Issues with systemd-boot and Luks

Stonewall · 2016-06-28 01:48:19

I am trying to setup Encryption for my install
I am doing a LVM on LUKS with btrfs subvols.
my loader entry looks like this:

title Arch Linux
linux /vmlinuz-linux
initrd /intel-ucode.img
initrd /initramfs-linux.img
options cryptdevice=UUID=56d37534-eb55-4f5f-abca-7c4d035cbe58:lvm root=/dev/mapper/lvmvg-rootvol rw rootflags=subvol=@ resume=/dev/mapper/lvmvg-swapvol

I am using an NVME SSD that already has Win 10 installed

my fstab setup looks like this

# /dev/mapper/lvmvg-rootvol LABEL=btrfs
UUID=56d37534-eb55-4f5f-abca-7c4d035cbe58 /    btrfs    rw,relatime,compress=lzo,ssd,space_cache,subvolid=257,subvol=/@,subvol=@ 0 0
# /dev/mapper/lvmvg-rootvol LABEL=btrfs
UUID=56d37534-eb55-4f5f-abca-7c4d035cbe58 /home    btrfs    rw,relatime,compress=lzo,ssd,space_cache,subvolid=259,subvol=/@home,subvol=@home 0 0
# /dev/mapper/lvmvg-rootvol LABEL=btrfs
UUID=56d37534-eb55-4f5f-abca-7c4d035cbe58 /.snapshots btrfs    rw,relatime,compress=lzo,ssd,space_cache,subvolid=258,subvol=/@snapshots,subvol=@snapshots 0 0
# /dev/nvme0n1p5
UUID=8ac78df6-5c92-4b64-a71c-856e6e6725a7 /boot    ext4 rw,relatime,data=ordered 0 2
# /dev/nvme0n1p1 LABEL=SYSTEM
UUID=8450-1743 /boot/esp vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro 0 2
# /dev/mapper/lvmvg-swapvol
UUID=5cd3ec4b-b98d-4fea-bbf7-e55d4897e8a1 none swap defaults 0 0

my mkinitcpio.conf is

# vim:set ft=sh
# MODULES
# The following modules are loaded before any boot hooks are
# run. Advanced users may wish to specify all system modules
# in this array. For instance:
# MODULES="piix ide_disk reiserfs"
MODULES="crc32c-intel nvme"
# BINARIES
# This setting includes any additional binaries a given user may
# wish into the CPIO image. This is run last, so it may be used to
# override the actual binaries included by a given hook
# BINARIES are dependency parsed, so you may safely ignore libraries
BINARIES=""
# FILES
# This setting is similar to BINARIES above, however, files are added
# as-is and are not parsed in any way. This is useful for config files.
FILES=""
# HOOKS
# This is the most important setting in this file. The HOOKS control the
# modules and scripts added to the image, and what happens at boot time.
# Order is important, and it is recommended that you do not change the
# order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for
# help on a given hook.
# 'base' is _required_ unless you know precisely what you are doing.
# 'udev' is _required_ in order to automatically load modules
# 'filesystems' is _required_ unless you specify your fs modules in MODULES
# Examples:
## This setup specifies all modules in the MODULES setting above.
## No raid, lvm2, or encrypted root is needed.
# HOOKS="base"
#
## This setup will autodetect all modules for your system and should
## work as a sane default
# HOOKS="base udev autodetect block filesystems"
#
## This setup will generate a 'full' image which supports most systems.
## No autodetection is done.
# HOOKS="base udev block filesystems"
#
## This setup assembles a pata mdadm array with an encrypted root FS.
## Note: See 'mkinitcpio -H mdadm' for more information on raid devices.
# HOOKS="base udev block mdadm encrypt filesystems"
#
## This setup loads an lvm2 volume group on a usb device.
# HOOKS="base udev block lvm2 filesystems"
#
## NOTE: If you have /usr on a separate partition, you MUST include the
# usr, fsck and shutdown hooks.
HOOKS="base udev autodetect modconf block encrypt lvm2 btrfs resume filesystems keyboard fsck"
# COMPRESSION
# Use this to compress the initramfs image. By default, gzip compression
# is used. Use 'cat' to create an uncompressed image.
#COMPRESSION="gzip"
#COMPRESSION="bzip2"
#COMPRESSION="lzma"
#COMPRESSION="xz"
#COMPRESSION="lzop"
#COMPRESSION="lz4"
# COMPRESSION_OPTIONS
# Additional options for the compressor
#COMPRESSION_OPTIONS=""

when I try to boot I get:

:: running early hooks
starting version 230
: running early hook [lvm2]
:: running hook [udev]
:: triggering uevents
:: running hook [encrypt]
wating 10 seconds for device /dev/disk/by-uuid/56d37534-eb55-4f5f-abca-7c4d035cbe58 ...
[ 4.010186] sd 3:0:0:0: [sda] no caching mode found
[ 4.0102747] sd 3:0:0:0: [sda] assuming drive cache: write through
:: running hock [btrfs]
Scanning for Btrfs filesystems
Waiting 10 seconds for device /dev/mapper/lvmvg-swapvol ...
ERROR: resume: hibernation device '/dev/mapper/lvmvg-swapvol' not found
waiting 10 seconds for device /dev/mapper/lvmvg-rootvol ...
ERROR: device '/dev/mapper/lvmvg-rootvol' not found. skipping fsck.
ERROR: unable to find root device '/dev/mapper/lvmvg-rootvol' .
You are being dropped to recovery shell

Last edited by Stonewall (2016-06-28 02:01:27)

Slithery · 2016-06-28 11:19:27

It looks like the cryptdevice UUID in your bootloader entry is incorrect, it needs to point to the actual encrypted partition not the decrypted btrfs partition.

(Also you don't need the btrfs hook in MODULES but that shouldn't cause any issues).

teateawhy · 2016-06-28 21:48:19

Boot issues aside, is there a particular reason you want to have btrfs filesystems inside of LVM volumes? As far as i know you can use btrfs subvolumes and get rid of LVM.
EDIT: Already using subvolumes...

Last edited by teateawhy (2016-06-28 21:49:33)

Stonewall · 2016-06-29 00:27:31

slithery wrote:

It looks like the cryptdevice UUID in your bootloader entry is incorrect, it needs to point to the actual encrypted partition not the decrypted btrfs partition.

Thanks that was the issue.

teateawhy wrote:

Boot issues aside, is there a particular reason you want to have btrfs filesystems inside of LVM volumes? As far as i know you can use btrfs subvolumes and get rid of LVM.
EDIT: Already using subvolumes...

I wanted an encrypted swap as well.

Arch Linux

#1 2016-06-28 01:48:19

Issues with systemd-boot and Luks

#2 2016-06-28 11:19:27

Re: Issues with systemd-boot and Luks

#3 2016-06-28 21:48:19

Re: Issues with systemd-boot and Luks

#4 2016-06-29 00:27:31

Re: Issues with systemd-boot and Luks

Board footer