You are not logged in.

#1 2019-05-03 17:37:38

soripants
Member
Registered: 2019-05-03
Posts: 5

LUKS on LVM - single encrypted root partition - kernel not found

Hello,

I'm attempting to add another encrypted arch install for work to my existing LVM partition - I have linux/home, linux/root, and linux/swap- and now I'm adding linux/work. I can get it encrypted just fine, and then I can get it installed- but I'm having a hell of a time getting it to boot with a new boot menu.

I've been following this guide here: https://wiki.archlinux.org/index.php/Dm … UKS_on_LVM - and trying to modify it for my needs. Here are my Hooks:

HOOKS=(base udev autodetect keyboard keymap modconf block lvm2 encrypt filesystems fsck)

If I add "cryptdevice=(/dev/linux/work UUID):root root=/dev/mapper/root" to /etc/defaults/grub kernel perimeters my main install doesn't boot (blank screen.) I seem to be able to reproduce that specific thing in my menu entry but it still doesn't boot. Here's my menu entry for this:

menuentry 'Arch Linux - Work' --class arch --class gnu-linux --class gnu --class os {
	load_video
	set gfxpayload=keep
	insmod gzio
	insmod ext2
	if [ x$feature_platform_search_hint = xy ]; then
	  search --no-floppy --fs-uuid --set=root --hint-ieee1275='ieee1275//disk@0,gpt1' --hint-bios=hd0,gpt1 --hint-efi=hd0,gpt1 --hint-baremetal=ahci0,gpt1  EC87-E2F1
	else
	  search --no-floppy --fs-uuid --set=root EC87-E2F1
	fi
	linux	/vmlinuz-linux-work cryptdevice=UUID=ab4e9982-2f9d-43c1-9861-9ab5f4817bc4:root root=/dev/mapper/root rw quiet
	initrd	/initramfs-linux-work.img
}

And for reference, here's my blkid with the partition open:

/dev/sda1: UUID="EC87-E2F1" TYPE="vfat" PARTUUID="14a65227-f427-ab44-836b-19f7507115f0"
/dev/sda2: UUID="ESipwX-K51U-adxv-eRbs-dqsb-cFqf-X3jF3A" TYPE="LVM2_member" PARTUUID="83dfe0c7-ff86-4d42-91a0-eec85fee8c4c"
/dev/mapper/linux-root: UUID="1481cf6f-8e8d-4fdd-b93f-6114fa6cda79" TYPE="ext4"
/dev/mapper/linux-home: UUID="27e12b69-0075-4dc1-a436-918a50f5f06d" TYPE="ext4"
/dev/mapper/linux-work: UUID="ab4e9982-2f9d-43c1-9861-9ab5f4817bc4" TYPE="crypto_LUKS"
/dev/mapper/root: UUID="d790b559-279f-4442-a27d-0b67ac4ab1f2" TYPE="ext4"

Adding the cryptdevice kernel parameter ends up causing a black screen on boot in both cases, so I've added it to my "linux" line in the menu entry.  I've generated separate kernels using mkinitcpio with arch-chroot logged into the new encrypted system on the old one. I'm not sure where this is going wrong - I just get a blank screen when crypt tries to unlock the device.

Last edited by soripants (2019-05-03 18:05:18)

Offline

#2 2019-05-04 09:29:11

JayDoe
Member
Registered: 2014-09-20
Posts: 27

Re: LUKS on LVM - single encrypted root partition - kernel not found

I think this line should look like this:

linux    /vmlinuz-linux-work cryptdevice=UUID=ab4e9982-2f9d-43c1-9861-9ab5f4817bc4:root root=/dev/mapper/linux-root rw quiet

.

Offline

#3 2019-05-04 18:48:17

soripants
Member
Registered: 2019-05-03
Posts: 5

Re: LUKS on LVM - single encrypted root partition - kernel not found

JayDoe wrote:

I think this line should look like this:

linux    /vmlinuz-linux-work cryptdevice=UUID=ab4e9982-2f9d-43c1-9861-9ab5f4817bc4:root root=/dev/mapper/linux-root rw quiet

.

/dev/mapper/root is what the line cryptdevice=UUID=ab4e9982-2f9d-43c1-9861-9ab5f4817bc4:root sets it up as, right?

Offline

#4 2019-05-04 19:26:42

r0b0t
Member
From: /tmp
Registered: 2009-05-24
Posts: 505

Re: LUKS on LVM - single encrypted root partition - kernel not found

Is there any point on encrypting only one partition...?

Offline

#5 2019-05-04 20:18:08

soripants
Member
Registered: 2019-05-03
Posts: 5

Re: LUKS on LVM - single encrypted root partition - kernel not found

r0b0t wrote:

Is there any point on encrypting only one partition...?

Work needs to have a separate encryption than personal and it needs to be on the same machine.

