You are not logged in.
Hello,
EDIT:
Topic is solved. Everything works like a charm. I had enter a wrong password ...
I tried unsuccessfully the night to decrypt my encrypted partition when logging in to Gnome by GDM. It's tedious because I work with pam and every mistake breaks the login, so I have to repair the system using the installation medium.
Using tutorial:
https://wiki.archlinux.org/title/Dm-cry … g_at_login
My created files are:
-rw-r--r-- 1 root root 680 15. Okt 08:50 /etc/pam.d/system-login
----------------------------------------------------------------
auth required pam_shells.so
auth requisite pam_nologin.so
auth include system-auth
auth optional pam_exec.so expose_authtok /etc/pam_cryptsetup.sh
account required pam_access.so
account required pam_nologin.so
account include system-auth
password include system-auth
session optional pam_loginuid.so
session optional pam_keyinit.so force revoke
session include system-auth
session optional pam_motd.so
session optional pam_mail.so dir=/var/spool/mail standard quiet
session optional pam_umask.so
-session optional pam_systemd.so
session required pam_env.soThe following script may doesn't work with GDM but there is no error message. Each login will be cancelled even for other users.
-rwxr-xr-x 1 root root 238 14. Okt 19:50 /etc/pam_cryptsetup.sh
---------------------------------------------------------------
#!/bin/sh
CRYPT_USER="lexis"
PARTITION="/dev/nvme0n1p4"
NAME="home-$CRYPT_USER"
if [ "$PAM_USER" = "$CRYPT_USER" ] && [ ! -e "/dev/mapper/$NAME" ]; then
/usr/bin/cryptsetup open "$PARTITION" "$NAME"
fiSide note: Manuell decryption works!
/usr/bin/cryptsetup open /dev/nvme0n1p4 home-lexislsblk
-----
/dev/nvme0n1p3: UUID="????????-????-????-????-????????????" UUID_SUB="????????-????-????-????-????????????" BLOCK_SIZE="4096" TYPE="btrfs" PARTLABEL="Linux filesystem" PARTUUID="????????-????-????-????-????????????"
/dev/nvme0n1p1: UUID="????-????" BLOCK_SIZE="512" TYPE="vfat" PARTLABEL="EFI system partition" PARTUUID="????????-????-????-????-????????????"
/dev/nvme0n1p4: UUID="????????-????-????-????-????????????" TYPE="crypto_LUKS" PARTLABEL="Linux filesystem" PARTUUID="????????-????-????-????-????????????"
/dev/nvme0n1p2: UUID="????????-????-????-????-????????????" UUID_SUB="????????-????-????-????-????????????" BLOCK_SIZE="4096" TYPE="btrfs" PARTLABEL="Linux filesystem" PARTUUID="????????-????-????-????-????????????"
/dev/mapper/home-lexis: UUID="????????-????-????-????-????????????" UUID_SUB="????????-????-????-????-????????????" BLOCK_SIZE="4096" TYPE="btrfs"The mounting systemd-script also works:
-rw-r--r-- 1 root root 205 14. Okt 18:50 /etc/systemd/system/home-lexis.mount
-----------------------------------------------------------------------------
[Unit]
Requires=user@1000.service
Before=user@1000.service
[Mount]
Where=/home/lexis
What=/dev/mapper/home-lexis
Type=btrfs
Options=defaults,relatime,compress=zstd
[Install]
RequiredBy=user@1000.serviceI have not yet been able to check whether the encryption service script works.
-rw-r--r-- 1 root root 378 14. Okt 19:01 /etc/systemd/system/cryptsetup-lexis.service
-------------------------------------------------------------------------------------
[Unit]
DefaultDependencies=no
BindsTo=dev-nvme0n1p4.device
After=dev-nvme0n1p4.device
BindsTo=dev-mapper-home\x2dlexis.device
Requires=home-lexis.mount
Before=home-lexis.mount
Conflicts=umount.target
Before=umount.target
[Service]
Type=oneshot
RemainAfterExit=yes
TimeoutSec=0
ExecStop=/usr/bin/cryptsetup close home-lexis
[Install]
RequiredBy=dev-mapper-home\x2dlexis.deviceIs there anyone who can help me?
Last edited by Lax Lexis (2023-11-14 16:56:16)
Offline