[Support] System Encryption DM-Crypt with LUKS

Message

Reikinio · Post by **Reikinio** » Sat May 27, 2006 1:20 pm

mephist0 wrote: but ... new error

[: -eq unkown operand

and it drops me to the minimal shell ...

Did you copy the init script directlry from the wiki guide, or did you downloaded it from here using wget?
Please try the later(wget the file) and see what happens.

mephist0 · Post by **mephist0** » Sat May 27, 2006 1:39 pm

Reikinio wrote:
mephist0 wrote: but ... new error

[: -eq unkown operand

and it drops me to the minimal shell ...
Did you copy the init script directlry from the wiki guide, or did you downloaded it from here using wget?
Please try the later(wget the file) and see what happens.

My fault

I had a typo in extlinux.conf
Now it works flawless

Thanks sooo much for this great guide

And for all your help guys !!

nilo888 · Post by **nilo888** » Sun May 28, 2006 1:38 pm

Hello!
I have a simple question:
For me this:

Code: Select all

mount -t crypt /path/to/encrypted/device /path/to/mountpoint

does not function.
I haven' t /usr/bin/mount.crypt or /sbin/mount.crypt
how i can install them?

Thanks
Nilo

Reikinio · Post by **Reikinio** » Sun May 28, 2006 3:43 pm

nilo888 wrote:Hello!
I have a simple question:
For me this:
Code: Select all
mount -t crypt /path/to/encrypted/device /path/to/mountpoint
does not function.
I haven' t /usr/bin/mount.crypt or /sbin/mount.crypt
how i can install them?

Thanks
Nilo

Hi,
I don't understand what you're trying to do there.

mephist0 · Post by **mephist0** » Mon May 29, 2006 1:27 pm

nilo888 wrote:Hello!
I have a simple question:
For me this:
Code: Select all
mount -t crypt /path/to/encrypted/device /path/to/mountpoint
does not function.
I haven' t /usr/bin/mount.crypt or /sbin/mount.crypt
how i can install them?

Thanks
Nilo

If you want to open a encrypted harddrive then type :

cryptsetup luksOpen device name

for example:

cryptsetup luksOpen /dev/sda5 root

HTH

femtotech · Post by **femtotech** » Wed May 31, 2006 2:51 pm

I can't get the initramfs to work - I get "Failed to execute /init" when I try to boot. I've made the init executable before making the image, and tried using both install.sh and gen_initramfs. When I compile the kernel the initramfs I created is overwritten unless I set CONFIG_INITRAMFS_SOURCE to /initramfs_data.cpio and extract initramfs_data.cpio.gz to that location. The kernel then gzips the .cpio and makes a .cpio.gz that has my files in it (I checked), but the md5sum differs from the .cpio.gz I created manually.

Any ideas? Thanks.

Reikinio · Post by **Reikinio** » Sat Jun 03, 2006 4:02 pm

femtotech wrote:I can't get the initramfs to work - I get "Failed to execute /init" when I try to boot. I've made the init executable before making the image, and tried using both install.sh and gen_initramfs. When I compile the kernel the initramfs I created is overwritten unless I set CONFIG_INITRAMFS_SOURCE to /initramfs_data.cpio and extract initramfs_data.cpio.gz to that location. The kernel then gzips the .cpio and makes a .cpio.gz that has my files in it (I checked), but the md5sum differs from the .cpio.gz I created manually.

Any ideas? Thanks.

Hi,
Honestly, everything you need to do is described in the guide, and it works, it worked for me, I probably did it like more than 30 times(testing and all), I'm sure you have checked many times, but believe me, the error message is most likely caused by a typo or something.
Things to check:
* The file name must be exact: initramfs_data.cpio.gz (make sure there
is no typo in its name) and must be placed in /usr/src/linux/usr/
* leave CONFIG_INITRAMFS_SOURCE empty.
* Check the contents of the initramfs image, decompress it and take a
look at it, make sure init is executable, chmod it 755 to be sure.
While you're there, take a look at bin/ , make sure everything is in
place, check the permissions of the binaries.
Note: there shouldn't be any problems with the initramfs image if you
used the gen_initramfs script and configured busybox properly.
* Make sure you're booting the proper kernel.

