[Solved]systemd gpt auto gererator - DPS - wont automount /var

Soultrigger · 2023-09-25 11:07:19

I am experimenting in a VM the Discoverable Partition Specification (DPS) with sytemd-gpt-auto-generator and I got some sucess as / and /home are automounted, but /var fails to mount.

I created the partitions with:

sgdisk /dev/vda -n1:0:+1g -t1:ef00 -c1:EFI -n2:-1g:+1g -t2:0700 -c2:rescue  -n3:-6g:+6g -t3:8310 -c3:var -n4:-1g:+1g -t4:8200 -c4:swap -n5:0:+2g -t5:8302 -c5:home -n6:0: -t6:8304 -c6:root -s

which resulted in

soultrigger@soul ~> sudo fdisk -l
[sudo] password for soultrigger: 
Disk /dev/vda: 20 GiB, 21474836480 bytes, 41943040 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 851BFC2E-19CC-4D7F-9D4D-048275CDE50D

Device        Start      End  Sectors Size Type
/dev/vda1      2048  2099199  2097152   1G EFI System
/dev/vda2   2099200  6293503  4194304   2G Linux home
/dev/vda3   6293504 25159679 18866176   9G Linux root (x86-64)
/dev/vda4  25159680 27258878  2099199   1G Linux swap
/dev/vda5  27258880 39843838 12584959   6G Linux variable data
/dev/vda6  39843840 41943005  2099166   1G Microsoft basic data

Which VDA5 is type:

8310 Linux /var

Also all partitions above are ext4 just to make it a simple scheme

I am also using this Hooks for mkinitcpio

 HOOKS=(base systemd autodetect modconf kms keyboard sd-vconsole block filesystems fsck)

I am also using UKI if it matters

The DPS says

The first partition with this type UUID on the disk containing the root partition is automatically mounted to /var/ — under the condition that its partition UUID matches the first 128 bits of HMAC-SHA256(machine-id, 0x4d21b016b53445c2a9fb5c16e091fd2d) (i.e. the SHA256 HMAC hash of the binary type UUID keyed by the machine ID as read from /etc/machine-id. This special requirement is made because /var/ (unlike the other partition types listed here) is inherently private to a specific installation and cannot possibly be shared between multiple OS installations on the same disk, and thus should be bound to a specific instance of the OS, identified by its machine ID. If the partition is encrypted with LUKS, the device mapper file will be named /dev/mapper/var.

And systemd-gpt-auto-generator matchs it with

The first partition with this type UUID on the same disk as the ESP is mounted to /var/ — under the condition its partition UUID matches the first 128 bit of the HMAC-SHA256 of the GPT type uuid of this partition keyed by the machine ID of the installation stored in machine-id(5).

Here is where I faliing to connect the dots.... How can I make sure my var partition matchs the machine-id and/or how can I recreate the var partition so that it matches the machine-id?

It is just for the sake of learning, I already understood uki, how to use encryption with sd-encrypt with secureboot+tpm2+pin to unlock if the efi was not touched, auto mount with btrfs using systemd-auto-gpt-auto-generator, but I am failing in these special use cases as /var partition.

If it helps, the var partition UUID and machine-id

/dev/vda5: UUID="c2112273-96ed-4ac9-869d-e77b0d7473e7"

machine-id /dev/vda5: UUID="c2112273-96ed-4ac9-869d-e77b0d7473e7"

Last edited by Soultrigger (2023-09-26 18:31:22)

nl6720 · 2023-09-25 11:26:54

As always, the answer is in the wiki: https://wiki.archlinux.org/title/systemd#/var
Use that command to generate the correct PARTUUID value and then use gdisk, sgdisk, fdisk or sfdisk to change the PARTUUID of the /var partition.

Soultrigger · 2023-09-25 12:48:02

I really need to learn to look subjects a little better in the wiki...

I used it as in the wiki

systemd-id128 -u --app-specific=4d21b016-b534-45c2-a9fb-5c16e091fd2d machine-id

I also used gdisk with x to go to the expert menu, c to change partuuid, choose part 5 then I suplied what resulted of that command above and hit w to write.

