LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   Crypted root on LVM does not boot (http://www.linuxquestions.org/questions/slackware-14/crypted-root-on-lvm-does-not-boot-4175427499/)

funboy 09-16-2012 09:15 AM

Crypted root on LVM does not boot
 
Hello guys,

I encrypted my hdd leaving only one partition unencrypted for /boot - the other partition is for LVM. In it I create some logical volumes (one for root).
I configured lilo and everything looks great lilo starts but I've received an error that the system is unable to mount root fs - kernel panic. After short investigation I found - the volume group in which is the logical volume for root fs is not activated during boot time!
I thinks that this is the major reason that my slack doesn't start. In addition the fs on the logival volumes is ext4.

Any ideas how to force the volume group to be activated during boot time or the issue is somewhere else ?

mrascii 09-16-2012 09:48 AM

Your /etc/fstab file should look like this:

Code:

/dev/cryptvg/swap swap            swap        defaults        0  0
/dev/cryptvg/root /                ext4        defaults        1  1
/dev/cryptvg/home /home            ext4        defaults        1  2
/dev/sda1        /boot            ext4        defaults        1  2

Make sure lilo.conf shows the correct root partition to boot. Also, make sure you run the mkinitrd command in README_CRYPT.TXT and not the one in UPGRADE.TXT. Follow the instructions in the crypt readme and you should have no problems.

DNA
AKA mrascii

Slackovado 09-16-2012 01:21 PM

Are you loading the module for ext4 in your mkinitrd?

TommyC7 09-16-2012 08:04 PM

Make sure your initrd has the modules that it requires for accessing your root partition. The important keyword is "module" here. If the ext4 module is built-in as the huge kernel has, then you cannot access the root partition. It must be built as a module in order to allow your initrd to use it.

fdeak 09-16-2012 08:40 PM

Quote:

Originally Posted by TommyC7 (Post 4781930)
Make sure your initrd has the modules that it requires for accessing your root partition. The important keyword is "module" here. If the ext4 module is built-in as the huge kernel has, then you cannot access the root partition. It must be built as a module in order to allow your initrd to use it.

It's false, ext4 could be built-in to the kernel (not module), I have root (/) on a LUKS+LVM setup and it can be booted with slackware's huge kernel. But generally true you need the appropriate modules in the initrd.

Try to use '/usr/share/mkinitrd/mkinitrd_command_generator.sh' to create a good initrd. Try to use the interactive mode with the '-i' option first!

Feel free to ask, if you have no success, I use this kind of setup on my machines.

fdeak

fdeak 09-16-2012 08:48 PM

By the way, have you read the file README_CRYPT.TXT? This is on the root of the install CD/DVD.
Read at least from 'Combining LUKS and LVM' (somewhere around line 361 in slack-13.37).

fdeak

funboy 09-17-2012 03:57 PM

Yes, I've read the Combining LUKS and LVM section of this document. Actually I did:
mkinitrd -c -k 2.6.37.6-smp -m ext4 -f ext4 -r /dev/cryptvg/root -C
I mounted the crypted volume and correct the settings without reinstalling.
Which are the needed modules for the kernel at the boot time to detect this?

TommyC7 09-17-2012 04:01 PM

Try using:
Code:

/usr/share/mkinitrd/mkinitrd_command_generator.sh -i
That will take you step by step for what options you need or want.

BlackRider 09-17-2012 04:02 PM

You need to append the device list you want to unlock after the "-C" parameter.

You also forgot the -L option to load LVM.

Read the man page of mkinitrd for details.

funboy 09-17-2012 04:43 PM

###Update
I've used /usr/share/mkinitrd/mkinitrd_command_generator.sh with -i but with no success. Still I can't boot.
Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block.

funboy 09-17-2012 04:47 PM

This is the command from previous post:
mkinitrd -c -k 2.6.33.4-smp -m ext4 -f ext4 -r /dev/cryptvg/root -C /dev/sda2 -L
When I executed the script it show me -m and there is module for ext4 fs. When it make initrd.gz I copied into /dev/sda1
Is it neccesary to copy initrd-tree and the map file or only the initrd.gz to /dev/sda1 ?

