View previous topic :: View next topic |
Author |
Message |
schmittlauch n00b
Joined: 12 Sep 2014 Posts: 23
|
Posted: Sat Sep 13, 2014 9:44 am Post subject: Right way to boot from an LUKS encrypted Btrfs RAID0 |
|
|
Hi,
I'm installing Gentoo x86_64 on a UEFI system with 2 SSDs. As I want my data to be encrypted but want to use Btrfs I chose to create 2 GPT partitions, one on each SSD, encrypt them with LUKS and combine both unencrypted mapper devices into one Btrfs. Furthermore I want to use systemd as init system. I didn't create a /boot partition as GRUB2 is saidto support booting from encrypted partitions.
My partition table:
Code: | # parted -l
Model: ATA LITEONIT LCS-256 (scsi)
Disk /dev/sda: 256GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags:
Number Start End Size File system Name Flags
1 1049kB 211MB 210MB fat32 EFI System boot
2 211MB 256GB 256GB Linux filesystem
Model: ATA TS256GMTS400 (scsi)
Disk /dev/sdb: 256GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags:
Number Start End Size File system Name Flags
1 1049kB 243GB 243GB Linux filesystem
2 243GB 256GB 12.9GB Linux swap
|
My /etc/fstab:
Code: |
# <fs> <mountpoint> <type> <opts> <dump/pass>
# NOTE: If your BOOT partition is ReiserFS, add the notail option to opts.
#/dev/BOOT /boot ext2 noauto,noatime 1 2
/dev/mapper/main1 / btrfs defaults,noatime,discard,ssd,autodefrag,space_cache,compress=lzo 0 1
/dev/mapper/main1 /home btrfs defaults,noatime,discard,ssd,autodefrag,space_cache,compress=lzo,subvol=home 0 1
/dev/mapper/swap none swap sw 0 0
/dev/cdrom /mnt/cdrom auto noauto,ro 0 0
/dev/sda1 /boot/efi vfat defaults 0 2
tmpfs /tmp tmpfs size=6G 0 0
|
What is the right method to bot this system? I created an initramfs using genkernel --luks --btrfs --install initramfs and successfully installed GRUB2 into my EFI partition, having added GRUB_ENABLE_CRYPTODISK=y to /etc/default/grub. GRUB2 shows up on boot, asking me for the disk passwords but after entering those it doesn't go on booting. I'm going to post the error message in some minutes (need to reboot). Or shall I better use the method described on http://wiki.gentoo.org/wiki/UEFI_Gentoo_Quick_Install_Guide without GRUB2?
Regards, Trolli Schmittlauch |
|
Back to top |
|
|
229566 Tux's lil' helper
Joined: 16 Aug 2010 Posts: 127
|
Posted: Sat Sep 13, 2014 10:59 am Post subject: |
|
|
Unless things have changed radically in the years since I tried RAID-0, you need /boot on a "normal" or RAID-1 partition, and once the kernel and initramfs are loading, it will be able to unlock and access the root from the encrypted RAID-0 partition. What are you using for the RAID, mdadm? Or some BTRFS feature, in which case I may be totally wrong, I don't know much about BTRFS. Also, are you encrypting swap? It kinda defeats the encrypted root if you don't... |
|
Back to top |
|
|
szatox Advocate
Joined: 27 Aug 2013 Posts: 3131
|
Posted: Sat Sep 13, 2014 6:40 pm Post subject: |
|
|
AFAIR btrfs on luks is buggy and tends to missbehave (yeah, i know, it's different layer so it shouldn't matter, but I saw a brief note on this). So, if it's true, all ways to boot such a setup are equaly wrong. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|