You are not logged in.
Hello,
I try to set up arch linux with a custom initramfs.
I configured mkinitcpio and grub, and prepared a bootable usb stick.
I am new to all that and did a lot of reading, but I am still a bit confused.
The computer boots, but it has trouble finding/decrypting/mounting the root fs.
So far, so bad, but I expected something like that.
Now, I tried to configure a rescue shell before the mounting takes place. Now, while booting i have this:
[ 0.161438] x86/cpu: SGK disabled by BIOS
[ 0.735716] tpm_crp: MSFT0101:00 can't request region for ressource [ mem 0x<UUID>]
:: running early hook [udev]
:: Triggering uevents...
:: running hook [keymap]
:: Loading keymap...done
:: running hook [encrypt]
Waiting 10 seconds for device /dev/disk/by-uuid/<UUID> ...
:: Pre-mount break requested, type 'exit' to resume operation
::sh: can't access tty: job control turned off
[rootfs ]# _
-> There is a shell-like prompt, but I cannot enter any commands, because the keyboard is not working.
How can I fix this issue?
Here are my settings for grub (/etc/default/grub:)
GRUB_DEFAULT=0
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="Arch"
GRUB_CMDLINE_LINUX_DEFAULT="loglevel=4"
GRUB_CMDLINE_LINUX="resume=/dev/mapper/swap cryptdevice=UUID=bf5ade54-1452-4dfa-b8a8-4ec18e142732:luksvg-slash cryptkey=rootfs:/boot/lukskey-open break=premount"
GRUB_PRELOAD_MODULES="part_gpt part_msdos"
GRUB_TIMEOUT_STYLE=menu
GRUB_TERMINAL_INPUT=console
GRUB_GFXMODE=auto
GRUB_GFXPAYLOAD_LINUX=keep
GRUB_DISABLE_RECOVERY=true
and for mkinitcpio (/etc/mkinitcpio.conf):
MODULES=()
BINARIES=()
FILES=()
HOOKS=(base udev autodetect modconf kms keyboard keymap consolefont block filesystems fsck)
Last edited by Oxensepp (2023-02-12 20:06:03)
Offline
One more thing:
I am using the kernel from the install ISO, so the kernel itself should have everything to offer a command line to the user.
Also, on grub's menu, immediately after power on, I can "e"dit.
Therefore, the custom initramfs could be the the point of error. What could missing?
Offline
One more thing:
I am using the kernel from the install ISO
I must correct: pacman installed a newer kernel, along with modules. (6.1.9)
I missed this at first because the naming is poor: "vmlinuz-linux" and "initramfs-linux[-fallback].img"... Attaching a version number would be great.
Also, on grub's menu, immediately after power on, I can "e"dit.
Therefore, the custom initramfs could be the the point of error. What could missing?
The computer is a fujitsu notebook.
Now I tried a USB-keyboard, and it worked! -> maybe a missing kernel module. I will investigate.
But there is another thing. After creating my custom initramfs, I listet it's contents:
# lsinitcpio initramfs-linux.img
VERSION
bin
boot/
boot/lukskey-open <---- this is important!
buildconfig
config
[...]
As I attached the USB keyboard the boot was stuck, because mounting the root fs failed. I looked around for "lukskey-open", but I could not find this file. Neither in / nor in /boot....?
Any hints?
Offline
Well, mkinitramfs seems indeed broken :-(
keyboard dies still not work, despite adding atkbd/i8082 modules, and /boot/lukskey-open is missing despite having it in the FILES hook.
lukskey-open es even shown in lsinitrd, but in fact, after booting into initrd, it is missing! That's crazy.
Any hints?
