[SOLVED] LUKS/dm-crypt & LVM boot sequence incorrect!
Posted: Wed Oct 19, 2011 10:54 am
I'm trying to set up LMDE (x86_64) with an encrypted root partition (using LVM on top of LUKS as usual). I've tried the following two guides, and they both have the same results:
http://forums.linuxmint.com/viewtopic.p ... it=encrypt*
http://forums.linuxmint.com/viewtopic.p ... 20#p364620
If I use the guides in a straightforward manner, the boot process does not even attempt to unlock my drive before searching for the logical volume group and LVM volumes. I get the messages:
After a bit more complaining, I'm dropped into the initramfs debug shell.
I can get a little farther if I follow a few extra instructions from the [somewhat dated] guide at https://help.ubuntu.com/community/Feist ... hInstaller. I followed these additional instructions, though I'm not sure which helped matters (probably the creation of the cryptroot file though):
After a bit more complaining, I get dropped to the Busybox shell once again.
Note that I have no problem opening up my encrypted volumes manually; I only have trouble getting them working at boot time. I checked the boot scripts in /etc/rcS.d, and S09lvm2 includes cryptdisks-early under "Should-Start" instead of "Required-Start." Thinking that was the problem, I moved the cryptdisks-early dependency to "Required-Start" and ran update-initramfs -u again, but that didn't actually help matters.
As a side note, I do get update-initramfs error messages saying:
However, I hear there are a lot of false positives for those. My current /etc/crypttab is:
I get the error messages even if I remove the underscore from sda5_crypt (and modify the cryptroot file to reflect the change), and even if I use UUID=blahblah instead of /dev/sda5. None of it seems to make a difference, and the boot process still eventually decrypts the drive (assuming I followed the extra instructions I mentioned)...but only after it's done looking for the LVM volumes.
Does anyone know what I need to do to actually get the boot process working? Thanks!
http://forums.linuxmint.com/viewtopic.p ... it=encrypt*
http://forums.linuxmint.com/viewtopic.p ... 20#p364620
If I use the guides in a straightforward manner, the boot process does not even attempt to unlock my drive before searching for the logical volume group and LVM volumes. I get the messages:
Code: Select all
Volume group "LogicalVolumesOnEncryptedPartition" not found
Skipping volume group LogicalVolumesOnEncryptedPartition
Unable to find LVM volume LogicalVolumesOnEncryptedPartition/Root
blah blah
I can get a little farther if I follow a few extra instructions from the [somewhat dated] guide at https://help.ubuntu.com/community/Feist ... hInstaller. I followed these additional instructions, though I'm not sure which helped matters (probably the creation of the cryptroot file though):
- cd /dev; MAKEDEV generic (outside of chroot)
- echo 'CRYPTOPTS=target=sda5_crypt,source=/dev/sda5' > /etc/initramfs-tools/conf.d/cryptroot
(sda5 is my encrypted volume) - cp /usr/share/initramfs-tools/hooks/cryptroot /etc/initramfs-tools/hooks/cryptroot
cp /usr/share/initramfs-tools/scripts/local-top/cryptroot /etc/initramfs-tools/scripts/local-top/cryptroot - update-grub
- update-initramfs -u (of course)
Code: Select all
cryptsetup: lvm fs found but no lvm configured
Note that I have no problem opening up my encrypted volumes manually; I only have trouble getting them working at boot time. I checked the boot scripts in /etc/rcS.d, and S09lvm2 includes cryptdisks-early under "Should-Start" instead of "Required-Start." Thinking that was the problem, I moved the cryptdisks-early dependency to "Required-Start" and ran update-initramfs -u again, but that didn't actually help matters.
As a side note, I do get update-initramfs error messages saying:
Code: Select all
cryptsetup: WARNING: invalid line in /etc/crypttab -
Code: Select all
sda5_crypt /dev/sda5 none luks,tries=3
Does anyone know what I need to do to actually get the boot process working? Thanks!