| View previous topic :: View next topic |
| Author |
Message |
Khaine
n00b
Joined: 16 Nov 2004
Posts: 33
|
 Posted: Sun May 03, 2015 10:02 am Post subject: Unable to boot from a LUKS encrypted root drive |
 |
|
I've been setting up a new server with gentoo. I followed the handbook, but made a few minor deviations. I used cryptsetup to encrypt the root drive and I used btrfs for the root filesystem.
When I try to boot into the system I get the following error:
| Quote: |
Block device /dev/mapper/crypt is not a valid drive...
Could not find the root device in .
Please specift another value or :
- press Enter for the same
-type "shell" for a shell
-type "" to skip...
block device() ::
|
Does anyone know what I need to do to get it to work? |
|
| Back to top |
|
 |
Roman_Gruber
Advocate
Joined: 03 Oct 2006
Posts: 3846
Location: Austro Bavaria
|
| Posted: Sun May 03, 2015 10:07 am Post subject: |
|
|
You need an unencrypted boot partition or an usb-pendrive.
than you need an initramfs with a kernel. That package needs to be able to open your encrypted partition and read your file-system. I use an initramfs created ages ago with genkernel. And you need a lot of kernel-parameters to get it going depending on what you did in the end.
| Quote: | Block device /dev/mapper/crypt is not a valid drive...
Could not find the root device in .
Please specift another value or :
- press Enter for the same
-type "shell" for a shell
-type "" to skip...
block device() :: |
Well that sums it up that your kernel with or without an initramfs can not find the root partition. Reasons could be no support for hardware controller, encryption, file-system and so on. Think as a bootloader and check every next step which is necessary to boot your /. |
|
| Back to top |
|
|
Khaine
n00b
Joined: 16 Nov 2004
Posts: 33
|
| Posted: Sun May 03, 2015 12:13 pm Post subject: |
|
|
I followed the gentoo handbook in terms of my partitions:
| Quote: |
Partition Filesystem Size Description
/dev/sda1 (bootloader) 2M BIOS boot partition
/dev/sda2 ext2 (or vfat) 128M Boot partition
/dev/sda3 (swap) 1024M Swap partition
/dev/sda4 btrfs Rest of the disk Root partition
|
I used `genkernel all` to create the kernel and genkernel --luks --install initramfs to create the initramfs.
As far as I'm aware that should correctly install all of the required components for the boot loader to loader the initramfs and the initramfs to decrypt and load the root partition, but I am clearly doing something wrong.[/quote] |
|
| Back to top |
|
|
toralf
Developer
Joined: 01 Feb 2004
Posts: 3925
Location: Hamburg
|
| Posted: Sun May 03, 2015 1:43 pm Post subject: |
|
|
| And you've configured /etc/conf.d/dmcrypt , yes ? |
|
| Back to top |
|
|
Khaine
n00b
Joined: 16 Nov 2004
Posts: 33
|
| Posted: Mon May 04, 2015 9:13 am Post subject: |
|
|
`/etc/conf.d/dmcrypt` is configured as follows:
| Quote: |
# Encrypt swap
swap=crypt-swap
source='/dev/sda3'
|
and `/etc/default/grub` is configured as:
| Quote: |
GRUB_CMDLINE_LINUX_DEFAULT="cryptdevice=/dev/sda4:crypt rootfstype=btrfs"
GRUB_CRYPTODISK_ENABLE=y
|
and `/etc/fstab` is configured as:
| Quote: |
/dev/sda2 /boot ext3 noauto,noatime 1 2
/dev/mapper/crypt / btrfs noatime 0 1
/dev/mapper/swap none swap sw 0 0
|
|
|
| Back to top |
|
|
Roman_Gruber
Advocate
Joined: 03 Oct 2006
Posts: 3846
Location: Austro Bavaria
|
| Posted: Wed May 06, 2015 3:02 pm Post subject: |
|
|
Did you check the entry in your grub.conf?
(Contains initramfs / parameters for your file-system and luks)
It may be advised that you post teh coresponding boot entry in grub for your kernel here...