And it didnt work... I tried to use other UUIDs such the partition uuid to generate a new one with systemd-id128, the UUID I got in the DSP, and many others before I replyed here. But it is just an attempt since that seems to be app-specific it is systemd specific UUID? or Is it the partition type UUID? (by type I think 8310 linux /var in gdisk)

There is something I am still missing, some minor detail...

nl6720 · 2023-09-25 12:52:40

The partition type is correct, as is the command you ran.
Did you run the command while either booted or chrooted into the system?

Soultrigger · 2023-09-25 13:24:02

I was trying trough ssh connection to the vm, but since you asked I tryed doing it on the vm itself but it seems I still failed.

Do I need to do it before I chroot into the system? (I can reinstall the vm to retry it all)

Here is another attempt trough the ssh so I can paste here and you have a look:

    ~  ssh soultrigger@192.168.122.104                                               ✔   42s  10:21:51 
soultrigger@192.168.122.104's password: 
Last login: Mon Sep 25 10:21:06 2023 from 192.168.122.1
Welcome to fish, the friendly interactive shell
Type help for instructions on how to use fish
soultrigger@soul ~> systemd-id128 -u --app-specific=4d21b016-b534-45c2-a9fb-5c16e091fd2d machine-id
e2e874f4-1626-449b-b1ba-5dbc20aafe33
soultrigger@soul ~> sudo gdisk /dev/vda
[sudo] password for soultrigger: 
GPT fdisk (gdisk) version 1.0.9.1

Partition table scan:
  MBR: protective
  BSD: not present
  APM: not present
  GPT: present

Found valid GPT with protective MBR; using GPT.

Command (? for help): x

Expert command (? for help): c
Partition number (1-6): 5
Enter the partition's new unique GUID ('R' to randomize): e2e874f4-1626-449b-b1ba-5dbc20aafe33
New GUID is E2E874F4-1626-449B-B1BA-5DBC20AAFE33

Expert command (? for help): w

Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!

Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/vda.
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot or after you
run partprobe(8) or kpartx(8)
The operation has completed successfully.
soultrigger@soul ~> systemctl reboot -i
==== AUTHENTICATING FOR org.freedesktop.login1.reboot-multiple-sessions ====
Authentication is required to reboot the system while other users are logged in.
Authenticating as: soultrigger
Password: 
==== AUTHENTICATION COMPLETE ====
Connection to 192.168.122.104 closed by remote host.
Connection to 192.168.122.104 closed.

PS: I forgot something very important - Thank you for all your time and effort in helping me.

Last edited by Soultrigger (2023-09-25 13:24:56)

nl6720 · 2023-09-26 07:24:39

Soultrigger wrote:

Do I need to do it before I chroot into the system?

No, it needs to be done while inside the chroot (or while booted into the system), so you're fine.

From a quick glance, all the conditions appear to be met.

Post the output of these commands:

$ cat /etc/machine-id
$ lsblk -o +PARTUUID,PARTTYPE
$ bootctl
$ systemctl status -l var.automount

Did you remove /var from /etc/fstab when testing automounting? Is /var/ on the root partition (while the /var partition is not mounted) empty?

Soultrigger · 2023-09-26 14:24:18

soultrigger@soul ~> cat /etc/machine-id
7a139e4e4e25411daed72f6fda6ba367

soultrigger@soul ~ [4]> lsblk -o +PARTUUID,PARTTYPE
NAME MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS PARTUUID                             PARTTYPE
sr0   11:0    1 1024M  0 rom                                                   
vda  254:0    0   20G  0 disk                                                  
├─vda1
│    254:1    0    1G  0 part /efi        2ba732ed-7f33-494a-baad-e5a3c7881c8f c12a7328-f81f-11d2-ba4b-00a0c93ec93b
├─vda2
│    254:2    0    2G  0 part /home       dcac7401-bfbb-4f65-9c83-056011f4a365 933ac7e1-2eb4-4f13-b844-0e14e2aef915
├─vda3
│    254:3    0    9G  0 part /           a759514a-a985-45c4-bf5c-b802f3eabc9b 4f68bce3-e8cd-4db1-96e7-fbcaf984b709
├─vda4
│    254:4    0    1G  0 part [SWAP]      53435441-b265-425a-b2e9-d0bee9ad6f61 0657fd6d-a4ab-43c4-84e5-0933c84b4f4f
├─vda5
│    254:5    0    6G  0 part             e2e874f4-1626-449b-b1ba-5dbc20aafe33 4d21b016-b534-45c2-a9fb-5c16e091fd2d
└─vda6
     254:6    0    1G  0 part             c64a6fd6-aeea-4c36-a836-161b068974d9 ebd0a0a2-b9e5-4433-87c0-68b6b72699c7

soultrigger@soul ~> su
Password: 
[root@soul soultrigger]# bootctl
System:
      Firmware: UEFI 2.70 (EDK II 1.00)
 Firmware Arch: x64
   Secure Boot: disabled (setup)
  TPM2 Support: no
  Boot into FW: supported