I have:
[root@archiso ~]# grep -r -E -v '^#|^$' /etc/mkinitcpio.*
/etc/mkinitcpio.conf:MODULES=(usbhid xhci_hcd atkbd i8042)
/etc/mkinitcpio.conf:BINARIES=(find)
/etc/mkinitcpio.conf:FILES=(/boot/lukskey-open)
/etc/mkinitcpio.conf:HOOKS=(base udev autodetect modconf kms keyboard keymap consolefont encrypt lvm2 block filesystems fsck)
/etc/mkinitcpio.conf_orig:MODULES=()
/etc/mkinitcpio.conf_orig:BINARIES=()
/etc/mkinitcpio.conf_orig:FILES=()
/etc/mkinitcpio.conf_orig:HOOKS=(base udev autodetect modconf kms keyboard keymap consolefont block filesystems fsck)
/etc/mkinitcpio.d/linux.preset:ALL_config="/etc/mkinitcpio.conf"
/etc/mkinitcpio.d/linux.preset:ALL_kver="/boot/vmlinuz-linux"
/etc/mkinitcpio.d/linux.preset:PRESETS=('default' 'fallback')
/etc/mkinitcpio.d/linux.preset:default_image="/boot/initramfs-linux.img"
/etc/mkinitcpio.d/linux.preset:fallback_image="/boot/initramfs-linux-fallback.img"
/etc/mkinitcpio.d/linux.preset:fallback_options="-S autodetect"
[root@archiso ~]# mkinitcpio -P
==> Building image from preset: /etc/mkinitcpio.d/linux.preset: 'default'
-> -k /boot/vmlinuz-linux -c /etc/mkinitcpio.conf -g /boot/initramfs-linux.img
==> Starting build: 6.1.9-arch1-2
-> Running build hook: [base]
-> Running build hook: [udev]
-> Running build hook: [autodetect]
-> Running build hook: [modconf]
-> Running build hook: [kms]
-> Running build hook: [keyboard]
-> Running build hook: [keymap]
-> Running build hook: [consolefont]
-> Running build hook: [encrypt]
==> WARNING: Possibly missing firmware for module: qat_4xxx
-> Running build hook: [lvm2]
-> Running build hook: [block]
-> Running build hook: [filesystems]
-> Running build hook: [fsck]
==> Generating module dependencies
==> Creating zstd-compressed initcpio image: /boot/initramfs-linux.img
==> Image generation successful
==> Building image from preset: /etc/mkinitcpio.d/linux.preset: 'fallback'
-> -k /boot/vmlinuz-linux -c /etc/mkinitcpio.conf -g /boot/initramfs-linux-fallback.img -S autodetect
==> Starting build: 6.1.9-arch1-2
-> Running build hook: [base]
-> Running build hook: [udev]
-> Running build hook: [modconf]
-> Running build hook: [kms]
-> Running build hook: [keyboard]
-> Running build hook: [keymap]
-> Running build hook: [consolefont]
-> Running build hook: [encrypt]
==> WARNING: Possibly missing firmware for module: qat_4xxx
-> Running build hook: [lvm2]
-> Running build hook: [block]
==> WARNING: Possibly missing firmware for module: aic94xx
==> WARNING: Possibly missing firmware for module: bfa
==> WARNING: Possibly missing firmware for module: qed
==> WARNING: Possibly missing firmware for module: qla1280
==> WARNING: Possibly missing firmware for module: qla2xxx
==> WARNING: Possibly missing firmware for module: wd719x
-> Running build hook: [filesystems]
-> Running build hook: [fsck]
==> Generating module dependencies
==> Creating zstd-compressed initcpio image: /boot/initramfs-linux-fallback.img
==> Image generation successful
[root@archiso ~]# ls -l /boot/initramfs-linux*
-rwxr-xr-x 1 root root 74542328 Feb 18 08:30 /boot/initramfs-linux-fallback.img
-rwxr-xr-x 1 root root 21979050 Feb 18 08:29 /boot/initramfs-linux.img
and:
[root@archiso /]# lsinitrd /boot/initramfs-linux.img
Image: /boot/initramfs-linux.img: 21M
========================================================================
Version:
Arguments:
dracut modules:
========================================================================
-rw-r--r-- 0 root root 2 Jan 1 1970 VERSION
lrwxrwxrwx 0 root root 7 Jan 1 1970 bin -> usr/bin
drwxr-xr-x 0 root root 0 Jan 1 1970 boot/
-rwxr-xr-x 0 root root 512 Jan 1 1970 boot/lukskey-open
[...]
Offline
$ pacman -F lukskey-open
$
What is lukskey-open and why does it need to be added to the initramfs ?
Pleaase post your full /etc/mkinitcpio.conf and describe the drive/volume layout you're trying to boot (lsblk -f would be a start)
Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.
clean chroot building not flexible enough ?
Try clean chroot manager by graysky
Offline
$ pacman -F lukskey-open $
What is lukskey-open and why does it need to be added to the initramfs ?
