Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] Full Disk Encryption (lvm issue)
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
sdauth
Tux's lil' helper
Tux's lil' helper


Joined: 19 Sep 2018
Posts: 142
Location: Frankreich

PostPosted: Mon Dec 16, 2019 11:07 am    Post subject: [SOLVED] Full Disk Encryption (lvm issue) Reply with quote

Hello,

I finished to install Gentoo with full disk encryption (using coreboot and grub payload)
It boots fine but the boot is slowed down because of this :

"Configuration setting "devices/scan_lvs" unknown."

What does it mean ?

Here is the log :

Code:
>> Scanning for and activating Volume Groups
  Configuration setting "devices/scan_lvs" unknown.
  Reading all physical volumes. This may take a while...
>> Loading keymaps
>> Loading the ''uk'' keymap
>> Attempting to mount media: /dev/sda1
>> Attempting to mount media: /dev/sdb1
>> Attempting to mount media: /dev/sdb2
>> Attempting to mount media: /dev/sdb3
>> Attempting to mount media: /dev/sdb5
>> Attempting to mount media: /dev/sdb6
>> Attempting to mount media: /dev/ram0
>> Attempting to mount media: /dev/ram1
>> Attempting to mount media: /dev/ram2
>> Attempting to mount media: /dev/ram3
>> Attempting to mount media: /dev/ram4
>> Attempting to mount media: /dev/ram5
>> Attempting to mount media: /dev/ram6
>> Attempting to mount media: /dev/ram7
>> Attempting to mount media: /dev/ram8
>> Attempting to mount media: /dev/ram9
>> Attempting to mount media: /dev/ram10
>> Attempting to mount media: /dev/ram11
>> Attempting to mount media: /dev/ram12
>> Attempting to mount media: /dev/ram13
>> Attempting to mount media: /dev/ram14
>> Attempting to mount media: /dev/ram15
>> Attempting to mount media: /dev/sda1
>> Attempting to mount media: /dev/sdb1
>> Attempting to mount media: /dev/sdb2
>> Attempting to mount media: /dev/sdb3
>> Attempting to mount media: /dev/sdb5
>> Attempting to mount media: /dev/sdb6
!! Media not found
>> crypto_keyfile.bin on device  found
>> LUKS device /dev/sda1 opened
>> Scanning for and activating Volume Groups
  Configuration setting "devices/scan_lvs" unknown.
  Reading all physical volumes. This may take a while...
  Found volume group "anon" using metadata type lvm2
  2 logical volume(s) in volume group "anon" now active
>> Determining root device ...
>> Mounting /dev/anon/root as root...
>> Using mount -t auto -o ro /dev/mapper/anon-root /newroot
>> Booting (initramfs)
/newroot is a mountpoint
>> Switching to real root: /sbin/switch_root -c /dev/console /newroot /sbin/init
INIT: version 2.93 booting

 OpenRC 0.41.2 is starting up Gentoo Linux (x86_64)

[...]


Configuration :

/etc/lvm/lvm.conf
Code:
issue_discards = 1


/etc/genkernel.conf
Code:
LVM="yes"
LUKS="yes"
INITRAMFS_OVERLAY="/boot/overlay" # (/boot/overlay/mnt/key/crypto_keyfile.bin to avoid typing twice the password)


Command line:
Code:
BOOT_IMAGE=/boot/kernel dolvm crypt_root=/dev/sda1 root=/dev/anon/root cryptdevice=/dev/sda1:root:root_trim=yes keymap=uk root_key=crypto_keyfile.bin


Thanks.


Last edited by sdauth on Sat Dec 21, 2019 9:16 am; edited 1 time in total
Back to top
View user's profile Send private message
sdauth
Tux's lil' helper
Tux's lil' helper


Joined: 19 Sep 2018
Posts: 142
Location: Frankreich

PostPosted: Fri Dec 20, 2019 9:05 am    Post subject: Reply with quote

Any idea ?
Maybe related or not..
I noticed that while my lvm2 version is 2.02.184-r5 (readline static thin udev), genkernel generates its "own" old lvm2

Code:
/var/cache/genkernel/3.5.3.3/LVM2.2.02.173-x86_64.tar.bz2


I don't understand why since my lvm2 is compiled as static so why genkernel does not use it ?

/etc/genkernel.conf
Code:
# Add in LVM support from static binaries if they exist on the system, or
# compile static LVM binaries if static ones do not exist.
LVM="yes"


EDIT : To be sure, I deleted genkernel cache and ran again "genkernel initramfs", it stills generates its own lvm2 :?


Last edited by sdauth on Sat Dec 21, 2019 9:28 am; edited 1 time in total
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15334

PostPosted: Sat Dec 21, 2019 1:45 am    Post subject: Reply with quote

Does genkernel's output indicate that it tested for whether your binaries were static? What is the output of emerge --pretend --verbose sys-fs/lvm2?
Back to top
View user's profile Send private message
sdauth
Tux's lil' helper
Tux's lil' helper


Joined: 19 Sep 2018
Posts: 142
Location: Frankreich

PostPosted: Sat Dec 21, 2019 8:22 am    Post subject: Reply with quote

@Hu :

Quote:
Does genkernel's output indicate that it tested for whether your binaries were static?


