You are not logged in.

#1 2018-03-19 20:35:39

Hmail
Member
Registered: 2012-03-14
Posts: 14

[SOLVED] Plain dm-crypt install fails on grub

Hi all,

I am trying to get the plain dm-crypt from https://wiki.archlinux.org/index.php/Dm … n_dm-crypt working. However, the part where grub is instructed to use the encryption doesn't seem to work. I modified the /etc/default/grub file, but no matter what I put in this file, I keep getting the same /boot/grub/grub.cfg file. I even tried putting in complete garbage, but I still got the same file.
Curiously though, the file itself does seem to be used, because as soon as I remove a quotation mark from it, the grub-mkconfig process reports an error.

note: I made one change from the tutorial, instead of using /dev/sda for the root device, /dev/sdb for boot and /dev/sdc for the key, I use /dev/sdc for root, dev/sda for boot and /dev/sdb for the key. This is due to some stuff in Virtualbox that makes it impossible to boot from another device except the first.

So, this is what I have in my /etc/default/grub:

# GRUB boot loader configuration

GRUB_DEFAULT=0
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="Arch"
GRUB_CMDLINE_LINUX_DEFAULT="quiet"
GRUB_CMDLINE_LINUX="cryptdevice=/dev/disk/by-id/ata-VBOX_HARDDISK_VB5e8f1bd6-008a49b9:cryptlvm cryptkey=/dev/disk/by-id/ata-VBOX_HARDDISK_VB223e092f-79453574:0:512 crypto=sha512:twofish-xts-plain64:512:0:"

# Preload both GPT and MBR modules so that they are not missed
GRUB_PRELOAD_MODULES="part_gpt part_msdos"

# Uncomment to enable booting from LUKS encrypted devices
GRUB_ENABLE_CRYPTODISK=y

# Uncomment to enable Hidden Menu, and optionally hide the timeout count
#GRUB_HIDDEN_TIMEOUT=5
#GRUB_HIDDEN_TIMEOUT_QUIET=true

# Uncomment to use basic console
GRUB_TERMINAL_INPUT=console

# Uncomment to disable graphical terminal
#GRUB_TERMINAL_OUTPUT=console

# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command `vbeinfo'
GRUB_GFXMODE=auto

# Uncomment to allow the kernel use the same resolution used by grub
GRUB_GFXPAYLOAD_LINUX=keep

# Uncomment if you want GRUB to pass to the Linux kernel the old parameter
# format "root=/dev/xxx" instead of "root=/dev/disk/by-uuid/xxx"
#GRUB_DISABLE_LINUX_UUID=true

# Uncomment to disable generation of recovery mode menu entries
GRUB_DISABLE_RECOVERY=true

# Uncomment and set to the desired menu colors.  Used by normal and wallpaper
# modes only.  Entries specified as foreground/background.
#GRUB_COLOR_NORMAL="light-blue/black"
#GRUB_COLOR_HIGHLIGHT="light-cyan/blue"

# Uncomment one of them for the gfx desired, a image background or a gfxtheme
#GRUB_BACKGROUND="/path/to/wallpaper"
#GRUB_THEME="/path/to/gfxtheme"

# Uncomment to get a beep at GRUB start
#GRUB_INIT_TUNE="480 440 1"

# Uncomment to make GRUB remember the last selection. This requires to
# set 'GRUB_DEFAULT=saved' above.
#GRUB_SAVEDEFAULT="true"

This is what grub makes of it:

#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_header ###
insmod part_gpt
insmod part_msdos
if [ -s $prefix/grubenv ]; then
  load_env
fi
set default="0"

if [ x"${feature_menuentry_id}" = xy ]; then
  menuentry_id_option="--id"
else
  menuentry_id_option=""
fi

export menuentry_id_option

if [ "${prev_saved_entry}" ]; then
  set saved_entry="${prev_saved_entry}"
  save_env saved_entry
  set prev_saved_entry=
  save_env prev_saved_entry
  set boot_once=true
fi

function savedefault {
  if [ -z "${boot_once}" ]; then
    saved_entry="${chosen}"
    save_env saved_entry
  fi
}