Offline

#6 2019-05-04 21:13:24

JayDoe
Member
Registered: 2014-09-20
Posts: 27

Re: LUKS on LVM - single encrypted root partition - kernel not found

soripants wrote:

/dev/mapper/root is what the line cryptdevice=UUID=ab4e9982-2f9d-43c1-9861-9ab5f4817bc4:root sets it up as, right?

Maybe I misunderstood you... is /dev/mapper/linux-work: UUID="ab4e9982-2f9d-43c1-9861-9ab5f4817bc4" TYPE="crypto_LUKS" a root partition with a separate "work" linux installation on it?

If "linux-work"points to your root directory, then the command in grub should be (afaik)

root=/dev/mapper/linux-work

because that's were your root filesystem is:

/dev/sda1: UUID="EC87-E2F1" TYPE="vfat" PARTUUID="14a65227-f427-ab44-836b-19f7507115f0"
/dev/sda2: UUID="ESipwX-K51U-adxv-eRbs-dqsb-cFqf-X3jF3A" TYPE="LVM2_member" PARTUUID="83dfe0c7-ff86-4d42-91a0-eec85fee8c4c"
/dev/mapper/linux-root: UUID="1481cf6f-8e8d-4fdd-b93f-6114fa6cda79" TYPE="ext4"
/dev/mapper/linux-home: UUID="27e12b69-0075-4dc1-a436-918a50f5f06d" TYPE="ext4"
/dev/mapper/linux-work: UUID="ab4e9982-2f9d-43c1-9861-9ab5f4817bc4" TYPE="crypto_LUKS"
/dev/mapper/root: UUID="d790b559-279f-4442-a27d-0b67ac4ab1f2" TYPE="ext4"

For your other linux installation it should be then

root=/dev/mapper/linux-root

See also https://www.gnu.org/software/grub/manua … .html#root



Maybe just try it...

Offline

#7 2019-05-05 01:23:59

soripants
Member
Registered: 2019-05-03
Posts: 5

Re: LUKS on LVM - single encrypted root partition - kernel not found

JayDoe wrote:
soripants wrote:

/dev/mapper/root is what the line cryptdevice=UUID=ab4e9982-2f9d-43c1-9861-9ab5f4817bc4:root sets it up as, right?

Maybe I misunderstood you... is /dev/mapper/linux-work: UUID="ab4e9982-2f9d-43c1-9861-9ab5f4817bc4" TYPE="crypto_LUKS" a root partition with a separate "work" linux installation on it?

If "linux-work"points to your root directory, then the command in grub should be (afaik)

root=/dev/mapper/linux-work

because that's were your root filesystem is:

/dev/sda1: UUID="EC87-E2F1" TYPE="vfat" PARTUUID="14a65227-f427-ab44-836b-19f7507115f0"
/dev/sda2: UUID="ESipwX-K51U-adxv-eRbs-dqsb-cFqf-X3jF3A" TYPE="LVM2_member" PARTUUID="83dfe0c7-ff86-4d42-91a0-eec85fee8c4c"
/dev/mapper/linux-root: UUID="1481cf6f-8e8d-4fdd-b93f-6114fa6cda79" TYPE="ext4"
/dev/mapper/linux-home: UUID="27e12b69-0075-4dc1-a436-918a50f5f06d" TYPE="ext4"
/dev/mapper/linux-work: UUID="ab4e9982-2f9d-43c1-9861-9ab5f4817bc4" TYPE="crypto_LUKS"
/dev/mapper/root: UUID="d790b559-279f-4442-a27d-0b67ac4ab1f2" TYPE="ext4"

For your other linux installation it should be then

root=/dev/mapper/linux-root

See also https://www.gnu.org/software/grub/manua … .html#root



Maybe just try it...


I tried it - so to explain "/dev/mapper/root" IS /dev/mapper/linux-work when it is unlocked. It's what you access after you unlock /dev/mapper/linux-work with "cryptsetup open /dev/mapper/linux-work root."

The line "cryptdevice=UUID=ab4e9982-2f9d-43c1-9861-9ab5f4817bc4:root" is supposed to be doing this, and it doesn't work in either kernel parameters or in the menu entry, where I have it now.

Offline

#8 2019-05-06 22:09:05

soripants
Member
Registered: 2019-05-03
Posts: 5

Re: LUKS on LVM - single encrypted root partition - kernel not found

Abandoning this attempt, probably something to do with my laptop hardware. Will run in a VM instead.

Offline

#9 2019-05-06 23:09:37

2ManyDogs
Forum Moderator
Registered: 2012-01-15
Posts: 4,645

Re: LUKS on LVM - single encrypted root partition - kernel not found

Closing this abandoned topic.


How to post. A sincere effort to use modest and proper language and grammar is a sign of respect toward the community.

Online

Board footer

Powered by FluxBB