Whichi kernel are you using ? and can you post your grub.conf and the permissions of the bin/ and init inside the initramfs image ?

camechis · Post by **camechis** » Sun Jun 04, 2006 5:00 am

Hi, I have a fully functional Gentoo system. However I am unclear on how to encrypt it without doing a fresh install. Any help or guides would be appreciated.

Reikinio · Post by **Reikinio** » Sun Jun 04, 2006 6:21 am

camechis wrote:Hi, I have a fully functional Gentoo system. However I am unclear on how to encrypt it without doing a fresh install. Any help or guides would be appreciated.

Hi,
You'll have to start over, the partition that you plan to encrypt will get overwritted.
So, backup important data and do a fresh install.
If however you want to preserve your entire system, you can build a stage4, or copy the data directly to another drive, then you proceed as explained in the guide, you create the mapping, format it, etc.. but instead of installing Gentoo you will use your backup to rebuild the system.

Bye

skceb · Post by **skceb** » Sun Jun 04, 2006 3:40 pm

Hi there,

i've got the following problem while trying to encrypt my rootfs following the guide from http://gentoo-wiki.com/SECURITY_System_ ... _with_LUKS

when booting i get this error:

Code: Select all

VFS: Cannot open root device "sda3:reiserfs" or unknown-block(0,0)
Please append a correct "root=" boot option
Kernel Panic - not syncing: VFS Unable to mount root fs on unknown-block(0,0)

kernel is 2.6.16-gentoo-r7

content of initramfs_data.cpio.gz (created with gen_initramfs) looks like this:

Code: Select all

img # du -hs *
545K    bin
0       dev
4.0K    etc
4.0K    init
0       new-root
0       proc
821K    sbin
0       sys

du -hs bin/*
0       bin/[
0       bin/[[
0       bin/ash
545K    bin/busybox
0       bin/cat
0       bin/clear
0       bin/cut
0       bin/dmesg
0       bin/dumpkmap
0       bin/echo
0       bin/false
0       bin/loadfont
0       bin/mesg
0       bin/mkdir
0       bin/mount
0       bin/mountpoint
0       bin/test
0       bin/true
0       bin/umount

init file is marked executable (-rwxr-xr-x 1 root root 3736 Jun 4 14:47 init)

grub entry:

Code: Select all

title=Gentoo Linux 2.6.16-r7sda3
root (hd0,0)
kernel /bzImage-2.6.16-gen-r7 root=/dev/sda3:reiserfs

any help/hint would be highly appreciated :=)

thx & so long

skceb · Post by **skceb** » Sun Jun 04, 2006 4:58 pm

ok, now i realised that when building the kernel the cpio.gz file is being replaced by some default file. i edited the initramfs option via menuconfig so it takes the cpio image from a path outside the kernel dir. (/root/initramfs_data.cpio.gz)
after building the kernel, the initramfs_data.cpio.gz file is seems to have been copied to usr/src/linux/usr/ (according to the file size).

now i get a different error when trying to boot:

Code: Select all

Kernel panic - not syncing: no cpio magic

i assume that the message i got beforce has been caused by the missing cpio image - but now its there?

Reikinio · Post by **Reikinio** » Mon Jun 05, 2006 3:21 am

skceb wrote: when booting i get this error:

Code: Select all

VFS: Cannot open root device "sda3:reiserfs" or unknown-block(0,0)
Please append a correct "root=" boot option
Kernel Panic - not syncing: VFS Unable to mount root fs on unknown-block(0,0)

skceb wrote: ok, now i realised that when building the kernel the cpio.gz file is being replaced by some default file. i edited the initramfs option via menuconfig so it takes the cpio image from a path outside the kernel dir. (/root/initramfs_data.cpio.gz)
after building the kernel, the initramfs_data.cpio.gz file is seems to have been copied to usr/src/linux/usr/ (according to the file size).

now i get a different error when trying to boot:

Code:
Kernel panic - not syncing: no cpio magic

I've no idea why so many people have problems with this step, it's pretty simple, anyway, there're several ways to build an initramfs into the kernel, out of which I believe the simpler is to place your gzipped cpio archive in /usr/src/linux/usr , touch it, and compile the kernel, it will get build directly.
The above means that there is no need to edit CONFIG_INITRAMFS_SOURCE kernel option, it also means that since it will get built directly, you better keep a backup of your gzipped cpio archive somewhere in your encrypted system since you will need it when you recompile/upgrade the kernel.
That is the way the guide recommends because that was how I did it(many times).

