You are not logged in.
Solved, see here
I bought a new SSD so I wanted to install Arch Linux with full disk encryption. In simple words, I wanted to use BTRFS with subvolumes inside LUKS, boot with system-boot with a unified kernel images, dualbooting with Windows 10, and enable secure boot. When I finished the Arch Linux install and rebooted I had this error:
:: running early hook [udev]
starting version 250.4-2-arch
:: runing hook [udev]
:: Triggering uevents...
:: runing hook [encrypt]
ERROR: device '' not found. Skipping fsck.
:: mounting '' on real root
mount: /new_root: no filesystem type specified.
You are now being dropped into an emergency shell.
sh: can't acces tty; job control turned off
[rootfs]#
I can access the encrypted partition and see al the files of the instalation without problems, opening it with:
# cryptsetup open /dev/sda4 root
And mounting the subvolume with:
# mount -o compress=zstd,subvol=@ /dev/mapper/root /mnt
Windows 10 and systemd-boot works without problems.
I based my install from the instalation guide from the Arch Wiki. For the disk encryption with LUKS and BTRFS subvolumes, I follewed this article with some differences. I didn't make a swap partition, instead a subvolume with a swapfile; and used systemd-boot instanead of GRUB2. So I only made one partition in LUKS.
/dev/sda
├─sda1 ESP
├─sda2 16MB Windows reserved partition
├─sda3 Windows 10
└─sda4 LUKS
I created the partition with fdisk and formated it using:
# cryptsetup luksFormat /dev/sda4
For the btrfs partitions and sobvolumes I used this layout like the previous mencioned article says but using an extra @swap subvolumes for the swapfile
subvol
├─@
├─@home
├─@snapshots
├─@pacman_pkg
├─@var_abs
├─@var_tmp
├─@srv
└─@swap
Mounted with:
# mount -o compress=zstd,subvol=@ /dev/mapper/root /mnt
In mkinitcpio I added this configuration:
MODULES=(hid_generic ohci_pci usbhid)
HOOKS=(base udev autodetect modconf block filesystems keyboard fsck encrypt)
My linux-zen.preset based in this article is:
# mkinitcpio preset file for the 'linux-zen' package
ALL_config="/etc/mkinitcpio.conf"
ALL_kver="/boot/vmlinuz-linux-zen"
ALL_microcode=(/boot/intel-ucode.img)
PRESETS=('default' 'fallback')
#default_config="/etc/mkinitcpio.conf"
default_image="/boot/initramfs-linux-zen.img"
default_efi_image="/efi/EFI/Linux/archlinux-linux-zen.efi"
default_options="--splash /usr/share/systemd/bootctl/splash-arch.bmp"
#fallback_config="/etc/mkinitcpio.conf"
fallback_image="/boot/initramfs-linux-zen-fallback.img"
fallback_efi_image="/efi/EFI/Linux/archlinux-linux-zen-fallback.efi"
fallback_options="-S autodetect --splash /usr/share/systemd/bootctl/splash-arch.bmp"
In /boot I have:
initramfs-linux-zen.img initramfs-linux-zen-fallback.img intel-ucode.img vmlinuz-linux-zen
In /efi/EFI/Linux:
archlinux-linux-zen.efi archlinux-linux-zen-fallback.efi
My fstab is:
# Static information about the filesystems.
# See fstab(5) for details.
# <file system> <dir> <type> <options> <dump> <pass>
# /dev/mapper/root LABEL=root
UUID=95ba47aa-d1f5-43b2-b866-4a531d7c5512 / btrfs rw,relatime,compress=zstd:3,ssd,space_cache=v2,subvolid=256,subvol=/@ 0 0
# /dev/sda1
UUID=F05F-0D7D /efi vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro 0 2
# /dev/mapper/root LABEL=root
UUID=95ba47aa-d1f5-43b2-b866-4a531d7c5512 /home btrfs rw,relatime,compress=zstd:3,ssd,space_cache=v2,subvolid=257,subvol=/@home 0 0
# /dev/mapper/root LABEL=root
UUID=95ba47aa-d1f5-43b2-b866-4a531d7c5512 /srv btrfs rw,relatime,compress=zstd:3,ssd,space_cache=v2,subvolid=264,subvol=/@srv 0 0
# /dev/mapper/root LABEL=root
UUID=95ba47aa-d1f5-43b2-b866-4a531d7c5512 /var/tmp btrfs rw,relatime,compress=zstd:3,ssd,space_cache=v2,subvolid=263,subvol=/@var_tmp 0 0
# /dev/mapper/root LABEL=root
UUID=95ba47aa-d1f5-43b2-b866-4a531d7c5512 /var/abs btrfs rw,relatime,compress=zstd:3,ssd,space_cache=v2,subvolid=262,subvol=/@var_abs 0 0
# /dev/mapper/root LABEL=root
UUID=95ba47aa-d1f5-43b2-b866-4a531d7c5512 /var/cache/pacman/pkg btrfs rw,relatime,compress=zstd:3,ssd,space_cache=v2,subvolid=261,subvol=/@pacman_pkg 0 0
# /dev/mapper/root LABEL=root
UUID=95ba47aa-d1f5-43b2-b866-4a531d7c5512 /.snapshots btrfs rw,relatime,compress=zstd:3,ssd,space_cache=v2,subvolid=258,subvol=/@snapshots 0 0
# /dev/mapper/root LABEL=root
UUID=95ba47aa-d1f5-43b2-b866-4a531d7c5512 /.swap btrfs rw,relatime,compress=zstd:3,ssd,space_cache=v2,subvolid=260,subvol=/@swap 0 0
/.swap/swapfile none swap defaults 0 0
With pacstrap I installed
# pacstrap /mnt base base-devel linux-zen linux-firmware btrfs-progs ntfs-3g intel-ucode networkmanager vim man-db manpages texinfo cryptsetup
I sure that I missed some step or write something wrong, but I have no idea where.
