You are not logged in.
Hi.
Like in topic I have no idea what else i can do to run linux on lvm on LUKS on RAID (mdadm) by systemd-boot. Probably I mess with initramfs or systemd-boot.
How setup should looks like?
$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 953,9G 0 disk
├─sda1 8:1 0 1G 0 part /boot
└─sda2 8:2 0 952,8G 0 part
└─md127 9:127 0 952,6G 0 raid1
└─raid1 254:0 0 952,6G 0 crypt
└─raid1-lvol0 254:1 0 952,4G 0 lvm /
sdb 8:16 0 953,9G 0 disk
├─sdb1 8:17 0 1G 0 part
└─sdb2 8:18 0 952,8G 0 part
└─md127 9:127 0 952,6G 0 raid1
└─raid1 254:0 0 952,6G 0 crypt
└─raid1-lvol0 254:1 0 952,4G 0 lvm /
(BTW I checked all guides from 2 first pages from 3 most popular browsers)
Last edited by btjxzkfuly (2024-10-15 18:33:37)
Offline
https://wiki.archlinux.org/title/RAID#I … ux_on_RAID
https://wiki.archlinux.org/title/Dm-cry … figuration
As generic as your post is, that's all I can do. I you want specific help, post what you've actually done and your current configs.
Last edited by Scimmia (2024-10-05 12:52:41)
Offline
Well...
I follow these:
https://wiki.archlinux.org/title/Dm-cry … VM_on_LUKS
https://wiki.archlinux.org/title/Dm-cry … tware_RAID
And some other guides about systemd-boot. Now I have a message on screen like:
Timed out waiting for device /dev/(UUID)
Dependency falied for Initrd Root Device
Dependency falied for /sysroot
Dependency falied for Initrd Root File System
Dependency failed for File System (UUID)
I checked and UUID is okay
Offline
well - I guess we need some more information about how exactly you setup this system (best is a log of the initial setup)
I tried to follow some mix of chapter 6 and 4 - got about half-way through 6.3 and at the point when creating the filesystem I diverted to chapter 4 and used the open luks container instead of the partition. I got through 4.2 and then found conflicting information at 4.3 for /boot:
chapter 6 mentions a raid1 for the ESP which gets mounted to /mnt/efi while chapter 4 wants me to mount WHAT to /mnt/boot?
Sure from my experience I can get both to work - but I don't know how you did it and if what I end up with matches your system.
So I recommend you to explain how exactly you followed chapter 6 and 4 and how exactly you constructed the base before you got to pacstrap - otherwise it will be hard to give direct advice how to fix this.
What I ended up already looks different to yours:
root@archiso ~ # lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
loop0 7:0 0 794.4M 1 loop /run/archiso/airootfs
vda 254:0 0 20G 0 disk
├─vda1 254:1 0 1G 0 part
│ └─md127 9:127 0 1023.9M 0 raid1 /mnt/efi
└─vda2 254:2 0 19G 0 part
└─md126 9:126 0 19G 0 raid1
└─root 253:0 0 19G 0 crypt
└─volgroup-root 253:1 0 16G 0 lvm /mnt
vdb 254:16 0 20G 0 disk
├─vdb1 254:17 0 1G 0 part
│ └─md127 9:127 0 1023.9M 0 raid1 /mnt/efi
└─vdb2 254:18 0 19G 0 part
└─md126 9:126 0 19G 0 raid1
└─root 253:0 0 19G 0 crypt
└─volgroup-root 253:1 0 16G 0 lvm /mnt
btw: you might want to use https://www.deepl.com if you're not fluent in english
Offline
Sorry I am late.
hapter 6 mentions a raid1 for the ESP which gets mounted to /mnt/efi while chapter 4 wants me to mount WHAT to /mnt/boot?
You can do it on /boot/efi and it should works.
I miss some hooks and modules into /etc/mkinitcpio.conf
Now it looks like:
# vim:set ft=sh
# MODULES
# The following modules are loaded before any boot hooks are
# run. Advanced users may wish to specify all system modules
# in this array. For instance:
# MODULES=(usbhid xhci_hcd)
MODULES=(vmd dm_mod dm_crypt ext4 sha256 sha512 raid1)
# BINARIES
# This setting includes any additional binaries a given user may
# wish into the CPIO image. This is run last, so it may be used to
# override the actual binaries included by a given hook
# BINARIES are dependency parsed, so you may safely ignore libraries
BINARIES=()
# FILES
# This setting is similar to BINARIES above, however, files are added
# as-is and are not parsed in any way. This is useful for config files.
FILES=()