Pleaase post your full /etc/mkinitcpio.conf and describe the drive/volume layout you're trying to boot (lsblk -f would be a start)
O.K.:
# lsblk -f
NAME FSTYPE FSVER LABEL UUID FSAVAIL FSUSE% MOUNTPOINTS
sda
├─sda1 vfat FAT32 B9C8-E751 5.4G 6% /boot
└─sda2
nvme0n1
├─nvme0n1p1 vfat FAT32 963C-B5C9
├─nvme0n1p2
├─nvme0n1p3 BitLocker 2
├─nvme0n1p4 ntfs 42AC9F1CAC9F0995
└─nvme0n1p5 crypto_LUKS 2 82154c90-6468-4ee5-8991-b8ba05faf6b3
└─luksroot LVM2_member LVM2 001 cgvsjU-hLZj-KlVe-pxVU-vCZz-D0qr-0jyFFf
├─luksvg-swap swap 1 swap bb80ee95-cb5d-4143-b5d6-566217b573a0 [SWAP]
└─luksvg-slash btrfs root bf5ade54-1452-4dfa-b8a8-4ec18e142732 1.5T 0% /
Now let me explain.. The laptop has windows (nvme0n1p1 - nvme0n1p4), additionally I want to install linux. Windows must be untouched.
I decided to work with an USB boot stick (/dev/sda here): If the stick is plugged in at power on, linux should start, Windows otherwise (boot order, ...)
The boot stick has a GPT "boot flag" (for EFI) and in sda1 is the initramfs and the kernel.
The linux system resides in nvme0n1p5. As you have noticed, it is encrypted (full disc encryption).
Therefore, on the boot stick is a keyfile named "lukskey-open". That's just a small binary file with 512 byte.
Before mounting, the init process drops me into a shell, there I can type "cryptsetup --key-file lukskey-open ..." (luks 2) and decrypt nvme0n1p5. After that I can leave the shell and init continues with mounting the filesystem and so on, and finishes booting without any further problem.
Well, that's not the final version of decrypting the disc, but for setting up and testing it should do.
Probably, the whole encryption has nothing to do with the keyboard issue, but you stumbled across the keyfile and asked :-)
The mkinitcpio* is this (omitting comments and linebreaks):
# grep -r -E -v "#|^$" /etc/mkinitcpio.*
/etc/mkinitcpio.conf:MODULES=(usbhid btrfs blake2b_generic xor raid6_pq libcrc32c crc32c_generic dm_crypt encrypted_keys trusted asn1_encoder tee dm_mod qrtr ccm algif_aead cbc des_generic libdes ecb algif_skcipher cmac md4 algif_hash af_alg intel_rapl_msr intel_rapl_common snd_soc_avs snd_soc_hda_codec intel_tcc_cooling snd_soc_skl x86_pkg_temp_thermal intel_powerclamp snd_soc_hdac_hda snd_hda_ext_core snd_soc_sst_ipc coretemp snd_soc_sst_dsp snd_soc_acpi_intel_match snd_soc_acpi kvm_intel snd_hda_codec_hdmi snd_soc_core joydev kvm mousedev irqbypass snd_hda_codec_realtek snd_compress mei_pxp iwlmvm crct10dif_pclmul ac97_bus snd_hda_codec_generic mei_hdcp ledtrig_audio polyval_clmulni snd_pcm_dmaengine mei_wdt polyval_generic gf128mul snd_hda_intel ghash_clmulni_intel iTCO_wdt snd_intel_dspcfg hid_multitouch snd_intel_sdw_acpi intel_pmc_bxt rapl iTCO_vendor_support mac80211 libarc4 intel_cstate snd_hda_codec btusb snd_hda_core btrtl uvcvideo btbcm videobuf2_vmalloc snd_hwdep btintel intel_uncore iwlwifi pcspkr videobuf2_memops snd_pcm btmtk videobuf2_v4l2 psmouse snd_timer mei_me bluetooth intel_wmi_thunderbolt videobuf2_common cfg80211 intel_lpss_pci i2c_i801 snd intel_xhci_usb_role_switch ecdh_generic videodev i2c_smbus soundcore intel_lpss mei i2c_hid_acpi rfkill crc16 idma64 mc roles i2c_hid fujitsu_laptop acpi_pad sparse_keymap mac_hid pkcs8_key_parser fuse bpf_preload ip_tables x_tables overlay squashfs loop isofs cdrom uas usb_storage crc32_pclmul crc32c_intel sha512_ssse3 i915 serio_raw nvme atkbd sdhci_pci drm_buddy aesni_intel libps2 ttm vivaldi_fmap cqhci crypto_simd cryptd drm_display_helper sdhci nvme_core e1000e cec xhci_pci mmc_core nvme_common xhci_pci_renesas intel_gtt i8042 video serio wmi)
/etc/mkinitcpio.conf:BINARIES=(find)