Code: Select all

  # from the guide
  # copy your cpio archive, it'll be built directly.
  # Important: filename must be "initramfs_data.cpio.gz"
  cp -i /path/to/initramfs_data.cpio.gz /usr/src/linux/usr/  
  touch /usr/src/linux/usr/initramfs_data.cpio.gz

That's it, just configure and compile your kernel, again leave CONFIG_INITRAMFS_SOURCE empty.

If you're sure it ignores the initramfs_data.cpio.gz you created and uses the default one instead(take a look at /usr/src/linux/usr/initramfs_data.cpio.gz after you compile your kernel, it should be the same file(have the same contents)), then I'd be really confused, you could send me your kernel .config by email and I'll try to have a look at it.

In the event that the above fails(it shouldn't) then you can try letting the kernel build it for you, one way is to edit the CONFIG_INITRAMFS_SOURCE option and point it to a directory containing all the files that the initramfs should have, you can decompress your previously generated initramfs_data.cpio.gz with gen_initramfs and pass the temp directory to CONFIG_INITRAMFS_SOURCE, then take a look at /usr/src/linux/usr/initramfs_data.cpio.gz and you will see the contents of the initramfs image.
There're more ways to handle the initramfs creation, just read the early-userspace documentation the comes with the kernel plus the 2 documents links that are in the guide(at the "Creating the initramfs image" section")

skceb wrote: content of initramfs_data.cpio.gz (created with gen_initramfs) looks like this:

Code: Select all

img # du -hs *
545K    bin
0       dev
4.0K    etc
4.0K    init
0       new-root
0       proc
821K    sbin
0       sys

du -hs bin/*
0       bin/[
0       bin/[[
0       bin/ash
545K    bin/busybox
0       bin/cat
0       bin/clear
0       bin/cut
0       bin/dmesg
0       bin/dumpkmap
0       bin/echo
0       bin/false
0       bin/loadfont
0       bin/mesg
0       bin/mkdir
0       bin/mount
0       bin/mountpoint
0       bin/test
0       bin/true
0       bin/umount

init file is marked executable (-rwxr-xr-x 1 root root 3736 Jun 4 14:47 init)

femtotech wrote: I can't get the initramfs to work - I get "Failed to execute /init" when I try to boot. I've made the init executable before making the image, and tried using both install.sh and gen_initramfs.
any help/hint would be highly appreciated :=)

skceb, Why don't you have bin/sh ? you need it, otherwise it will fail with a "Failed to execute /init" message.
Do "grep /bin/sh /path/to/busybox/busybox.links" if it outputs nothing then you have a problem in your busybox configuration, if you figure out what was missing please post it here, or if you still have problems please send me your busybox .config by email.
femtotech, see ^^

Well, that's it for now, bye and good luck, let me know if you encounter more problems.

skceb · Post by **skceb** » Thu Jun 08, 2006 2:13 pm

Hi,

thx for your support - now it works. i probably missed something, cause when i rebuild the kernel and touched the image before, it worked.
bin/sh i just forgot, now everything is working fine.

something you might want to add to your tutorial:

if you want to fill your crypted drive from /dev/random or /dev/urandom, it takes quite long. but you can fill just the first 2 megs from urandom (so the luks stuff gets into already filled space), then open it via luks, and then fill it from /dev/zero. this is much faster, and because the drive is already crypted you are filling it with crypted zeros - no difference to randomly filled drives. i got this from the german "c't" magazine (which is probably the best one on the market) so im quite sure its safe to do it this way.

so long

Stino85 · Post by **Stino85** » Sun Jun 11, 2006 8:06 pm

When booting with the following GRUB configuration:

Code: Select all

default 0
timeout 3

title=Gentoo
root (hd0,0)
kernel /kernel root=/dev/hda3:ext3 loadkmap=be-latin1-i386.bin

I get this error:

Code: Select all

sh: applet not found
Kernel panic - not syncing: Attempted to kill init!

