Attempts to mount encrypted drive before decryption.

[shihaamabr]

I have my /home in a separate partition (/dev/sda3) with luks encryption. /etc/crypttab is configured to decrypt with a keyfile and /etc/fstab is configured to mount it, and it worked fine.

After converting Arch to bedrock I noticed that it attempts to mount /dev/mapper/home before it is decrypted. Later in the boot process: After login I have no home and if i run sudo mount /dev/mapper/home it does mount correctly

[shihaamabr]

I added cronjob @reboot /usr/bin/mount /dev/mapper/home I guess this works, sort of a workaround than a solution

[paradigm]

Part of how Bedrock works involves ensuring certain directories are mount points with specific properties (e.g. bind mounts), including /home. Bedrock 0.7 is designed with the assumption that these mounts are setup before any non-Bedrock software runs, including the init. Thus, Bedrock sets the mount points up before handing control off to the selected init. However, some (usually init-triggered) /etc/fstab mounting software skips mounting on locations that already have a mount point, which means they will skip mounting things like /home. To resolve this Bedrock tries to mount /etc/fstab itself. However, its facilities to do so are fairly limited. Over 0.7's life I've slowly expanded Bedrock's ability to mount increasingly complicated or obscure setups before handing control off to the init, but the fact some scenarios are still not working is sadly not surprising.

As a short term fix I'll see if I can reproduce this then:

• See if I can add /etc/crypttab support so Bedrock will mount an encrypted /home setup like yours before handing control off to the init.
• Failing that, I'll see if I can add a hijack-time check so at least it won't bite anyone else. I'll also update the website accordingly.

In the long term, I think continuing to try to expand Bedrock's pre-init faculties like this a bad strategy. A better route would be to remove the underlying design requirement that Bedrock's mount requirements are setup before the init runs. If we can move them to after the init sets up /etc/fstab, stuff like this should just work. This will make Bedrock less generic and require init-specific configuration to run Bedrock setup after /etc/fstab, but I think the trade off will be worthwhile. This is a fairly radical change to Bedrock's design and is not feasible for 0.7. I am working on this for 0.8, but that will be a long ways off.