Arch Linux

keeyan

Member

Registered: 2019-07-01

Posts: 20

[SOLVED] Installing Arch Linux with LUKS crashes at GRUB boot

I am reinstalling Arch Linux with full disk encryption and I am following the installation guide to set it up. When it comes to the part where you partition the disk I deviate in order to setup a LUKS partition.

I followed these steps instead:

# cryptsetup -y -v luksFormat /dev/nvme0n1p2
# cryptsetup open /dev/nvme0n1p2 cryptroot
# mkfs.ext4 /dev/mapper/cryptroot
# mount /dev/mapper/cryptroot /mnt

Then I follow along with the installation as per usual until I come to the mkinitcpio section. Before generating it I edit mkinitcpio.conf and add the "keyboard keymap" and "encrypt" hooks as shown in the dm-crypt/Encypting an entire partition page. I then continue as normal until I reach the BIOS setup steps. I pick GRUB and follow the GRUB instructions but add `cryptdevice=UUID=xxxxxxx:cryptroot root=/dev/mapper/cryptroot` to the end of GRUB_CMDLINE_LINUX_DEFAULT and regenerate the grub config. I then reboot the OS and expect it to boot normally. Instead it get's stuck at "Loading initial ramdisk ...".

I have tried starting over a couple of times but I still get stuck at the same place. I just started again without the LUKS steps and it works fine. So I must be doing something wrong with LUKS which is causing this issue.

I am using EFI boot and have the boot partition mounted to `/mnt/boot/` on the live disk and `/mnt` mounted to the file system I am installing to.

I have spent a long time trying to figure out what's wrong but everything I have tried so far has failed. Am I missing anything here?

Last edited by keeyan (2019-07-20 14:30:09)

JeanLucJ

Member

Registered: 2019-03-08

Posts: 59

Re: [SOLVED] Installing Arch Linux with LUKS crashes at GRUB boot

Hello,

Could you please provide your :
* /etc/mkinitcpio.conf
* /etc/default/grub
* output of 'lsblk -f'

And also the *exact* commands and outputs you have when you generate your initramfs & grub.cfg

It seems that almost all problems on this subjects boils down to a mistake in those files and commands.

[Edit] Rereading your post more carefully, I suspect you missed the lvm2 hook, still, all the inputs above may be usefull to diagnose your problem

Regards,

Last edited by JeanLucJ (2019-07-01 18:54:29)

keeyan

Member

Registered: 2019-07-01

Posts: 20

Re: [SOLVED] Installing Arch Linux with LUKS crashes at GRUB boot

Hi JeanLucJ, thanks for your reply,

Sorry for my later reply, I've been waiting for a chance to try again so I can record the steps and send you the files.

I haven't setup LVM. I am using plain LUKS so I don't believe that hook is necessary. Maybe I have misunderstanding what LVM is for. Nevertheless I tried adding that hook, then regenerating the cfg yet the same issue appears.

Here are the steps I followed from the moment I booted:

cryptsetup open --type plain -d /dev/urandom /dev/nvme0n1 to_be_wiped
dd if=/dev/zero of=/dev/mapper/to_be_wiped status=progress
cryptsetup close to_be_wiped
wifi-menu # Connect to my network
timedatectl set-ntp true
fdisk /dev/nvme0n1 # Create 2 partitions (EFI first and Linux second)
mkfs.fat -F32 /dev/nvme0n1p1
cryptsetup -y -v luksFormat /dev/nvme0n1p2
cryptsetup open /dev/nvme0n1p2 cryptroot
mkfs.ext4 /dev/mapper/cryptroot
mount /dev/mapper/cryptroot /mnt
mkdir /mnt/boot/
mount /dev/nvme0n1p1 /mnt/boot/
pacstrap /mnt base base-devel git wpa_supplicant dialog grub efibootmgr
genfstab -U /mnt >> /mnt/etc/fstab
arch-chroot /mnt
ln -sf /usr/share/zoneinfo/Europe/London /etc/localtime
hwclock --systohc
# Uncomment en_GB.UTF-8 UTF-8 and en_US.UTF-8 UTF-8
locale-gen
echo "LANG=en_GB.UTF-8" > /etc/locale.conf
echo "KEYMAP=uk" > /etc/vconsole.conf
echo "myhostname" > /etc/hostname
# Edit /etc/hosts as described in installation guide
# Add "keyboard" "keymap" and "encrypt" to /etc/mkinitcpio.conf (see below)
# Edit /etc/default/grub to include "cryptdevice=UUID=<device-UUID>:cryptroot root=/dev/mapper/cryptroot" in GRUB_CMDLINE_LINUX_DEFAULT. The UUID was found by running `ls -l /dev/disk/by-uuid/ | grep nvme0n1p2` and copying (not manually, with `>>` and vi) the UUID (see file below)
mkinitcpio -p linux
passwd # set password
grub-install --target=x86_64-efi --efi-directory=/boot/ --bootloader-id=GRUB
grub-mkconfig -o /boot/grub/grub.cfg
exit
umount -R /mnt
cryptsetup close cryptroot
shutdown -r now