This is how my initramfs image looks like:

Code: Select all

livecd temp_image_dir # ls -lR
.:
total 36
drwxr-xr-x  2 root root 4096 Jun 11 21:37 bin
drwxr-xr-x  2 root root 4096 Jun 11 21:38 dev
drwxr-xr-x  2 root root 4096 Jun 11 14:04 etc
-rwxr-xr-x  1 root root 3737 Jun 11 20:19 init
drwxr-xr-x  2 root root 4096 Jun 11 21:35 lib
lrwxrwxrwx  1 root root   11 Jun 11 21:36 linuxrc -> bin/busybox
drwxr-xr-x  2 root root 4096 Jun 11 21:36 new-root
drwxr-xr-x  2 root root 4096 Jun 11 21:36 proc
drwxr-xr-x  2 root root 4096 Jun 11 21:36 sbin
drwxr-xr-x  2 root root 4096 Jun 11 21:36 sys

./bin:
total 576
lrwxrwxrwx  1 root root      7 Jun 11 21:36 [ -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 [[ -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 ash -> busybox
-rwxr-xr-x  1 root root 583712 Jun 11 21:36 busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 cat -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 clear -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 cut -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 dmesg -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 dumpkmap -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 echo -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 false -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 loadfont -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 ls -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 mesg -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 mkdir -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 mount -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 mountpoint -> busybox
lrwxrwxrwx  1 root root      3 Jun 11 21:37 sh -> ash
lrwxrwxrwx  1 root root      7 Jun 11 21:36 test -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 true -> busybox
lrwxrwxrwx  1 root root      7 Jun 11 21:36 umount -> busybox

./dev:
total 0
crw-------  1 root root 5, 1 Jun 11 21:38 console
crw-rw----  1 root root 1, 3 Jun 11 21:37 null

./etc:
total 8
-rwxr-xr-x  1 root root  618 May  6 03:31 ascii
-rwxr-xr-x  1 root root 2823 Jun 11 14:04 be-latin1-i386.bin

./lib:
total 0

./new-root:
total 0

./proc:
total 0

./sbin:
total 920
-rwxr-xr-x  1 root root 936748 Jun 11 21:36 cryptsetup
lrwxrwxrwx  1 root root     14 Jun 11 21:36 halt -> ../bin/busybox
lrwxrwxrwx  1 root root     14 Jun 11 21:36 init -> ../bin/busybox
lrwxrwxrwx  1 root root     14 Jun 11 21:36 loadkmap -> ../bin/busybox
lrwxrwxrwx  1 root root     14 Jun 11 21:36 mdev -> ../bin/busybox
lrwxrwxrwx  1 root root     14 Jun 11 21:36 poweroff -> ../bin/busybox
lrwxrwxrwx  1 root root     14 Jun 11 21:36 reboot -> ../bin/busybox
lrwxrwxrwx  1 root root     14 Jun 11 21:36 start-stop-daemon -> ../bin/busybox
lrwxrwxrwx  1 root root     14 Jun 11 21:36 switch_root -> ../bin/busybox

./sys:
total 0

which i compress and move to the appropriate place with these commands:

Code: Select all

# find . | cpio --quiet -o -H newc | gzip -9 >../initramfs_data.cpio.gz
# mv ../initramfs_data.cpio.gz /usr/src/linux/usr/initramfs_data.cpio.gz
# cd /usr/src/linux
# make && make install_modules
# mv arch/i386/boot/bzImage /boot/kernel

After this I reboot..

Note that in the temp_image_dir i added

Code: Select all

lrwxrwxrwx  1 root root      3 Jun 11 21:37 sh -> ash

myself... before i did that i got the error:

Code: Select all

Failed to execute /init
Kernel panic, Not syncing, init not found, try passing a init= option to the kernel

Now however, it already gets a little further telling something's trying to kill init...

I think i followed the guide quite well... and I hope someone can help me with the problems i'm having here...

Reikinio · Post by **Reikinio** » Mon Jun 12, 2006 3:27 pm

Hi,

Stino85 wrote: I get this error:

Code: Select all

sh: applet not found
Kernel panic - not syncing: Attempted to kill init!

This is how my initramfs image looks like:

Code: Select all

livecd temp_image_dir # ls -lR
.:
total 36
...
lrwxrwxrwx  1 root root   11 Jun 11 21:36 linuxrc -> bin/busybox
...

./bin:
total 576
...
[b]lrwxrwxrwx  1 root root      3 Jun 11 21:37 sh -> ash[/b]
...

1) what's the linuxrc for ?
2) "sh -> ash" ?
'sh' should be a symlink to busybox, it should look like this: "sh -> busybox"

Take a look at your busybox configuration, under the "shell" section, what do you have enabled there ?
I'll quote the shell part from the wiki busybox example:

Code: Select all

 Shells --->
      Choose your default shell (ash)  --->  
  --- ash
  ---   Ash Shell Options
  [*]     Enable Job control
  [*]     Enable 'read -n N' and 'read -s' support
  [*]     Enable alias support
  [*]     Enable Posix math support
  [*]     Optimize for size instead of speed
  ---   Bourne Shell Options
  [*]   Hide message on interactive shell startup

Is your configuration the same as above ?

Stino85 wrote:Note that in the temp_image_dir i added
Code: Select all
lrwxrwxrwx  1 root root      3 Jun 11 21:37 sh -> ash
myself... before i did that i got the error:
Code: Select all
Failed to execute /init
Kernel panic, Not syncing, init not found, try passing a init= option to the kernel
Now however, it already gets a little further telling something's trying to kill init...

I think i followed the guide quite well... and I hope someone can help me with the problems i'm having here...

Erase the sh -> ash symlink, sh should be a symlink to busybox.
About the Failed to execute init message, there is more information on previous posts, but basically double check your busybox configuration, chmod 755 the init script, and make sure that when you compile your kernel, the initramfs gets built.

skceb wrote: something you might want to add to your tutorial:

if you want to fill your crypted drive from /dev/random or /dev/urandom, it takes quite long. but you can fill just the first 2 megs from urandom (so the luks stuff gets into already filled space), then open it via luks, and then fill it from /dev/zero. this is much faster, and because the drive is already crypted you are filling it with crypted zeros - no difference to randomly filled drives. i got this from the german "c't" magazine (which is probably the best one on the market) so im quite sure its safe to do it this way.

so long

It seems like a clever trick, this was on a dm-crypt thread a while ago too(" HOWTO: Encrypting /home with cryptsetup-luks on Fedora Core 5", there is a discussion about this on the last messages).
If you read the thread(the last 10 messages), you'll see some people advising against it, including Marc Schwartz, whom gives some pretty insightful inputs about it, and since he seems to know a lot about the subject and I know next to zero, I'll not add that method to the wiki.

But thanks for posting it anyway,

Stino85 · Post by **Stino85** » Mon Jun 12, 2006 5:05 pm

Reikinio wrote:Take a look at your busybox configuration, under the "shell" section, what do you have enabled there ?
I'll quote the shell part from the wiki busybox example:
Code: Select all
 Shells --->
      Choose your default shell (ash)  --->  
  --- ash
  ---   Ash Shell Options
  [*]     Enable Job control
  [*]     Enable 'read -n N' and 'read -s' support
  [*]     Enable alias support
  [*]     Enable Posix math support
  [*]     Optimize for size instead of speed
  ---   Bourne Shell Options
  [*]   Hide message on interactive shell startup
Is your configuration the same as above ?

I thought mine was the same, looked over it at least five times... never saw that my configuration looked like this:

Code: Select all

 Shells --->
      Choose your default shell (NONE)  --->  
  [*] ash
  ---   Ash Shell Options
  [*]     Enable Job control
  [*]     Enable 'read -n N' and 'read -s' support
  [*]     Enable alias support
  [*]     Enable Posix math support
  [*]     Optimize for size instead of speed
  ---   Bourne Shell Options
  [*]   Hide message on interactive shell startup

Thanks for your view on my situation and your splendid HOW-TO...
Now it works fine...

