You are not logged in.
I'm having issues with my workstation.
On my desktop, I am trying to copy my root partition to an SSD and switching to LVM on LUKS there as well. I have a ~400mb boot partition, and set up the encrypted partition with root filesystem, to which I have cloned the existing root partition using rsync. I've gotten grub installed there and grub will load and then try to boot, but instead of prompting me for a password to unlock my partition when booting, grub fails to run cryptsetup and instead simply dumps to an emergency shell.
I have set up everything basically according to the instructions on the wiki.
EDIT:
Ditched Grub, installed syslinux, everything is fine.
Last edited by thoss (2015-03-12 23:23:26)
Offline
Desktop:
grub fails to run cryptsetup
Why no use the initramfs to unlock the root partition, instead of GRUB?
Offline
Desktop:
Why no use the initramfs to unlock the root partition, instead of GRUB?
Hmm. I think this is what I've got set up. I run mkinitcpio after editing mkinitcpio.conf and adding the lvm2 and encrypt hooks. Also in grub I have set
cryptdevice=/dev/sdbX:vgnameroot=/dev/mapper/vgname-lvnameJust like on my laptop (which works great and has for many months).
On my laptop, while booting, after GRUB, I get a message "starting version 218" and then am prompted for a password to unlock the encrypted volume. However, on the desktop after that message the boot sequence starts to fsck'ing various attached volumes and then fails to find the root partition I've pointed it to, dropping to an emergency shell.
edit: Okay I just rebooted my system. I noticed that I don't get the 'loading initial ramdisk' message after GRUB's menu and before 'starting version 218', does this mean that the initramfs is not being loaded properly?
Last edited by thoss (2015-02-22 11:42:39)
Offline
What is your HOOKS line? Have you enabled systemd on the initramfs?
Offline
After adding systemd and changing encrypt to sd-encrypt and lvm2 to sd-lvm2 I've got...
base systemd autodetect modconf block sd-encrypt sd-lvm2 resume filesystem keyboard fsck
before it was
base udev autodetect modconf block encrypt lvm2 resume filesystem keyboard fsck
Offline
/etc/default/grub
GRUB_DEFAULT=saved
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="Arch"
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash nomodeset"
GRUB_CMDLINE_LINUX="cryptdevice=/dev/sdb2:ssd root=/dev/mapper/ssd-root0 resume=/dev/mapper/ssd-swap"
# Preload both GPT and MBR modules so that they are not missed
GRUB_PRELOAD_MODULES="part_gpt part_msdos"
# Uncomment to enable Hidden Menu, and optionally hide the timeout count
#GRUB_HIDDEN_TIMEOUT=5
#GRUB_HIDDEN_TIMEOUT_QUIET=true
# Uncomment to use basic console
GRUB_TERMINAL_INPUT=console
# Uncomment to disable graphical terminal
#GRUB_TERMINAL_OUTPUT=console
# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command `vbeinfo'