# HOOKS
# This is the most important setting in this file. The HOOKS control the
# modules and scripts added to the image, and what happens at boot time.
# Order is important, and it is recommended that you do not change the
# order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for
# help on a given hook.
# 'base' is _required_ unless you know precisely what you are doing.
# 'udev' is _required_ in order to automatically load modules
# 'filesystems' is _required_ unless you specify your fs modules in MODULES
# Examples:
## This setup specifies all modules in the MODULES setting above.
## No RAID, lvm2, or encrypted root is needed.
# HOOKS=(base)
#
## This setup will autodetect all modules for your system and should
## work as a sane default
# HOOKS=(base udev autodetect modconf block filesystems fsck)
#
## This setup will generate a 'full' image which supports most systems.
## No autodetection is done.
# HOOKS=(base udev modconf block filesystems fsck)
#
## This setup assembles a mdadm array with an encrypted root file system.
## Note: See 'mkinitcpio -H mdadm_udev' for more information on RAID devices.
# HOOKS=(base udev modconf keyboard keymap consolefont block mdadm_udev encrypt filesystems fsck)
#
## This setup loads an lvm2 volume group.
# HOOKS=(base udev modconf block lvm2 filesystems fsck)
#
## This will create a systemd based initramfs which loads an encrypted root filesystem.
# HOOKS=(base systemd autodetect modconf kms keyboard sd-vconsole sd-encrypt block filesystems fsck)
#
## NOTE: If you have /usr on a separate partition, you MUST include the
# usr and fsck hooks.
HOOKS=(base autodetect modconf udev systemd mdadm_udev encrypt sd-encrypt lvm2 sd-lvm2 microcode kms keyboard keymap consolefont sd-vconsole block filesystems fsck)
# COMPRESSION
# Use this to compress the initramfs image. By default, zstd compression
# is used for Linux ≥ 5.9 and gzip compression is used for Linux < 5.9.
# Use 'cat' to create an uncompressed image.
#COMPRESSION="zstd"
#COMPRESSION="gzip"
#COMPRESSION="bzip2"
#COMPRESSION="lzma"
#COMPRESSION="xz"
#COMPRESSION="lzop"
#COMPRESSION="lz4"
# COMPRESSION_OPTIONS
# Additional options for the compressor
#COMPRESSION_OPTIONS=()
# MODULES_DECOMPRESS
# Decompress loadable kernel modules and their firmware during initramfs
# creation. Switch (yes/no).
# Enable to allow further decreasing image size when using high compression
# (e.g. xz -9e or zstd --long --ultra -22) at the expense of increased RAM usage
# at early boot.
# Note that any compressed files will be placed in the uncompressed early CPIO
# to avoid double compression.
#MODULES_DECOMPRESS="no"
Now systemd-boot works, but didnt ask about passphrase for crypted drive. Message looks like:
[ OK ] Finished Load Kernel Modules.
[ OK ] Reached target System Initialization.
[ OK ] Reached target Basic Setup
[ OK ] Stopped Virtual Console Setup.
Stopping Virtual Console Setup...
Starting Virtual Console Setup...
[ OK ] Finished Virtual Console Setup.
[ *** ] A start job is running for /dev/mapper/raid1-lvol0 (xs / 1min 30s)
It should first ask about passphrase for /dev/md/raid1
and then read /dev/mapper/raid1-lvol0
This is how I setup systemd-boot:
title Arch Linux
linux /vmlinuz-linux
initrd /intel-ucode.img
initrd /initramfs-linux.img
options rd.luks.name=/dev/md/raid1=raid1 root=/dev/mapper/raid1-lvol0
How to force systemd-boot to ask about passphrase?
Last edited by btjxzkfuly (2024-10-06 15:04:52)
Offline
systemd-boot cannot, and should not, ask for a passphrase. All it does is pass the information you give it to the kernel/initramfs.
You need to decide if you want a busybox based initramfs or a systemd based initramfs and set the hooks accordingly. Right now you have a strange mixture that I wouldn't expect to work.
https://wiki.archlinux.org/title/Mkinit … mmon_hooks Hooks in the first two columns are mutually exclusive.
Last edited by Scimmia (2024-10-06 16:13:42)
Offline
You can do it on /boot/efi and it should works.
I know that - but you missed the point of my question: In order to mount the ESP to /boot/efi I first have to decide if /boot is just a regular folder on the root partition or an empty mountpoint for another partition.
You stated that you mixed both options - and although I'm able to get this to work myself in several ways my question was how you did it - be cause what I ended up with differs from what you posted.
Also as already mentioned your mkinitcpio looks just wrong as you likely just threw everything in there without really understanding. My guess: You not yet understood what you actual want to achieve and how to it properly - and hence I bet if you get it to work it will bite you at some time later - or you maybe have to start over.
Hope you testing in a VM rather than to get it to work on bare metal.
Offline
I reinstall it and this time I add only hooks for busybox. Now everything works. Thank you, Scimmia.
/etc/mkinitcpio.conf
MODULES=(vmd dm_mod dm_crypt ext4 sha512 raid1)
BINARIES=()
FILES=()
HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block net dmraid mdadm_udev encrypt lvm2 filesystems fsck)
In order to mount the ESP to /boot/efi I first have to decide if /boot is just a regular folder on the root partition or an empty mountpoint for another partition.
Here is on another partition.
Offline
I still raise concerns whatever or however you did it is still a mess
hope you took notes or a log about how you did it so you can recreate it in case of some issues
if you encounter issues and open a topic for please spare us questioning but add your setup in the initial post - otherwise a long back and forth will follow until someone grasp what you
don't get me wrong - combine raid, luks and lvm isn't any wrong - but in case of help for someone be able to help you we first need an overview of the layout
when all you get us then is "linux on lvm on luks on raid" with noone able to recreate it because you mixed two sub-topics - well, then how we're suppose to help you?
anyway - aside from all that bash-like questioning: I see the point in raid one - and although I hardly see a point in encrypting an os on a personal device I recommend at least have the os clean and only put /home or some special mountpoint on such a wild construct - in whivh case I recommend ZFS over doing it on food by combine raid and lvm - and zfs also comes with encryption built-in - so you get all: raid, lvm and encryption in one package - and with the os open a working base for troubleshooting ussues
Offline