You are not logged in.

Pages: 1

#1 2019-12-28 13:12:17

funkaddict
Member
Registered: 2018-08-13
Posts: 106

[SOLVED] Correct loader entries for systemd-boot with dm-crypt

I am seeking some advice as I got pretty confused by setting up systemd-boot corretly to start Arch from a dm-crypt luks-encrypted partition.

A short overview:

1. Win10 was installed previously on the machine, the efi partition was created by Win on nvme0n1p2
2. I have set up a dm-crypt container on nvme0n1p6 where Arch was installed into
3. I have written two systemd-boot config files for arch and arch-fallback

boot/loader/entries/arch.conf

title Arch Linux
linux /vmllinuz-linux
initrd /intel-ucode.img
initrd /initramfs-linux.img
options luks.uuid=fe4a2de3-6dc1-4e79-9f47-9d915af686fde luks.name=fe4a2de3-6dc1-4e79-9f47-9d915af686fde=cryptroot root=b1ec0884-a70c-44d4-8a38-344c8a233d37

boot/loader/entries/arch-fallback.conf

title Arch Linux
linux /vmllinuz-linux
initrd /intel-ucode.img
initrd /initramfs-linux-fallback.img
options luks.uuid=fe4a2de3-6dc1-4e79-9f47-9d915af686fde luks.name=fe4a2de3-6dc1-4e79-9f47-9d915af686fde=cryptroot root=b1ec0884-a70c-44d4-8a38-344c8a233d37

When chosing Arch Linux in the systemd-boot generated menu. I receive an error,:

ERROR: device UUID='b1ec0884-a70c-44d4-8a38-344c8a233d37´ not found. Skipping fsck.
: :  mounting  'UUID=b1ec0884-a70c-44d4-8a38-344c8a233d37´ on real root
mount: /new_root: no filesystem type specified.
You are now being dropped into an emergency shell.

I did the loader entries according to this thread in the forum.
UUID=b1ec0884-a70c-44d4-8a38-344c8a233d37 was distinguished by the entry in the /etc/fstab when beeing chrooted into the install. From my understanding this is the UUID of the partition inside the luks-container which has to be stated for the root UUID in the loader entries. But it seems that I am wrong.

Could one please give some advice regarding the correct syntax and order with regard to the options line?

Last edited by funkaddict (2020-01-13 21:37:22)

Offline

#2 2019-12-28 13:54:35

CarbonChauvinist
Member
Registered: 2012-06-16
Posts: 413
Website

Re: [SOLVED] Correct loader entries for systemd-boot with dm-crypt

Post the outputs of 

$ lsblk -f

and 

$ bootctl

so we can see what the layout of your disks/partitions and status of systemd-boot are. Also post your mkinitcpio.conf too, just in case 

$ grep ^[^#] /etc/mkinitcpio.conf

"the wind-blown way, wanna win? don't play"

Offline

#3 2019-12-28 15:30:53

funkaddict
Member
Registered: 2018-08-13
Posts: 106

Re: [SOLVED] Correct loader entries for systemd-boot with dm-crypt

Please find the outputs below.

CarbonChauvinist wrote:

Post the outputs of 

$ lsblk -f

# lsblk -f

NAME                  FSTYPE                 LABEL                 UUID                                     FSAVAIL             FSUSE%                 MOUNTPOINT
loop0                  squashfs                                                                                       0                        100%                      /run/archiso/sfs/airootfs
nvme0n1
-nvme0n1p1      ntfs                        Recovery             7CAEAC6EAEAC231E
-nvme0n1p2      vfat                                                    88ac-F447                           24M                    75%
-nvme0n1p3
-nvme0n1p4     ntfs                                                     0420C0E420C0DE34
-nvme0n1p5
-nvme0n1p6     crypto_LUKS                                        fe4a2de3-6dc1-4e79-9f47-9d915af68fde


CarbonChauvinist wrote:

and 

$ bootctl

so we can see what the layout of your disks/partitions and status of systemd-boot are.

