View previous topic :: View next topic |
Author |
Message |
gustafson Guru
Joined: 12 Aug 2004 Posts: 430
|
Posted: Sat Jan 17, 2015 3:18 pm Post subject: Can't boot with encrypted root on lvm |
|
|
Hi, I have for a long time had an encrypted hard drive. It stopped working.
Using luks, the encrypted partition is
Using lvm after decryption, I have logical volumes
Code: | /dev/mapper/vg0-root
/dev/mapper/vg0-usr
/dev/mapper/vg0-var
/dev/mapper/vg0-home
/dev/mapper/vg0-opt |
I use genkernl --lvm --luks etc to compile the kernel and initramfs
When I boot, I get the message:
Code: | Block device /dev/mapper/vg0-root is not a valid root device |
Dropping into the shell (busybox), I can use
Code: | cryptsetup luksOpen /dev/sda2 sda2 |
to decrypt.
Then I try:
Both are not found within the ash shell of busybox.
I know there were recent updates to grub and perhaps more... but I don't have a record of it.
Based on this, I think it is a busybox problem with genkernel. I've tried everything I can think of to make it work... any suggestions?
Thanks, |
|
Back to top |
|
|
khayyam Watchman
Joined: 07 Jun 2012 Posts: 6227 Location: Room 101
|
Posted: Sat Jan 17, 2015 5:16 pm Post subject: Re: Can't boot with encrypted root on lvm |
|
|
gustafson wrote: | Based on this, I think it is a busybox problem with genkernel. I've tried everything I can think of to make it work... any suggestions? |
gustafson ... from the above it looks to me like genkernel simply didn't include lvm in the initramfs (busybox doesn't seem to have anything to do with it, it doesn't contain the lvm suite).
I'd suggest the following:
Download better-initramfs, unpack and place the initramfs.cpio in /boot. Edit grub.cfg to point the initramfs.cpio and add the following to 'append='.
Code: | luks enc_root=/dev/sda2 lvm root=/dev/mapper/vg0-root |
Reboot ... you should be prompted for the luks password, and once luksOpen'd it should activate the lv and run init.
Note that as better-initramfs doesn't contain any kernel modules you will need to check that the kernel has support for whatever hardware is required to boot and dm_crypt is built-in ... once in place however it doesn't need rebuilt on subsequent kernel updates.
HTH & best ... khay |
|
Back to top |
|
|
gustafson Guru
Joined: 12 Aug 2004 Posts: 430
|
Posted: Sun Jan 18, 2015 11:38 pm Post subject: |
|
|
Hi khayyam, thanks for the suggestion... but I'd like to stay within the gentoo system if possible rather than resort to an external tool as great as it may appear to be.
Also, I think that busybox is built into the initramfs automatically by genkernel... but these are outside my areas of expertise. So you may be correct on that.
But thanks in part to your suggestion and doing more reading, I got it fixed.
It turns out that grub2-mkconfig is not picking up the encrypted lvm setup. (It used to do it automatically.) When I modify the grub.cfg from:
Code: | linux /kernel-genkernel-x86_64-3.17.7-gentoo root=/dev/mapper/vg0-root ro |
to include the following:
Code: | linux /kernel-genkernel-x86_64-3.17.7-gentoo crypt_root=/dev/sda2 dolvm real_root=/dev/mapper/vg0-root ro |
Then it works fine and boots without issues.
I wish I knew why grub-mkconfig isn't doing it...? I'm not marking it solved until I figure that out. Thanks again, |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|