GRUB_GFXMODE=auto
# Uncomment to allow the kernel use the same resolution used by grub
GRUB_GFXPAYLOAD_LINUX=keep
# Uncomment if you want GRUB to pass to the Linux kernel the old parameter
# format "root=/dev/xxx" instead of "root=/dev/disk/by-uuid/xxx"
#GRUB_DISABLE_LINUX_UUID=true
# Uncomment to disable generation of recovery mode menu entries
GRUB_DISABLE_RECOVERY=true
# Uncomment and set to the desired menu colors. Used by normal and wallpaper
# modes only. Entries specified as foreground/background.
#GRUB_COLOR_NORMAL="light-blue/black"
#GRUB_COLOR_HIGHLIGHT="light-cyan/blue"
# Uncomment one of them for the gfx desired, a image background or a gfxtheme
#GRUB_BACKGROUND="/path/to/wallpaper"
#GRUB_THEME="/path/to/gfxtheme"
# Uncomment to get a beep at GRUB start
#GRUB_INIT_TUNE="480 440 1"
GRUB_SAVEDEFAULT="true"mkinitcpio.conf
# vim:set ft=sh
# MODULES
# The following modules are loaded before any boot hooks are
# run. Advanced users may wish to specify all system modules
# in this array. For instance:
# MODULES="piix ide_disk reiserfs"
MODULES=""
# BINARIES
# This setting includes any additional binaries a given user may
# wish into the CPIO image. This is run last, so it may be used to
# override the actual binaries included by a given hook
# BINARIES are dependency parsed, so you may safely ignore libraries
BINARIES=""
# FILES
# This setting is similar to BINARIES above, however, files are added
# as-is and are not parsed in any way. This is useful for config files.
FILES=""
# HOOKS
# This is the most important setting in this file. The HOOKS control the
# modules and scripts added to the image, and what happens at boot time.
# Order is important, and it is recommended that you do not change the
# order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for
# help on a given hook.
# 'base' is _required_ unless you know precisely what you are doing.
# 'udev' is _required_ in order to automatically load modules
# 'filesystems' is _required_ unless you specify your fs modules in MODULES
# Examples:
## This setup specifies all modules in the MODULES setting above.
## No raid, lvm2, or encrypted root is needed.
# HOOKS="base"
#
## This setup will autodetect all modules for your system and should
## work as a sane default
# HOOKS="base udev autodetect block filesystems"
#
## This setup will generate a 'full' image which supports most systems.
## No autodetection is done.
# HOOKS="base udev block filesystems"
#
## This setup assembles a pata mdadm array with an encrypted root FS.
## Note: See 'mkinitcpio -H mdadm' for more information on raid devices.
# HOOKS="base udev block mdadm encrypt filesystems"
#
## This setup loads an lvm2 volume group on a usb device.
# HOOKS="base udev block lvm2 filesystems"
#
## NOTE: If you have /usr on a separate partition, you MUST include the
# usr, fsck and shutdown hooks.
HOOKS="base systemd autodetect modconf block sd-encrypt sd-lvm2 resume filesystems keyboard fsck"
# COMPRESSION
# Use this to compress the initramfs image. By default, gzip compression
# is used. Use 'cat' to create an uncompressed image.
#COMPRESSION="gzip"
#COMPRESSION="bzip2"
#COMPRESSION="lzma"
#COMPRESSION="xz"
#COMPRESSION="lzop"
#COMPRESSION="lz4"
# COMPRESSION_OPTIONS
# Additional options for the compressor
#COMPRESSION_OPTIONS=""Offline
Please read my post again. It only contains questions, i didn't command you to switch to the systemd hook.
I assume that you want to try this out now?
The configuration you have posted is wrong. Read the wiki article on "mkinitcpio" to figure it out. For example, the base hook is replaced by the systemd hook, so remove it.
You also need to create and configure /etc/crypttab.initramfs, and the kernel parameters for encryption can be left out with systemd on initramfs.
Offline
OK - I misinterpereted your question. Nevertheless, I tried the systemd configuration -- I had read about it before and read about it again before trying it.
The wiki article suggests leaving the base hook in for the emergency shell, so I did.
Is there anything else wrong with either of those configs... other than not setting up crypttab for systemd?
Offline
The wiki article suggests leaving the base hook in for the emergency shell, so I did.
Ahh, ok.
Is there anything else wrong with either of those configs... other than not setting up crypttab for systemd?
1. I think you can't use the resume hook with systemd. There is another way to configure resuming though.
2. Systemd does not understand this parameter:
cryptdevice=/dev/sdb2:ssdJust remove it.
3. For the crypttab you need something like this:
cat /etc/crypttab.initramfs
encryptedVolumeGroup /dev/sdx - luks,allow-discardsI added allow-discards because you use an ssd.
Offline
Thanks for your help on this. Ultimately I couldn't determine what was causing the problem and installed Syslinux, which was a breeze.
edit: Am I supposed to put [SOLVED] up at the top now?
Last edited by thoss (2015-03-12 04:24:29)
Offline
Yes, edit the first post to do it.
Offline