Reikinio · Post by **Reikinio** » Tue Jun 13, 2006 6:22 pm

Stino85 wrote: Thanks for your view on my situation and your splendid HOW-TO...
Now it works fine...

Thanks, it's nice to know you got it working.

IMSargon · Post by **IMSargon** » Wed Jun 14, 2006 10:35 pm

switch_root in the init script gives me "not rootfs". I don't know where to go from here. I'm not even sure what information would help you figure out what's wrong. Root decrypts properly. I can travel into the sbin directory and cat the init file (the one on the root drive) with no problems. Busybox 1.1.3 compiled with glibc. (I was going to do uclibc, but I didn't get a bin directory after I emerged that and glibc seemed to work fine)

Anyone have any ideas or need more information?
Thanks
-Sargon

IMSargon · Post by **IMSargon** » Thu Jun 15, 2006 1:57 am

IMSargon wrote:switch_root in the init script gives me "not rootfs". I don't know where to go from here. I'm not even sure what information would help you figure out what's wrong. Root decrypts properly. I can travel into the sbin directory and cat the init file (the one on the root drive) with no problems. Busybox 1.1.3 compiled with glibc. (I was going to do uclibc, but I didn't get a bin directory after I emerged that and glibc seemed to work fine)

Anyone have any ideas or need more information?
Thanks
-Sargon

It looks like what happened here is that you can't run the init script once you've been kicked out to the shell. (probably because with sh running, you can't get PID 1). This is what I was doing while trying to get the script to work properly (some dirty mods to the init script to get it to read root's gpg key from a USB stick).

Thanks,
-Sargon

Reikinio · Post by **Reikinio** » Thu Jun 15, 2006 4:02 am

IMSargon wrote:
IMSargon wrote:switch_root in the init script gives me "not rootfs". I don't know where to go from here. I'm not even sure what information would help you figure out what's wrong. Root decrypts properly. I can travel into the sbin directory and cat the init file (the one on the root drive) with no problems. Busybox 1.1.3 compiled with glibc. (I was going to do uclibc, but I didn't get a bin directory after I emerged that and glibc seemed to work fine)

Anyone have any ideas or need more information?
Thanks
-Sargon
It looks like what happened here is that you can't run the init script once you've been kicked out to the shell. (probably because with sh running, you can't get PID 1). This is what I was doing while trying to get the script to work properly (some dirty mods to the init script to get it to read root's gpg key from a USB stick).

Thanks,
-Sargon

Hi,
I honestly don't understand what you were/are trying to do, were you trying to execute the init script directly from rescue mode ? what for ? something failed ?

Anyway, there is an option for reading the gpg protected key in the init script provided in the guide, although for now the gpg protected key has to reside inside the initramfs, this is somewhat silly, it would be much better to have it reside directly on the usb drive, I'll try to change this in the future.
Well, let me know what you were trying to do and/or what failed and maybe I could help you out figuring out what went wrong.

Bye,

bob_arctor · Post by **bob_arctor** » Mon Jun 26, 2006 6:40 pm

Hey all.

Just got to the end of the guide, and I think I must've screwed something up somewhere as I get this error when I try to boot:

Code: Select all

Kernel panic - not syncing: junk in gzipped archive

I'm pretty sure the archive is OK, here is what is inside of a copy I made of the archive before I moved it to the /usr/src/linux/usr/ dir before I compiled my kernel. I also edited the kernel option to point CONFIG_INITRAMFS_SOURCE to the file as it wasn't set originally to anything.

