
+	if [ "$found_luks" = 0 ]; then
+		db_input critical partman-crypto/activate/no_luks
+		db_go || true
+		return
+	fi
+
+	# Encrypted devices as configured by d-i usually contain LVM PVs
+	export LVM_SUPPRESS_FD_WARNINGS=1
+	log-output -t partman-crypto pvscan
+	log-output -t partman-crypto vgscan
+	log-output -t partman-crypto vgchange -a y
+
+	# Tell partman to detect filesystems again.
+	rm -f /var/lib/partman/filesystems_detected
+
+	stop_parted_server
+	restart_partman
+	exit 0
+}
+
 do_create () {
 	local parts line pv output vg pathmap
 	parts=""
@@ -93,6 +231,7 @@ while :; do
 	db_go || exit 10
 	db_get partman-crypto/mainmenu
 	case $RET in
+	    activate)	do_activate ;; # exits if any volumes were activated
 	    create)	do_create ;;
 	    finish)	break ;;
 	    *)

=== modified file 'debian/control'
--- debian/control	2011-05-03 16:05:09 +0000
+++ debian/control	2011-09-09 12:06:37 +0000
@@ -12,7 +12,7 @@ Vcs-Bzr: http://bazaar.launchpad.net/~ub
 Package: partman-crypto
 XC-Package-Type: udeb
 Architecture: any
-Depends: partman-base (>= 134), cdebconf-udeb (>= 0.133), di-utils (>= 1.68), ${shlibs:Depends}, ${misc:Depends}
+Depends: partman-base (>= 134), partman-lvm (>= 62), cdebconf-udeb (>= 0.133), di-utils (>= 1.68), ${shlibs:Depends}, ${misc:Depends}
 Description: Add to partman support for block device encryption
 
 Package: partman-crypto-dm

=== modified file 'debian/partman-crypto.templates'
--- debian/partman-crypto.templates	2009-12-05 22:29:36 +0000
+++ debian/partman-crypto.templates	2011-09-08 11:16:40 +0000
@@ -430,12 +430,12 @@ _Description: Proceed to install crypto
 
 Template: partman-crypto/mainmenu
 Type: select
-Choices-C: create, finish
+Choices-C: activate, create, finish
 # Note to translators : Please keep your translations of the choices
 # below a 65 columns limit (which means 65 characters
 # in single-byte languages)
 # :sl3:
-__Choices: Create encrypted volumes, Finish
+__Choices: Activate existing encrypted volumes, Create encrypted volumes, Finish
 # :sl3:
 _Description: Encryption configuration actions
  This menu allows you to configure encrypted volumes.
@@ -454,3 +454,20 @@ Type: error
 # :sl3:
 _Description: No devices selected
  No devices were selected for encryption.
+
+Template: partman-crypto/activate/no_luks
+Type: error
+# :sl3:
+_Description: No LUKS devices found
+ This partitioning program can only activate existing encrypted volumes that
+ use the LUKS format (dm-crypt with a passphrase). No such volumes were
+ found. If you have encrypted volumes using other formats, you may need to
+ back up your data before continuing with installation.
+
+Template: partman-crypto/activate/passphrase-existing
+Type: password
+# :sl3:
+_Description: Passphrase for ${DEVICE}:
+ Please enter the passphrase for the encrypted volume ${DEVICE}.
+ .
+ If you don't enter anything, the volume will not be activated.

=== modified file 'finish.d/crypto_aptinstall'
--- finish.d/crypto_aptinstall	2008-03-20 21:06:33 +0000
+++ finish.d/crypto_aptinstall	2011-09-07 22:17:00 +0000
@@ -39,7 +39,7 @@ for dev in $DEVICES/*; do
 		[ -f $id/crypto_type ] || continue
 
 		method=$(cat $id/method)
-		[ $method = crypto ] || continue
+		[ $method = crypto ] || [ $method = crypto_keep ] || continue
 
 		type=$(cat $id/crypto_type)
 		case $type in

=== modified file 'init.d/crypto'
--- init.d/crypto	2010-05-27 09:44:55 +0000
+++ init.d/crypto	2011-09-09 12:36:17 +0000
@@ -4,6 +4,17 @@
 # setup in choose_partition/crypto/do_option.
 
