[SOLVED] Please help set up simple partition layout with LUKS

Watney · 2015-05-24 04:13:00

I'm trying to setup a simple partition with LUKS. A few details

$ lsblk -f 
-sda7                            
| `-cryptroot (dm-2)              /mnt     # my root file system 
...
`-sda14                           /mnt/boot  # my /boot directory

$ cat /mnt/etc/fstab
# I'm not sure how to mount /dev/sda7, but neither of the following work 
# /dev/sda7                          /                 ext4            rw,relatime,data=ordered,discard        0 1
/dev/mapper/cryptroot           /                 ext4            rw,relatime,data=ordered,discard        0 1
/dev/sda14                           /boot           ext4            rw,relatime,data=ordered,discard        0 2

$ cat /mnt/etc/default/grub
GRUB_CMDLINE_LINUX_DEFAULT="quiet tpm_tis.interrupts=0 modprobe.blacklist=ehci_pci cryptdevice=/dev/sda7:cryptroot"
GRUB_CMDLINE_LINUX=""

$ cat /mnt/etc/mkinitcpio.conf
MODULES="ext4"
...
HOOKS="base udev autodetect modconf block encrypt filesystems keyboard fsck"

I chrooted in and updated mkinitcpio and grub, but it still refuses to boot. It stops at grub and reports unknown file system.

Any idea what I'm doing wrong? Thanks!!

[Edit] A bit more information. I edited the fstab to use the UUID corresponding to that of cryptroot, updated grub, but it still refuses to boot, reporting unknown file system.

$ ls -l /dev/disk/by-uuid
3d2a864e-cf97-4f07-a64d-e45a893fa7d1 -> ../../dm-2
ac074567-34aa-44dd-ab6c-a9f51e334190 -> ../../sda7
eda5bff9-44a2-4293-a977-d11be6bfcae3 -> ../../sda14

$ cat /mnt/etc/fstab
# <file system> <dir>   <type>  <options>       <dump>  <pass>
UUID=3d2a864e-cf97-4f07-a64d-e45a893fa7d1       /               ext4            rw,relatime,data=ordered,discard       0 1
UUID=eda5bff9-44a2-4293-a977-d11be6bfcae3       /boot           ext4            rw.relatime,data=ordered,discard       0 2

Last edited by Watney (2015-05-24 18:15:10)

esa · 2015-05-24 13:34:43

Have you defined the cryptlabel in /etc/crypttab?
Similar to:

$ sudo cat /etc/crypttab 
luks-1234-1234-1234-1234 UUID=1234-1234-1234-1234 none

Then in fstab:

/dev/mapper/luks-1234-1234-1234-1234 / ext4 defaults 0 0

Hope this helps

Watney · 2015-05-24 17:13:26

esa wrote:

Have you defined the cryptlabel in /etc/crypttab?

No, I didn't create a crypttab file. I understand the Wiki to say that you only need a crypttab file if you are opening multiple LUKS partitions. Since I'm only opening / (sans /boot) I understand that mkinitcpio will prompt a password to open the one partition.

Maybe I'm confused!

Watney · 2015-05-24 18:17:45

For the good of the community, I solved this by reinstalling grub. Merely, rebuilding grub was insufficient. Also, if you are only encrypting one partition, / in my case, it's not necessary to configure crypttab. The / partition is opened by the hook in mkinitcpio.conf.

Arch Linux

#1 2015-05-24 04:13:00

[SOLVED] Please help set up simple partition layout with LUKS

#2 2015-05-24 13:34:43

Re: [SOLVED] Please help set up simple partition layout with LUKS

#3 2015-05-24 17:13:26

Re: [SOLVED] Please help set up simple partition layout with LUKS

#4 2015-05-24 18:17:45

Re: [SOLVED] Please help set up simple partition layout with LUKS

Board footer