You are not logged in.
I'm having a little trouble getting Arch running on my C720 with system encryption. I think the problem is in my last step where I configure the bootloader.
cfdisk /dev/sda to make a 128MB partition (BIOS) and rest of space LVM
cryptsetup luksFormat /dev/sda2
cryptsetup luksOpen /dev/sda2 luks
pvcreate /dev/mapper/luks
vgcreate vg0 /dev/mapper/luks
lvcreate to make 4G swap and +100%FREE root. I've only got a 32GB SSD so I'd rather not have a separate home partition.
mkfs.ext4 /dev/mapper/vg0-root and mount to /mnt
mkfs.ext2 /dev/sda1 and mount to /mnt/boot
mkswap /dev/mapper/vg0-swap
From here it's a pretty standard install, with GRUB and GPT.
Configure /etc/mkinitcpio.conf to include encrypt and lvm2 in hooks, as well as ext4 in modules.
For installing and configuring a bootloader:
pacman -S grub
grub-install --target=i386-pc --recheck /dev/sda
grub-mkconfig -o /boot/grub/grub.cfg
I am aware that I need to append cryptdevice=/dev/sda2:vg0 root=/dev/mapper/vg0-root resume=/dev/mapper/vg0-swap somewhere, but I have no idea where. In my first attempt I simply typed it into the console (with no errors returned) before installing grub, but after completing the installation the machine just got stuck on loading grub after boot.
Where and when do I append cryptdevice, root and resume? Are they supposed to be run instead of installing grub, or do they compliment it?
After completing the installation the machine just got stuck on loading grub after boot, all I can do is power down. Anything else I may have missed?
Last edited by monkeypants (2014-12-01 07:23:27)
Offline
1. Should I append cryptdevice, root and resume into /etc/default/grub before running grub-mkconfig i.e.
linux /boot/vmlinux-linux cryptdevice=/dev/sda2:vg0 root=/dev/mapper/vg0-root resume=/dev/mapper/vg0-swap ro
Does this simply append to the end of the file? Will it be obvious where to enter it?
2. Should I omit root from step one, as suggested here and here(I am using GRUB).
3. Do I need an extra EF02 boot partition of 1-2mb as well as the 128MB boot partition I've already created, as suggested here.
Last edited by monkeypants (2014-11-29 20:17:41)
Offline
I have tried following this guide, with a few modifications and to the letter. The main problems that occur with this guide is that he doesn't mkfs for the boot (sda1) and mount it, the fstab is generated incorrectly as a result of this. There is also some discrepancy in the APPEND cryptdevice= where he ends it with :luks and not :vg0 as suggested here. Incidentally, I have tried with cryptdevice=/dev/sda2:luks, cryptdevice=/dev/sda2:vg0 and cryptdevice=/dev/disk/by-uuid/xxxx:luks.
Where and when do I append cryptdevice, root and resume?
I found out that I can add it to /etc/default/grub. To GRUB_CMDLINE_LINUX I added
cryptdevice=/dev/sda2:vg0 resume=/dev/mapper/vg0-swap ro I checked /boot/grub/grub.cfg and the settings appeared to have carried over. The root path was specified (I forget where) automatically. Upon booting I would get a grub loading message and the computer would reset. Following the guide to the letter and using syslinux exhibited the same behaviour minus the grub loading message, but I believe the fstab was also incorrect as mentioned above.
I'm going to attempt a non-encrypted install as basic as possible just to see that Arch will actually install on this machine.
Last edited by monkeypants (2014-11-29 17:21:12)
Offline
It seems I cannot get Arch to boot even if I omit encryption.
In ChromeOS; Hold escape, F3 and press power to unlock developer mode. In developer mode open crosh with ctrl+alt+t
shell
sudo bash
crossystem dev_boot_usb=1 dev_boot_legacy=1Reboot and press ctrl+l to boot from the usb. Select i686 from Arch 01/11/14.
$ iw dev
$ wifi-menu foo
$ sgdisk --zap-all /dev/sda
$ cgdisk /dev/sda
create a 128M partition type ef02 (sda1)
create default rest of space partition, not type set (sda2)
$ mkfs.ext4 /dev/sda1
$ mkfs.ext4 /dev/sda2
$ mount /dev/sda2 /mnt
$ mkdir /mnt/boot
$ mount /dev/sda1 /mnt/boot
$ pacstrap -i /mnt base base-devel
accept all
$ genfstab -U -p /mnt >> /mnt/etc/fstab
checked with nano, boot and root partitions listed by UUID with correct priority (2 and 1).