Not really, it compiles its own directly :

Code:
* initramfs: >> Initializing...
*         >> Appending devices cpio data...
*         >> Appending base_layout cpio data...
*         >> Appending auxilary cpio data...
*         >> Copying keymaps
*         >> Appending busybox cpio data...
*         >> Appending lvm cpio data...
*           LVM: Adding support (compiling binaries)...
* lvm: >> Patching ...
* lvm: >> Applying patches...
patching file configure.in
Hunk #1 succeeded at 32 (offset 1 line).
Hunk #2 succeeded at 2129 (offset 119 lines).
patching file daemons/dmeventd/Makefile.in
Hunk #1 succeeded at 66 (offset -1 lines).
patching file make.tmpl.in
Hunk #1 succeeded at 58 (offset 9 lines).
patching file tools/Makefile.in
Hunk #1 succeeded at 133 (offset 4 lines).
Hunk #2 succeeded at 160 (offset 14 lines).
*           - lvm2-2.02.139-dynamic-static-ldflags.patch
* lvm: >> Autoconf ...
* lvm: >> Configuring...
* lvm: >> Compiling...
* lvm: >> Installing to DESTDIR...
*       >> Copying to bincache...
*         >> Appending luks cpio data...
* Including LUKS support
*         >> Appending modules cpio data...
*         >> Appending blkid cpio data...
*         >> Appending modprobed cpio data...
*         >> Appending overlay cpio data...
*         >> Appending linker cpio data...
*         >> Deduping cpio...
*         >> Compressing cpio data (.xz)...


Quote:
What is the output of emerge --pretend --verbose sys-fs/lvm2?


Code:
These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild   R    ] sys-fs/lvm2-2.02.184-r5::gentoo  USE="readline static thin udev -device-mapper-only -lvm2create_initrd -sanlock (-selinux) -static-libs -systemd" 0 KiB


Started to build it again to spot any message then :

Code:
 * LVM2.2.02.184.tgz BLAKE2B SHA512 size ;-) ...                                                                                                                                     
 * Determining the location of the kernel source code
 * Found kernel source directory:
 *     /usr/src/linux
 * Found sources for kernel version:
 *     4.14.156-gentoo-gnu
 * Checking for suitable kernel configuration options...                                                                                                                         
 *Warning, we no longer overwrite /sbin/lvm and /sbin/dmsetup with
 * their static versions. If you need the static binaries,
 * you must append .static to the filename!
[...]


It turns out, there are already present :

ls -al /sbin/lvm*

Code:
-r-xr-xr-x 1 root root 2131336 21 déc.  09:06 /sbin/lvm
-r-xr-xr-x 1 root root 3388120 21 déc.  09:06 /sbin/lvm.static


ls -al /sbin/dmsetup*
Code:
-r-xr-xr-x 1 root root  154000 21 déc.  09:06 /sbin/dmsetup
-r-xr-xr-x 1 root root 1430616 21 déc.  09:06 /sbin/dmsetup.static


Looking at gen_initramfs.sh from genkernel, it looks alright to me and it should copy the static binary instead of compiling its own but maybe I'm wrong.

/usr/share/genkernel/gen_initramfs.sh
Code:

append_lvm(){
 363         if [ -d "${TEMP}/initramfs-lvm-temp" ]
 364         then
 365                 rm -r "${TEMP}/initramfs-lvm-temp/"
 366         fi
 367         cd ${TEMP}
 368         mkdir -p "${TEMP}/initramfs-lvm-temp/bin/"
 369         mkdir -p "${TEMP}/initramfs-lvm-temp/sbin/"
 370         mkdir -p "${TEMP}/initramfs-lvm-temp/etc/lvm/"
 371         mkdir -p "${TEMP}/initramfs-lvm-temp/etc/lvm/cache"
 372         if false && [ -e '/sbin/lvm.static' ]
 373         then
 374                 print_info 1 '          LVM: Adding support (using local static binary /sbin/lvm.static)...'
 375                 cp /sbin/lvm.static "${TEMP}/initramfs-lvm-temp/sbin/lvm" ||
 376                         gen_die 'Could not copy over lvm!'
 377                 # See bug 382555
 378                 if [ -e '/sbin/dmsetup.static' ]
 379                 then
 380                         cp /sbin/dmsetup.static "${TEMP}/initramfs-lvm-temp/bin/dmsetup"
 381                 fi
 382         elif false && [ -e '/sbin/lvm' ] && LC_ALL="C" ldd /sbin/lvm|grep -q 'not a dynamic executable'
 383         then
 384                 print_info 1 '          LVM: Adding support (using local static binary /sbin/lvm)...'
 385                 cp /sbin/lvm "${TEMP}/initramfs-lvm-temp/sbin/lvm" ||
 386                         gen_die 'Could not copy over lvm!'
 387                 # See bug 382555
 388                 if [ -e '/sbin/dmsetup' ] && LC_ALL="C" ldd /sbin/dmsetup | grep -q 'not a dynamic executable'
 389                 then
 390                         cp /sbin/dmsetup "${TEMP}/initramfs-lvm-temp/bin/dmsetup"
 391                 fi


