| View previous topic :: View next topic |
| Author |
Message |
SumDog
n00b
Joined: 16 Dec 2005
Posts: 20
Location: Chicago, USA
|
 Posted: Tue Oct 04, 2016 5:01 am Post subject: [solved] grub will not work with luks + lvm (encrypted boot) |
 |
|
So I've installed grub + luks + raid + lvm on two other systems before and in both cases, I used an unencrypted /boot. I thought on this new machine, I'd attempt encrypt everything including my boot files. I've read several guides that talk about how Grub2 supports luks natively and can prompt for your encryption passwords. You can then keep a key file in your initrd so you don't get asked for your password twice.
So here is my setup:
| Code: |
nvme0n1p1 - ESP partition (EFI/*, vfat, unencrypted)
nvme0n1p2 - LUKS Volume (mapped by my initrd to /dev/mapper/enc_root)
-enc_root = an LVM named "lvol"
/dev/mapper/lvol-root (or /dev/lvol/root) - ext4 : / (no separate boot partition. It's all in one)
/dev/mapper/lvol-swap (or /dev/lvol/swap) - swap
|
I could only get Grub to install using the following:
| Code: | | grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id="Funtoo Linux [GRUB]" --recheck --boot-directory=/boot/efi/EFI |
..which I realize is wrong (it puts a useless grub directory on my ESP partition), but that's the only way I could get grub to even install anything in the EFI directory.
So I can boot my machine from Grub recovery using the following:
| Code: |
insmod luks
insmod lvm
cryptomount (hd1,gpt2)
set root=(lvm/lvol-root)
configfile (lvm/lvol-root)/boot/grub/grub.cfg
|
My system boots up fine; my initrd bootstrapping works correctly. However when I try to install grub from my booted system, I get the following:
| Code: |
UB) 2.02~beta3
jasmine cassius # grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id="Funtoo Linux [GRUB]"
Installing for x86_64-efi platform.
File descriptor 3 (/dev/nvme0n1p1) leaked on vgs invocation. Parent PID 4686: grub-install
File descriptor 3 (/dev/nvme0n1p1) leaked on vgs invocation. Parent PID 4686: grub-install
File descriptor 4 (pipe:[5916]) leaked on vgs invocation. Parent PID 4686: grub-install
Volume group "enc_root" not found
Cannot process volume group enc_root
File descriptor 3 (/dev/nvme0n1p1) leaked on vgs invocation. Parent PID 4686: grub-install
File descriptor 3 (/dev/nvme0n1p1) leaked on vgs invocation. Parent PID 4686: grub-install
File descriptor 4 (pipe:[5930]) leaked on vgs invocation. Parent PID 4686: grub-install
Volume group "enc_root" not found
Cannot process volume group enc_root
grub-install: error: disk `lvm/lvol-root' not found.
|
And here is
| Code: |
GRUB_PRELOAD_MODULES="luks cryptodisk lvm"
GRUB_CMDLINE_LINUX="luks lvm enc_root=/dev/nvme0n1p2 root=/dev/lvol/root rootfstype=ext4"
GRUB_ENABLE_CRYPTODISK=y
|
*The luks, lvm and enc_root parameters are for https://bitbucket.org/piotrkarbowski/better-initramfs
Why is grub having trouble mapping my LVM? Why does it think my enc_root is an lvm?
Last edited by SumDog on Tue Oct 04, 2016 2:40 pm; edited 1 time in total |
|
| Back to top |
|
 |
frostschutz
Advocate
Joined: 22 Feb 2005
Posts: 2977
Location: Germany
|
| Posted: Tue Oct 04, 2016 9:20 am Post subject: |
|
|
| What useflags did you build grub with, you might have to add device-mapper or such things. I think we had another thread about that recently and that was it ... |
|
| Back to top |
|
|
SumDog
n00b
Joined: 16 Dec 2005
Posts: 20
Location: Chicago, USA
|
| Posted: Tue Oct 04, 2016 2:39 pm Post subject: |
|
|
| frostschutz wrote: | | you might have to add device-mapper |
That was totally it! I had decided to do a fresh install and try Funtoo this time. If I had used my old Gentoo image, I would have totally avoided this.
Oh well, now I'll remember. 
Thanks |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Installing Gentoo