function load_video {
  if [ x$feature_all_video_module = xy ]; then
    insmod all_video
  else
    insmod efi_gop
    insmod efi_uga
    insmod ieee1275_fb
    insmod vbe
    insmod vga
    insmod video_bochs
    insmod video_cirrus
  fi
}

if [ x$feature_default_font_path = xy ] ; then
   font=unicode
else
insmod part_msdos
insmod ext2
set root='hd0,msdos5'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos5 --hint-efi=hd0,msdos5 --hint-baremetal=ahci0,msdos5  ad4103fa-d940-47ca-8506-301d8071d467
else
  search --no-floppy --fs-uuid --set=root ad4103fa-d940-47ca-8506-301d8071d467
fi
    font="/usr/share/grub/unicode.pf2"
fi

if loadfont $font ; then
  set gfxmode=auto
  load_video
  insmod gfxterm
  set locale_dir=$prefix/locale
  set lang=en_US
  insmod gettext
fi
terminal_input console
terminal_output gfxterm
set timeout=5
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/10_linux ###
menuentry 'Arch Linux, with Linux core repo kernel' --class arch --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-core repo kernel-true-ad4103fa-d940-47ca-8506-301d8071d467' {
	load_video
	set gfxpayload=keep
	insmod gzio
	insmod part_msdos
	insmod ext2
	set root='hd0,msdos5'
	if [ x$feature_platform_search_hint = xy ]; then
	  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos5 --hint-efi=hd0,msdos5 --hint-baremetal=ahci0,msdos5  ad4103fa-d940-47ca-8506-301d8071d467
	else
	  search --no-floppy --fs-uuid --set=root ad4103fa-d940-47ca-8506-301d8071d467
	fi
	echo	'Loading Linux core repo kernel ...'
	linux	/boot/vmlinuz-linux root=UUID=ad4103fa-d940-47ca-8506-301d8071d467 rw  quiet
	echo	'Loading initial ramdisk ...'
	initrd	/boot/initramfs-linux.img
}
menuentry 'Arch Linux, with Linux core repo kernel (Fallback initramfs)' --class arch --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-core repo kernel-fallback-ad4103fa-d940-47ca-8506-301d8071d467' {
	load_video
	set gfxpayload=keep
	insmod gzio
	insmod part_msdos
	insmod ext2
	set root='hd0,msdos5'
	if [ x$feature_platform_search_hint = xy ]; then
	  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos5 --hint-efi=hd0,msdos5 --hint-baremetal=ahci0,msdos5  ad4103fa-d940-47ca-8506-301d8071d467
	else
	  search --no-floppy --fs-uuid --set=root ad4103fa-d940-47ca-8506-301d8071d467
	fi
	echo	'Loading Linux core repo kernel ...'
	linux	/boot/vmlinuz-linux root=UUID=ad4103fa-d940-47ca-8506-301d8071d467 rw  quiet
	echo	'Loading initial ramdisk ...'
	initrd	/boot/initramfs-linux-fallback.img
}

### END /etc/grub.d/10_linux ###

### BEGIN /etc/grub.d/20_linux_xen ###
### END /etc/grub.d/20_linux_xen ###

### BEGIN /etc/grub.d/20_memtest86+ ###
### END /etc/grub.d/20_memtest86+ ###

### BEGIN /etc/grub.d/30_os-prober ###
### END /etc/grub.d/30_os-prober ###

### BEGIN /etc/grub.d/40_custom ###
# This file provides an easy way to add custom menu entries.  Simply type the
# menu entries you want to add after this comment.  Be careful not to change
# the 'exec tail' line above.
### END /etc/grub.d/40_custom ###

### BEGIN /etc/grub.d/41_custom ###
if [ -f  ${config_directory}/custom.cfg ]; then
  source ${config_directory}/custom.cfg
elif [ -z "${config_directory}" -a -f  $prefix/custom.cfg ]; then
  source $prefix/custom.cfg;
fi
### END /etc/grub.d/41_custom ###

I have no idea where ad4103fa-d940-47ca-8506-301d8071d467 comes from, when I look at /dev/disk/by-uuid/ I don't see an entry for /dev/sdc (which is where the root device resides), the only id I could find is in /dev/disk/by-id:
http://tmp.hjts.nl/VirtualBox_test%20ar … _57_32.png
So that is what I used in my /etc/default/grub file, but again, that file does not seem to be used at all.

