View previous topic :: View next topic |
Author |
Message |
deltamalloc Apprentice
Joined: 18 Jan 2013 Posts: 279
|
Posted: Mon Jul 08, 2013 1:19 am Post subject: Initramfs and dm-crypt |
|
|
I am unable to make Gentoo boot when having the root partition encrypted using dm-crypt. The problem lies with creating an initramfs.
I have tried genkernel and dracut. Neither work.
As pointed out in http://whitehathouston.com/documentation/gentoo/initramfs_howto.htm it appears that all "automated" tools to handle this are simply broken or have never worked. Although dracut is not mentioned.
Using the aforementioned guide and making my own initramfs I managed to boot one computer, sort of, the device in /dev/mapper was missing after the system booted. I want to use a proper initramfs.
My system is very simple. I have:
/dev/sda1 as /boot
/dev/sda2 as /
I'm giving genkernel another chance.
I type the command:
Code: |
genkernel --luks initramfs
|
This produces an initramfs under /boot. I set lilo to use this file, run lilo and reboot the computer.
I get the error:
Code: |
!! Block device /dev/mapper/root is not a valid root device...
|
What is wrong with genkernel? How helpless is this program? I can drop into a shell when it fails, open the encrypted device and mount it myself with no problem. Why is this so very hard for genkernel to pull off? |
|
Back to top |
|
|
kyr0 n00b
Joined: 08 Jul 2013 Posts: 1
|
|
Back to top |
|
|
sahrxaa n00b
Joined: 19 Nov 2012 Posts: 7 Location: Cyberspace
|
Posted: Fri Jul 12, 2013 6:57 am Post subject: |
|
|
I had failed results when attempting to set up a fully encrypted system using genkernel. With that said, I won't rule out PEBCAK since I have only used Genkernel a few times, but since it seems others are having the same issues...
I strongly recommend building the kernel by hand for an encrypted system. Manually ensure relevant options are selected, such as initramfs support in the kernel. There is plenty of info online about necessary kernel parameters for disk encryption, but if you need some help there I can dig around and find the specific options for you.
Using plain grub, you don't need to do anything beyond using that initramfs you linked and toggling on a few kernel options. Not for a simple setup like yours... no "cryptdevice" reference in grub.conf or anything required to boot. I can't speak for Grub2 or Lilo. _________________ The body is a cage, entwining and burdening the mind so as to halt expansion. |
|
Back to top |
|
|
cach0rr0 Bodhisattva
Joined: 13 Nov 2008 Posts: 4123 Location: Houston, Republic of Texas
|
Posted: Sun Jul 21, 2013 11:45 am Post subject: Re: Initramfs and dm-crypt |
|
|
sahrxaa wrote: | I can't speak for Grub2 or Lilo. |
did a video for grub2 here, for anyone that has an hour and will be kind enough to not shred me for any technical inaccuracies:
http://www.youtube.com/watch?v=Vry8OywctyM
deltamalloc wrote: |
Using the aforementioned guide and making my own initramfs I managed to boot one computer, sort of, the device in /dev/mapper was missing after the system booted. I want to use a proper initramfs.
|
That's my guide. Don't bother with genkernel (IMHO), let's see if we can get you patched up.
You say the system booted, did it get root mounted etc correctly, and load your OS?
Is the only issue that /dev/mapper/root didn't exist once everything else was all up and running?
If so, that's simply because 'dmsetup mknodes' needs to be run. Mind you, it's purely vestigial if you already have things booting, but if you really want it there, adding an init script to run 'dmsetup mknodes' should do the job (it should run before the fsck service)
doing an luksOpen will create /dev/mapper/root in the /dev filesystem, BUT, that /dev filesystem exists within the initramfs, and disappears after you switch_root
so if you still need it for something, some other process will have to create it - once you switch_root, whatever you've done within your initramfs goes POOF, and is no longer relevant; dmsetup mknodes will create it within the /dev filesystem on your real deal live install
deltamalloc wrote: |
Code: |
!! Block device /dev/mapper/root is not a valid root device...
|
What is wrong with genkernel? How helpless is this program? I can drop into a shell when it fails, open the encrypted device and mount it myself with no problem. Why is this so very hard for genkernel to pull off? |
We'd have to know the lilo.conf stanza you used. I don't know lilo, admittedly, but in the grub world that would suggest you set 'root=/dev/mapper/root' which, for genkernel, is incorrect (i think it's root=/dev/ram0 and then either real_root or crypt_root should point at /dev/mapper/root)
That's neither here nor there, I'm still not hugely keen on genkernel (no offense to the genkernel dudes intended, just not my cuppa!), so, what is your current stumbling block with your custom non-genkernel setup?
Either way, I'm going to try to make myself get back on the forums and do forumy stuff, call it an early new years resolution, post back with more details on where you're getting stuck _________________ Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|