EDIT : If I remove "false &&" on line 372, then it works..
Code:

* initramfs: >> Initializing...
*         >> Appending devices cpio data...
*         >> Appending base_layout cpio data...
*         >> Appending auxilary cpio data...
*         >> Copying keymaps
*         >> Appending busybox cpio data...
*         >> Appending lvm cpio data...
*           LVM: Adding support (using local static binary /sbin/lvm.static)...
*         >> Appending luks cpio data...
* Including LUKS support
*         >> Appending modules cpio data...
*         >> Appending blkid cpio data...
*         >> Appending modprobed cpio data...
*         >> Appending overlay cpio data...
*         >> Appending linker cpio data...
*         >> Deduping cpio...
*         >> Compressing cpio data (.xz)...
Back to top
View user's profile Send private message
sdauth
Tux's lil' helper
Tux's lil' helper


Joined: 19 Sep 2018
Posts: 142
Location: Frankreich

PostPosted: Sat Dec 21, 2019 8:44 am    Post subject: Reply with quote

And the error is gone ! (see above)
With the new lvm (compiled as static), no more error message.
Still, what's the meaning of :

Code:
"Attempting to mount media /dev/***"


Is there a way to avoid that output ?

It looks like it is being generated by :

/usr/share/genkernel/defaults/initrd.scripts

EDIT
: The following function seems to be responsible for it :
Code:
findmediamount()

I wonder if I can just edit
Code:
/usr/share/genkernel/defaults/initrd.scripts


Will post results later..

EDIT2: Working... !

I commented in lines 130 & 132 in /usr/share/genkernel/defaults/initrd.scripts

Code:
       # Check for a block device to mount
 111       if [ -b "${x}" ]
 112       then
 113         skip=0
 114         bsn=`basename "${x}"`
 115         #
 116         # If disk and it has at least one partition, skip.
 117         # We use /sys/block/${bsn}/${bsn}[0-9]* to make sure that we
 118         # don't skip device mapper devices. Even the craziest scenario
 119         # deserves a fair chance.
 120         #
 121         for part in `ls /sys/block/${bsn}/${bsn}*[0-9]* 2>/dev/null`
 122         do
 123           skip=1
 124           break;
 125         done
 126         if [ ${skip} -eq 1 ]
 127         then
 128           continue
 129         fi
 130         #good_msg "Attempting to mount media: ${x}" ${CRYPT_SILENT}
 131
 132         #mount -t ${CDROOT_TYPE} ${x} ${mntcddir} >/dev/null 2>&1


then regenerated the initramfs (and extracted it in /tmp to make sure etc/initrd.scripts was indeed modified)

No more "Attempting to mount media ***" messages :)
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15334

PostPosted: Sat Dec 21, 2019 5:32 pm    Post subject: Reply with quote

Based on your results, it looks to me like the genkernel configuration file has an outdated/misleading comment. The comment states that if static binaries are found, they will be used. However, as you discovered, someone has modified genkernel never to recognize/detect preexisting LVM static binaries, so it always builds its own. That modification looks intentional to me; no one would write the test (with false &&) that way by accident.
Back to top
View user's profile Send private message
sdauth
Tux's lil' helper
Tux's lil' helper


Joined: 19 Sep 2018
Posts: 142
Location: Frankreich

PostPosted: Mon Dec 23, 2019 11:43 am    Post subject: Reply with quote

@Hu :
Indeed.
One more thing, this morning I've been prompted to upgrade genkernel to latest stable (4.0.1) and it compiles its own lvm2 again, among others.. see :
Code:

ls /var/cache/genkernel/4.0.1/
LVM2.2.02.186-x86_64.tar.xz     expat-2.2.8-x86_64.tar.xz        popt-1.16-x86_64.tar.xz
boost-1.72.0-x86_64.tar.xz      json-c-0.13.1-x86_64.tar.xz      thin-provisioning-tools-0.8.5-x86_64.tar.xz
boost-build-1.72.0.tar.xz       libaio-0.3.112-x86_64.tar.xz     util-linux-2.34-x86_64.tar.xz
busybox-1.31.1-x86_64.tar.xz    libgcrypt-1.8.5-x86_64.tar.xz
cryptsetup-2.2.2-x86_64.tar.xz  libgpg-error-1.36-x86_64.tar.xz


It took a hell lot of time to compile. But now it is cached at least :lol:

And since it compiles its own recent lvm2 (LVM2.2.02.186), the issue I reported in my first post isn't present anymore. ("Configuration setting "devices/scan_lvs" unknown.")
So, it looks like I should just have waited a little bit for genkernel 4.0.1 to be available. :lol:
Maybe the next step will be to work on a custom initramfs. I've seen some nice examples on the wiki. But as for now, it works fine.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum