You are not logged in.

#1 2018-12-28 16:08:49

handella
Member
Registered: 2018-12-28
Posts: 6

[SOLVED] Stuck at grub-mkconfig - Encrypted Install

Hi guys!

I've installed Arch several times now and I want my main computer to be fully encrypted!

So I followed this guide LVM on LUKS with encrypted Boot Partition in combination with the usual installation guide (Arch Installation).

This is what I came up with:

fdisk -l

dd if=/dev/urandom of=/dev/sdX bs=4M status=progress

fdisk /dev/sdX
	g

	Partition	Size		Type
	/dev/sdX1	512M		EFI System
	/dev/sdX2	256M		Linux filesystem
	/dev/sdX3	left space	Linux LVM

	p

	w




cryptsetup luksFormat --type luks2 /dev/sdX3

cryptsetup open /dev/sdX3 cryptlvm

pvcreate /dev/mapper/cryptlvm

vgcreate volgroup /dev/mapper/cryptlvm

lvcreate -L 8G volgroup -n swap
lvcreate -L 32G volgroup -n root
lvcreate -l 100%FREE volgroup -n home

mkfs.ext4 /dev/volgroup/root
mkfs.ext4 /dev/volgroup/home
mkswap /dev/volgroup/swap

mount /dev/volgroup/root /mnt
mkdir /mnt/home
mount /dev/volgroup/home /mnt/home
swapon /dev/volgroup/swap

cryptsetup luksFormat /dev/sdX2

cryptsetup open /dev/sdX2 cryptboot

mkfs.ext4 /dev/mapper/cryptboot

mkdir /mnt/boot
mount /dev/mapper/cryptboot /mnt/boot

mkfs.fat -F32 /dev/sdX1

mkdir /mnt/efi
mount /dev/sdX1 /mnt/efi

lsblk
	NAME                MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
	sdX                 8:0      0   200G  0 disk
	├─sdX1              8:2      0   512M  0 part  /efi
	├─sdX2              8:3      0   256M  0 part
	│ └─cryptboot       254:0    0   254M  0 crypt /boot
	└─sdX3              8:4      0   128G  0 part
	  └─cryptlvm        254:1    0   128G  0 crypt
	    ├─volgroup-swap 254:2    0     8G  0 lvm   [SWAP]
	    ├─volgroup-root 254:3    0    32G  0 lvm   /
	    └─volgroup-home 254:4    0    98G  0 lvm   /home

pacstrap /mnt base

genfstab -U /mnt >> /mnt/etc/fstab




arch-chroot /mnt

passwd

ln -sf /usr/share/zoneinfo/MYREGION/MYCITY /etc/localtime

hwclock --systohc

# uncomment locale in '/etc/locale.gen'

locale-gen

echo 'LANG=en_US.UTF-8' > /etc/locale.conf




pacman -S grub efibootmgr dosfstools gptfdisk

nano /etc/mkinitcpio.conf
	HOOKS=(base udev autodetect keyboard keymap consolefont modconf block encrypt lvm2 filesystems fsck)

mkinitcpio -p linux

# uncomment 'GRUB_ENABLE_CRYPTODISK=y' in '/etc/default/grub'

grub-install --target=x86_64-efi --efi-directory=/efi --bootloader-id=grub --recheck --debug

nano /etc/default/grub
	GRUB_CMDLINE_LINUX="... cryptdevice=/dev/sdX3:cryptlvm ..."

nano /etc/crypttab
	cryptboot	/dev/sdX2	none	luks

grub-mkconfig -o /boot/grub/grub.cfg

And then nothing happens for 30 minutes and I quit the process. I've gone through the installation about 4 times now. In a VM and on physical hardware and I've followed the exact steps in this video in a VM with UEFI enabled too Installing Arch Linux (with EFI, encryption, LVM) after following the wiki, but the same thing happens... It freezes after running grub-mkconfig -o /boot/grub/grub.cfg!

Am I missing something, or is it a bug?

Last edited by handella (2018-12-28 20:12:47)

Offline

#2 2018-12-28 16:53:24

livaesim
Member
Registered: 2018-12-28
Posts: 3

Re: [SOLVED] Stuck at grub-mkconfig - Encrypted Install

Offline

#3 2018-12-28 17:12:40

2ManyDogs
Forum Moderator
Registered: 2012-01-15
Posts: 2,377

Re: [SOLVED] Stuck at grub-mkconfig - Encrypted Install

Offline

#4 2018-12-28 20:11:20

handella
Member
Registered: 2018-12-28
Posts: 6

Re: [SOLVED] Stuck at grub-mkconfig - Encrypted Install

livaesim wrote:

Thank you! It works now!

Offline

#5 2019-01-04 19:42:44

boonana
Member
Registered: 2015-08-12
Posts: 4

Re: [SOLVED] Stuck at grub-mkconfig - Encrypted Install

Thanks for this thread! Got stuck at this problem for 2 days now.

Maybe this should be added somewhere in the wiki.

Offline

#6 2019-02-01 08:48:20

mikebutash
Member
Registered: 2017-05-01
Posts: 5

Re: [SOLVED] Stuck at grub-mkconfig - Encrypted Install

I've been struggling for weeks to get my laptop booting with arch doing lvm on luks, sounds like roughly the same issue, but none of the posted workarounds work...  Using grub-mkconfig, os-prober never finishes without lvmetad, but I can't get anything work with lvmetad even when running.  Unlocking and starting the lvm volumes is never an issue manually, just the kernel being built doesn't seem to find the volumes in any way (uuid, partition) even when I do get grub to boot off a grub.cfg normally.

I finally had to make my own grub.cfg manually from a working ubuntu install on the same drive, and still the arch initramfs kernel will not boot.  It doesn't seem to be grub, but rather it seems the kernel still isn't trying to decrypt the luks volume, it just errors out in grub and gives up.  Oddly when setting the base root to be even the fat efi partition or a standard ext2 /boot, it doesn't see the uuid or direct partition defined any way.  I have the proper mkinitcpio.conf defined, as this setup works on my primary desktop, and use my hooks exactly from it that boots fine.  It just seems... broken.

The install procedure at this point is just broken for anyone duplicating a lvm on luks setup, anyone figure any other workarounds for this?  Happy to post my configs, but everything for my system is rather typical of examples, other than the disk is an nvme, but again so is my other system.

Booting the same grub to ubuntu or windoze works fine, though ubuntu's grub found the vmlinuz images built by arch and tried it, but that kernel wouldn't bootstrap to find ubuntu's volumes either, so definitely seems something is not building properly with arch's kernel here.  I updated to latest systemd for reported booting bugs there, still same issue however.  Seems bigger upstream issues afoot...

Offline

Board footer

Powered by FluxBB