keen4e
n00b
Joined: 20 Nov 2021
Posts: 21
|
 Posted: Mon May 20, 2024 12:12 am Post subject: [SOLVED] Using dracut with fully encrypted disk. |
 |
|
I use the binary kernel and I normally generate my initremfs with genkernel, but since dracut seems to be the default I would like to make it work. I have been offputting it for a while because for some reason the initramfs fails to boot, but I would like to solve it to avoid problems in the future.
My disk has several partitions sdb1 EFI sdb2 unecrypted boot sdb3 encrypted root sdb4 encrypted swap and sdb5 encrypted home. I normally let the initramfs decrypt the sdb3 and let then openrc decrypt and mount the rest. The initramfs generated by genkernel perfectly does that, but the dracut just fails.
Here is my dracut config:
I have one file in /etc/dracut.conf.d named encryption. There are no other files and /etc/dracut.conf is empty.
The /etc/dracut.conf.d contains:
| Code: |
add_dracutmodules+=" crypt dm rootfs-block "
kernel_cmdline+=" root=UUID=223198e6-ba25-47da-9d8b-828dffb0c252 rd.luks.uuid=e7f232ed-a76c-4e13-af19-952653f4a666 rd.debug "
|
Dracut seems to successfully decrypt the /dev/sdb3 disk with uuid e7f232ed-a76c-4e13-af19-952653f4a666 but for some reasons seems it fails mounting it and gets stuck in some sort of loop.
It generates a rather legnthy report since it contains the same text over and over from the loop, so I will just post here the beginning (after the hardware initialization):
| Code: |
[ 3.504969] dracut: luksOpen /dev/sdb3 luks-e7f232ed-a76c-4e13-af19-952653f4a666
[ 54.277868] dracut: + ret=0
[ 54.277920] dracut: + '[' 0 -ne 0 ']'
[ 54.277946] dracut: + return 0
[ 54.277981] dracut: + unset luks_open
[ 54.278005] dracut: + unset _timeout
[ 54.278053] dracut: + '[' 0 -ne 0 -a e7f232ed-a76c-4e13-af19-952653f4a666 '!=' luks-e7f232ed-a76c-4e13-af19-952653f4a666 ']'
[ 54.278092] dracut: + unset device luksname luksfile
[ 54.278114] dracut: + :
[ 54.278138] dracut: + need_shutdown
[ 54.278159] dracut: + :
|
And the end:
| Code: |
/lib/dracut-lib.sh@413(check_finished): local f rc=0
/lib/dracut-lib.sh@414(check_finished): for f in "$hookdir"/initqueue/finished/*.sh
/lib/dracut-lib.sh@415(check_finished): '[' /lib/dracut/hooks/initqueue/finished/90-crypt.sh = '/lib/dracut/hooks/initqueue/finished/*.sh' ']'
/lib/dracut-lib.sh@417(check_finished): '[' -e /lib/dracut/hooks/initqueue/finished/90-crypt.sh ']'
/lib/dracut-lib.sh@417(check_finished): . /lib/dracut/hooks/initqueue/finished/90-crypt.sh
//lib/dracut/hooks/initqueue/finished/90-crypt.sh@1(source): '[' -e '/dev/disk/by-id/dm-uuid-CRYPT-LUKS?-*e7f232eda76c4e13af19952653f4a666*-*' ']'
//lib/dracut/hooks/initqueue/finished/90-crypt.sh@1(source): exit 1
/lib/dracut-lib.sh@420(check_finished): rc=1
/lib/dracut-lib.sh@423(check_finished): return 1
/init@172(): udevsettle
/lib/dracut-lib.sh@509(udevsettle): udevadm settle --exit-if-exists=/lib/dracut/hooks/initqueue/work
/init@174(): check_finished
/lib/dracut-lib.sh@413(check_finished): local f rc=0
/lib/dracut-lib.sh@414(check_finished): for f in "$hookdir"/initqueue/finished/*.sh
/lib/dracut-lib.sh@415(check_finished): '[' /lib/dracut/hooks/initqueue/finished/90-crypt.sh = '/lib/dracut/hooks/initqueue/finished/*.sh' ']'
/lib/dracut-lib.sh@417(check_finished): '[' -e /lib/dracut/hooks/initqueue/finished/90-crypt.sh ']'
/lib/dracut-lib.sh@417(check_finished): . /lib/dracut/hooks/initqueue/finished/90-crypt.sh