TommyC7 09-17-2012 06:07 PM

Are you sure you used:
Code:

/usr/share/mkinitrd/mkinitrd -i
I ask because it comes with a -o option for output which is usually /boot/initrd-whatever.gz.

BlackRider 09-17-2012 06:31 PM

Quote:

Is it neccesary to copy initrd-tree and the map file or only the initrd.gz to /dev/sda1 ?
The initrd-tree is not required, as it is only a side product of the creation of the initrd (in fact, what mkinitrd does is to build a little boot OS in initrd-tree and then compress it to initrd.gz, so it can be decompressed at boot).

Ensure your / filesystem is sane by running fsck from rescue media. I don't think the problem is there, but who knows.

Ensure you use the default mount options for / in /etc/fstab (some weird options can render the / filesystem unbootable in practice)

Ensure "/dev/cryptvg/root" is the device where / is hosted in fact (i.e: you haven't made a typo.)

Then try with "mkinitrd -c -k 2.6.33.4-smp -m ext4 -f ext4 -C /dev/sda2 -r /dev/sda2 -L"

Ensure LILO loads the initrd, or the system will halt at boot (you have added an initrd entry, don't you?)

Notes: hibernation will be surely disabled in your system unless further changes are made to Lilo or the initrd.

funboy 09-17-2012 07:20 PM

Root partition is on volume group: cryptvg
LV Name /dev/cryptvg/root
at /etc/lilo.conf

image = /boot/vmlinuz
root = /dev/cryptvg/root
label = Slackbox
read-only

When the script ask me for the LUKS root device - I said that this is my crypted partition (dev/sda2) - here I have some doubts
the modules are default jbd2:mbcache:ext4
Also I'm using UDEV in the initrd for device configuration.
The output from the script is:

mkinitrd -c -k 2.6.37.6-smp -f ext4 -r /dev/cryptvg/root -m jbd2:mbcache:ext4 -C /dev/sda2 -L -u -w 10 -o /boot/initrd.gz

Because I chroot-ed the my /mnt/cryptslack I copied the generated initrd.gz to the first unencripted partition - /dev/sda1 - where is actually my lilo bootloader.
When I run lilo I recieve one:
Fatal: Linux experimental device 0x04x needs to be defined

And when it crash when boot it hates me with:
Please append a correct "root= " boot option; here are the available partitions:
<partitions> and then Kernel Panic - Unable to mount root fs :(

mrascii 09-17-2012 08:13 PM

Quote:

Originally Posted by funboy (Post 4782632)
This is the command from previous post:
mkinitrd -c -k 2.6.33.4-smp -m ext4 -f ext4 -r /dev/cryptvg/root -C /dev/sda2 -L
When I executed the script it show me -m and there is module for ext4 fs. When it make initrd.gz I copied into /dev/sda1
Is it neccesary to copy initrd-tree and the map file or only the initrd.gz to /dev/sda1 ?

I've installed Slackware following the instructions in README_CRYPT.TXT dozens of times. If you follow the instructions for creating the LUKS partition and the LVM volumes you will be successful. HOWEVER, you need to edit the mkinitrd command and substitute the kernel version you are running. For example, the current kernel is 3.2.28 so that would replace 2.6.33.4-smp in the command above. Run uname -r after chrooting in to /mnt to check which kernel you have.

If you did the full install as recommended you will have everything you need to built initrd.gz. This initrd.gz will work for the huge as well as the generic kernel. Booting the huge kernel will show a couple of harmless (well, mostly harmless :) ) errors when it tries to load duplicate modules.

DNA
AKA mrascii


All times are GMT -5. The time now is 08:17 AM.