You are not logged in.
So like many others, I've set up my computer as the title suggests. A bit of info about it is as follows:
# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 111.8G 0 disk
|-sda1 8:1 0 511M 0 part /boot/efi
`-sda2 8:2 0 111.3G 0 part
`-cryptlvm-root 254:0 0 111.3G 0 crypt
`-ArchVolGroup-root 254:1 0 111.3G 0 lvm /
sdc 8:32 1 114.6G 0 disk
`-sdc1 8:33 1 114.6G 0 part
`-home 254:2 0 114.6G 0 crypt
`-ArchVolGroup-home 254:3 0 114.6G 0 lvm /home# blkid
/dev/sda1: SEC_TYPE="msdos" UUID="FFE2-09F4" TYPE="vfat" PARTUUID="755a20f8-674d-440d-9f4b-802674a0e97c"
/dev/sda2: UUID="69209d72-fbcd-422d-9a29-74bc78321521" TYPE="crypto_LUKS" PARTUUID="24d8e784-8cea-4f34-bc4f-e5cd273e406c"
/dev/sdc1: UUID="b10959a1-3f51-4b53-b6a6-7e04d7b6fc69" TYPE="crypto_LUKS" PARTUUID="f6a01b2a-1f54-44b0-88ed-1ad375506d80"
/dev/mapper/cryptlvm-root: UUID="3RmCUK-bbbB-uevY-EnhH-HlYl-qf9f-xjpqku" TYPE="LVM2_member"
/dev/mapper/ArchVolGroup-root: LABEL="Arch root" UUID="87ff13ce-eaba-4b75-a620-aeb4c6ab6a72" TYPE="ext4"
/dev/mapper/home: UUID="Awm4fR-mYZp-wnAw-8BqV-Ltup-KDvQ-UcEINo" TYPE="LVM2_member"
/dev/mapper/ArchVolGroup-home: LABEL="Arch home" UUID="89140d9e-4944-4727-a88c-b3705a1a0689" TYPE="ext4"# cat /etc/default/grub
# GRUB boot loader configuration
GRUB_DEFAULT=0
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="Arch"
GRUB_CMDLINE_LINUX_DEFAULT="quiet"
GRUB_CMDLINE_LINUX="cryptdevice=UUID=69209d72-fbcd-422d-9a29-74bc78321521:cryptlvm-root keyfile=/crypto_keyfile.bin "
# Preload both GPT and MBR modules so that they are not missed
GRUB_PRELOAD_MODULES="part_gpt part_msdos lvm"
# Uncomment to enable booting from LUKS encrypted devices
GRUB_ENABLE_CRYPTODISK=y
# Uncomment to enable Hidden Menu, and optionally hide the timeout count
#GRUB_HIDDEN_TIMEOUT=5
#GRUB_HIDDEN_TIMEOUT_QUIET=true
# Uncomment to use basic console
GRUB_TERMINAL_INPUT=console
# Uncomment to disable graphical terminal
#GRUB_TERMINAL_OUTPUT=console
# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command `vbeinfo'
GRUB_GFXMODE=auto
# Uncomment to allow the kernel use the same resolution used by grub
GRUB_GFXPAYLOAD_LINUX=keep
# Uncomment if you want GRUB to pass to the Linux kernel the old parameter
# format "root=/dev/xxx" instead of "root=/dev/disk/by-uuid/xxx"
#GRUB_DISABLE_LINUX_UUID=true
# Uncomment to disable generation of recovery mode menu entries
GRUB_DISABLE_RECOVERY=true
# Uncomment and set to the desired menu colors. Used by normal and wallpaper
# modes only. Entries specified as foreground/background.
#GRUB_COLOR_NORMAL="light-blue/black"
#GRUB_COLOR_HIGHLIGHT="light-cyan/blue"
# Uncomment one of them for the gfx desired, a image background or a gfxtheme
#GRUB_BACKGROUND="/path/to/wallpaper"
#GRUB_THEME="/path/to/gfxtheme"
# Uncomment to get a beep at GRUB start
#GRUB_INIT_TUNE="480 440 1"