Current Boot Loader:
      Product: systemd-boot 254.4-2-arch
     Features: ✓ Boot counting
               ✓ Menu timeout control
               ✓ One-shot menu timeout control
               ✓ Default entry control
               ✓ One-shot entry control
               ✓ Support for XBOOTLDR partition
               ✓ Support for passing random seed to OS
               ✓ Load drop-in drivers
               ✓ Support Type #1 sort-key field
               ✓ Support @saved pseudo-entry
               ✓ Support Type #1 devicetree field
               ✓ Enroll SecureBoot keys
               ✓ Retain SHIM protocols
               ✓ Boot loader sets ESP information
         Stub: systemd-stub 254.4-2-arch
     Features: ✓ Stub sets ESP information
               ✓ Picks up credentials from boot partition
               ✓ Picks up system extension images from boot partition
               ✓ Measures kernel+command line+sysexts
               ✓ Support for passing random seed to OS
               ✓ Pick up .cmdline from addons
               ✓ Pick up .cmdline from SMBIOS Type 11
          ESP: /dev/disk/by-partuuid/2ba732ed-7f33-494a-baad-e5a3c7881c8f
         File: └─/EFI/systemd/systemd-bootx64.efi

Random Seed:
 System Token: set
       Exists: yes

Available Boot Loaders on ESP:
          ESP: /efi (/dev/disk/by-partuuid/2ba732ed-7f33-494a-baad-e5a3c7881c8f)
         File: ├─/EFI/systemd/systemd-bootx64.efi (systemd-boot 254.4-2-arch)
               └─/EFI/BOOT/BOOTX64.EFI (systemd-boot 254.4-2-arch)

Boot Loaders Listed in EFI Variables:
        Title: Linux Boot Manager
           ID: 0x0004
       Status: active, boot-order
    Partition: /dev/disk/by-partuuid/2ba732ed-7f33-494a-baad-e5a3c7881c8f
         File: └─/EFI/systemd/systemd-bootx64.efi

Boot Loader Entries:
        $BOOT: /efi (/dev/disk/by-partuuid/2ba732ed-7f33-494a-baad-e5a3c7881c8f)
        token: arch

Default Boot Loader Entry:
         type: Boot Loader Specification Type #2 (.efi)
        title: Arch Linux (6.5.4-arch2-1)
           id: arch-linux.efi
       source: /efi//EFI/Linux/arch-linux.efi
     sort-key: arch
      version: 6.5.4-arch2-1
        linux: /efi//EFI/Linux/arch-linux.efi
      options: 
[root@soul soultrigger]#

root@soul soultrigger]# systemctl status -l var.automount
Unit var.automount could not be found.

I did install as I said in the original post with this pacstrap

pacstrap /mnt base base-devel linux linux-firmware linux-headers amd-ucode nano sudo fish sbctl efibootmgr btrfs-progs arch-install-scripts networkmanager git openssh

genfstab -U /mnt > /etc/mnt/fstab

systemd-firstboot --root /mnt --prompt

sed -i -e "/^#"pt_BR.UTF-8"/s/^#//" /mnt/etc/locale.gen

arch-chroot /mnt locale-gen

arch-chroot /mnt passwd

arch-chroot /mnt systemctl enable NetworkManager

arch-chroot /mnt systemctl enable sshd

mv /mnt/etc/fstab /mnt/etc/fstab.bkp

So it is a very simple install, EFI is mounted as /efi with a regular folder as /boot to use UKI, and I installed the systemd boot loader, but didnt create any of his .conf files, and pretty much it loaded the uki without any configuration, auto mounted root and home, but failed at the /var because I didnt know this extra step, but even after your help I still failed. (also I created a empty /etc/kernel/cmdline just so it doesnt uses the installation media kernel command line - which it did since I booted from it and didnt create that file at the beggining)

Just to remember the /dev/sda5 is our /var partition

As far my experience goes when asking here it usually is something very newbely and some minor detail I did wrong....