I forgot to mention in my initial post that the shutdown fails. It gets stuck saying:

[ 7292.580479 ]reboot: Failed to start orderly shutdown: forcing the issue
[ 7292.581420 ] kvm: exiting hardware virualization
[ 7292.582974 ] Emergency sync complete

So I hold down the power button, remove the USB and boot into the new OS

Below are the files you requested:

/etc/default/grub

# GRUB boot loader configuration

GRUB_DEFAULT=0
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="Arch"
GRUB_CMDLINE_LINUX_DEFAULT="qulet cryptdevice=UUID=29b3cd1c-5e66-400a-bdd9-c4d5821df063:cryptroot root=/dev/mapper/cryptroot"
GRUB_CMDLINE_LINUX=""

# Preload both GPT and MBR modules so that they are not missed
GRUB_PRELOAD_MODULES="part_gpt part_msdos"

# Uncomment to enable booting from LUKS encrypted devices
#GRUB_ENABLE_CRYPTODISK=y

# Uncomment to enable Hidden Menu, and optionally hide the timeout count
#GRUB_HIDDEN_TIMEOUT=5
#GRUB_HIDDEN_TIMEOUT_QUIET=true

# Uncomment to use basic console
GRUB_TERMINAL_INPUT=console

# Uncomment to disable graphical terminal
#GRUB_TERMINAL_OUTPUT=console

# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command `vbeinfo'
GRUB_GFXMODE=auto

# Uncomment to allow the kernel use the same resolution used by grub
GRUB_GFXPAYLOAD_LINUX=keep

# Uncomment if you want GRUB to pass to the Linux kernel the old parameter
# format "root=/dev/xxx" instead of "root=/dev/disk/by-uuid/xxx"
#GRUB_DISABLE_LINUX_UUID=true

# Uncomment to disable generation of recovery mode menu entries
GRUB_DISABLE_RECOVERY=true

# Uncomment and set to the desired menu colors.  Used by normal and wallpaper
# modes only.  Entries specified as foreground/background.
#GRUB_COLOR_NORMAL="light-blue/black"
#GRUB_COLOR_HIGHLIGHT="light-cyan/blue"

# Uncomment one of them for the gfx desired, a image background or a gfxtheme
#GRUB_BACKGROUND="/path/to/wallpaper"
#GRUB_THEME="/path/to/gfxtheme"

# Uncomment to get a beep at GRUB start
#GRUB_INIT_TUNE="480 440 1"

# Uncomment to make GRUB remember the last selection. This requires to
# set 'GRUB_DEFAULT=saved' above.
#GRUB_SAVEDEFAULT="true"

/etc/mkinitcpio.conf

# vim:set ft=sh
# MODULES
# The following modules are loaded before any boot hooks are
# run.  Advanced users may wish to specify all system modules
# in this array.  For instance:
#     MODULES=(piix ide_disk reiserfs)
MODULES=()

# BINARIES
# This setting includes any additional binaries a given user may
# wish into the CPIO image.  This is run last, so it may be used to
# override the actual binaries included by a given hook
# BINARIES are dependency parsed, so you may safely ignore libraries
BINARIES=()

# FILES
# This setting is similar to BINARIES above, however, files are added
# as-is and are not parsed in any way.  This is useful for config files.
FILES=()

