Quote:
Originally Posted by Voridian
Ok well after some trial and error i got it working, you have to not have any separate partitions for /home or anything else.
|
Oh, you can have /home on separate partitions. But it may depend on what else got scattered around.
For desktops, it is best to have only /home on a separate partition as it helps protect your files during updates.
But splitting the others up depends on how the distribution was designed to handle it. Some do, some don't (most don't unless you are setting up a server, and even then the one usually separated is /var).
Having multiple encrypted filesystems also means you have to enter the access keys for each one at boot and you can't mix up the keys...
Having a single filesystem for everything simplifies that.
The way the system boots is that:
1. the kernel is copied into memory
2. the initrd is copied into memory
3. the kernel then decompresses the initrd into a memory resident filesystem that it mounts for root.
4. the initrd is deallocated
5. the root /sbin/init gets executed - and this has to set everything else up. Loading drivers for devices identified, asking for password keys for encrypted filesystems (gets complicated), and mounts a disk/ssd/sdcard resident root (the operational/real root) filesystem. Once that is completed, it can then do what is called a "pivot root" which exchanges the mount point of the real root filesystem for the memory resident root. Then the memory resident root gets dismounted (which frees up the rest of the memory used during boot other than the kernel).
The init process then executes the /sbin/init from the real root; which then starts up the rest of the services (any additional mounts, various devices such as cameras and such that are not needed during the initial boot).
The problem you may have had was that the initrd wasn't expecting to have multiple encrypted filesystems...