# Uncomment to make GRUB remember the last selection. This requires to
# set 'GRUB_DEFAULT=saved' above.
#GRUB_SAVEDEFAULT="true"# cat /etc/mkinitcpio.conf
# vim:set ft=sh
# MODULES
# The following modules are loaded before any boot hooks are
# run. Advanced users may wish to specify all system modules
# in this array. For instance:
# MODULES=(piix ide_disk reiserfs)
MODULES=(vfat ext4)
# BINARIES
# This setting includes any additional binaries a given user may
# wish into the CPIO image. This is run last, so it may be used to
# override the actual binaries included by a given hook
# BINARIES are dependency parsed, so you may safely ignore libraries
BINARIES=()
# FILES
# This setting is similar to BINARIES above, however, files are added
# as-is and are not parsed in any way. This is useful for config files.
FILES=(/crypto_keyfile.bin)
# HOOKS
# This is the most important setting in this file. The HOOKS control the
# modules and scripts added to the image, and what happens at boot time.
# Order is important, and it is recommended that you do not change the
# order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for
# help on a given hook.
# 'base' is _required_ unless you know precisely what you are doing.
# 'udev' is _required_ in order to automatically load modules
# 'filesystems' is _required_ unless you specify your fs modules in MODULES
# Examples:
## This setup specifies all modules in the MODULES setting above.
## No raid, lvm2, or encrypted root is needed.
# HOOKS=(base)
#
## This setup will autodetect all modules for your system and should
## work as a sane default
# HOOKS=(base udev autodetect block filesystems)
#
## This setup will generate a 'full' image which supports most systems.
## No autodetection is done.
# HOOKS=(base udev block filesystems)
#
## This setup assembles a pata mdadm array with an encrypted root FS.
## Note: See 'mkinitcpio -H mdadm' for more information on raid devices.
# HOOKS=(base udev block mdadm encrypt filesystems)
#
## This setup loads an lvm2 volume group on a usb device.
# HOOKS=(base udev block lvm2 filesystems)
#
## NOTE: If you have /usr on a separate partition, you MUST include the
# usr, fsck and shutdown hooks.
HOOKS=(base udev autodetect keyboard keymap modconf block encrypt lvm2 filesystems fsck)
# COMPRESSION
# Use this to compress the initramfs image. By default, gzip compression
# is used. Use 'cat' to create an uncompressed image.
#COMPRESSION="gzip"
#COMPRESSION="bzip2"
#COMPRESSION="lzma"
#COMPRESSION="xz"
#COMPRESSION="lzop"
#COMPRESSION="lz4"
# COMPRESSION_OPTIONS
# Additional options for the compressor
#COMPRESSION_OPTIONS=()# cat /etc/mkinitcpio.conf
# vim:set ft=sh
# MODULES
# The following modules are loaded before any boot hooks are
# run. Advanced users may wish to specify all system modules
# in this array. For instance:
# MODULES=(piix ide_disk reiserfs)
MODULES=(vfat ext4)
# BINARIES
# This setting includes any additional binaries a given user may
# wish into the CPIO image. This is run last, so it may be used to
# override the actual binaries included by a given hook
# BINARIES are dependency parsed, so you may safely ignore libraries
BINARIES=()
# FILES
# This setting is similar to BINARIES above, however, files are added
# as-is and are not parsed in any way. This is useful for config files.
FILES=(/crypto_keyfile.bin)