//lib/dracut/hooks/initqueue/finished/90-crypt.sh@1(source): '[' -e '/dev/disk/by-id/dm-uuid-CRYPT-LUKS?-*e7f232eda76c4e13af19952653f4a666*-*' ']'
//lib/dracut/hooks/initqueue/finished/90-crypt.sh@1(source): exit 1
/lib/dracut-lib.sh@420(check_finished): rc=1
/lib/dracut-lib.sh@423(check_finished): return 1
/init@176(): '[' -f /lib/dracut/hooks/initqueue/work ']'
/init@180(): for job in "$hookdir"/initqueue/*.sh
/init@181(): '[' -e '/lib/dracut/hooks/initqueue/*.sh' ']'
/init@181(): break
/init@187(): udevadm settle --timeout=0
/init@189(): for job in "$hookdir"/initqueue/settled/*.sh
/init@190(): '[' -e '/lib/dracut/hooks/initqueue/settled/*.sh' ']'
/init@190(): break
/init@196(): udevadm settle --timeout=0
/init@199(): sleep 0.5
/init@201(): '[' 359 -gt 240 ']'
/init@202(): for job in "$hookdir"/initqueue/timeout/*.sh
/init@203(): '[' -e '/lib/dracut/hooks/initqueue/timeout/*.sh' ']'
/init@203(): break
/init@211(): main_loop=360
/init@212(): '[' 360 -gt 360 ']'
/init@168(): :
/init@170(): check_finished
/lib/dracut-lib.sh@413(check_finished): local f rc=0
/lib/dracut-lib.sh@414(check_finished): for f in "$hookdir"/initqueue/finished/*.sh
/lib/dracut-lib.sh@415(check_finished): '[' /lib/dracut/hooks/initqueue/finished/90-crypt.sh = '/lib/dracut/hooks/initqueue/finished/*.sh' ']'
/lib/dracut-lib.sh@417(check_finished): '[' -e /lib/dracut/hooks/initqueue/finished/90-crypt.sh ']'
/lib/dracut-lib.sh@417(check_finished): . /lib/dracut/hooks/initqueue/finished/90-crypt.sh
//lib/dracut/hooks/initqueue/finished/90-crypt.sh@1(source): '[' -e '/dev/disk/by-id/dm-uuid-CRYPT-LUKS?-*e7f232eda76c4e13af19952653f4a666*-*' ']'
//lib/dracut/hooks/initqueue/finished/90-crypt.sh@1(source): exit 1
/lib/dracut-lib.sh@420(check_finished): rc=1
/lib/dracut-lib.sh@423(check_finished): return 1
/init@172(): udevsettle
/lib/dracut-lib.sh@509(udevsettle): udevadm settle --exit-if-exists=/lib/dracut/hooks/initqueue/work
/init@174(): check_finished
/lib/dracut-lib.sh@413(check_finished): local f rc=0
/lib/dracut-lib.sh@414(check_finished): for f in "$hookdir"/initqueue/finished/*.sh
/lib/dracut-lib.sh@415(check_finished): '[' /lib/dracut/hooks/initqueue/finished/90-crypt.sh = '/lib/dracut/hooks/initqueue/finished/*.sh' ']'
/lib/dracut-lib.sh@417(check_finished): '[' -e /lib/dracut/hooks/initqueue/finished/90-crypt.sh ']'
/lib/dracut-lib.sh@417(check_finished): . /lib/dracut/hooks/initqueue/finished/90-crypt.sh
//lib/dracut/hooks/initqueue/finished/90-crypt.sh@1(source): '[' -e '/dev/disk/by-id/dm-uuid-CRYPT-LUKS?-*e7f232eda76c4e13af19952653f4a666*-*' ']'
//lib/dracut/hooks/initqueue/finished/90-crypt.sh@1(source): exit 1
/lib/dracut-lib.sh@420(check_finished): rc=1
/lib/dracut-lib.sh@423(check_finished): return 1
/init@176(): '[' -f /lib/dracut/hooks/initqueue/work ']'
/init@180(): for job in "$hookdir"/initqueue/*.sh
/init@181(): '[' -e '/lib/dracut/hooks/initqueue/*.sh' ']'
/init@181(): break
/init@187(): udevadm settle --timeout=0
/init@189(): for job in "$hookdir"/initqueue/settled/*.sh
/init@190(): '[' -e '/lib/dracut/hooks/initqueue/settled/*.sh' ']'
/init@190(): break
/init@196(): udevadm settle --timeout=0
/init@199(): sleep 0.5
/init@201(): '[' 360 -gt 240 ']'
/init@202(): for job in "$hookdir"/initqueue/timeout/*.sh
/init@203(): '[' -e '/lib/dracut/hooks/initqueue/timeout/*.sh' ']'
/init@203(): break
/init@211(): main_loop=361
/init@212(): '[' 361 -gt 360 ']'
/init@214(): flock -s 9
/init@215(): emergency_shell 'Could not boot.'
