You are not logged in.

Pages: 1

#1 2016-12-10 00:31:37

ledbettj
Member
From: Atlanta
Registered: 2012-10-14
Posts: 35
Website

booting disk encryption with btrfs subvolume root?

Hi,

Trying to setup a disk with an encrypted btrfs subvolume root.  On boot, I can't seem to get the password prompt to decrypt -- instead I see:

a job is running for dev-mapper-system [..]

Once that times out, I can manually mount the device and resume booting with

cryptsetup luksOpen /dev/disk/by-label/cryptsystem system

Not sure what I'm missing from my setup to get the password prompt on boot. 

lsblk:

[john@halcyon ~]$ lsblk -o NAME,LABEL,UUID,TYPE,MOUNTPOINT
NAME        LABEL  UUID                                 TYPE  MOUNTPOINT
nvme0n1                                                 disk  
├─nvme0n1p3        cf386dbb-dcc0-4825-ac39-a95b9902664e part  
│ └─system  system 7e149d23-bf25-4aa8-8f46-b6fd9c434c29 crypt /home
├─nvme0n1p1 EFI    19E3-F067                            part  /boot
└─nvme0n1p2 swap   50446fe1-50d8-4081-aa14-2cb22c21c965 part  [SWAP]

fstab:

[john@halcyon ~]$ cat /etc/fstab 
# /dev/mapper/system UUID=7e149d23-bf25-4aa8-8f46-b6fd9c434c29
LABEL=system        	/         	btrfs     	rw,noatime,compress=lzo,ssd,space_cache,subvolid=257,subvol=/root,subvol=root	0 0

# /dev/mapper/system UUID=7e149d23-bf25-4aa8-8f46-b6fd9c434c29
LABEL=system        	/home     	btrfs     	rw,noatime,compress=lzo,ssd,space_cache,subvolid=258,subvol=/home,subvol=home	0 0

# /dev/mapper/system UUID=7e149d23-bf25-4aa8-8f46-b6fd9c434c29
LABEL=system        	/.snapshots	btrfs     	rw,noatime,compress=lzo,ssd,space_cache,subvolid=259,subvol=/snapshots,subvol=snapshots	0 0

# /dev/nvme0n1p1 UUID=19E3-F067
LABEL=EFI           	/boot     	vfat      	rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro	0 2

# /dev/nvme0n1p2 UUID=50446fe1-50d8-4081-aa14-2cb22c21c965
LABEL=swap          	none      	swap      	defaults  	0 0

mkinitcpio.conf HOOKS:

HOOKS="base udev systemd autodetect modconf block keyboard keymap encrypt filesystems fsck"

bootctl config:

[john@halcyon ~]$ cat /boot/loader/entries/arch.conf
title Arch Linux
linux /vmlinuz-linux
initrd /initramfs-linux.img
options cryptdevice=UUID=cf386dbb-dcc0-4825-ac39-a95b9902664e:system root=/dev/mapper/system quiet rw rootflags=subvol=root

Any help would be awesome, cheers.

Last edited by ledbettj (2016-12-10 00:37:38)

Offline

#2 2016-12-10 02:14:19

cypher_zero
Member
Registered: 2014-10-23
Posts: 50

Re: booting disk encryption with btrfs subvolume root?

It sounds like the the partition isn't trying to decrypt automatically on boot...

Try adding this to your /etc/crypttab:

system /dev/disk/by-uuid/[UUID-of-BTRFS-partition]

Then update bootctl

Offline

#3 2016-12-17 20:20:32

soaringowl2145
Member
Registered: 2016-12-17
Posts: 49

Re: booting disk encryption with btrfs subvolume root?

You will need to edit your /etc/default/grub.

Modify the line that says, "GRUB_CMDLINE_LINUX".  This should say something like cryptdevice=device:dmname


https://wiki.archlinux.org/index.php/Dm … ryptdevice

When this is done you will need to update grub using:

sudo grub-mkconfig -o /boot/grub/grub.cfg

Last edited by soaringowl2145 (2016-12-17 20:33:33)

Offline

#4 2016-12-18 22:21:12

Slithery
Administrator
From: Norfolk, UK
Registered: 2013-12-01
Posts: 5,776

Re: booting disk encryption with btrfs subvolume root?

Remove systemd from your HOOKS and then rebuild your initramfs.

Last edited by Slithery (2016-12-18 22:23:26)

No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

Offline

#5 2016-12-19 07:20:18

DCengineer
Member
Registered: 2015-12-11
Posts: 15

Re: booting disk encryption with btrfs subvolume root?

I actually did this last year, and I wrote notes on the whole process. Hopefully it helps.

Offline

#6 2016-12-22 20:14:56

ledbettj
Member
From: Atlanta
Registered: 2012-10-14
Posts: 35
Website

Re: booting disk encryption with btrfs subvolume root?

Updating cryptab didn't seem to help at all.  On my current desktop, this file is empty even with encrypted root partition. 

Modify the line that says, "GRUB_CMDLINE_LINUX".  This should say something like cryptdevice=device:dmname

I'm using systemd-boot (gummiboot), not grub.  I assume this isn't applicable to that?

WRT the HOOKS and notes provided -- thanks! I returned the laptop since it came with a screen defect, so I can't test out any new solutions sad  Will definitely give it a shot again when the new one arrives.

Offline

Pages: 1

Board footer

Powered by FluxBB