# HOOKS
# This is the most important setting in this file. The HOOKS control the
# modules and scripts added to the image, and what happens at boot time.
# Order is important, and it is recommended that you do not change the
# order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for
# help on a given hook.
# 'base' is _required_ unless you know precisely what you are doing.
# 'udev' is _required_ in order to automatically load modules
# 'filesystems' is _required_ unless you specify your fs modules in MODULES
# Examples:
## This setup specifies all modules in the MODULES setting above.
## No raid, lvm2, or encrypted root is needed.
# HOOKS=(base)
#
## This setup will autodetect all modules for your system and should
## work as a sane default
# HOOKS=(base udev autodetect block filesystems)
#
## This setup will generate a 'full' image which supports most systems.
## No autodetection is done.
# HOOKS=(base udev block filesystems)
#
## This setup assembles a pata mdadm array with an encrypted root FS.
## Note: See 'mkinitcpio -H mdadm' for more information on raid devices.
# HOOKS=(base udev block mdadm encrypt filesystems)
#
## This setup loads an lvm2 volume group on a usb device.
# HOOKS=(base udev block lvm2 filesystems)
#
## NOTE: If you have /usr on a separate partition, you MUST include the
# usr, fsck and shutdown hooks.
HOOKS=(base udev autodetect keyboard keymap modconf block encrypt lvm2 filesystems fsck)
# COMPRESSION
# Use this to compress the initramfs image. By default, gzip compression
# is used. Use 'cat' to create an uncompressed image.
#COMPRESSION="gzip"
#COMPRESSION="bzip2"
#COMPRESSION="lzma"
#COMPRESSION="xz"
#COMPRESSION="lzop"
#COMPRESSION="lz4"
# COMPRESSION_OPTIONS
# Additional options for the compressor
#COMPRESSION_OPTIONS=()# ls -al /
total 4156
drwxr-xr-x 17 root root 4096 Aug 24 02:09 .
drwxr-xr-x 17 root root 4096 Aug 24 02:09 ..
lrwxrwxrwx 1 root root 7 Aug 21 10:21 bin -> usr/bin
drwxr-xr-x 4 root root 4096 Aug 24 02:10 boot
---------- 1 root root 4194304 Aug 24 02:09 crypto_keyfile.bin
drwxr-xr-x 22 root root 3440 Aug 24 02:42 dev
drwxr-xr-x 40 root root 4096 Aug 24 02:49 etc
drwxr-xr-x 3 root root 4096 Aug 24 02:04 home
lrwxrwxrwx 1 root root 7 Aug 21 10:21 lib -> usr/lib
lrwxrwxrwx 1 root root 7 Aug 21 10:21 lib64 -> usr/lib
drwx------ 2 root root 16384 Aug 24 02:04 lost+found
drwxr-xr-x 2 root root 4096 Aug 21 10:21 mnt
drwxr-xr-x 2 root root 4096 Aug 21 10:21 opt
dr-xr-xr-x 139 root root 0 Aug 24 02:42 proc
drwxr-x--- 5 root root 4096 Aug 24 02:50 root
drwxr-xr-x 18 root root 560 Aug 24 02:52 run
lrwxrwxrwx 1 root root 7 Aug 21 10:21 sbin -> usr/bin
drwxr-xr-x 4 root root 4096 Aug 24 02:08 srv
dr-xr-xr-x 13 root root 0 Aug 24 02:42 sys
drwxrwxrwt 7 root root 140 Aug 24 02:42 tmp
drwxr-xr-x 9 root root 4096 Aug 24 02:48 usr
drwxr-xr-x 12 root root 4096 Aug 24 02:12 varAdditionally, there are 4 references to:
cryptomount -u b10959a13f514b53b6a67e04d7b6fc69in /boot/grub/grub.cfg.
# pvs
/dev/sdb: open failed: No medium found
PV VG Fmt Attr PSize PFree
/dev/mapper/cryptlvm-root ArchVolGroup lvm2 a-- <111.29g 0
/dev/mapper/home ArchVolGroup lvm2 a-- 114.55g 0# vgs
VG #PV #LV #SN Attr VSize VFree
ArchVolGroup 2 2 0 wz--n- <225.84g 0 # lvs
LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert
home ArchVolGroup -wi-ao---- 114.55g
root ArchVolGroup -wi-ao---- <111.29gI created the physical volume on only the root device and extended to the home device.
In case it's not clear, the issue I'm getting is that grub prompts for a decryption password for both the root and home devices (sda2 & sdc1) on boot, before the grub menu appears. I have an identical config on another computer that I setup awhile back (which I've compared too many times), and grub only prompts me to decrypt the root partition on that machine (afterwards, the root partition is mounted and crypttab mounts the home partition). Both machines are running grub 2.0.2. Any ideas as to why I can't recreate the single-decryption only scenario on my current new machine?
Offline
The LVM volume group is on two different LUKS encrypted volumes so GRUB obviously needs to unlock both of them. Why are you even using LVM if you only have one logical volume in each encrypted volume?
Offline
I may need other partitions for something else like another OS or other data. What's odd to me is that my desktop has the same setup but only the password for the root volume is required to unlock the whole system. Any thoughts on how that's possible?
Offline
No idea why would it behave differently.
Compare /boot/grub/grub.cfg of both systems, maybe you'll some difference (besides the UUIDs).
Offline