nagmat84 Apprentice
Joined: 27 Mar 2007 Posts: 225
|
Posted: Fri May 03, 2024 11:53 am Post subject: Required Dracut modules for Systemd with DM Crypt |
|
|
I try to enable RootFS encryption for my system with FIDO2 support. I am following the guides. I have a self-compiled kernel with all relevant drivers compiled in statically. I am using UEFI boot with rEFInd as the boot manager. In the past, the the InitRAM disk has been serving a rather nominalistic purpose to provide the firmware blobs for my AMDGPU card which were required before root FS access.
Consequently, my Dracut configuration was very minimalist and only used the following Dracut modules Code: | base dash plymouth resume rootfs-block | This led to the following list of Dracut modules due to automatic dependency resolution Code: | base dash drm fs-lib plymouth resume rootfs-block udev-rules |
Following the guides above, I added the Dracut modules "crypt" and "fido2" to the list. However, this resulted in an unbootable, broken system. During boot I got the following error messages- [FAILED] Failed to start Virtual Console Setup
- [ *** ] A start job is running for /dev/sda5 (1min 15s / unlimited)
(Note, /dev/sda5 is my swap partition.)I found out that adding "crypt" and "fido2" pulled in some additional modules due to dependency resolution, namely Code: | base crypt dash dm drm fs-lib fido2 plymouth resume rootfs-block systemd systemd-udevd udev-rules | This got me suspicious whether some more dependencies were missing, in particular related to SystemD. Hence, as an investigative step I ran Dracut without any options at all to see what modules Dracut pulls in by default. The following modules turned up Code: | dracut-systemd i18n kernel-modules kernel-modules-extra shutdown systemd-initrd terminfo | I added all these modules to the list and - surprise, surprise - I got a working system again. (But it also doubled my initramfs in size.)
This leads to a couple of questions:- What module was missing exactly? (Yes, I could find it myself by a recursive search-and-try attempt, leaving out one half of the modules and see when it breaks.)
- Should this be considered a bug and reported? Obviously, the problem seems to originate from a missing dependency.
- Is there any list or guide which Dracut module does what and when it is needed? I had a look at /usr/lib/dracut/modules.d and there seem to be a lot of modules especially around systemd-*. How do I know when I should include which module?
|
|