Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Initramfs and dm-crypt
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
deltamalloc
Tux's lil' helper
Tux's lil' helper


Joined: 18 Jan 2013
Posts: 128

PostPosted: Mon Jul 08, 2013 1:19 am    Post subject: Initramfs and dm-crypt Reply with quote

I am unable to make Gentoo boot when having the root partition encrypted using dm-crypt. The problem lies with creating an initramfs.

I have tried genkernel and dracut. Neither work.

As pointed out in http://whitehathouston.com/documentation/gentoo/initramfs_howto.htm it appears that all "automated" tools to handle this are simply broken or have never worked. Although dracut is not mentioned.

Using the aforementioned guide and making my own initramfs I managed to boot one computer, sort of, the device in /dev/mapper was missing after the system booted. I want to use a proper initramfs.

My system is very simple. I have:

/dev/sda1 as /boot
/dev/sda2 as /

I'm giving genkernel another chance.

I type the command:

Code:

genkernel --luks initramfs


This produces an initramfs under /boot. I set lilo to use this file, run lilo and reboot the computer.

I get the error:

Code:

!! Block device /dev/mapper/root is not a valid root device...


What is wrong with genkernel? How helpless is this program? I can drop into a shell when it fails, open the encrypted device and mount it myself with no problem. Why is this so very hard for genkernel to pull off?
Back to top
View user's profile Send private message
kyr0
n00b
n00b


Joined: 08 Jul 2013
Posts: 1

PostPosted: Mon Jul 08, 2013 11:50 am    Post subject: Reply with quote

Hi,

I was recently struggeling with the same issue and I found this guide to be extremely useful. It is really easy to build your own initramfs.
http://whitehathouston.com/documentation/gentoo/initramfs_howto.htm

Hope this helps!
Back to top
View user's profile Send private message
sahrxaa
n00b
n00b


Joined: 19 Nov 2012
Posts: 7
Location: Cyberspace

PostPosted: Fri Jul 12, 2013 6:57 am    Post subject: Reply with quote

I had failed results when attempting to set up a fully encrypted system using genkernel. With that said, I won't rule out PEBCAK since I have only used Genkernel a few times, but since it seems others are having the same issues...

I strongly recommend building the kernel by hand for an encrypted system. Manually ensure relevant options are selected, such as initramfs support in the kernel. There is plenty of info online about necessary kernel parameters for disk encryption, but if you need some help there I can dig around and find the specific options for you.

Using plain grub, you don't need to do anything beyond using that initramfs you linked and toggling on a few kernel options. Not for a simple setup like yours... no "cryptdevice" reference in grub.conf or anything required to boot. I can't speak for Grub2 or Lilo.
_________________
The body is a cage, entwining and burdening the mind so as to halt expansion.
Back to top
View user's profile Send private message
cach0rr0
Moderator
Moderator


Joined: 13 Nov 2008
Posts: 4121
Location: Houston, Republic of Texas

PostPosted: Sun Jul 21, 2013 11:45 am    Post subject: Re: Initramfs and dm-crypt Reply with quote

sahrxaa wrote:
I can't speak for Grub2 or Lilo.


did a video for grub2 here, for anyone that has an hour and will be kind enough to not shred me for any technical inaccuracies:
http://www.youtube.com/watch?v=Vry8OywctyM


deltamalloc wrote:

Using the aforementioned guide and making my own initramfs I managed to boot one computer, sort of, the device in /dev/mapper was missing after the system booted. I want to use a proper initramfs.


That's my guide. Don't bother with genkernel (IMHO), let's see if we can get you patched up.

You say the system booted, did it get root mounted etc correctly, and load your OS?
Is the only issue that /dev/mapper/root didn't exist once everything else was all up and running?

If so, that's simply because 'dmsetup mknodes' needs to be run. Mind you, it's purely vestigial if you already have things booting, but if you really want it there, adding an init script to run 'dmsetup mknodes' should do the job (it should run before the fsck service)

doing an luksOpen will create /dev/mapper/root in the /dev filesystem, BUT, that /dev filesystem exists within the initramfs, and disappears after you switch_root
so if you still need it for something, some other process will have to create it - once you switch_root, whatever you've done within your initramfs goes POOF, and is no longer relevant; dmsetup mknodes will create it within the /dev filesystem on your real deal live install

deltamalloc wrote:

Code:

!! Block device /dev/mapper/root is not a valid root device...


What is wrong with genkernel? How helpless is this program? I can drop into a shell when it fails, open the encrypted device and mount it myself with no problem. Why is this so very hard for genkernel to pull off?


We'd have to know the lilo.conf stanza you used. I don't know lilo, admittedly, but in the grub world that would suggest you set 'root=/dev/mapper/root' which, for genkernel, is incorrect (i think it's root=/dev/ram0 and then either real_root or crypt_root should point at /dev/mapper/root)

That's neither here nor there, I'm still not hugely keen on genkernel (no offense to the genkernel dudes intended, just not my cuppa!), so, what is your current stumbling block with your custom non-genkernel setup?


Either way, I'm going to try to make myself get back on the forums and do forumy stuff, call it an early new years resolution, post back with more details on where you're getting stuck
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum