Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Can't boot with encrypted root on lvm
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
gustafson
Guru
Guru


Joined: 12 Aug 2004
Posts: 424

PostPosted: Sat Jan 17, 2015 3:18 pm    Post subject: Can't boot with encrypted root on lvm Reply with quote

Hi, I have for a long time had an encrypted hard drive. It stopped working.

Using luks, the encrypted partition is
Code:
/dev/sda2


Using lvm after decryption, I have logical volumes
Code:
/dev/mapper/vg0-root
/dev/mapper/vg0-usr
/dev/mapper/vg0-var
/dev/mapper/vg0-home
/dev/mapper/vg0-opt


I use genkernl --lvm --luks etc to compile the kernel and initramfs

When I boot, I get the message:
Code:
Block device /dev/mapper/vg0-root is not a valid root device


Dropping into the shell (busybox), I can use
Code:
cryptsetup luksOpen /dev/sda2 sda2

to decrypt.

Then I try:
Code:
vgscan
vgchange

Both are not found within the ash shell of busybox.

I know there were recent updates to grub and perhaps more... but I don't have a record of it.

Based on this, I think it is a busybox problem with genkernel. I've tried everything I can think of to make it work... any suggestions?

Thanks,
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Sat Jan 17, 2015 5:16 pm    Post subject: Re: Can't boot with encrypted root on lvm Reply with quote

gustafson wrote:
Based on this, I think it is a busybox problem with genkernel. I've tried everything I can think of to make it work... any suggestions?

gustafson ... from the above it looks to me like genkernel simply didn't include lvm in the initramfs (busybox doesn't seem to have anything to do with it, it doesn't contain the lvm suite).

I'd suggest the following:

Download better-initramfs, unpack and place the initramfs.cpio in /boot. Edit grub.cfg to point the initramfs.cpio and add the following to 'append='.

Code:
luks enc_root=/dev/sda2 lvm root=/dev/mapper/vg0-root

Reboot ... you should be prompted for the luks password, and once luksOpen'd it should activate the lv and run init.

Note that as better-initramfs doesn't contain any kernel modules you will need to check that the kernel has support for whatever hardware is required to boot and dm_crypt is built-in ... once in place however it doesn't need rebuilt on subsequent kernel updates.

HTH & best ... khay
Back to top
View user's profile Send private message
gustafson
Guru
Guru


Joined: 12 Aug 2004
Posts: 424

PostPosted: Sun Jan 18, 2015 11:38 pm    Post subject: Reply with quote

Hi khayyam, thanks for the suggestion... but I'd like to stay within the gentoo system if possible rather than resort to an external tool as great as it may appear to be.

Also, I think that busybox is built into the initramfs automatically by genkernel... but these are outside my areas of expertise. So you may be correct on that.

But thanks in part to your suggestion and doing more reading, I got it fixed.

It turns out that grub2-mkconfig is not picking up the encrypted lvm setup. (It used to do it automatically.) When I modify the grub.cfg from:
Code:
linux   /kernel-genkernel-x86_64-3.17.7-gentoo root=/dev/mapper/vg0-root ro

to include the following:
Code:
linux   /kernel-genkernel-x86_64-3.17.7-gentoo crypt_root=/dev/sda2 dolvm real_root=/dev/mapper/vg0-root ro

Then it works fine and boots without issues.

I wish I knew why grub-mkconfig isn't doing it...? I'm not marking it solved until I figure that out. Thanks again,
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum