| View previous topic :: View next topic |
| Author |
Message |
frddbbbl
Tux's lil' helper
Joined: 16 Jun 2019
Posts: 98
|
 Posted: Sun Aug 08, 2021 9:40 pm Post subject: kernel panic with encrypted disk |
 |
|
Hi, i have been following the gentoo wiki's guide to encrypting my full drive. instead of doing it as a fresh install i mounted a stage4 tar ball on to the disk once i had encrypted it. I followed the guide and edited /etc/default/grub before re-installing and mkconfing grub. i get the error on start up
| Code: |
[ 2.112414] Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(8,4)
|
I have created an initramfs with genkernel (which grub says it can see when i mkconfig), however my kernel was configured manually, but i have made sure it has all the nessicary elements compiled into it for an initramfs and lvm and luks to work properly. I am also using libreboot as my bios. please let me know if anymore information is required to help.
Cheers,
Freddie. |
|
| Back to top |
|
 |
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Mon Aug 09, 2021 12:00 am Post subject: |
|
|
Hi
in
/etc/default/grub
| Code: |
GRUB_CMDLINE_LINUX="cryptdevice=UUID=xxxxxxxxxxx:encrypted-volume-name root=/dev/mapper/<root-lv> rootfstype=<>"
|
Then
| Code: |
emerge -av dracut
USE="initramfs" emerge -av gentoo-kernel-bin
grub-mkconfig -o /boot/grub/grub.cfg
rc-update add lvm2 boot
rc-update add dmcrypt boot
|
Many many things might be missing from your kernel.
Is it lvm on luks?
| Quote: |
instead of doing it as a fresh install i mounted a stage4 tar ball on to the disk once i had encrypted it.
|
can you plz elaborate a bit?
_________________
 |
|
| Back to top |
|
|
frddbbbl
Tux's lil' helper
Joined: 16 Jun 2019
Posts: 98
|
| Posted: Mon Aug 09, 2021 8:55 am Post subject: |
|
|
| alamahant wrote: | Hi
in
/etc/default/grub
| Code: |
GRUB_CMDLINE_LINUX="cryptdevice=UUID=xxxxxxxxxxx:encrypted-volume-name root=/dev/mapper/<root-lv> rootfstype=<>"
|
Then
| Code: |
emerge -av dracut
USE="initramfs" emerge -av gentoo-kernel-bin
grub-mkconfig -o /boot/grub/grub.cfg
rc-update add lvm2 boot
rc-update add dmcrypt boot
|
Many many things might be missing from your kernel.
Is it lvm on luks?
| Quote: |
instead of doing it as a fresh install i mounted a stage4 tar ball on to the disk once i had encrypted it.
|
can you plz elaborate a bit? |
Hi, i will try what you said above, your saying i should use dracut instead of gen kernel? and what is gentoo-kernel-bin for? in the guide it told me to add lvm not lvm2 to rc and didn't mention adding decrypt. Will report back when i've gone through those steps! yes it is lvm on looks. what i meant by the last bit is that the guide was aimed towards people installing gentoo, where as i am restoring it from a backup of my current system if that makes more sense.
edit: just editing /etc/default/grub and wanted to confirm by :encrypted-volume-name you mean the partition, so for me it would be UUID=xxxxxx:/dev/sda4. and i also wanted to confirm i should leave the rootfstype blank and not put in ext4 which is what i set it as?
Cheers,
Freddie |
|
| Back to top |
|
|
frddbbbl
Tux's lil' helper
Joined: 16 Jun 2019
Posts: 98
|
| Posted: Mon Aug 09, 2021 10:19 am Post subject: |
|
|
So when i try to emerge gentooi-kernel-bin it says the kernel failed to install and i should fix the problem before trying again, not sure what the issue could be? i have the install kernel-gentoo pkg installed. I also can't find the build log in /var/tmp/portage, the directory is empty other than ._unmerge_.
eselect kernel list shows i have a kernel available that i didn't before to select, linux-5.10.52-gentoo-dist. |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Mon Aug 09, 2021 1:36 pm Post subject: |
|
|
Yes dracut is a super sweet initrd tool.