# bootctl
System:
 Firmware: UEFI 2.70 (American Megatrends 5.13)
 Secure Boot: disabled
 Setup Mode: user
 
Current Boot Loader:
 Product: systemd-boot 243.162-2-arch
 .
.
.
Available Boot Loaders on ESP:
ESP: /boot (/dev/disk/by-partuid/1062495-11b4-42ad-94b8-1045f89457f9)
File: -/EFI/systemd/systemd-bootx64.efi (systemd-boot 244.1-1-arch)
File: -/EFI/BOOT/bootx64.efi (systemd-boot 244.1.1-arch)

Boot Loaders Listed in EFI Variables:
Title: Linux Boot Manager
ID: 0x0002
Status: active, boot-order
Partition: /dev/disk/by-partuuid/10624925-11b4-42ad-94b8-1045f89457f9
File: -/EFI/SYSTEMD/SYSTEMD-BOOTX64.EFI

Title: Windows Boot Manager
ID: 0x0000
Status: active, boot-order
Partition: /dev/disk/by-partuuid/10624925-11b4-42ad-94b8-1045f89457f9
File: -/EFI/MICROSOFT/BOOT/BOOTMGFW.EFI

Boot Loader Entries:
$BOOT: /boot (/dev/disk/by-partuuid/10624925-11b4-42ad-94b8-1045f89457f9

Default Boot Loader Entry:
titile: Arch Linux
id: arch
source: /boot/loader/entries/arch.conf
linux: /vmlinuz-linux
initrd: /intel-ucode.img
         /initramfs-linux.img
options luks.uuid=fe4a2de3-6dc1-4e79-9f47-9d915af686fde luks.name=fe4a2de3-6dc1-4e79-9f47-9d915af686fde=cryptroot root=b1ec0884-a70c-44d4-8a38-344c8a233d37 rw
CarbonChauvinist wrote:

Also post your mkinitcpio.conf too, just in case 

$ grep ^[^#] /etc/mkinitcpio.conf

For this I guess, I have to chroot into the existing installation, correct?

Offline

#4 2019-12-28 16:00:14

CarbonChauvinist
Member
Registered: 2012-06-16
Posts: 413
Website

Re: [SOLVED] Correct loader entries for systemd-boot with dm-crypt

According to the wiki, you should be referencing a /dev/mapper name for your "root=", i.e."root=/dev/mapper/my-crypt-root"

funkaddict wrote:

For this I guess, I have to chroot into the existing installation, correct?

Not necessarily, if you're in the liveiso and have already mounted the install disk to /mnt, you can just change the file to the one mounted, i.e:

$ grep ^[^#] /mnt/etc/mkinitcpio.conf

"the wind-blown way, wanna win? don't play"

Offline

#5 2019-12-28 17:55:44

funkaddict
Member
Registered: 2018-08-13
Posts: 106

Re: [SOLVED] Correct loader entries for systemd-boot with dm-crypt

CarbonChauvinist wrote:

According to the wiki, you should be referencing a /dev/mapper name for your "root=", i.e."root=/dev/mapper/my-crypt-root"

I agree I have changed the line accordingly to "root=/dev/mapper/cryptroot". Unfortunately this didn´t solve the issue.

However, when reading again the Wiki I have seen that I have forgotten to configure mkinitcpio.
I have mounted the encrypted file system and changed the /etc/mkinitcpio.conf. I have added systemd, sd-vconsole, and sd-encrypt

As the error persists, I looked again and learned that, it couldnt'b changed that easy. So my assumption is that I have to chroot into the installation to change the mkinitcpio.conf and run "mkinitcpio -p linux". However, I got stuck here as I got the prompt that /proc isn't mounted. I got a little confused due to the luks-container to be mounted and decrypted, that I also have to mount the other relevant sections.

EDIT: I used the the chroot-script and routed into the decrypted container with the respective installed fs:

# arch-chroot /mnt

When running "mkinitcpio -p linux", it says that the specified kernel image does not exist: `boot/initramfs-linux.img'

Do I have to mount the efi partition as well?  Where do I have to mount it?

Edit: Solved after mounting /dev/nvme0n1p2 (EPS) to /boot in the chrooted system. It didn't work before, because I supposly somehow got lost in the matrix.

Thanks CarbonChauvinist for help and advises.

Last edited by funkaddict (2019-12-28 19:43:20)

Offline

#6 2019-12-28 21:46:50

CarbonChauvinist
Member
Registered: 2012-06-16
Posts: 413
Website

Re: [SOLVED] Correct loader entries for systemd-boot with dm-crypt

Nice, good on you for working it out with the wiki. Don't forget to edit your first post and prepend title with [SOLVED] if you're satisfied at this point. Cheers.

"the wind-blown way, wanna win? don't play"

Offline

Pages: 1

Board footer

Powered by FluxBB