Where to find failure logs

Open zamlz opened this issue 4 years ago • 2 comments

When using clevis and say the kernel or something has changed. It's clear that it won't auto-decrypt the luks partition. One of the checks for the pcr_id would have failed. I want to know and identify which ones failed. Is there some log somewhere on the filesystem that is generated that I can take a look at to identify what changed?

Jan 07 '22 22:01 zamlz

This would be a +1 for me. I'm attempting to do a run of the mill Tang+Clevis setup on Ubuntu 20.04 and for whatever reason the resulting bind to Tang isn't working with Clevis to auto-unlock on boot and I don't see anywhere to look for Clevis logs on the client system.

Feb 01 '22 22:02 kfiresmith

+1 for this, especially TPM2 troubleshooting logs.

Aug 29 '22 23:08 SkylarHoughtonIntelerad