Works well for encryption.
I suppose genkernel also.
But i know dracut better.
gentoo-kernel-bin is a FULL precompiled binary kernel like the ones available in all linux distros.
The reason you are having problem emerging it is
virtual/dist-kernel
whoose ebuild contains
| Code: |
RDEPEND="
|| (
~sys-kernel/gentoo-kernel-${PV}
~sys-kernel/gentoo-kernel-bin-${PV}
~sys-kernel/vanilla-kernel-${PV}
)"
|
This mean you will first need to unmerge gentoo-kernel before installing the -bin version.
Which kernel did you emerge?
gentoo-kernel or gentoo-sources?
If the second you shouldnt be getting any error when trying to emerge gentoo-kernel-bin.
When you run
cryptsetup luksOpen /dev/<encrypted> <encrypted-volume-name>
This <encrypted-volume-name> you should use in /etc/default/grub
In case of lvm on luks you should create a pv on top of this.
pvcreate /dev/mapper/<encrypted-volume-name>
Then proceed with volume group and logical volume etc.
You can use any name you like.
ie
cryptdevice=UUID=xxxxxxxxxxx:<encrypted-volume-name> root=/dev/<vg>/<root-lv>........................etc etc"
My Mistake.
The name of the service is lvm not lvm2.
You definitely need also dmcrypt enabled @boot.
| Quote: |
and i also wanted to confirm i should leave the rootfstype blank and not put in ext4 which is what i set it as?
|
no plz substitute "<>" for "ext4"
Is your system lvm on luks??
Or plain luks?
_________________
|
|
| Back to top |
|
|
frddbbbl
Tux's lil' helper
Joined: 16 Jun 2019
Posts: 98
|
| Posted: Tue Aug 10, 2021 10:54 am Post subject: |
|
|
So if i used the command
| Code: | | cryptsetup luksOpen /dev/sda4 lvm |
the volume name is lvm? the volumes i have created on top of this are vg0-root vg0-var and vg0-home, all of these should be listed in the grub file? and the path root=/dev/<vg>/<root-lv>, would this be the same as /dev/mapper/vg0-root? |
|
| Back to top |
|
|
frddbbbl
Tux's lil' helper
Joined: 16 Jun 2019
Posts: 98
|
| Posted: Tue Aug 10, 2021 11:12 am Post subject: |
|
|
I still get the same error installing the kernel, i didn't have gentoo-kernel installed and have unmarked genkernel, i get the error saying that it was copied to the disk successfully but not able to be deployed? It says also : | Code: |
The specific snippet of code:
die"Kernel install failed, please fix the problem and run emerge --config ${CATEGORY/${PN}:${SLOT}";
|
|
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Tue Aug 10, 2021 3:38 pm Post subject: |
|
|
| Quote: |
So if i used the command
Code:
cryptsetup luksOpen /dev/sda4 lvm
the volume name is lvm? the volumes i have created on top of this are vg0-root vg0-var and vg0-home, all of these should be listed in the grub file? and the path root=/dev/<vg>/<root-lv>, would this be the same as /dev/mapper/vg0-root?
|
Ok so you should have run something like this
| Code: |
cryptsetup luksOpen /dev/sda4 lvm
pvcreate /dev/mapper/lvm
vgcreate vg0 /dev/mapper/lvm
lvcreate -n root -L <size> vg0
|
Then in /etc/default/grub
| Code: |
cryptdevice=UUID=<uuid-of /dev/sda4>:lvm root=/dev/vg0/root rootfstype=ext4"
|
I hope the /etc/fstab is also correctly edited to contain the logical volumes.
You are very near.
You just need to install the full binary kernel and let dracut create an initrd for it.
I dont know why you cant install it.
It seems odd.
Can you plz post the full error message?
ONE CAVEAT: you need a separate /boot partition to contain the kernels and intirds.
it should NEITHER be encrypted NOR on lvm.
Is this true for your setup?
_________________
|
|
| Back to top |
|
|
frddbbbl
Tux's lil' helper
Joined: 16 Jun 2019
Posts: 98
|
| Posted: Tue Aug 10, 2021 4:02 pm Post subject: |
|
|
Hi, this is a pain, i am currently updating @world to see if any of the issues installing the kernel are fixed by updated dependencies. Thanks that description makes a lot more sense. I have the correct UUID's in my Fstab for /boot (which is a separate non encrypted partition), my unencrypted swap, my root partition, my var partition and my home partition. does this sound like everything i need is there? any ideas of how i can show you the full error message? for some reason the build.log does not exist in /var/tmp/portage, and i can't scroll up in the terminal.
Cheers,
Freddie |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Tue Aug 10, 2021 4:39 pm Post subject: |
|
|
is /var/tmp/portage on tmpfs?
What does
say?
You can scroll in terminal via
_________________
|
|
| Back to top |
|
|
frddbbbl
Tux's lil' helper
Joined: 16 Jun 2019
Posts: 98
|
| Posted: Wed Aug 11, 2021 10:09 am Post subject: |
|
|
returns
/dev/mapper/vg0-var on /var type ext4 (rw,relatime)
and i think the tmp folder is temps because it is white text on a blue background which none of the other folders in / var are, and /tmp is on a temps and looks the same. i definitely can't scroll with anything, i'm just in the standard terminal from the lived and none of the combinations of pg up/down plus monkey have worked. |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54236
Location: 56N 3W
|
| Posted: Wed Aug 11, 2021 4:04 pm Post subject: |
|
|
frddbbbl,
A kernel panic mounting root rules out the content of the root filesystem as it can't be read until it's mounted.
That only leaves the kernel, the kernel command line and the initrd.
Errors in other files will only appear after root is mounted and these other files are being used.
The boot sequence is
1. Something loads grub. (The something doesn't matter)
2. Grub draws its menu and you choose an option
3. Grub loads the kernel and optionally, the initrd and leaves the kernel command line for the kernel to find.
4. Grub exits by jumping to the kernel start address.
5. The kernel decompresses itself and mounts the initrd as its root filesystem then executes the init script there.
At this time, there is only the kernel and initrd.
6. The init script decrypts your /dev/sda4, starts the logical volume manager and mounts the root filesystem given on the kernel command line.
That's a top level overview. There is a lot more I've skipped over.
Your error is detected at step 6.
-- edit --
Console scrolling support was removed from the kernel around 5.10.
-- edit --
| Code: | | [ 2.112414] Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(8,4) |
unknown-block(8,4) is /dev/sda4. That's your encrypted container, not your root filesystem so that correct.
Your root is /dew/mapper/<something> but only after /dev/sda4 has been decrypted and lvm started.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
frddbbbl
Tux's lil' helper
Joined: 16 Jun 2019
Posts: 98
|
| Posted: Thu Aug 12, 2021 6:25 pm Post subject: |
|
|
| i have here the build.log of gentoo-kernel-binary, i think the only issue it is pointing out is that i need to select it as kernel? but i guess i don't need to do this and i can use my personal kernel? should i reset my laptop now i have the correct options in my /etc/default/grub?[/url] |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Thu Aug 12, 2021 6:40 pm Post subject: |
|
|
Try
| Code: |
rm /usr/src/linux
emerge -1av gentoo-kernel-bin
######or just create a symlink "linux" to gentoo-kernel-bin
### cd /usr/src
#### ln -s 5.10.52-gentoo-dist linux
|
This is a harmless and foolish error message
see
| Quote: |
FAILED postinst: 1
* /usr/src/linux points at another kernel, leaving it as-is.
* Please use 'eselect kernel' to update it when desired.