# HOOKS
# This is the most important setting in this file.  The HOOKS control the
# modules and scripts added to the image, and what happens at boot time.
# Order is important, and it is recommended that you do not change the
# order in which HOOKS are added.  Run 'mkinitcpio -H <hook name>' for
# help on a given hook.
# 'base' is _required_ unless you know precisely what you are doing.
# 'udev' is _required_ in order to automatically load modules
# 'filesystems' is _required_ unless you specify your fs modules in MODULES
# Examples:
##   This setup specifies all modules in the MODULES setting above.
##   No raid, lvm2, or encrypted root is needed.
#    HOOKS=(base)
#
##   This setup will autodetect all modules for your system and should
##   work as a sane default
#    HOOKS=(base udev autodetect block filesystems)
#
##   This setup will generate a 'full' image which supports most systems.
##   No autodetection is done.
#    HOOKS=(base udev block filesystems)
#
##   This setup assembles a pata mdadm array with an encrypted root FS.
##   Note: See 'mkinitcpio -H mdadm' for more information on raid devices.
#    HOOKS=(base udev block mdadm encrypt filesystems)
#
##   This setup loads an lvm2 volume group on a usb device.
#    HOOKS=(base udev block lvm2 filesystems)
#
##   NOTE: If you have /usr on a separate partition, you MUST include the
#    usr, fsck and shutdown hooks.
HOOKS=(base udev autodetect keyboard keymap modconf block encrypt filesystems keyboard fsck)

# COMPRESSION
# Use this to compress the initramfs image. By default, gzip compression
# is used. Use 'cat' to create an uncompressed image.
#COMPRESSION="gzip"
#COMPRESSION="bzip2"
#COMPRESSION="lzma"
#COMPRESSION="xz"
#COMPRESSION="lzop"
#COMPRESSION="lz4"

# COMPRESSION_OPTIONS
# Additional options for the compressor
#COMPRESSION_OPTIONS=()

Thanks again for your help.

Last edited by keeyan (2019-07-06 16:56:33)

2ManyDogs

Forum Fellow

Registered: 2012-01-15

Posts: 4,646

Re: [SOLVED] Installing Arch Linux with LUKS crashes at GRUB boot

Please edit your post and use [ code ] tags when posting output.

https://wiki.archlinux.org/index.php/Co … s_and_code
https://bbs.archlinux.org/help.php#bbcode

keeyan

Member

Registered: 2019-07-01

Posts: 20

Re: [SOLVED] Installing Arch Linux with LUKS crashes at GRUB boot

2ManyDogs, done

Okay I'm not going to mark this as "SOLVED" since I don't consider this a fix but it is a workaround for the issue.

I installed rEFInd and passed in the same kernel parameters which I was passing into GRUB and now it boots as expected.

I'm not sure why this is, and I would like to know but at least I can get my computer booting now (and it's properly encrypted)

JeanLucJ

Member

Registered: 2019-03-08

Posts: 59

Re: [SOLVED] Installing Arch Linux with LUKS crashes at GRUB boot

Hello,

The first thing I would try would be to uncomment

#GRUB_ENABLE_CRYPTODISK=y

from your /etc/default/grub and regenerate you grub.

The rest seems correct - I have not checked everything (UUID, ...) in depth, though -

Regards,

keeyan

Member

Registered: 2019-07-01

Posts: 20

Re: [SOLVED] Installing Arch Linux with LUKS crashes at GRUB boot

From my understanding that line is only for if you have an encrypted boot partition which I don't.

Still just to make sure I tried that as well and it didn't seem to make a difference

JeanLucJ

Member

Registered: 2019-03-08

Posts: 59

Re: [SOLVED] Installing Arch Linux with LUKS crashes at GRUB boot

From my understanding that line is only for if you have an encrypted boot partition which I don't.

Still just to make sure I tried that as well and it didn't seem to make a difference

This is necessary if you have an encrypted root (not boot) partition, which you have judding by :

root=/dev/mapper/cryptroot

Did you rerun grub-mkconfig?
Also, even if it works with an EFI entry, which suggests your partitions are correct, can you please provide the output of 'lsblk -f' ?
Finally, can you please provide the output of efibootmgr -v ?