Bonus question: how do we find out a UUID from an aplication, such as in the command in the wiki. (systemd-id128 -u --app-specific=4d21b016-b534-45c2-a9fb-5c16e091fd2d machine-id)

PS: whenever I try the automount, I remove fstab file and if I will just waste some time in the VM, I usually put it in place again.

Last edited by Soultrigger (2023-09-26 14:31:00)

nl6720 · 2023-09-26 14:56:29

The PARTUUIDs and partition type UUIDs all look correct. And the bootctl output shows that systemd-stub sets LoaderDevicePartUUID.

Soultrigger wrote:

Bonus question: how do we find out a UUID from an aplication, such as in the command in the wiki. (systemd-id128 -u --app-specific=4d21b016-b534-45c2-a9fb-5c16e091fd2d machine-id)

What do you mean? Are you asking how to calculate the command's output manually? If so, sorry, but I don't know, I just ran the command in a VM after changing its /etc/machine-id.

All I can think of is that perhaps the /var directory on the root partition is not empty. IIRC, the journal should contain a message with systemd complaining about it.

Soultrigger · 2023-09-26 16:55:32

Soultrigger wrote:

Bonus question: how do we find out a UUID from an aplication, such as in the command in the wiki. (systemd-id128 -u --app-specific=4d21b016-b534-45c2-a9fb-5c16e091fd2d machine-id)

nl6720 wrote:

What do you mean? Are you asking how to calculate the command's output manually? If so, sorry, but I don't know, I just ran the command in a VM after changing its /etc/machine-id.

Yeah, I meant how to find the UUID or value for --app-specific=value.

I tried using the installation media to clean the /var dir and boot, but it didnt work. After boot I removed completely the /var directory and rebooted and another failure.

But no matter, I am really thankful for your help, interest and effort.

I will burn this VM to try the install script that I never tried, and then I might try to recreate it again and see if the /var decides to work haha

Is there any flag to put here? I learnt a lot from you, but I didnt get to a solved situation... is there a [Pendiding Solution]?

Last edited by Soultrigger (2023-09-26 16:58:06)

Soultrigger · 2023-09-26 18:30:57

The Archinstall is very vanilla, I guess for new users who dont want to learn to install it from the guide may be really useful. (even with encryption, btrfs, etc, they are all made with very basic entry level commands it seems).

Well, after testing the Archinstall - I reinstalled the VM, I followed the very same commands, but I did change the PartUUID without chrooting or booting the system (arch-chroot /mnt systemd-id128 -u --app-specific=4d21b016-b534-45c2-a9fb-5c16e091fd2d machine-id and arch-chroot /mnt gdisk /dev/vda) - genfstab to generate the fstab, but moved it to fstab.bkp to remove it and still have a copy and it worked as in the RTFM.

Thanks for your time and all the effort and marking this as Solved.

Arch Linux

#1 2023-09-25 11:07:19

[Solved]systemd gpt auto gererator - DPS - wont automount /var

#2 2023-09-25 11:26:54

Re: [Solved]systemd gpt auto gererator - DPS - wont automount /var

#3 2023-09-25 12:48:02

Re: [Solved]systemd gpt auto gererator - DPS - wont automount /var

#4 2023-09-25 12:52:40

Re: [Solved]systemd gpt auto gererator - DPS - wont automount /var

#5 2023-09-25 13:24:02

Re: [Solved]systemd gpt auto gererator - DPS - wont automount /var

#6 2023-09-26 07:24:39

Re: [Solved]systemd gpt auto gererator - DPS - wont automount /var

#7 2023-09-26 14:24:18

Re: [Solved]systemd gpt auto gererator - DPS - wont automount /var

#8 2023-09-26 14:56:29

Re: [Solved]systemd gpt auto gererator - DPS - wont automount /var

#9 2023-09-26 16:55:32

Re: [Solved]systemd gpt auto gererator - DPS - wont automount /var

#10 2023-09-26 18:30:57

Re: [Solved]systemd gpt auto gererator - DPS - wont automount /var

Board footer