* Installing the kernel failed
*
* The kernel files were copied to disk successfully but the kernel
* was not deployed successfully. Once you resolve the problems,
* please run the equivalent of the following command to try again:
|
You already have gentoo-kernel-bin installed.
Just look under /usr/src and you will see the kernel tree
Also
ls /lib/modules
ls /boot
Its there no?
It complains about /usr/src/linux pointing to another kernel.
Foolish complain.
BUT plz know that /usr/src/linux is a symlink pointing to your current kernel.
If you install a new kernel you should remove the above symlink and re link it to the new kernel instead.
You can avoid all this manual work by using
eselect kernel
I suppose
I have never used it myself
Just reboot now.
You have your huge kernel which also built an initrd with dracut as i saw in your log so now
| Code: |
grub-mkconfig -o /boot/grub/grub.cfg
reboot
|
_________________
|
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54236
Location: 56N 3W
|
| Posted: Thu Aug 12, 2021 7:29 pm Post subject: |
|
|
frddbbbl,
| Code: | * Installing the kernel via installkernel ...
cat: write error: No space left on device
[ !! ]
* Installing the kernel failed
*
* The kernel files were copied to disk successfully but the kernel
* was not deployed successfully. Once you resolve the problems,
* please run the equivalent of the following command to try again: |
That probably means that /boot is full and you need to delete things before you can add more.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
frddbbbl
Tux's lil' helper
Joined: 16 Jun 2019
Posts: 98
|
| Posted: Thu Aug 12, 2021 7:40 pm Post subject: |
|
|
here is the output that grub-mkconfig gives me now that i have set the kernel to linux-5.10.52-gentoo-dist. I'm not sure if this is an error in my /etc/default/grub? i do feel like i am making progress....
Thanks for all the help so far. |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54236
Location: 56N 3W
|
| Posted: Thu Aug 12, 2021 7:44 pm Post subject: |
|
|
frddbbbl,
There is no space on /boot to write the grub.cfg.
Post the output of
| Code: | df -ih
df -h
ls -l /boot |
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Thu Aug 12, 2021 7:53 pm Post subject: |
|
|
Plz heed to Neddy's advice about space in /boot.
It is critical!
Then this is also very worrisome
| Quote: |
Volume group "lvm" not found
Cannot process volume group lvm
WARNING: Failed to connect to lvmetad. Falling back to device scanning.
|
You need to enable and start "lvm" service.
What happens if in livecd(ourside chroot) you run
/etc/init.d/lvm start
vgscan
lvscan
Then in chroot
USE="device-mapper" emerge -1av grub
and rerun grub update
?
_________________
|
|
| Back to top |
|
|
frddbbbl
Tux's lil' helper
Joined: 16 Jun 2019
Posts: 98
|
| Posted: Thu Aug 12, 2021 8:36 pm Post subject: |
|
|
| there should be space now that i have deleted the old configs and system maps from /boot. lvm is already running, vgscan and lvscan give a warning "failed to connect to lvmetad. Falling back to device scanning but there is no error message? it also says found linux image/boot/vmlinuz-5.10.27, which is not the binary kernel in spite of the back that is the one that is symlinked to /usr/src/linux, is there a reason it won't build a boot config for 5.10.52-gentoo-dist? |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54236
Location: 56N 3W
|
| Posted: Thu Aug 12, 2021 8:50 pm Post subject: |
|
|
alamahant,
I'm hoping that comes out in the wash with the new kernel and grub.cfg.
Consider the situation where the last attempt to make grub.cfg failed due to /boot being full.
The old one is still in use, so an old kernel is too.
Lets get a know self consistent set of files in use before we proceed.
Certainly getting LVM started is required but baby steps.
Once there is space on /boot we can have a self consistent kernel, initrd and grub.cfg and reassess what the next problem is.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54236
Location: 56N 3W
|
| Posted: Thu Aug 12, 2021 8:55 pm Post subject: |
|
|
frddbbbl,
Post the information I asked for.