Did you checked the kernel-config which genkernel has used? I only used the initramfs ages ago with genkernel. Maybe there is something missing in your kernel config like hardware support / file system / encryption / ... |
|
| Back to top |
|
|
Khaine
n00b
Joined: 16 Nov 2004
Posts: 33
|
| Posted: Thu May 07, 2015 8:23 am Post subject: |
|
|
This is my grub.cfg which was auto generated using grub2-mkconfig -o /boot/grub/grub.cfg
| Quote: | ### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
load_env
fi
if [ "${next_entry}" ] ; then
set default="${next_entry}"
set next_entry=
save_env next_entry
set boot_once=true
else
set default="0"
fi
if [ x"${feature_menuentry_id}" = xy ]; then
menuentry_id_option="--id"
else
menuentry_id_option=""
fi
export menuentry_id_option
if [ "${prev_saved_entry}" ]; then
set saved_entry="${prev_saved_entry}"
save_env saved_entry
set prev_saved_entry=
save_env prev_saved_entry
set boot_once=true
fi
function savedefault {
if [ -z "${boot_once}" ]; then
saved_entry="${chosen}"
save_env saved_entry
fi
}
function load_video {
if [ x$feature_all_video_module = xy ]; then
insmod all_video
else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
fi
}
if loadfont unicode ; then
set gfxmode=auto
load_video
insmod gfxterm
set locale_dir=$prefix/locale
set lang=en_AU
insmod gettext
fi
terminal_output gfxterm
if [ x$feature_timeout_style = xy ] ; then
set timeout_style=menu
set timeout=5
# Fallback normal timeout code in case the timeout_style feature is
# unavailable.
else
set timeout=5
fi
### END /etc/grub.d/00_header ###
### BEGIN /etc/grub.d/10_linux ###
menuentry 'Gentoo GNU/Linux' --class gentoo --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-/dev/mapper/crypt' {
load_video
if [ "x$grub_platform" = xefi ]; then
set gfxpayload=keep
fi
insmod gzio
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2 a5d3b005-fdef-490a-8a6a-8de0332f1af8
else
search --no-floppy --fs-uuid --set=root a5d3b005-fdef-490a-8a6a-8de0332f1af8
fi
echo 'Loading Linux x86_64-3.18.9-hardened ...'
linux /kernel-genkernel-x86_64-3.18.9-hardened root=/dev/mapper/crypt ro cryptdevice=/dev/sda4:crypt rootfstype=btrfs
echo 'Loading initial ramdisk ...'
initrd /initramfs-genkernel-x86_64-3.18.9-hardened
}
submenu 'Advanced options for Gentoo GNU/Linux' $menuentry_id_option 'gnulinux-advanced-/dev/mapper/crypt' {
menuentry 'Gentoo GNU/Linux, with Linux x86_64-3.18.9-hardened' --class gentoo --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-x86_64-3.18.9-hardened-advanced-/dev/mapper/crypt' {
load_video
if [ "x$grub_platform" = xefi ]; then
set gfxpayload=keep
fi
insmod gzio
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2 a5d3b005-fdef-490a-8a6a-8de0332f1af8
else
search --no-floppy --fs-uuid --set=root a5d3b005-fdef-490a-8a6a-8de0332f1af8
fi
echo 'Loading Linux x86_64-3.18.9-hardened ...'
linux /kernel-genkernel-x86_64-3.18.9-hardened root=/dev/mapper/crypt ro cryptdevice=/dev/sda4:crypt rootfstype=btrfs
echo 'Loading initial ramdisk ...'
initrd /initramfs-genkernel-x86_64-3.18.9-hardened
}
menuentry 'Gentoo GNU/Linux, with Linux x86_64-3.18.9-hardened (recovery mode)' --class gentoo --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-x86_64-3.18.9-hardened-recovery-/dev/mapper/crypt' {
load_video
if [ "x$grub_platform" = xefi ]; then
set gfxpayload=keep
fi
insmod gzio
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2 a5d3b005-fdef-490a-8a6a-8de0332f1af8
else
search --no-floppy --fs-uuid --set=root a5d3b005-fdef-490a-8a6a-8de0332f1af8
fi
echo 'Loading Linux x86_64-3.18.9-hardened ...'
linux /kernel-genkernel-x86_64-3.18.9-hardened root=/dev/mapper/crypt ro single
echo 'Loading initial ramdisk ...'
initrd /initramfs-genkernel-x86_64-3.18.9-hardened
}
menuentry 'Gentoo GNU/Linux, with Linux 3.18.9-hardened' --class gentoo --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-3.18.9-hardened-advanced-/dev/mapper/crypt' {
load_video
if [ "x$grub_platform" = xefi ]; then
set gfxpayload=keep
fi
insmod gzio
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2 a5d3b005-fdef-490a-8a6a-8de0332f1af8
else
search --no-floppy --fs-uuid --set=root a5d3b005-fdef-490a-8a6a-8de0332f1af8
fi
echo 'Loading Linux 3.18.9-hardened ...'
linux /vmlinuz-3.18.9-hardened root=/dev/mapper/crypt ro cryptdevice=/dev/sda4:crypt rootfstype=btrfs
echo 'Loading initial ramdisk ...'