Last edited by ranixon (2022-04-18 20:24:23)
Offline
And the kernel command line you configured for the unified image?
Online
what's your kernel command line?
make sure to check `mkinitcpio --hookhelp encrypt` and if you buld unified images, check the `--cmdline` option.
Offline
My cmdline
/etc/kernel/cmdline
initrd=\arch\boot\intel-ucode.img initrd=\arch\boot\amd-ucode.img initrd=\arch\boot\x86_64\initramfs-linux.img archisobasedir=arch archisolabel=ARCH_202204
rw
Offline
That looks like the cmdline for the installation medium. The wiki page does say to copy the current cmdline (from /proc) to that file, but that's probably because it assumes the reader is converting an existing install to a unified image setup, while you tried to do it during the initial install.
IIUC you shouldn't need the initrd parameter with unified images and anything starting with archiso is specific to the installation medium (so that only leaves rw). You need to add the "root" parameter (currently empty, as seen in "device '' not found") and more for btrfs and the encrypt hook:
https://wiki.archlinux.org/title/Dm-cry … crypt_hook
https://wiki.archlinux.org/title/Btrfs# … me_as_root
Offline
That looks like the cmdline for the installation medium. The wiki page does say to copy the current cmdline (from /proc) to that file, but that's probably because it assumes the reader is converting an existing install to a unified image setup, while you tried to do it during the initial install.
IIUC you shouldn't need the initrd parameter with unified images and anything starting with archiso is specific to the installation medium (so that only leaves rw). You need to add the "root" parameter (currently empty, as seen in "device '' not found") and more for btrfs and the encrypt hook:
https://wiki.archlinux.org/title/Dm-cry … crypt_hook
https://wiki.archlinux.org/title/Btrfs# … me_as_root
Thank you, now I have an other problem. Probably an other miss configuration. It boots, ask for my key and then i have this error:
Name "/dev/mapper/root" invalid. It contains "/"
cmdline
rootflags=subvol=@ cryptdevice=/dev/sda4:/dev/mapper/root rw
Offline
HOOKS=(base udev autodetect modconf block filesystems keyboard fsck encrypt)
You need to have the encrypt hook between block and filesystems. The block device needs decrypted before the filesystems can be accessed...
https://wiki.archlinux.org/title/Dm-cry … mkinitcpio
Offline
You need to have the encrypt hook between block and filesystems. The block device needs decrypted before the filesystems can be accessed...
https://wiki.archlinux.org/title/Dm-cry … mkinitcpio
Changed it, used mkinitcpio -P and still having the same error:
HOOKS=(base udev autodetect modconf block keymap encrypt filesystems keyboard fsck )
Name "/dev/mapper/root" invalid. It contains "/"
Offline
Post your bootloader configs as well as the output of...
lsblk -f
once you've decrypted the volume.
Offline
Post your bootloader configs.
systemd-boot:
loader.conf
timeout 3
console-mode keep
autoentries yes
autofirmware yes
editor no
linux-zen.preset
# mkinitcpio preset file for the 'linux-zen' package
ALL_config="/etc/mkinitcpio.conf"
ALL_kver="/boot/vmlinuz-linux-zen"
ALL_microcode=(/boot/intel-ucode.img)
PRESETS=('default' 'fallback')
#default_config="/etc/mkinitcpio.conf"
default_image="/boot/initramfs-linux-zen.img"
default_efi_image="/efi/EFI/Linux/archlinux-linux-zen.efi"
default_options="--splash /usr/share/systemd/bootctl/splash-arch.bmp"
#fallback_config="/etc/mkinitcpio.conf"
fallback_image="/boot/initramfs-linux-zen-fallback.img"
fallback_efi_image="/efi/EFI/Linux/archlinux-linux-zen-fallback.efi"
fallback_options="-S autodetect --splash /usr/share/systemd/bootctl/splash-arch.bmp"
Any other config is in default.
