You are not logged in.
Pages: 1
Hey archers, I recently used an install of arch I have an an external drive to install Arch Linux to my laptop's internal hard drive. I followed the directions at http://wiki.archlinux.org/index.php/Ins … ting_Linux and also encrypted the partitions, so I had to follow the directions from http://wiki.archlinux.org/index.php/LUKS Because of this, I configured many of the conf files manually or modified them from my external install, obviously making room for encryption and whatnot. Also please note that LVM is not used.
I made the following partitions:
sda1 is an extended partition
sda5 (the first logical one in the extended) is ext2 and is /boot
sda6 is LUKS-encrypted, jfs, and is /
sda7 is LUKS-encrypted, xfs and is /home
sda8 is LUKS-encrypted, reiserfs and is /var
I've added the encrypt hook to the mkinitcpio. I added 'keymap' with the intention of changing the kernel config to support dvorak but never got around to it. Anyway, qwerty works fine for now. I can get root unlocked manually at boot, with success, and home and var unlock automatically, but then I get this giant angry message with a lot of asterisks about how the root filesystem is screwed up and I'm how I must be lying about it being jfs and how the horsemen of the apocalypse are going to destory the universe. The thing is, it boots fine when I manually mount the mapper in my external install. I have this horrible, sinking feeling that I've done something simple and stupid, so it should be easy to fix. Here's my fstab:
#
# /etc/fstab: static file system information
#
# <file system> <dir> <type> <options> <dump> <pass>
none /dev/pts devpts defaults 0 0
none /dev/shm tmpfs defaults 0 0
/dev/cdrom /media/cd auto ro,user,noauto,unhide 0 0
/dev/dvd /media/dvd auto ro,user,noauto,unhide 0 0
/dev/fd0 /media/fl auto user,noauto 0 0
UUID=6deb9d11-7ad1-477f-9b34-79d5e6621003 /boot ext2 defaults 0 2
/dev/sda6 / jfs defaults 0 1
/dev/sda7 /home xfs defaults 0 0
/dev/sda8 /var reiserfs defaults 0 0
here's my rc.conf, with the networking section removed here:
LOCALE="en_US.utf8"
HARDWARECLOCK="localtime"
USEDIRECTISA="no"
TIMEZONE="Canada/Pacific"
KEYMAP="dvorak"
CONSOLEFONT=
CONSOLEMAP=
USECOLOR="yes"
# -----------------------------------------------------------------------
# HARDWARE
# -----------------------------------------------------------------------
#
# MOD_AUTOLOAD: Allow autoloading of modules at boot and when needed
# MOD_BLACKLIST: Prevent udev from loading these modules
# MODULES: Modules to load at boot-up. Prefix with a ! to blacklist.
#
# NOTE: Use of 'MOD_BLACKLIST' is deprecated. Please use ! in the MODULES array.
#
MOD_AUTOLOAD="yes"
#MOD_BLACKLIST=() #deprecated
MODULES=(!ath5k r8169 wlan ath_hal ath_pci snd-mixer-oss snd-pcm-oss snd-hwdep snd-page-alloc snd-pcm snd-timer snd snd-hda-intel soundcore)
# Scan for LVM volume groups at startup, required if you use LVM
USELVM="no"
# -----------------------------------------------------------------------
# DAEMONS
# -----------------------------------------------------------------------
#
# Daemons to start at boot-up (in this order)
# - prefix a daemon with a ! to disable it
# - prefix a daemon with a @ to start it up in the background
#
DAEMONS=(syslog-ng network netfs crond alsa slim)
here's my mkinitcpio.conf:
# vim:set ft=sh
# MODULES
# The following modules are loaded before any boot hooks are
# run. Advanced users may wish to specify all system modules
# in this array. For instance:
# MODULES="piix ide_disk reiserfs"
MODULES=""
# BINARIES
# This setting includes, into the CPIO image, and additional
# binaries a given user may wish. This is run first, so may
# be used to override the actual binaries used in a given hook.
# (Existing files are NOT overwritten is already added)
# BINARIES are dependancy parsed, so you may safely ignore libraries
BINARIES=""
# FILES
# This setting is similar to BINARIES above, however, files are added
# as-is and are not parsed in anyway. This is useful for config files.
# Some users may wish to include modprobe.conf for custom module options,
# like so:
# FILES="/etc/modprobe.conf"
FILES=""
# HOOKS
# This is the most important setting in this file. The HOOKS control the
# modules and scripts added to the image, and what happens at boot time.
# Order is important, and it is recommended that you do not change the
# order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for
# help on a given hook.
# 'base' is _required_ unless you know precisely what you are doing.
# 'udev' is _required_ in order to automatically load modules
# 'modload' may be used in place of 'udev', but is not recommended
# 'filesystems' is _required_ unless you specify your fs modules in MODULES
# Examples:
# This setup specifies all modules in the MODULES setting above.
# No raid, lvm2, or encrypted root is needed.
# HOOKS="base"
#
# This setup will autodetect all modules for your system and should
# work as a sane default
# HOOKS="base udev autodetect pata scsi sata filesystems"
#
# This is identical to the above, except the old ide subsystem is
# used for IDE devices instead of the new pata subsystem.
# HOOKS="base udev autodetect ide scsi sata filesystems"
#
# This setup will generate a 'full' image which supports most systems.
# No autodetection is done.
# HOOKS="base udev pata scsi sata usb filesystems"
#
# This setup assembles an pata raid array with an encrypted root FS.
# Note: See 'mkinitcpio -H raid' for more information on raid devices.
# HOOKS="base udev pata raid encrypt filesystems"
#
# This setup loads an lvm2 volume group on a usb device.
# HOOKS="base udev usb lvm2 filesystems"
HOOKS="base udev autodetect pata scsi sata keymap encrypt filesystems"
Let me know if I can post anything else that might help solve this, other than my root password
Offline
read the wiki carefully:
Explanation
Now you should have a device called /dev/mapper/root, another one called /dev/mapper/home and another one called /dev/mapper/tmp. These are block devices like any other, but with a neat twist: whenever you write to them, the data is actually written to /dev/sda3, /dev/sda4 or /dev/sda5 respectively, but it is encrypted first! The only way to access the data on this encrypted partition is to re-create that /dev/mapper/root, /dev/mapper/home etc. device with cryptsetup each time you boot. With LUKS, you can use cryptsetup luksAddKey /dev/sda3 to add a new password or cryptsetup luksDelKey /dev/sda3 to revoke a password. Type cryptsetup -? or man cryptsetup (once you've booted your new Arch installation) for more info.
in other words your fstab should look like that:
/dev/mapper/home /home ...
/dev/mapper/root / ...
Last edited by laplace (2009-01-06 10:55:05)
Offline
I'll be damned, that worked! Reading the guide, I was under the impression that only LVM users put the mapper in fstab. Stupid mistake. Thanks for clearing that up.
Offline
Also, you wouldn't happen to know what to add to the mkinitcpio for a custom keyboard layout, would you?
Offline
I believe you just put 'keymap' early in the list, that will use settings from /etc/rc.conf, unless you mean something different?
Offline
Well yes, I did that, in mkinitcpio, but it still loads qwerty. But if rc.conf is on an encrypted partition at the time mkinitcpio is read, wouldn't it blow it off anyway? the keymay has to be stored in a second place for the early environment, right?
Offline
I know this thread is potentially over, but I wanted to clarify that I got the klibc stuff in mkinitcpio working after I rebuilt the kernel.
Offline
Pages: 1