FDE: snap recovery --show-keys hangs, times out
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
snapd (Ubuntu) |
Confirmed
|
Undecided
|
Alfonso Sanchez-Beato |
Bug Description
I installed mantic in a VM from the 2023-09-18 iso image. The VM has a TPM2 device, and booted with secure boot. I selected the TPM encryption option, and finished the install.
Upon first boot, I logged in via gdm, opened a shell, and ran `snap recover --show-keys`, which did show me what looked like a key. I then installed openssh, logged in remotely, and ran `snap recover --show-keys` again, but this time it got stuck, and eventually timed out:
root@mantic-tpm:~# snap recovery --show-keys
error: cannot communicate with server: timeout exceeded while waiting for response
root@mantic-tpm:~#
While it was stuck, I ran the ps command, and saw this (long command line truncated in the output):
3018 ? Ssl 0:00 /usr/lib/
3024 ? Z 0:00 \_ [cryptsetup] <defunct>
I then installed all available mantic updates, rebooted, tried again, but the same thing happened.
Right now I have these versions:
snapd 2.60.3+23.10.1
Oh, and looks like even "snap list" is stuck, but this might be because I still have the snap-fde-keymgr and the defunct cryptsetup in the process list.
Lemme reboot.
Ok, after reboot, snap list works:
$ snap list
Name Version Rev Tracking Publisher Notes
bare 1.0 5 latest/stable canonical✓ base
core22 20230801 864 latest/stable canonical✓ base
firefox 117.0.1-2 3145 latest/stable/… mozilla✓ -
gnome-42-2204 0+git.ff35a85 126 latest/stable/… canonical✓ -
gtk-common-themes 0.1-81-g442e511 1535 latest/stable/… canonical✓ -
pc 23.04-0.1 154 classic-
pc-kernel 6.5.0.5.7 1415 23.10/stable canonical✓ kernel
snap-store 0+git.888baba 1040 latest/stable/… canonical✓ -
snapd 2.60.3 20092 latest/stable canonical✓ snapd
snapd-desktop-
When I run `snap recovery --show-keys`, it gets stuck, and `snap list` stops working.
Other info:
The moment I run "snap recovery --show-keys", it still gets stuck, and I see this in the journal (yes, twice):
Sep 19 14:52:00 mantic-tpm systemd[1]: Starting run-u74.service - /usr/lib/
Sep 19 14:52:00 mantic-tpm systemd[1]: Started run-u74.service - /usr/lib/
description: | updated |
description: | updated |
description: | updated |
Status changed to 'Confirmed' because the bug affects multiple users.