 . /lib/partman/lib/base.sh
+. /lib/partman/lib/lvm-base.sh
+
+# Avoid warnings from lvm2 tools about open file descriptors
+export LVM_SUPPRESS_FD_WARNINGS=1
+
+if [ -x /sbin/vgdisplay ]; then
+	vgroups=$(/sbin/vgdisplay 2>/dev/null | grep '^[ ]*VG Name' | \
+		sed -e 's/.*[[:space:]]\(.*\)$/\1/' | sort)
+else
+	vgroups=''
+fi
 
 dev_to_devdir () {
 	echo $DEVICES/$(echo $1 | tr / =)
@@ -72,7 +83,7 @@ create_partition () {
 }
 
 create_cryptdisk () {
-	local dev id num size path cryptdev cipher
+	local dev id num size path cryptdev cipher file vg vgs
 	dev=$1
 	id=$2
 	num=$3
@@ -81,6 +92,7 @@ create_cryptdisk () {
 
 	cipher=$(cat $id/cipher)
 	keytype=$(cat $id/keytype)
+	method=$(cat $id/method)
 
 	templ="partman-crypto/text/cryptdev_description"
 	db_subst $templ CIPHER $cipher
@@ -128,17 +140,47 @@ create_cryptdisk () {
 	case $filesystem in
 		linux-swap)
 			echo swap > $cryptpart/method
-			>$cryptpart/format
+			if [ "$method" = crypto ]; then
+				>$cryptpart/format
+			else
+				rm -f $cryptpart/format
+			fi
 			;;
 
 		$default_fs)
-			echo format > $cryptpart/method
-			>$cryptpart/format
-			>$cryptpart/use_filesystem
-			echo $filesystem > $cryptpart/filesystem
+			if [ "$method" = crypto ]; then
+				echo format > $cryptpart/method
+				>$cryptpart/format
+				>$cryptpart/use_filesystem
+				echo $filesystem > $cryptpart/filesystem
+			else
+				echo keep > $cryptpart/method
+				rm -f $cryptpart/format
+			fi
 			;;
 	esac
 
+	# To avoid ordering problems between init.d/crypto and init.d/lvm,
+	# we need to duplicate a bit of the latter here, in case an existing
+	# crypto device contains an LVM PV.
+	if [ "$method" = crypto_keep ]; then
+		if pvdisplay "$cryptdev" >/dev/null 2>&1; then
+			for file in acting_filesystem filesystem format \
+				    formatable use_filesystem; do
+				rm -f $cryptpart/$file
+			done
+			echo lvm > $cryptpart/method
+			if [ ! -e $cryptpart/locked ]; then
+				vg="$(pv_get_vg "$cryptdev")"
+				for vgs in $vgroups; do
+					if [ "$vg" = "$vgs" ]; then
+						vg_lock_pvs "$vg" "$cryptdev"
+					fi
+				done
+			fi
+		fi
+	fi
+
 	update_partition $cryptdir $cryptid
 
 	echo $path:$num:$dev/$id > $cryptdir/crypt_realdev
@@ -174,7 +216,7 @@ for dev in /var/lib/partman/devices/*; d
 		[ -f $id/crypt_active ] || continue
 
 		method=$(cat $id/method)
-		[ $method = crypto ] || continue
+		[ $method = crypto ] || [ $method = crypto_keep ] || continue
 
 		if ! create_cryptdisk $dev $id $num $size $path; then
 			db_fset partman-crypto/init_failed seen false

=== modified file 'lib/crypto-base.sh'
--- lib/crypto-base.sh	2011-08-26 12:20:00 +0000
+++ lib/crypto-base.sh	2011-09-07 22:27:14 +0000
@@ -82,7 +82,7 @@ crypto_prepare () {
 	if [ "$method" = swap ]; then
 		disable_swap "$dev" "$id"
 	fi
-	if [ "$method" != crypto ]; then
+	if [ "$method" != crypto ] && [ "$method" != crypto_keep ]; then
 		crypto_prepare_method "$id" dm-crypt || return 1
 		rm -f "$id/use_filesystem"
 		rm -f "$id/format"
@@ -820,7 +820,8 @@ crypto_check_setup() {
 			[ -f $id/crypto_type ] || continue
 
 			method=$(cat $id/method)
-			if [ $method != crypto ]; then
+			if [ $method != crypto ] && \
+			   [ $method != crypto_keep ]; then
 				continue
 			fi
 			type=$(cat $id/crypto_type)

