Hi everybody,
as it is a rainy Sunday afternoon I decided to try something more 'challenging', and, of course, ran into trouble: My machine doesn't boot anymore. Seems I got what I was asking for... 8-(
Partitioning and RAID-1
I am trying to install Slackware 12.1 on a system with two identical harddiscs. Each disc has three partitions, one for swap, one for /boot and one for everything else. I setup two RAID-1 arrays: /dev/md0 is for /boot, and /dev/md1 for the rest. swap is not part of a RAID array.
Partitioning:
Code:
hda1 Linux swap 2GB
hda2 Linux raid autodetect 128MB
hda3 Boot Linux raid autodetect 78GB
Code:
hdb1 Linux swap 2GB
hdb2 Linux raid autodetect 128MB
hdb3 Boot Linux raid autodetect 78GB
RAID-1:
Code:
# mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/hd[ab]2
# mdadm --create /dev/md1 --level=1 --raid-devices=2 /dev/hd[ab]3
Encryption with LUKS
So far, so good. Then I continued setting up LVM and harddisc encryption following the chapter
Combining LUKS and LVM in README_CRYPT.TXT (on Slackware 12.1 CD 1 or, eg, here:
http://ftp.gwdg.de/pub/linux/slackwa...EADME_RAID.TXT).
Code:
# dd if=/dev/urandom of=/dev/md1
# cryptsetup -s 256 -y luksFormat /dev/md1
# cryptsetup luksOpen /dev/md1 slackluks
Note, that I applied encryption to the RAID device /dev/md1, not to an ordinary harddisc partition. Although the first step, filling the file system with random content using dd took several hours, this should be correct, see eg:
http://www.saout.de/tikiwiki/tiki-in...RootCryptoraid (although the author uses shred instead of dd).
LVM
I went on, again following README_CRYPT.TXT:
Code:
# pvcreate /dev/mapper/slackluks
# vgcreate -s 32M cryptvg /dev/mapper/slackluks
# lvcreate -L 8G -n root cryptvg
# lvcreate -L 30G -n home cryptvg
I did not create a logical volume for swap, as prefer not to put swap under LVM control.
Code:
# vgscan --mknodes
# vgchange -ay
Again I skipped the mkswap step, because it isn't necessary, when swap is not under LVM control.
Then I ran setup, and selected the mountpoints for /, /boot and /home:
Code:
/dev/cryptvg/root /
/dev/cryptvg/home /home
/dev/md0 /boot
[EDIT] Corrected a typo: /boot is /dev/md0, not /dev/md1. [/EDIT]
Note again, that I selected /dev/md1 instead of /dev/hda2 or /dev/hdb2 for /boot. The rest of setup went smooth, like usual. Only the paragraph about liloconfig in README_CRYPT.TXT is a bit confusing:
Quote:
Choose "expert lilo configuration" with the
option "Install to Master Boot Record (MBR)". Select '/dev/cryptvg/root' as
the root partition to boot.
|
Well, this is not possible, there is no option to select or specify the root partition, here, in expert mode. It is available in simple mode to choose installation to MBR, and if you do, the correct partition is selected, anyway, so I guess this is a typo in the text. Now, as I was trapped here, I skipped this step, completed the remaining installation and configuration steps and then came back to the liloconfig step. The second turn was successful, LILO was installed to MBRs of both RAID-1 discs, according to the screen messages (if I interpret them correctly). To my knowledge this is one advantage of LILO over GRUB, BTW: On RAID-1 systems it's copied automatically to all mirroring discs.
Generic kernel and initial RAM disk
Finally the installation completed. I selected EXIT and continued creating an initrd in a change root environment, as described in README_CRYPT.TXT.
Code:
# chroot /mnt
# mkinitrd -c -k 2.6.24.5-smp -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/md1 -L -R -l de-latin1-nodeadkeys
Here you see a few differences in my command compared to the one specified in README_CRYPT.TXT. First of all, I again replaced the ordinary harddisc device with the RAID device name /dev/md1. Secondly, I added a couple of options. The first option is -R for RAID support. This is recommended in the README_RAID.TXT. The second option is for German keyboard support for entering keywords: -i de-latin1-nodeadkeys.
Also following the instructions in README_RAID.TXT I decided to switch to the generic kernel by redefining the relevant symlinks in /boot instead of replacing the symlink /boot/vmlinuz in /etc/lilo.conf with a filename.
Code:
# cd /boot
# ln -sf vmlinuz-generic-smp-2.6.24.5-smp vmlinuz
# ln -sf System.map-generic-smp-2.6.24.5-smp System.map
# ln -sf config-generic-smp-2.6.24.5-smp config
I did, however, NOT edit /etc/mkinitrd.conf, as I added the relevant options to the mkinitrd command line I used above.