initrd /initramfs-genkernel-x86_64-3.18.9-hardened
}
menuentry 'Gentoo GNU/Linux, with Linux 3.18.9-hardened (recovery mode)' --class gentoo --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-3.18.9-hardened-recovery-/dev/mapper/crypt' {
load_video
if [ "x$grub_platform" = xefi ]; then
set gfxpayload=keep
fi
insmod gzio
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2 a5d3b005-fdef-490a-8a6a-8de0332f1af8
else
search --no-floppy --fs-uuid --set=root a5d3b005-fdef-490a-8a6a-8de0332f1af8
fi
echo 'Loading Linux 3.18.9-hardened ...'
linux /vmlinuz-3.18.9-hardened root=/dev/mapper/crypt ro single
echo 'Loading initial ramdisk ...'
initrd /initramfs-genkernel-x86_64-3.18.9-hardened
}
menuentry 'Gentoo GNU/Linux, with Linux 3.18.9-hardened.old' --class gentoo --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-3.18.9-hardened.old-advanced-/dev/mapper/crypt' {
load_video
if [ "x$grub_platform" = xefi ]; then
set gfxpayload=keep
fi
insmod gzio
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2 a5d3b005-fdef-490a-8a6a-8de0332f1af8
else
search --no-floppy --fs-uuid --set=root a5d3b005-fdef-490a-8a6a-8de0332f1af8
fi
echo 'Loading Linux 3.18.9-hardened.old ...'
linux /vmlinuz-3.18.9-hardened.old root=/dev/mapper/crypt ro cryptdevice=/dev/sda4:crypt rootfstype=btrfs
echo 'Loading initial ramdisk ...'
initrd /initramfs-genkernel-x86_64-3.18.9-hardened
}
menuentry 'Gentoo GNU/Linux, with Linux 3.18.9-hardened.old (recovery mode)' --class gentoo --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-3.18.9-hardened.old-recovery-/dev/mapper/crypt' {
load_video
if [ "x$grub_platform" = xefi ]; then
set gfxpayload=keep
fi
insmod gzio
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2 a5d3b005-fdef-490a-8a6a-8de0332f1af8
else
search --no-floppy --fs-uuid --set=root a5d3b005-fdef-490a-8a6a-8de0332f1af8
fi
echo 'Loading Linux 3.18.9-hardened.old ...'
linux /vmlinuz-3.18.9-hardened.old root=/dev/mapper/crypt ro single
echo 'Loading initial ramdisk ...'
initrd /initramfs-genkernel-x86_64-3.18.9-hardened
}
}
### END /etc/grub.d/10_linux ###
### BEGIN /etc/grub.d/20_linux_xen ###
### END /etc/grub.d/20_linux_xen ###
### BEGIN /etc/grub.d/30_os-prober ###
### END /etc/grub.d/30_os-prober ###
### BEGIN /etc/grub.d/40_custom ###
# This file provides an easy way to add custom menu entries. Simply type the
# menu entries you want to add after this comment. Be careful not to change
# the 'exec tail' line above.
### END /etc/grub.d/40_custom ###
### BEGIN /etc/grub.d/41_custom ###
if [ -f ${config_directory}/custom.cfg ]; then
source ${config_directory}/custom.cfg
elif [ -z "${config_directory}" -a -f $prefix/custom.cfg ]; then
source $prefix/custom.cfg;
fi
### END /etc/grub.d/41_custom ### |
|
|
| Back to top |
|
|
Khaine
n00b
Joined: 16 Nov 2004
Posts: 33
|
| Posted: Thu May 07, 2015 10:41 am Post subject: |
|
|
| I forgot to mention, I also manually configured a kernel with what I thought were all of the required components. When that didn't work I tried genkernel. In both cases I got the same error |
|
| Back to top |
|
|
Roman_Gruber
Advocate
Joined: 03 Oct 2006
Posts: 3846
Location: Austro Bavaria
|
| Posted: Thu May 07, 2015 12:52 pm Post subject: |
|
|
you may try out the grub2 shell and see what devices are listed there. and how they are named
| Quote: | Block device /dev/mapper/crypt is not a valid drive...
Could not find the root device in .
Please specift another value or :
- press Enter for the same
-type "shell" for a shell
-type "" to skip...
block device() :: |
Are the kernel and the initramfs on an unencrypted partition? |
|
| Back to top |
|
|
Khaine
n00b
Joined: 16 Nov 2004
Posts: 33
|
| Posted: Sat May 09, 2015 6:14 am Post subject: |
|
|
| The kernel and initramfs are on an unencrypted partition. Only / is encrypted, /boot/ is unencrypted |
|
| Back to top |
|
|
gelog
n00b
Joined: 01 Oct 2007
Posts: 24
|
| Posted: Sun May 10, 2015 12:23 pm Post subject: |
|
|
hi,
my GRUB_CMDLINE_LINUX is a little different.
"crypt_root=/dev/sda7 root=/dev/mapper/myroot root=/dev/ram0"
hope its somehow help. |
|
| Back to top |
|
|
|
Installing Gentoo