=== modified file 'update.d/crypto_visuals'
--- update.d/crypto_visuals	2007-12-05 20:18:24 +0000
+++ update.d/crypto_visuals	2011-09-07 22:16:23 +0000
@@ -37,8 +37,9 @@ cryptdev_shortname ()
 	esac
 }
 
-if [ $method = crypto ]; then
-	db_metaget partman/method_short/$method description || RET=''
+case $method in
+    crypto|crypto_keep)
+	db_metaget partman/method_short/crypto description || RET=''
 	echo ${RET:-crypto} >$id/visual_filesystem
 
 	if [ -f $id/crypt_active ]; then
@@ -52,5 +53,6 @@ if [ $method = crypto ]; then
 
 	# open_dialog CHANGE_FILE_SYSTEM $id linux-swap
 	# close_dialog
-fi
+	;;
+esac
 
-- 
Colin Watson                                       [cjwatson@ubuntu.com]

Message #49 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Ian Molton <ian@mnementh.co.uk>

To: 451535@bugs.debian.org

Subject: This bug just ate my LVM2 volume group.

Date: Sun, 30 Oct 2011 00:31:04 +0100

This bug just ate my LVM2 volume group.

Thanks for nothing.

What a stupidly named set of options.

Whoever wrote that code needs to be shot.

Thank christ I took a backup of the most important data (including my
kids first words) or I'd be really buggered now.

Also of note:  "Undo changes to partition tables" does NOT restore the
disks to their previous unmolested states.

This is NOT intuitive OR sane behaviour.

Message #56 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Streit Eric <Ericounet26200@gmail.com>

To: 451535@bugs.debian.org

Subject: lvm crypted full disk: not able to boot

Date: Thu, 13 Sep 2012 12:02:26 +0200

Hi,

I tried yesterday and today 5 or more  times to install wheezy on my
laptop with crypted lvm full disk: I could just not boot  the system
which hangs on: passphrase never recognised .

This laptop run "squeeze lvm crypted" witout problem as my other laptops
do (amd64 on this, and i386 on the others).

I tried different flavors of install disks:

net install, iso-1, dayly etc ... amd64 and i386 :(:(

I got never past the passphrase asking (and yes, I checked carefully my
passphrase).

There is also something strange with the firmware (network recognition):
I had to answer "no", but the firmwares were on a separate usb-stick:
with no as a answer, everything went ok.

best regards

Eric

Message #61 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Cyril Brulebois <kibi@debian.org>

To: Streit Eric <Ericounet26200@gmail.com>, 451535@bugs.debian.org

Subject: Re: Bug#451535: lvm crypted full disk: not able to boot

Date: Thu, 13 Sep 2012 12:18:58 +0200

[Message part 1 (text/plain, inline)]

Streit Eric <Ericounet26200@gmail.com> (13/09/2012):
> I tried yesterday and today 5 or more  times to install wheezy on my
> laptop with crypted lvm full disk: I could just not boot  the system
> which hangs on: passphrase never recognised .

Keymap issues? Try typing it as if you had a qwerty keyboard?

Mraw,
KiBi.

[signature.asc (application/pgp-signature, inline)]

Message #66 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Jayson Willson <jaysonwillson245@gmail.com>

To: 451535@bugs.debian.org

Subject: Still reproduces in 2015

Date: Sat, 18 Jul 2015 13:35:54 +0000

[Message part 1 (text/plain, inline)]

This bug still reproduces in Jessie. Any plans to fix it?

[Message part 2 (text/html, inline)]

Message #71 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Borden Rhodes <jrvp@bordenrhodes.com>

To: 451535@bugs.debian.org

Subject: RE: This bug just ate my LVM2 volume group.

Date: Sun, 2 Aug 2015 00:31:04 -0400

I totally empathise with Ian's frustration. I myself spent eight hours
trying to circumvent this 'bug', to put it mildly. I tried to follow a
half-dozen contradictory, inaccurate and incomplete walkthroughs with
no success, so I'm giving up and starting from scratch.

The walkthrough at
http://wiki.debian.org/DebianInstaller/Rescue/Crypto does not exist.

As this bug hasn't been addressed in 8 years, it may be worth giving
up on it. If so, there should at least be bold warnings to anybody
tempted to set up encrypted volumes that they will not be reusable if
one needs to reinstall Debian unless they have highly advanced
knowledge of hand-writing configuration files from rescue CDs. This
would, at least, stop hundreds of aggregate human hours from being
wasted.