This is the error message I get from grub. Can anyone see what I'm doing wrong?
http://tmp.hjts.nl/VirtualBox_test%20ar … _19_36.png

Mod edit: replaced images with URLs. Please see the Code of Conduct regarding acceptable image sizes. -- WorMzy

Last edited by Hmail (2018-03-26 09:40:51)

Offline

#2 2018-03-24 11:41:33

Istym
Member
Registered: 2018-03-24
Posts: 1

Re: [SOLVED] Plain dm-crypt install fails on grub

Did you regenerate the main config file after making changes to /etc/default/grub? https://wiki.archlinux.org/index.php/GR … ation_file

Have you added the encrypt hook to mkinitcpio? https://wiki.archlinux.org/index.php/Dm … mkinitcpio

Last edited by Istym (2018-03-24 11:44:21)

Offline

#3 2018-03-24 17:13:04

frostschutz
Member
Registered: 2013-11-15
Posts: 1,474

Re: [SOLVED] Plain dm-crypt install fails on grub

For unfathomable reasons, the ArchLinux grub package contains a file /boot/grub/grub.cfg which is exactly the one you posted with ad4103fa-d940-47ca-8506-301d8071d467 UUID.

People end up installing this file, and then wonder why their system won't boot.

It should either not supply a grub.cfg at all or supply one that has a greeting message like "sorry pal, you forgot to generate your own grub config".

Something that lets people know what they forgot to do and not just run into a wall.

Offline

#4 2018-03-25 08:15:26

Hmail
Member
Registered: 2012-03-14
Posts: 14

Re: [SOLVED] Plain dm-crypt install fails on grub

Istym wrote:

Did you regenerate the main config file after making changes to /etc/default/grub? https://wiki.archlinux.org/index.php/GR … ation_file

Have you added the encrypt hook to mkinitcpio? https://wiki.archlinux.org/index.php/Dm … mkinitcpio

I have added the encrypt hook, from the wiki I added: keyboard, keymap, encrypt, and lvm2 to the HOOKS line.
I have played around a lot with generating the grub config, but no change I made to /etc/default/grub seemed to change anything to the grub.cfg file after calling grub-mkconfig.


frostschutz wrote:

For unfathomable reasons, the ArchLinux grub package contains a file /boot/grub/grub.cfg which is exactly the one you posted with ad4103fa-d940-47ca-8506-301d8071d467 UUID.

People end up installing this file, and then wonder why their system won't boot.

It should either not supply a grub.cfg at all or supply one that has a greeting message like "sorry pal, you forgot to generate your own grub config".

Something that lets people know what they forgot to do and not just run into a wall.

That is very odd. At least it makes a lot of sense where this uuid comes from, but still, I'm pretty sure I did run grub-mkconfig. I might have got the path wrong or something.... I will play around a bit with this later today and see if I can get further in the process. I'm fairly certain I got other error messages while playing with grub-mkconfig, but at least now I know where this one came from. Thanks for this explanation!

Last edited by Hmail (2018-03-25 08:15:54)

Offline

#5 2018-03-26 08:58:46

Hmail
Member
Registered: 2012-03-14
Posts: 14

Re: [SOLVED] Plain dm-crypt install fails on grub

Okay, I was 100% positive I had run grub-mkconfig, I just wasn't entirely sure if I had specified the correct path. I just ran the command and I got into the kernel. Now it looks like I specified the wrong configuration for the decryption, it says MyVol-root wasn't found and I'm dropped in an emergency shell, but at least I'm passed the initial grub steps. Thanks a lot guys!

I don't know how to mark this topic as solved, but probably a moderator can do that for me.

edit: it turned out the configuration I was using in my /etc/default/grub was missing the ":cryptlvm" part. I added that and now I am booted into a shell.

Last edited by Hmail (2018-03-26 09:44:29)

Offline

#6 2018-03-26 09:09:43

Slithery
Administrator
From: Norfolk, UK
Registered: 2013-12-01
Posts: 5,776

Re: [SOLVED] Plain dm-crypt install fails on grub


No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

Offline

Board footer

Powered by FluxBB