[SOLVED] Boot encrypted LVM on LUKS with systemd-boot

smonsays · 2016-09-02 21:46:40

Hello everyone,

after running an unencrypted arch installation for a while on my laptop, I figured, it was time for an encrypted installation. Unfortunately I am not able to configure systemd-boot accordingly or rather mkinitcpio. I setup LVM on LUKS with

pvcreate /dev/mapper/lvm
vgcreate MyVol /dev/mapper/lvm
lvcreate -l 100%FREE MyVol -n root

and the installation itself worked fine. When I reboot and select the corresponding entry in systemd-boot, I get the error message:

starting version 231
ERROR: device 'dev/mapper/MyVol-root" not found. Skipping fsck.

I created the entry /boot/loader/entries/arch-encrypted.conf with the following content

title Arch Linux Encrypted
linux /vmlinuz-linux
initrd /initramfs-linux.img
options cryptdevice=UUID=8b6c3F41-cde5-468e-a503-324b081713d8:lvm root=/dev/mapper/MyVol-root quiet rw

My hooks for mkinitcpio look like this:

HOOKS="base udev autodetect modconf block encrypt lvm2 filesystems keyboard fsck"

I suppose the initial ramdisk environment is the problem, but I can't figure out what it is.

Thank you in advance

Simon

Last edited by smonsays (2016-09-03 22:46:55)

i716 · 2016-09-03 11:25:19

I have a dual boot system with Arch residing in a LVM wich is encrypted with LUKS.
In my case, I use the following HOOKS in /etc/mkinitcpio.conf:

 
HOOKS="base udev plymouth autodetect modconf block filesystems keyboard keymap plymouth-encrypt lvm2 resume fsck"

(You won't need the Plymouth related hooks if you don't use it)

Don't forget to build a new image witth

sudo mkinitcpio -p linux

Then you should have a look at your grub.conf. Make sure that you have something like this in it:

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash cryptdevice=/dev/sda4:main resume=/dev/mapper/main-swap lang=xx locale=xx_XX.UTF-8 nomodeset"

Again, use what you need. Choose a language of your choice for xx and XX. If you are usure, you can also try to append the above to the linux kernel line within grub (press e while grub is displayed, choose your Arch installation and press e again. Then go to the line that starts with "linux" and append the desired command to the end of it)

aliena · 2016-09-03 11:32:08

The error message tells you that fsck is run before encrypt, because you were not prompted for the password. Are you sure your initramfs is up to date with the config? Run

# mkinitcpio -p linux

and try again. I also assume that your UUID is set correctly. Did you follow https://wiki.archlinux.org/index.php/Dm … VM_on_LUKS (the relevant parts)?

In general your config seems fine.

EDIT: Added # to command

Last edited by aliena (2016-09-03 11:35:05)

smonsays · 2016-09-03 12:16:18

i716 wrote:

Then you should have a look at your grub.conf. Make sure that you have something like this in it:

I would like to avoid GRUB if possible, but thank you.

aliena wrote:

The error message tells you that fsck is run before encrypt, because you were not prompted for the password. Are you sure your initramfs is up to date with the config? Run
# mkinitcpio -p linux
and try again. I also assume that your UUID is set correctly. Did you follow https://wiki.archlinux.org/index.php/Dm … VM_on_LUKS (the relevant parts)?
In general your config seems fine.
EDIT: Added # to command

Yes, I followed the wiki in this part. I rerun mkinitcpio -p linux several times now, so that shouldn't be the problem. I double checked the UUID again, blkid outputs:

/dev/sda5: UUID="8b6c3F41-cde5-468e-a503-324b08a713d8 TYPE="crypto_LUKS" PARTLABEL="arch" PARTUUID="2b62fd16-8ef0-4174-98cc-016c606e9480"
/dev/mapper/lvm: UUID="mD4dct-Ri8x-weSd-yJCe-4hYs-hzjQ-fCy3mP" TYPE="LVM2_member"
/dev/mapper/Myvol-root: UUID="d2492944-0f6b-4800-a691-b66910a873fb" TYPE="ext4"

aliena · 2016-09-03 12:21:39

Are you sure with the UUIDs? Your /boot/loader/entries/arch-encrypted.conf contains

8b6c3F41-cde5-468e-a503-324b081713d8
                              ^

while your blkid tells

8b6c3F41-cde5-468e-a503-324b08a713d8
                              ^

EDIT: typo

Last edited by aliena (2016-09-03 12:23:48)

smonsays · 2016-09-03 12:44:53

Oh my bad, that was a typo in my post, in the arch.conf file, this part is correct.

smonsays · 2016-09-03 22:46:40

Ok, I redid everything from scratch and now everything works fine, I have no idea what I did wrong the first time. Thank you all!

Arch Linux

#1 2016-09-02 21:46:40

[SOLVED] Boot encrypted LVM on LUKS with systemd-boot

#2 2016-09-03 11:25:19

Re: [SOLVED] Boot encrypted LVM on LUKS with systemd-boot

#3 2016-09-03 11:32:08

Re: [SOLVED] Boot encrypted LVM on LUKS with systemd-boot

#4 2016-09-03 12:16:18

Re: [SOLVED] Boot encrypted LVM on LUKS with systemd-boot

#5 2016-09-03 12:21:39

Re: [SOLVED] Boot encrypted LVM on LUKS with systemd-boot

#6 2016-09-03 12:44:53

Re: [SOLVED] Boot encrypted LVM on LUKS with systemd-boot

#7 2016-09-03 22:46:40

Re: [SOLVED] Boot encrypted LVM on LUKS with systemd-boot

Board footer