Arch Linux

q0tsa

Member

Registered: 2009-07-20

Posts: 39

[solved] Unlocking non-root LUKS-partition at early boot-time fails

Hello.

I'm trying to unlock a partition (not the root partition) with the encrypt-hook at early boot-time but it fails with "Device /dev/sda3 not found." Unlocking in /etc/crypttab works fine.

The reason that i want to unlock it with the encrypt-hook is because i want to be able to suspend to disk my laptop and my swap partition is in a logical volume inside the LUKS-parition.

So here are the important bits of my config-files:

/etc/mkinitcpio.conf
HOOKS="base udev autodetect pata scsi sata encrypt filesystems"

/boot/grub/menu.lst
kernel /boot/vmlinuz26 cryptdevice=/dev/sda3 root=/dev/sda2 ro quiet

partitioning:
/dev/sda1 NTFS (Windows)
/dev/sda2 ext4 (Root)
/dev/sda3 LUKS => LVM => /home, /data, /tmp, /var/tmp, swap...

Please don't suggest something like "just encrypt the whole disk" because i did this and it _does_ make a difference with regard to performance.

Any help would be highly appreciated.

qotsa

Last edited by q0tsa (2010-03-09 23:07:15)

Zariel

Member

Registered: 2008-10-07

Posts: 446

Re: [solved] Unlocking non-root LUKS-partition at early boot-time fails

I assume youve done this [1]? It works for me, but I dont use LVM. Does LVM get opened during kinit or userspace init? If its during userspace then you need to create an initcpio hook to open your luks volume, then use the encrypt one before resume hook.

[1] http://wiki.archlinux.org/index.php/LUK … sk_support

q0tsa

Member

Registered: 2009-07-20

Posts: 39

Re: [solved] Unlocking non-root LUKS-partition at early boot-time fails

The solution was simple:

/boot/grub/menu.lst
kernel /boot/vmlinuz26 cryptdevice=/dev/sda3:sda3_crypt root=/dev/sda2 ro quiet

Otherwise the luksOpen-command fails because it expects a <name>-argument. Of course i also needed the lvm2- and resume-hooks after encrypt.

@ Zariel:

The wiki article suggests writing a new hook when there already is one for the same purpose.