$ arch-chroot /mnt /bin/bash
$ nano /etc/locale.gen
$ locale-gen
$ echo LANG=en_GB.UTF-8 > /etc/locale.conf
$ ln -s /usr/share/zoneinfo/Europe/London /etc/localtime
$ hwclock --systohc --utc
$ pacman -S iw wpa_supplicant dialog
$ passwd rosebud
my honestly real password
$ pacman -S grub
$ grub-install --target=i386-pc --recheck /dev/sda
$ grub-mkconfig -o /boot/grub/grub.cfg
I check this file but I don't really know what I'm looking out for
$ exit
$ rebootWhen the machine reboots I press ctrl+l for legacy mode and wait for the grub loading message. It appears very briefly and the machine resets.
Do I need to use legacy grub and MBR instead of grub2 and GPT?
Last edited by monkeypants (2014-11-29 20:36:03)
Offline
Select i686 from Arch 01/11/14.
Try a 64-bit install.
Offline
monkeypants wrote:Select i686 from Arch 01/11/14.
Try a 64-bit install.
I'll try that now, thanks!
Edit: Selecting 64bit from the boot menu causes the computer to reboot.
Last edited by monkeypants (2014-11-29 21:09:13)
Offline
Someone has suggested that I should not format or mount the boot partition, and that I should make it only 1mb. Do I need to change its starting position? cgdisk defaults to 2048, but iirc in a previous (uefi) install I had a 1007k partition starting at 0?
It has also been suggested that I should append mem=1024m to the boot option before the installation, does this seem reasonable?
Last edited by monkeypants (2014-11-30 17:12:44)
Offline
I've managed to get Arch working without encryption.
Syslinux:
Single partition 8300 ext4, mounted to /mnt (root).
Follow regular install for Syslinux.
GRUB:
8300 ext4, mounted to /mnt (root).
ef02 offset 32, 1007K size, no fs and not mounted.
Follow regular install for GRUB.
I attempted cryptsetup with the no-boot-partition and syslinux. This throws a warning at syslinux-install_update -iam stating that it can't set /dev/mapper/vg0-root BOOT flag. I edit the /boot/syslinux/syslinux.cfg Arch entries
APPEND cryptdevice=/dev/disk/by-uuid/xxxx:luks root=/dev/mapper/vg0-root resume=/dev/mapper/vg0-swap roIs cryptdevice supposed to end in :luks or :vg0?
Attempting to boot just hangs trying to load the bootloader menu.
With grub I edit /etc/default/grub
GRUB_CMDLINE_LINUX_DEFALT="cryptdevice=/dev/disk/by-uuid/xxxx:luks root=/dev/mapper/vg0-root resume=/dev/mapper/vg0-swap ro"grub-install complains that GRUB_CRYPTODISK_ENABLE should be set to 1, even when it is appended to /etc/default/grub. I've read that mounting the boot partition will resolve this issue, but I've not managed to get Arch working with boot parition mounted even without crypto.
grub-mkconfig spits out this error about a dozen times.
/run/lvm/lvmetad.socket connect failer: no such file or directoryThe output /boot/grub/grub.cfg seems to have taken the settings from /etc/default/grub. Booting hangs in the same fashion as syslinux, bootloader menu never appears.
Offline
I've got system encryption working with GRUB
I needed to make three partitions. Here's how I set it up in cgdisk
128MB at offset 2048 (default) type 8300 (sda1 Linux FS)
in the 1007K free space that appears above sda1, 1007K at offset 34 (default) type ef02 (sda2 BIOS)
in the free space below sda1, rest of space at default offset type 8E00 (sda3 LVM)
sda1 was set as ext4 and mounted to /mnt/boot.
sda3 is not mounted directly, the logical volumes is mounted with mount /dev/mapper/vg0-root /mnt. Any other encrypted logical volumes such as home are mounted this way. Encrypted swap on this partition is set with mkswap /dev/mapper/vg0-swap and swapon /dev/mapper/vg0-swap.
sda2 does not have a fs set and is not mounted.
as for editing /etc/default/grub CMD_GRUB_LINUX_DEFAULT:
cryptdevice=/dev/disk/by-uuid/xxxx:vg0 was correct, not xxxx:luks i.e. it is the virtual group name.
I included root=/dev/mapper/vg0-root even though it is suggested that you do not need to supply root with grub. /boot/grub/grub.cfg ended up with two entires for root, one with the UUID and the other with /dev/mapper/vg0-root.
CMD_GRUB_LINUX_DEFAULT="cryptdevice=/dev/disk/by-uuid/xxxx:vg0 root=/dev/mapper/vg0-root resume=/dev/mapper/vg0-swap ro"
linux /vmlinuz-linux root=UUID=4aaac97f-f5a0-4324-bb90-5fe82b6b21a0 rw cryptdevice=/dev/disk/by-uuid/4167188e-8533-47c9-ab9f-c1f841b6735f:vg0 root=/dev/mapper/vg0-root resume=/dev/mapper/vg0-swap ro quietHaving the 128MB /mnt/boot mounted solved the CMD_CRYPTODISK_ENABLED error. The lvmetad.socket warnings can be ignored according to the wiki.
Last edited by monkeypants (2014-12-01 05:50:43)
Offline