Once we are sure you have enough space, the next stop in to reinstall the new kernel and initrd to /boot and make it a new grub.cfg, so that they are used.
The binary kernel is not there now as /boot was full when you tried to install it.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
frddbbbl
Tux's lil' helper
Joined: 16 Jun 2019
Posts: 98
|
| Posted: Thu Aug 12, 2021 9:29 pm Post subject: |
|
|
| NeddySeagoon wrote: | frddbbbl,
Post the information I asked for.
Once we are sure you have enough space, the next stop in to reinstall the new kernel and initrd to /boot and make it a new grub.cfg, so that they are used.
The binary kernel is not there now as /boot was full when you tried to install it. |
Ok, here you go:
http://0x0.st/-JYr.log
http://0x0.st/-JYs.log
http://0x0.st/-JYz.log |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54236
Location: 56N 3W
|
| Posted: Thu Aug 12, 2021 9:43 pm Post subject: |
|
|
frddbbbl,
Do you have a separate /boot partition?
| Code: | Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg0-root 20G 18G 1.5G 93% /
/dev/mapper/vg0-var 9.8G 1.7G 7.6G 19% /var
/dev/mapper/vg0-home 79G 13G 63G 17% /home
cgroup_root 10M 0 10M 0% /sys/fs/cgroup
udev 10M 0 10M 0% /dev
tmpfs 1.9G 0 1.9G 0% /dev/shm |
Its not listed there, so its not mounted.
| Code: | -rw-r--r-- 1 root root 124591 Aug 7 11:14 config-5.10.27-gentoo
drwxr-xr-x 5 root root 4096 Aug 12 22:29 grub
drwx------ 2 root root 4096 Aug 7 11:14 lost+found
-rw-r--r-- 1 root root 5243599 Aug 7 11:14 System.map-5.10.27-gentoo
-rw-r--r-- 1 root root 9455312 Aug 7 11:14 vmlinuz-5.10.27-gentoo |
looks like /boot but its missing an initrd.
With an encrypted root, an initrd is required. It must contain all the user space tools to decrypt the LUKS valume and start the logical volume manager so that the kernel can see /dev/mapper/vg0-root.
Install the kernel, initrd and remake grub.cfg. Watch for No Space on Device errors. If you don't get any, reboot to test.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
frddbbbl
Tux's lil' helper
Joined: 16 Jun 2019
Posts: 98
|
| Posted: Fri Aug 13, 2021 11:36 am Post subject: |
|
|
| Hi, can't believe i forgot to mount /boot that time... i mounted /dev/sda2 on /boot and did everything again, however i still can't see the binary as an option in the bios, there also is a few old 5.4 kernels that are options that have been removed from /boot but still seem to appear in the bios |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Fri Aug 13, 2021 4:53 pm Post subject: |
|
|
I dont know why it is so hard for your system to boot.
I suspect you have content underneath the mounted /boot
First
make sure you have an entry for /dev/sda2 in /etc/fstab
| Code: |
/dev/sda2 /boot vfat defaults 0 1
|
then plz
Run
| Code: |
umount /boot
rm -rf /boot/*
mount /boot
|
Then
| Code: |
mount /boot
grub-install .................................... REINSTALL grub
cd /usr/src/5.10.52-gentoo-dist
make install
cd ..
rm linux
ln -s 5.10.52-gentoo-dist linux
dracut --force --kver 5.10.52-gentoo-dist
grub-mkconfig -o /boot/grub/grub.cfg
|
Also plz post the output of
I also suspect you forget to mount things when chrooting.
So plz create a chroot script to always use when chrooting and have a complete fstab so after chrooting you can run
mount -a
and have everything mounted properly.
Can you plz post your fstab?
_________________
Last edited by alamahant on Fri Aug 13, 2021 5:27 pm; edited 6 times in total |
|
| Back to top |
|
|
|
Kernel & Hardware