I verified a copy of the archive:

Code: Select all

drwxr-xr-x  10 root     root            0 Jun 26 05:17 .
drwxr-xr-x   2 root     root            0 Jun 26 05:18 bin
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/busybox
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/[
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/[[
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/ash
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/cat
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/clear
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/cp
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/cut
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/dmesg
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/dumpkmap
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/echo
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/false
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/loadfont
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/ls
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/mesg
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/mkdir
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/mount
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/mountpoint
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/mv
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/sh
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/test
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/true
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 bin/umount
-rwx--x--x   1 root     root      1533676 Jun 26 04:31 bin/gpg
drwxr-xr-x   2 root     root            0 Jun 26 04:39 lib
drwxr-xr-x   2 root     root            0 Jun 26 04:42 sbin
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 sbin/halt
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 sbin/loadkmap
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 sbin/mdev
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 sbin/poweroff
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 sbin/reboot
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 sbin/start-stop-daemon
-rwxr-xr-x   1 root     root       561852 Jun 26 04:40 sbin/switch_root
-rwxr-xr-x   1 root     root       936748 Jun 26 03:07 sbin/cryptsetup
drwxr-xr-x   2 root     root            0 Jun 26 04:42 proc
drwxr-xr-x   2 root     root            0 Jun 26 04:42 sys
drwxr-xr-x   2 root     root            0 Jun 26 04:42 new-root
drwxr-xr-x   2 root     root            0 Jun 26 05:34 etc
-rw-r--r--   1 root     root         2602 Jun 26 05:13 etc/ascii
-rw-r--r--   1 root     root          236 Jun 26 05:34 etc/hda4_key.gpg
drwxr-xr-x   2 root     root            0 Jun 26 05:19 dev
crw-rw----   1 root     root       1,   3 Jun 26 05:19 dev/null
crw-rw----   1 root     root       5,   1 Jun 26 05:19 dev/console
-rwxr-xr-x   1 root     root         3736 Jun 26 04:46 init

I find it unlikely that the archive would've been corrupted just from moving it. I just had the idea that maybe I set CONFIG_INITRAMFS_SOURCE wrong, ie maybe it is just supposed to point to the dir and i set it to also have the filename or vice versa, and I'll try this tomorrow (it's now almost 5am). The other somewhat weird thing was that when I built my kernel there was file at /usr/src/linux/usr/initramfs_data.cpio.gz to be removed like in the guide. I used the latest stable gentoo-sources (2.6.16-gentoo-r9).

Any assistance would be appreciated

UPDATE: I solved my problem myself. Reread the bit in the guide about kernel configuration and realised what you were saying was that the CONFIG_INTRAMFS_SOURCE option shouldn't be set at all- it was overwriting the intramfs_data.cpio.gz archive with junk because of that. Everything works now.

Thanks for the awesome guide!

cableroy · Post by **cableroy** » Tue Jun 27, 2006 1:13 pm

Hi, finaly i get ascii picture and about to type the password, i type the password correctly but i get a error, Can't open device: /dev/hda3, my fstab is correct, and my grub.conf point root=/dev/hda3:ext3. Anyone got a suggestion on what to look for?

/Roy

Reikinio · Post by **Reikinio** » Wed Jun 28, 2006 4:39 am

cableroy wrote:Hi, finaly i get ascii picture and about to type the password, i type the password correctly but i get a error, Can't open device: /dev/hda3, my fstab is correct, and my grub.conf point root=/dev/hda3:ext3. Anyone got a suggestion on what to look for?

/Roy

Go into rescue mode and execute each command, one by one, after you know where it's failing, have a look at the FAQ section, google, etc...

If you still can't find the answer then post it here detailing what failed and where and I'll try to help you.

Regards,

cableroy · Post by **cableroy** » Wed Jun 28, 2006 6:36 am

Ok, but how do i get into rescue mode? After i type the password 3 times i get into a shell, is that rescue mode?

/Roy

Reikinio · Post by **Reikinio** » Wed Jun 28, 2006 8:31 am

cableroy wrote:Ok, but how do i get into rescue mode? After i type the password 3 times i get into a shell, is that rescue mode?

/Roy

add "rescue" to your kernel parameters.

What you need to do is basically this:
Double check your busybox configuration, compare it to the one provided by the guide.
Double check your kernel configuration, look at the required kernel options in the guide.
Then execute the commands one by one, for example this are the first to execute:

Code: Select all

/bin/mount -t proc proc /proc
/bin/mount -t sysfs sysfs /sys
/sbin/mdev -s

After executing mdev, you should see the /dev/hda files, if yes then luksOpen the partition and mount it, it should work.

Bye.