Last edited by JeanLucJ (2019-07-12 05:36:30)

keeyan

Member

Registered: 2019-07-01

Posts: 20

Re: [SOLVED] Installing Arch Linux with LUKS crashes at GRUB boot

Here is my `lsblk -f` when running from a fully booted system. I'll :

$ lsblk -f
NAME          FSTYPE      LABEL UUID                                 FSAVAIL FSUSE% MOUNTPOINT
sda                                                                                 
└─sda1        ext4              c8e556cf-e771-44d6-a76d-50274b63905d                
nvme0n1                                                                             
├─nvme0n1p1   vfat              5E9A-705B                             428.8M    16% /boot
└─nvme0n1p2   crypto_LUKS       29b3cd1c-5e66-400a-bdd9-c4d5821df063                
  └─cryptroot ext4              a023a442-9a7a-4a89-9cde-6dd75f11148b  138.7G    35% /

And here is the `efibootmgr -v`

$ efibootmgr -v
BootCurrent: 0012
Timeout: 0 seconds
BootOrder: 0011,0012,000E,000A,000B,000D,000C,0010,0000,0001,0002,0003,0004,0005,0006,0007,0008,0009,000F
Boot0000  Startup Menu	FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9d8243e8-8381-453d-aceb-c350ee7757ca)....ISPH
Boot0001  System Information	FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9d8243e8-8381-453d-aceb-c350ee7757ca)......ISPH
Boot0002  Bios Setup	FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9d8243e8-8381-453d-aceb-c350ee7757ca)......ISPH
Boot0003  3rd Party Option ROM Management	FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9d8243e8-8381-453d-aceb-c350ee7757ca)......ISPH
Boot0004  System Diagnostics	FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9d8243e8-8381-453d-aceb-c350ee7757ca)......ISPH
Boot0005  System Diagnostics	FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9d8243e8-8381-453d-aceb-c350ee7757ca)......ISPH
Boot0006  System Diagnostics	FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9d8243e8-8381-453d-aceb-c350ee7757ca)......ISPH
Boot0007  System Diagnostics	FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9d8243e8-8381-453d-aceb-c350ee7757ca)......ISPH
Boot0008  Boot Menu	FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9d8243e8-8381-453d-aceb-c350ee7757ca)......ISPH
Boot0009  HP Recovery	FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9d8243e8-8381-453d-aceb-c350ee7757ca)......ISPH
Boot000A* HGST HTS721010A9E630 	PciRoot(0x0)/Pci(0x17,0x0)/Sata(3,0,0)N.....YM....R,Y.....ISPH
Boot000B  USB:  	BBS(65535,,0x0)/PciRoot(0x0)/Pci(0x14,0x0)......ISPH
Boot000C* HGST HTS721010A9E630 	BBS(HD,HGST HTS721010A9E630 ,0x400)/PciRoot(0x0)/Pci(0x17,0x0)/Sata(3,0,0)......ISPH
Boot000D* SAMSUNG MZVLW256HEHP-000H1-S340NX0K146271	BBS(HD,SAMSUNG MZVLW256HEHP-000H1-S340NX0K146271,0x400)/PciRoot(0x0)/Pci(0x1b,0x0)/Pci(0x0,0x0)/NVMe(0x1,00-25-38-B1-81-BA-42-5E)......ISPH
Boot000E  USB:  	PciRoot(0x0)/Pci(0x14,0x0)N.....YM....R,Y.....ISPH
Boot000F  Network Boot	FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9d8243e8-8381-453d-aceb-c350ee7757ca)......ISPH
Boot0010* Intel Corporation: IBA CL Slot 00FE v0112	BBS(Network,Intel Corporation: IBA CL Slot 00FE v0112,0x0)/PciRoot(0x0)/Pci(0x1f,0x6)/IPv4(0.0.0.00.0.0.0,0,0)......ISPH
Boot0011* GRUB	HD(1,MBR,0xe7f5f514,0x800,0x100000)/File(\EFI\GRUB\grubx64.efi)
Boot0012* rEFInd Boot Manager	HD(1,MBR,0xe7f5f514,0x800,0x100000)/File(\EFI\refind\refind_x64.efi)
Boot0013* IPV4 Network - Intel(R) Ethernet Connection (2) I219-LM	PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b4b686935ebf,0)/IPv4(0.0.0.00.0.0.0,0,0)N.....YM....R,Y.....ISPH

I'll try booting again with grub and then I'll post any differences when I'm in a live boot mode.

keeyan

Member

Registered: 2019-07-01

Posts: 20

Re: [SOLVED] Installing Arch Linux with LUKS crashes at GRUB boot

Okay, I'll mark this as solved now because it seems like I can boot correctly even through grub.

So I re-installed grub and ran the various install/config commands and now it is booting fine.With or without GRUB_ENABLE_CRYPTODISK.

So I don't know what was wrong. Maybe rEFInd fixed something in the setup. I'm not sure.

Either way thanks guys for the help with everything.