LVM Ontop of LUKS using Grub

arch-linux grub luks lvm
7,464

Solution 1

Your problem seems to be in the difference of :crypt as volume group for /dev/sdb2 and using lvmpool- as volumegroup name as parameter for root.

GRUB_CMDLINE_LINUX="root=/dev/mapper/lvmpool-root cryptdevice=/dev/sdb2:crypt ro"

The example here:

cryptdevice=/dev/partition:MyStorage root=/dev/mapper/MyStorage-rootvol

has matching :MyStorage and MyStorage-. That page specifically targets grub (and not Syslinux), with LVM on top of LUKS. So I would follow that set up.

That you have an extra, not encrypted partition, doesn't matter.

Solution 2

Thank you Anthon for your answer above, it greatly contributed to solving my problem.

It seems the solution to my issue was two parts.

  1. The entry in /etc/default/grub, for me should read:

    GRUB_CMDLINE_LINUX="cryptdevice=/dev/sdb2:lvmpool root=/dev/mapper/lvmpool-root"

To break down each entry:

cryptdevice consists of the partition you applied the encryption too, in my case /dev/sdb2 and lvmpool (my volume group)

root is simply pointing to the location of my encrypted root lvmpool (which is located on sdb2)

  1. After that entry is made (and this was a key mistake for me) you must run:

    grub-mkconfig -o /boot/grub/grub.cfg

This will update your /boot/grub/grub.cfg with the information you added to /etc/default/grub.

After I did that, the system booted straight into the prompt to unlock the root partition.

Share:
7,464
Cyberpsychosis
Author by

Cyberpsychosis

Updated on September 18, 2022

Comments

  • Cyberpsychosis
    Cyberpsychosis over 1 year

    What am I trying to do?

    Install Arch with full system encryption (sans boot and media partition) using LVM on top of LUKS on an external hard drive (sdb) using: http://suddenkernelpanic.blogspot.com/2013/03/arch-linux-lvm-on-top-of-luks-2013-style.html

    What is my problem:

    System boots grub and it appears there is some confusion on where to find root

    Error: Device 'uuid=f7153c4b-e6ea-48a2-9ee1-bf38c037173d' not found. skipping fsck

    Error: Unable to find root device 'uuid=f7153c4b-e6ea-48a2-9ee1-bf38c037173d'

    Where I deviated from this tutorial

    1. I used Grub Instead of Syslinux as the tutorial suggests (This seems to be the crux) and it's really hazy on the solution for Grub

    2. My partition scheme consists of an extra FAT32 partition that is not involved in the encryption (seems irrelevant to the issue)

    Issues on /etc/default/grub:

    (I feel like this is where the issue is)

    From what I've read I need to update a couple of places in this file specifically:

    GRUB_CMDLINE_LINUX="root=/dev/mapper/lvmpool-root cryptdevice=/dev/sdb2:crypt ro"

    and I'm supposed to uncomment:

    GRUB_DISABLE_LINUX_UUID=true

    Issues on /etc/mkinitcpio.conf

    I'm supposed to add the hooks as follows

    HOOKS="... encrypt lvm2 ... filesystems ..."

    Here's my fstab entry for root

    <filesystem>
/dev/mapper/lvmpool-root                                                 
UUID=f7153c4b-e6ea-48a2-9ee1-bf38c037173d / ext4 rw,relatime,data=ordered   0 1

    Current Work-Around

    I can still use the system because after it errors out, it drops me into a recovery shell, at which type I can simply do a:

    cryptsetup luksOpen /dev/sdb2 crypt 
enter password

    Then exit recovery shell and it drops me back into a normal arch login prompt. This wouldn't be so bad, if it weren't so time consuming... (Takes forever to error out on boot, like 20 seconds)

    Other Resources I tried

    I have also used:

    • wiki.archlinux.org/index.php/Beginners%27_guide

    • wiki.archlinux.org/index.php/Gr … encryption

    • wiki.archlinux.org/index.php/Dm … oot_loader

    • wiki.archlinux.org/index.php/Dm … VM_on_LUKS

  • Anthon
    Anthon over 9 years
    In "Preparing the logical volumes" it says that MyStorage is the Volume Group and rootvol the Logical Volume

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Grub cryptdevice with changing device names?
How to manually setup grub on a seperate boot partition with LVM over LUKS full disk encryption?
Arch linux root device problem in '/dev/mapper/MyStorage-rootvol'
Grub-install: embedding is not possible in Bios/GPT
LUKS initramfs boot problem: "/dev/mapper/ubuntu-root does not exist." How can I fix it using a backup?
How to mount LUKS encrypted file?
How does LUKS work?
How to configure LVM & LUKS to autodecrypt partition?
Mounting encrypted LUKS partition from Live CD
How to change the password of an encrypted LVM system (previously alternate Installation, now advanced feature)?