Slackware 12.1 + RAID 1 + LVM: Can't boot with or without encrypted filesystem
Hi everybody,
as it is a rainy Sunday afternoon I decided to try something more 'challenging', and, of course, ran into trouble: My machine doesn't boot anymore. Seems I got what I was asking for... 8-( Partitioning and RAID-1 I am trying to install Slackware 12.1 on a system with two identical harddiscs. Each disc has three partitions, one for swap, one for /boot and one for everything else. I setup two RAID-1 arrays: /dev/md0 is for /boot, and /dev/md1 for the rest. swap is not part of a RAID array. Partitioning: Code:
hda1 Linux swap 2GB Code:
hdb1 Linux swap 2GB Code:
# mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/hd[ab]2 So far, so good. Then I continued setting up LVM and harddisc encryption following the chapter Combining LUKS and LVM in README_CRYPT.TXT (on Slackware 12.1 CD 1 or, eg, here: http://ftp.gwdg.de/pub/linux/slackwa...EADME_RAID.TXT). Code:
# dd if=/dev/urandom of=/dev/md1 LVM I went on, again following README_CRYPT.TXT: Code:
# pvcreate /dev/mapper/slackluks Code:
# vgscan --mknodes Then I ran setup, and selected the mountpoints for /, /boot and /home: Code:
/dev/cryptvg/root / Note again, that I selected /dev/md1 instead of /dev/hda2 or /dev/hdb2 for /boot. The rest of setup went smooth, like usual. Only the paragraph about liloconfig in README_CRYPT.TXT is a bit confusing: Quote:
Generic kernel and initial RAM disk Finally the installation completed. I selected EXIT and continued creating an initrd in a change root environment, as described in README_CRYPT.TXT. Code:
# chroot /mnt Also following the instructions in README_RAID.TXT I decided to switch to the generic kernel by redefining the relevant symlinks in /boot instead of replacing the symlink /boot/vmlinuz in /etc/lilo.conf with a filename. Code:
# cd /boot LILO Finally I modified /etc/lilo.conf, ran lilo and rebooted. /etc/lilo.conf (only relevant, added or modified lines shown): Code:
boot = /dev/md0 Code:
# lilo The problem On reboot I was in fact asked for a passphrase as expected. I entered the keyword specified above with Code:
# cryptsetup -s 256 -y luksFormat /dev/md1 So far everything looked fine. The RAID system was working. But there were messages that no volume groups were found, before I was prompted to enter my passphrase. After entering the passphrase, I saw the same messages as described in another thread (http://www.linuxquestions.org/questi...-lvm-642609/): Code:
raid1: raid set md1 active with 2 out of 2 mirrors Code:
key slot 0 unlocked. Then I entered ´exit´ as suggested by on of the last messages, although I don't know, if and "when things are done". What does this mean? Anyhow, I got: Code:
/ $ exit Failed solution approaches I really have no clue, what I am doing wrong here. I'd be grateful for any hint. Alien Bob's analysis in http://www.linuxquestions.org/questi...nd-lvm-642609/ may be correct. But the question then is: What's the cause, and how can I fix it? Of course, I followed his advice, rebooted from the installation DVD and tried: Code:
# mdadm --detail /dev/md0 Code:
# mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/hd[ab]2 Code:
# vgscan --mknodes Code:
# pvdisplay -c But then I issued this command: Code:
# cryptsetup luksOpen /dev/md1 slackluks Code:
# pvscan My guess is that this is the case at boot time, too. The question is: Why? While I can activate the LVs on the VG cryptvg easily and re-iterate the installation process after booting from DVD, I have no idea, how I can activate LVs at boot time, and why this is necessary. (To be honest: It is, as yet, only my un-verified guess, that this is the problem, at all). Thanks a lot for any clue, what's wrong in the above procedure! Best regards, gargamel |
Addition: Just looked into /boot/initrd-tree on /mnt (chroot) and found that in load_kernel_modules there is no trace of crypt or LVM or RAID support. Only ext3 support is there. Does this mean that the required modules are not loaded at boot time?
gargamel |
Another addition: I just checked the man page of mkinitrd. While I found the options -C and -L documented, there is no trace of -R for RAID support. This surprises me, because: http://pumpump.blogspot.com/2008/05/...1-generic.html
Hmmm. Does this mean that I have to modify /etc/mkinitrd.conf, as suggested in README_RAID.TXT, and that -R isn't equivalent to that? gargamel |
Quote:
Eric |
Quote:
Code:
-R This option adds RAID support to the initrd, Eric |
Quote:
gargamel |
And this is where I think the problem lies (unless it was a typo):
Code:
# mkinitrd -c -k 2.6.24.5-smp -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/md1 -L -R -l de-latin1-nodeadkeys Code:
# mkinitrd -c -k 2.6.24.5-smp -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/md0 -L -R -l de-latin1-nodeadkeys |
Quote:
CONFIG_CRYPTO=y CONFIG_DM_CRYPT=y Also, none of README_CRYPT.TXT, README_LVM.TXT and README_RAID.TXT suggests to compile a new kernel. So I would expect that the generic kernel has all that is needed to support disk encryption, LVM and RAID. Right? But what's causing my problem, then? Again, thanks for any hint pointing me in the right direction! gargamel |
Quote:
I did: Code:
# cryptsetup -s 256 -y luksFormat /dev/md1 Code:
# cryptsetup luksOpen /dev/md1 slackluks So mixing /dev/md0 with /dev/md1, as you suggest, is not the problem, it seems. Thanks for any further ideas. gargamel |
Yeah I had read incorrectly - /dev/md1 is indeed where you created the LUKS volume. So, the problem is a strange one, because I tested your exact same configuration of RAID, LUKS and LVM in order to test the README_RAID.TXT after it was added to the tree, and did not have any problem.
Eric |
Quote:
I am asking, because (1) It seems, that the problem can occur similarly in simpler scenarios, as well: http://www.linuxquestions.org/questi...nd-lvm-642609/ (2) Could it be, that some script involved has been changed shortly before the release of Slackware 12.1, but after you created README_RAID.TXT? My guess would be, that either somewhere the order in which things are done is wrong, because everything needed seems to be available. Otherwise I couldn't get things going after booting from the DVD and chroot /mnt, right? Something is just not used in the right way or order on normal boot, it seems... Would you say that my /etc/lilo.conf is correct? Any further suggestions highly welcome! gargamel |
Hi Eric, and all others potentially following this thread,
I just tried what GazL suggested here: http://www.linuxquestions.org/questi...45#post3157745 However, I end up with the very same error message. Code:
raid1: raid set md1 active with 2 out of 2 mirrors Code:
# vgchange -ay Any ideas or suggestions how I could track the problem further down? Thanks again! gargamel |
Just to let you know: Yet another attempt failed. Things are even getting worse...
This time I tried a fresh install, did the steps described in my original post, but did not create an initrd. Instead I tried to use the huge-smp kernel. This kernel has, AFAIK, support for device mapper and harddisc encryption and RAID. So it shouldn't be necessary to create an initial ramdisk. However, I got: Code:
md: using 128k window, over a total of 75874880 blocks. gargamel |
Even though the kernel has the drivers for device-mapping and crypto ciphers compiled-in, this is not all that is needed. The init script in the initrd uses the cryptsetup program to 'unlock' the encrypted partition by asking you for a passphrase. Without initrd, you will never get that partition unlocked and mounted.
Eric |
Thanks, again, Eric, this explains the last effect, at least. In the meantime I prepared my system to completely start over with all of this. I "zeroed" both harddiscs in the machine I am installing Slackware 12.1 on (actually I did # dd if=/dev/urandom of=/dev/hdx) and read some more documentation, and re-read some stuff I had read before.
To save me some work in case I need to do some corrections this time I want to use mkinitrd.conf instead of a single line mkinitrd command with all options. Therefore I read the man page of mkinitrd.conf, and found this: Quote:
Code:
/dev/cryptvg/root / Code:
# ls /dev/mapper/ This was my original mkinitrd command: Code:
# mkinitrd -c -k 2.6.24.5-smp -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/md1 -L -R -l de-latin1-nodeadkeys Here is my current /etc/mkinitrd.conf: Code:
SOURCE_TREE="/boot/initrd-tree" Code:
MODULE_LIST="ext3:uhci-hcd:usbhid" This time I am asking before trying all of this out, as my last experiments ended with a totally screwed system, and complete confusion about mountpoints, boot sectors and such. I'd rather not provoke these problems to re-appear, as cleaning up everything took some time... Thanks a lot once again, gargamel |
All times are GMT -5. The time now is 04:30 PM. |