/lib/dracut-lib.sh@953(emergency_shell): local _ctty
/lib/dracut-lib.sh@954(emergency_shell): set +e
/lib/dracut-lib.sh@955(emergency_shell): local _rdshell_name=dracut action=Boot hook=emergency
/lib/dracut-lib.sh@956(emergency_shell): local _emergency_action
/lib/dracut-lib.sh@958(emergency_shell): '[' 'Could not boot.' = -n ']'
/lib/dracut-lib.sh@961(emergency_shell): '[' 'Could not boot.' = --shutdown ']'
/lib/dracut-lib.sh@968(emergency_shell): echo
/lib/dracut-lib.sh@969(emergency_shell): echo
/lib/dracut-lib.sh@970(emergency_shell): warn 'Could not boot.'
/lib/dracut-lib.sh@71(warn): check_quiet
/lib/dracut-lib.sh@461(check_quiet): '[' -z no ']'
/lib/dracut-lib.sh@72(warn): echo '<28>dracut Warning: Could not boot.'
/lib/dracut-lib.sh@73(warn): echo 'dracut Warning: Could not boot.'
dracut Warning: Could not boot.
/lib/dracut-lib.sh@971(emergency_shell): echo
//lib/dracut-lib.sh@973(emergency_shell): getarg rd.emergency
//lib/dracut-lib.sh@155(getarg): debug_off
//lib/dracut-lib.sh@23(debug_off): set +x
//lib/dracut-lib.sh@218(getarg): return 1
/lib/dracut-lib.sh@973(emergency_shell): _emergency_action=
/lib/dracut-lib.sh@974(emergency_shell): '[' -z '' ']'
/lib/dracut-lib.sh@975(emergency_shell): '[' -e /run/initramfs/.die ']'
/lib/dracut-lib.sh@978(emergency_shell): getargbool 1 rd.shell -d -y rdshell
/lib/dracut-lib.sh@229(getargbool): local _b
/lib/dracut-lib.sh@230(getargbool): unset _b
/lib/dracut-lib.sh@231(getargbool): local _default
/lib/dracut-lib.sh@232(getargbool): _default=1
/lib/dracut-lib.sh@233(getargbool): shift
//lib/dracut-lib.sh@234(getargbool): getarg rd.shell -d -y rdshell
//lib/dracut-lib.sh@155(getarg): debug_off
//lib/dracut-lib.sh@23(debug_off): set +x
//lib/dracut-lib.sh@218(getarg): return 1
/lib/dracut-lib.sh@234(getargbool): _b=
/lib/dracut-lib.sh@234(getargbool): _b=1
/lib/dracut-lib.sh@235(getargbool): '[' -n 1 ']'
/lib/dracut-lib.sh@236(getargbool): '[' 1 = 0 ']'
/lib/dracut-lib.sh@237(getargbool): '[' 1 = no ']'
/lib/dracut-lib.sh@238(getargbool): '[' 1 = off ']'
/lib/dracut-lib.sh@240(getargbool): return 0
/lib/dracut-lib.sh@979(emergency_shell): _emergency_shell dracut
/lib/dracut-lib.sh@912(_emergency_shell): local _name=dracut
/lib/dracut-lib.sh@913(_emergency_shell): '[' -n '' ']'
/lib/dracut-lib.sh@920(_emergency_shell): debug_off
/lib/dracut-lib.sh@23(debug_off): set +x
Generating "/run/initramfs/rdsosreport.txt"
|
I am not quite sure what is happening: am I setting something wrong?
EDIT:
I found that this problem has already been addressed here:
https://forums.gentoo.org/viewtopic-t-1146272.html
It seems like changing luks.uuid to luks.partuuid solved the issue. |
|
Installing Gentoo