Message #76 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Quentin <quentin@minster.io>

To: 451535@bugs.debian.org

Subject: Bump

Date: Wed, 07 Oct 2015 03:20:48 +0200

Bump. This is a most annoying bug and it's been around for way too long.

Colin Watson suggested around 2011/09/09 that he had a workable fix.
Is it still true? Why wasn't it committed in the end? How can we move 
forward with this?

Cheers,
Quentin

Message #85 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Pali Rohár <pali.rohar@gmail.com>

To: 451535@bugs.debian.org

Subject: Re: debian-installer: allow to 'reuse' encrypted volumes

Date: Wed, 12 Apr 2017 22:45:42 +0200

[Message part 1 (text/plain, inline)]

BUMP again. This is really annoying bug which disallow installing Debian 
on pre-formatted disks/partitions. Any progress? Was Colin Watson 
proposed patch accepted? Or what is current state of it?

-- 
Pali Rohár
pali.rohar@gmail.com

[signature.asc (application/pgp-signature, inline)]

Message #90 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Kolmar Kafran <kolmar@kafran.net>

To: 451535@bugs.debian.org

Subject: Re: Bug#451535: debian-installer: allow to 'reuse' encrypted volumes

Date: Mon, 15 May 2017 17:20:00 -0300

[Message part 1 (text/plain, inline)]

severity: critical

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I would like to say this bug still persist on Debian Stretch.

I suggest this bug to be marked as 'critical', since this could lead to
data loss.

The debian installer doesn't recognize a previous encrypted volume (Tested
with netinstall.iso). The critical is that even with workaround to
recognize the partitions on encrypted volume the installer only advances on
formating these partitions causing data-loss.

This is a long time bug and I think this could be fixed in time for Stretch
release. I don't know if the Ubuntu installer is the same but this bug
doesn't exists on Ubuntu.

How to achieve the bug:

Step 1:
On "Partition disk" go to "Configure encrypted volumes"
https://www.dropbox.com/s/xvsa2d6l4k925oz/step1.png

Step 2:
Select "Create encrypted volume". This will make anna install the necessary
packages to work with encryption.
P.s.: on Ubuntu, this step shows an option to setup an existing encrypted
volume.
https://www.dropbox.com/s/hii5g0uvewb3djq/step2.png

Step 3:
Go back.
https://www.dropbox.com/s/ckzb2r4pgirufum/step3.png

Step 4:
Do NOT save changes to disk.
https://www.dropbox.com/s/1s5r2h8x1rfi419/step4.png

Step 5:
Go back. Open a shell. Open luks volume. Activate volume group. Exit.
https://www.dropbox.com/s/658k4bqe5vzdpf1/step5.png

Step 6:
Detect disks. LVM partitions are now seen.
https://www.dropbox.com/s/6fdxpoqmef4htz6/step6.png

Step 7 (This is the critical bug):
Choosing any LVM partition and selecting to use as the previous format
system leads to "re-format" the partition. This step should ask if you want
to keep the existing file system. This could lead to /home data loss.
On Ubuntu you can choose to not format the partition at this stage.
https://www.dropbox.com/s/qmjiuv1enicg49b/step7.png

I hope this help to solve this annoying problem. Today its impossible to
install Debian on an already encrypted system without data loss.

Cheers,

Kolmar Kafran.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJZGg0ZAAoJEKrvtn5Zdulsjt4H/1Jvn4HQBqIs1mvFCCiOfGZ5
eF4/BcofxebKICqInrsqeAJSnje1iOQMvpzMKit5tysLpBF3tV01bjVzrt78m874
NwiSqwzEhFHssPJxEztmOnH2GukdRS3D/w0U1CmnG/cxF5pbDq2ufcA9a+1kJ+/L
KyebYmP7qLuDYkY0k5ZBzfdPcblkje8voSGEr02AbHxDj6N2Aq6klHSluu/thSSo
+2z5QQq6vE379S0XOETvri2Z9k9rfwOr8jFyI75NhpytWW9++6mmiy56I/RmrmA6
sCUarD3JCMyqOcTZdxcG3Vu/xRjZt+tFd3+MEGE+/79T9Z6hPOhR+0pfZuZIzfE=
=qzKR
-----END PGP SIGNATURE-----

Kolmar Kafran

http://kafran.net
http://twitter.com/doutorchefe


ü Por favor, considere a proteção ao meio ambiente antes de imprimir esse
e-mail.