LILO
Finally I modified /etc/lilo.conf, ran lilo and rebooted.
/etc/lilo.conf (only relevant, added or modified lines shown):
Code:
boot = /dev/md0
raid-extra-boot = mbr-only
image = /boot/vmlinuz
initrd = /boot/initrd.gz
root = /dev/cryptvg/root
label = linux
read-only
After writing the file to disc, I issued:
I saw exactly the messages mentioned in README_CRYPT.TXT, and rebooted the system.
The problem
On reboot I was in fact asked for a passphrase as expected. I entered the keyword specified above with
Code:
# cryptsetup -s 256 -y luksFormat /dev/md1
.
So far everything looked fine. The RAID system was working. But there were messages that no volume groups were found, before I was prompted to enter my passphrase. After entering the passphrase, I saw the same messages as described in another thread (
http://www.linuxquestions.org/questi...-lvm-642609/):
Code:
raid1: raid set md1 active with 2 out of 2 mirrors
mdadm: /dev/md1 has been started with 2 drives.
Reading all physical volumes. This may take a while...
md: resync of RAID array md1
md: minimum _guaranteed_ speed: 1000 KB/sec/disk.
md: using maximum available idle IO bandwidth [...]
md: using 128k window, over a total of 76019456 blocks.
No volume groups found
No volume groups found
No volume groups found
Unlocking LUKS crypt volume ´/dev/cryptvg/root´ on device ´/dev/md1´:
Enter LUKS passphrase:
After entering my passphrase I got:
Code:
key slot 0 unlocked.
Command failed: dm_task_set_name: Device /dev/cryptvg/root not found
mount: mounting /dev/mapper//dev/cryptvg/root on /mnt failed: No such file or directory
ERROR: No /sbin/init found on rootdev (or not mounted). Trouble ahead.
You can try to fix it. Type ´exit´ when things are done.
/bin/sh: can´t access tty; job control turned off
/ $
Here I wonder about the system trying to mount /dev/mapper//dev/cryptvg/root on /mnt. Firstly: Shouldn't this be mounted to /? Secondly: Does the double slash // in the path name indicate a problem?
Then I entered ´exit´ as suggested by on of the last messages, although I don't know, if and "when things are done". What does this mean?
Anyhow, I got:
Code:
/ $ exit
initrd.gz: exiting
switch_root: bad newroot /mnt
Kernel panic - not syncing: Attempted to kill init!
Now, the keyboard LEDs are flashing and the computer only reacts on a complete reset.
Failed solution approaches
I really have no clue, what I am doing wrong here. I'd be grateful for any hint. Alien Bob's analysis in
http://www.linuxquestions.org/questi...nd-lvm-642609/ may be correct. But the question then is: What's the cause, and how can I fix it? Of course, I followed his advice, rebooted from the installation DVD and tried:
Code:
# mdadm --detail /dev/md0
mdadm: md device /dev/md0 does not appear to be active
# mdadm --detail /dev/md1
mdadm: md device /dev/md1 does not appear to be active
Of course, no physical volumes, volume groups or logical volumes were seen by the system, now. So I recreated the RAID arrays:
Code:
# mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/hd[ab]2
# mdadm --create /dev/md1 --level=1 --raid-devices=2 /dev/hd[ab]3
At first, no traces of LVM were detected. But that was apparently due to the fact that the RAID array needed to be sync'ed again, which took quite a long time. However, when both arrays were finally active (Rebuild status: 100% complete) again, I got:
Code:
# vgscan --mknodes
Reading all physical volumes. This may take a while...
No volume groups found
No volume groups found
# vgchange -ay
No volume groups found
Code:
# pvdisplay -c
# vgdisplay -c
# lvdisplay -c
The output of the last three commands was empty, unsurprisingly.
But then I issued this command:
Code:
# cryptsetup luksOpen /dev/md1 slackluks
And finally, pvscan finds the defined physical volume:
Code:
# pvscan
PV /dev/mapper/slackluks VG cryptvg lvm2 [72.50 GB / 34.50 GB free]
Total: 1 [72.50 GB] / in use: 1 [72.50 GB] / in no VG: 0 [0 ]
As it seems, the volume group cryptvg and the logical volumes /dev/cryptvg/root and /dev/cryptvg/home are also there, but inactive.
My guess is that this is the case at boot time, too. The question is: Why?
While I can activate the LVs on the VG cryptvg easily and re-iterate the installation process after booting from DVD, I have no idea, how I can activate LVs at boot time, and why this is necessary. (To be honest: It is, as yet, only my un-verified guess, that this is the problem, at all).
Thanks a lot for any clue, what's wrong in the above procedure!
Best regards,
gargamel