Offline
Post your bootloader configs as well as the output of...
lsblk -f
once you've decrypted the volume.
Using arch-chroot, I don't mounted all the partitions, should I?
NAME FSTYPE FSVER LABEL UUID FSAVAIL FSUSE% MOUNTPOINTS
loop0 squashfs 4.0
sda
├─sda1 vfat FAT32 F05F-0D7D 405.6M 21% /efi
├─sda2
├─sda3 ntfs Sistema 78267C9E267C5F56
└─sda4 crypto_LUKS 2 036cc3d8-c0c7-477a-8eec-1a591e224bd3
└─root btrfs root 95ba47aa-d1f5-43b2-b866-4a531d7c5512 236.6G 7% /
sdb
├─sdb1 exfat 1.0 Ventoy 4E21-0000
│ └─ventoy iso9660 Joliet Extension ARCH_202204 2022-04-05-16-02-52-00
└─sdb2 vfat FAT16 VTOYEFI DE2E-30BF
sdc
└─sdc1 vfat FAT32 NO_LABEL 6A7B-6CCD
Last edited by ranixon (2022-04-15 01:45:03)
Offline
Thank you, now I have an other problem. Probably an other miss configuration. It boots, ask for my key and then i have this error:
Name "/dev/mapper/root" invalid. It contains "/"
Read the wiki more carefully:
dmname is the device-mapper name given to the device after decryption, which will be available as /dev/mapper/dmname
So you should only specify "root".
Edit: you also didn't follow the recommendation (directly above the line I quoted here) to use persistent block device names such as a UUID instead of /dev/sda4, but that's not (yet) a real problem.
Last edited by Raynman (2022-04-15 08:28:12)
Offline
ranixon wrote:Thank you, now I have an other problem. Probably an other miss configuration. It boots, ask for my key and then i have this error:
Name "/dev/mapper/root" invalid. It contains "/"
Read the wiki more carefully:
dmname is the device-mapper name given to the device after decryption, which will be available as /dev/mapper/dmname
So you should only specify "root".
Edit: you also didn't follow the recommendation (directly above the line I quoted here) to use persistent block device names such as a UUID instead of /dev/sda4, but that's not (yet) a real problem.
I chaged de cmdline to use UUID, now I have a new error (also tried using subvolid):
rootflags=subvolid=256 cryptdevice=UUID=036cc3d8-c0c7-477a-8eec-1a591e224bd3:root rw
ERROR: device '' not found. Skipping fsck.
:: mounting '' on real root
mount: /new_root: wrong fs type, bad option, bad superblock on , missing codepage or helper program, or other error.
dmesg(1) may have more information after failed system call.
You are now being dropped into an emergency shell.
sh: can't access tty; job control turned off
should I post the full output or dmesg?
[rootfs]#
Last edited by ranixon (2022-04-18 02:52:28)
Offline
Ah, I focused on the new error and didn't double-check the rest of your cmdline. You seem to have skipped the first (now bolded) part:
You need to add the "root" parameter (currently empty, as seen in "device '' not found") and more for btrfs and the encrypt hook:
I believe dm-crypt/LUKS also provides a UUID, but the name should be stable, so you can go with root=/dev/mapper/root.
https://wiki.archlinux.org/title/Dm-cry … ation#root
Last edited by Raynman (2022-04-18 08:20:29)
Offline
Ah, I focused on the new error and didn't double-check the rest of your cmdline. You seem to have skipped the first (now bolded) part:
Raynman wrote:You need to add the "root" parameter (currently empty, as seen in "device '' not found") and more for btrfs and the encrypt hook:
I believe dm-crypt/LUKS also provides a UUID, but the name should be stable, so you can go with root=/dev/mapper/root.
Now working everything with the following cmdline:
root=/dev/mapper/root rootflags=subvolid=256 cryptdevice=UUID=036cc3d8-c0c7-477a-8eec-1a591e224bd3:root resume=/.swap/swapfile resume_offset=533760 rw
Where:
root=/path/to/root_partition, rootflags=root_subvolume, cryptdevice=UUID=UUID_of_encrypted_partition, resume=/path/to/swapfile.
For resume_offset see the wiki.
The next is hibernation, but that is for another day.
Last edited by ranixon (2022-04-18 17:16:16)
Offline