[Message part 2 (text/html, inline)]

Message #95 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Ben Hutchings <ben@decadent.org.uk>

To: Kolmar Kafran <kolmar@kafran.net>, 451535@bugs.debian.org

Subject: Re: Bug#451535: debian-installer: allow to 'reuse' encrypted volumes

Date: Mon, 15 May 2017 21:26:28 +0100

[Message part 1 (text/plain, inline)]

On Mon, 2017-05-15 at 17:20 -0300, Kolmar Kafran wrote:
> severity: critical
> 
> I would like to say this bug still persist on Debian Stretch.
> 
> I suggest this bug to be marked as 'critical', since this could lead to
> data loss.
[...]

It is in the nature of an installer that it is capable of overwriting
existing data.  Based on your instructions, I think the installer
already makes it quite clear what's going to happen.

Ben.

-- 
Ben Hutchings
Humour is the best antidote to reality.

[signature.asc (application/pgp-signature, inline)]

Message #100 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Kolmar Kafran <kolmar@kafran.net>

To: 451535@bugs.debian.org

Subject: Re: Bug#451535: debian-installer: allow to 'reuse' encrypted volumes

Date: Mon, 15 May 2017 17:37:25 -0300

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Mon, 15 May 2017 21:26:28 +0100 Ben Hutchings <ben@decadent.org.uk> wrote:

> It is in the nature of an installer that it is capable of overwriting
> existing data.  Based on your instructions, I think the installer
> already makes it quite clear what's going to happen.

The documentation defines that:

> The severity levels are:
> critical
>     makes unrelated software on the system (or the whole system) break, or causes serious data loss, or introduces a security hole on systems where you install the package.

Since it is not possible to advance with the installation without
formating the partition, based on the severity levels definition, I
think this should be marked as critical.

Att,

Kolmar Kafran.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJZGhExAAoJEKrvtn5ZdulsTFwH/0HjMqYXNCefMnI4JHB9iBnC
JsMIRXz0760rfNYYC/KvsrO/YXOdvbUEkJc7XtxVgQkJFft7ZRh/HhZb86kVfmGe
PyY4N1lWXMmT0b4DpkzgoTTNYKp23ywFIIY0SRqR4qi+BbiWyE9F95dulWYDn2ST
DP1htn7CBiYuMd+CIAsSWdw4qD0ADCYqEOmjHNwozte017ZoJlXm395ffj+EEgW+
Cgp9zcpBNrfeg65gxDs5WoTz55x9o22+C9eNa8aE8gEGuzWzQH7C9GWHrHx/VLzH
t4R9elqx9zsuaaSKWVYX+2RDeVcfNZ76i+vTkFLlPzFxHN6pq7+LiocnOHxQKJ8=
=WsQa
-----END PGP SIGNATURE-----

Message #105 received at 451535@bugs.debian.org (full text, mbox, reply):

From: Ben Hutchings <ben@decadent.org.uk>

To: Kolmar Kafran <kolmar@kafran.net>, 451535@bugs.debian.org

Subject: Re: Bug#451535: debian-installer: allow to 'reuse' encrypted volumes

Date: Mon, 15 May 2017 22:59:11 +0100

[Message part 1 (text/plain, inline)]

On Mon, 2017-05-15 at 17:37 -0300, Kolmar Kafran wrote:
> On Mon, 15 May 2017 21:26:28 +0100 Ben Hutchings <ben@decadent.org.uk
> > wrote:
> 
> > It is in the nature of an installer that it is capable of
> > overwriting
> > existing data.  Based on your instructions, I think the installer
> > already makes it quite clear what's going to happen.
> 
> The documentation defines that:
> 
> > The severity levels are:
> > critical
> >     makes unrelated software on the system (or the whole system)
> > break, or causes serious data loss, or introduces a security hole
> > on systems where you install the package.
> 
> Since it is not possible to advance with the installation without
> formating the partition, based on the severity levels definition, I
> think this should be marked as critical.

You always have the option to do nothing.

Ben.

-- 
Ben Hutchings
Humour is the best antidote to reality.

[signature.asc (application/pgp-signature, inline)]

Send a report that this bug log contains spam.