/etc/mkinitcpio.conf:FILES=(/custom/lukskey-open /lukskey-open)
/etc/mkinitcpio.conf:HOOKS=(base udev keyboard autodetect modconf kms keymap consolefont encrypt lvm2 block filesystems fsck)
/etc/mkinitcpio.conf_orig:MODULES=()
/etc/mkinitcpio.conf_orig:BINARIES=()
/etc/mkinitcpio.conf_orig:FILES=()
/etc/mkinitcpio.conf_orig:HOOKS=(base udev autodetect modconf kms keyboard keymap consolefont block filesystems fsck)
/etc/mkinitcpio.d/linux.preset:ALL_config="/etc/mkinitcpio.conf"
/etc/mkinitcpio.d/linux.preset:ALL_kver="/boot/vmlinuz-linux"
/etc/mkinitcpio.d/linux.preset:PRESETS=('default' 'fallback')
/etc/mkinitcpio.d/linux.preset:default_image="/boot/initramfs-linux.img"
/etc/mkinitcpio.d/linux.preset:fallback_image="/boot/initramfs-linux-fallback.img"
/etc/mkinitcpio.d/linux.preset:fallback_options="-S autodetect"
now I have following situation:
- while running from the arch installation image, the internal keyboard works.
- the internal keyboard works in the GRUB menue.
- on the system installed on the disc / usb stick, the internal keyboard does NOT work, neither while running from initramfs, nor after finishing the start up.
- an USB keyboard works in initramfs and after starting up.
A small part seems missing in my custom initramfs, which is present in the arch installation image.
Unfortunately, due to lack of knowledge of "deep internal linux hardware"-issues, I am not able to do a structured error searching. All I can do is try and error, inspired by google.
Maybe a good guess could be helpful.
Finally, a recent dmesg output is here (starting with USB keyboard plugged in):
Offline
This is probably beyond my skill level, but I do notice some things.
When someone asks for the content of a specfic file don't use
# grep -r -E -v "#|^$" /etc/mkinitcpio.*
I asked for one file, that command shows the output of 3 files and gives too much information .
On the other hand it removes lines starting with # and there are cases were # has a different meaning then 'start of a comment' .
not sure about linebreaks but in general the whole content is desired.
Since you are using grub from an usb-stick , did you add --removable to the grub-install command ?
your modules= line lists way to many modules, best approach tends to be to only mention higher level modules and let kernel / udev deal with dependencies .
example :
you list btrfs .
$ modinfo btrfs
filename: /lib/modules/6.2.1-arch1-1/kernel/fs/btrfs/btrfs.ko.zst
softdep: pre: blake2b-256
softdep: pre: sha256
softdep: pre: xxhash64
softdep: pre: crc32c
license: GPL
alias: devname:btrfs-control
alias: char-major-10-234
alias: fs-btrfs
srcversion: 558814F50393361711761C8
depends: xor,raid6_pq,libcrc32c
retpoline: Y
intree: Y
name: btrfs
vermagic: 6.2.1-arch1-1 SMP preempt mod_unload
sig_id: PKCS#7
signer: Build time autogenerated kernel key
sig_key: 67:6D:B8:C3:9D:75:2B:5C:7A:DA:91:93:17:8D:4D:55:E9:56:A8:2D
sig_hashalgo: sha512
signature: 30:64:02:30:29:F6:8C:8F:7B:0F:57:2B:79:30:9A:EE:5D:DF:1A:55:
42:13:AC:71:21:EB:FB:CB:72:99:50:91:7A:FA:AD:3B:7B:7F:A1:06:
FB:D7:EA:71:06:0D:30:76:A1:E6:C1:55:02:30:2D:31:E5:AC:1E:AA:
DA:71:68:E7:18:61:27:C9:2D:5E:CF:E1:A1:7B:02:D9:56:80:1A:3E:
07:8D:C3:5A:50:39:A5:EE:F4:35:C2:43:0C:2F:21:F4:24:7F:2E:C9:
A6:75
$
That will pull in xor,raid6_pq,libcrc32c and possibly the softdepends (not sure what 'softdepend pre:' means) .
No need to have raid_pq6 in modules= when btrfs is present.
The hooks line can also be shortened.
example :
consolefont & keymap hooks are only useful if you configured those in /etc/vconsole.conf . Many users don't do that and thus don't need those hooks in mkinitcpio .
Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.
clean chroot building not flexible enough ?
Try clean chroot manager by graysky
Offline
Hello all,
unfortunately I am still stuck with that issue, so I push it on the top again.
For those, who don't want read the whole thread, a short summary:
- I try to install arch linux on a laptop fujitsu lifebook E558 (intel i5, M.2 SSD, ... - nothing special, actually)
- windows is installed in parallel. which operating system starts, is decided by EFI boot order: If a USB boot stick is plugged in at power on, linux is starting. Windows otherwise. This works.
- because I need a full system encryption, arch linux is installed in a luks2 encrypted lvm container. This works also.
- because of my setup, I need a custom initramfs, which is stored on the USB boot stick. This works also. I can boot the system
- I use grub and mkinitcpio.
- for entering a passphrase to unlock the luks encrypted container, I need a working keyboard in the early boot phase, i.e. when the initramfs is loaded, but before mounting of the disks. here is the problem: The internal keyboard is not working.
- an USB keyboard works!
- in grub (before the initramfs phase) the internal keyboard works.
- also, after finishing the boot, the internal keyboard works. (at least, until I close and open the lid...)
- when running the arch iso installation image, the internal keyboard works also.
the system layout is
NAME FSTYPE FSVER LABEL UUID FSAVAIL FSUSE% MOUNTPOINTS
sda
├─sda1 vfat FAT32 B9C8-E751 5.4G 6% /boot
└─sda2
nvme0n1
├─nvme0n1p1 vfat FAT32 963C-B5C9
├─nvme0n1p2
├─nvme0n1p3 BitLocker 2
├─nvme0n1p4 ntfs 42AC9F1CAC9F0995
└─nvme0n1p5 crypto_LUKS 2 82154c90-6468-4ee5-8991-b8ba05faf6b3
└─luksroot LVM2_member LVM2 001 cgvsjU-hLZj-KlVe-pxVU-vCZz-D0qr-0jyFFf
├─luksvg-swap swap 1 swap bb80ee95-cb5d-4143-b5d6-566217b573a0 [SWAP]
└─luksvg-slash btrfs root bf5ade54-1452-4dfa-b8a8-4ec18e142732 1.5T 0% /
sda1 is the EFI partition for arch linux, which resides in nvme0n1p5. The rest of nvme0n1 is for windows.
Here is my mkinitcpio.conf: http://lewonze.de/tmp/arch/mkinitcpio20230518.txt
and here is the output of "journalctl -b": http://lewonze.de/tmp/arch/journalctl20230518.txt
The keymap hooks is needed, because the computer has a german keyboard layout, which is configured in /etc/vconsole.conf. (this works, by the way).
lukskey-open is a file with the luks key for unlocking the SSD. This is not the final solution, but not related the the keyboard issue and does not play a role here.
I found no error messages about the keyboard.
As you may notice (journalctl), I played around with kernel command line options, but that did not change the behavior.
I am not much experienced in initramfs and boot issues.
I have no clue how to track the error and only limited understanding of the initramfs / boot process, so any hints may helpful.
Offline
I experience similar issue on a older PC (anno 2012).
Neither AT/PS-2 or USB keyboard works from initramfs (for unlocking LUKS).
Things I have tried, to no avail:
Fallback image - also no functional keyboard
linux-lts kernel
Adding i8042/atkbd to MODULES
Added ALL modules listed by lsmod to MODULES
Keyboard works without issue in BIOS, UEFI shell, bootloader and fully booted linux, but never in initramfs.
Offline
I have found two possible workarounds for the issue on my system:
Switch from mkinitcpio/busybox to mkinitcpio/systemd (with sd-encrypt)
Switch from mkinitcpio to dracut.
Either works fine. The issue seem to be isolated to mkinitcpio/busybox/udev/cryptsetup.
Steps/references for mkinitcpio/systemd configuration:
In /etc/mkinitcpio.conf, change HOOKS to use systemd hooks instead of busybox hooks (remove udev/keymap/vconsole/encrypt, add systemd/sd-vconsole/sd-encrypt, https://wiki.archlinux.org/title/Mkinitcpio)
In bootloader, add rd.luks.name=UUID=name or create /etc/crypttab.initramfs per https://wiki.archlinux.org/title/Dm-cry … -generator
It's possible that plymouth may also work as a workaround, but I haven't tried.
Last edited by larsch (2023-08-08 15:31:04)
Offline