LinuxQuestions.org
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   Slackware on lvm+luks - unavailable for unlocking (https://www.linuxquestions.org/questions/slackware-14/slackware-on-lvm-luks-unavailable-for-unlocking-4175675799/)

keeneadt 05-24-2020 06:58 AM
Slackware on lvm+luks - unavailable for unlocking
 
Hey, folks.
I've just installed Slackware according to this notes. My setup is elilo + full disk encryption (lvm on luks). What I did:
1. Created two partitions: 512M ESP Fat32 (/dev/sdb1) and 250G raw for LUKS (/dev/sdb2).
2. Created and opened luks.
3. Created physical, group and logical volumes (root, swap, home).
4. Installed Slackware and elilo with new efi record.
5. Without rebooting after installation was finished I chrooted and used
Code:
/usr/share/mkinitrd/mkinitrd_command_generator.sh -a '-o /boot/efi/EFI/Slackware/initrd.gz | tail -1 | sh
to create initrd.gz.
6. Checked if /boot/vmlinuz-generic-5.4.41 and /boot/efi/EFI/Slackware/vmlinuz are the same.
7. Just in case copied /boot/efi/EFI/Slackware/initrd.gz to /boot/initrd.gz

So my final config setup looks like this
Code:
cat /boot/efi/EFI/Slackware/elilo.conf
chooser=simple
delay=1
timeout=1
#
image=vmlinuz
        label=vmlinuz
        initrd=initrd.gz
        read-only
        append="root=/dev/mapper/luksvg-root vga=normal ro"

ls -l /boot/efi/EFI/Slackware
elilo.conf  elilo.efi  initrd.gz  vmlinuz
Seems like everything is OK, but when I try to boot into installation
1. initrd.gz loads from /boot (not from /boot/efi/EFI/Slackware).
2. All modules loads without a problem (I see insmod /lib/modules/5.4.41/... on display).
3. Error
Code:
LUKS device /dev/sdb2 unavailable for unlocking!
...
No /sbin/init found on rootdev...
As far as I can tell this error caused by inability to decrypt /dev/sdb2 which is partition with luks+lvm.

My questions are:
1. Why loads /boot/initrd.gz when in elilo.conf I have initrd.gz not in /boot, but in elilo dir (/boot/efi/EFI/Slackware)?
2. Since initrd.gz in /boot and in /boot/efi/EFI/Slackware are the same and they have been created by mkinitrd_command_generator, why the problem with decryption appears?
3. How to fix it?

Alien Bob 05-24-2020 07:07 AM
Is your LUKS device still called /dev/sdb2 when you are booting that computer?
If it is, did you perform a full installation of Slackware or did you skip packages?
To try whether cryptsetup in your initrd works, reboot, and then after getting the error message you will be dropped to a shell prompt. Type "cryptsetup" to see if that command is working at all, or whether it is missing any libraries.

keeneadt 05-24-2020 07:24 AM
Thanks for reply.
In emergency shell (let's call it this way) I executed
Code:
ls /dev
and did't found /dev/sdb. The only block device I found is /dev/sda which is my hdd (media storage) with no distributions installed.
No, I did not perform a full installation. I skipped kernel sources, KDE and XFCE packages.
Cryptsetup works in emergency shell.

Alien Bob 05-24-2020 07:34 AM
Is that /dev/sdb an external USB drive? If so, it may be too slow to be recognized in time as a storage device.
The mkinitrd command has a "wait" parameter, for instance adding "-w 10" will cause the init process to wait 10 seconds which could be sufficient for the USB subsystem to recognize your disk. Like so:

Code:
/usr/share/mkinitrd/mkinitrd_command_generator.sh -r -a '-w 10 -o /boot/efi/EFI/Slackware/initrd.gz' | sh

keeneadt 05-24-2020 07:47 AM
It's external sata ssd, that is connected via usb3. I've just tried to make initrd with your command, but it doesn't take any effect, except +10 seconds to boot time. I've tried 30 seconds as well - still no result.

If it matters, I've installed arch with lvm+luks on this devices exactly in the same manner. That time I didn't experience any problems.

keeneadt 05-24-2020 08:02 AM
Btw, even with -w 30 I don't see sdb device in /dev. It looks working (led is flashing). In UEFI I can see this disk. Actually, last time initrd.gz was loaded from a proper location - /boot/efi/EFI/Slackware, therefore sdb was recognized on boot.

Alien Bob 05-24-2020 08:47 AM
There's also the possibility that your initrd does not have the modules to support USB storage. That would explain why you never see the device nodes appear.

keeneadt 05-24-2020 08:52 AM
Hmm... I unpluged ssd from box and connected it to m/b sata. It was identified as sdb, however, I still get this error when I try to boot.

keeneadt 05-24-2020 09:43 AM
Does anybody have experience with installing Slackware on lvm+luks? Does it work?

keeneadt 05-24-2020 11:10 AM
Two more unsuccessful attempts to install Slackware on lvm+luks. This time I've tried to install on sata ssd and m2 ssd. Both times I get exactly the same error but with different partitions. Looks like notes I mentioned doesn't cover some necessary step or Slackware (at least current) doesn't support working from encrypted device.

z80 05-24-2020 11:28 AM
Luks and LVM works fine here.
However, I use lilo and a manually created initrd.

My mkinitrd command looks like this:
Code:
mkinitrd -c -k 5.4.42 -f ext2,ext4 -r /dev/cryptvg/root -C /dev/sda2 -L -d de
/etc/lilo.conf looks like this:
Code:
append=" vt.default_utf8=0"
boot = /dev/sda
bitmap = /boot/slack.bmp
bmp-colors = 255,0,255,0,255,0
bmp-table = 60,6,1,16
bmp-timer = 65,27,0,255
prompt
timeout = 100
change-rules
  reset
vga=normal

image = /boot/vmlinuz
  initrd = /boot/initrd.gz
  root = /dev/cryptvg/root
  label = Linux
  read-only

image = /boot/vmlinuz-rescue
  initrd = /boot/initrd-rescue.gz
  root = /dev/cryptvg/root
  label = Rescue
  append = " single"
  read-only

khronosschoty 05-24-2020 11:35 AM
Quote:
Originally Posted by keeneadt (Post 6126711)
Does anybody have experience with installing Slackware on lvm+luks? Does it work?
I've been using luks+lvm for years now (with Slackware64-current and Slackware64-14.2 and in one case Slackware-14.2).

keeneadt 05-24-2020 11:46 AM
Don't know what to say. Could be an issue of current iso I used. Will try with another one later.

Alien Bob 05-24-2020 12:32 PM
The error you get is generated when "cryptsetup isLuks /dev/sdb2" returns false. I.e. your disk partition is not recognized as a LUKS volume.
Did you do something out of the ordinary when formatting /dev/sdb2 as a LUKS volume?

Edit - well if your /dev/sdb is not visible at all, my remark is irrelevant.

keeneadt 05-24-2020 12:40 PM
Quote:
Originally Posted by Alien Bob (Post 6126776)
Did you do something out of the ordinary when formatting /dev/sda2 as a LUKS volume?
It's /dev/sdb in my case. No, nothing out of what is written in the notes.
Code:
boot
> root

cfdisk /dev/sdb
gpt
/dev/sdb1 ESP 512M
/dev/sdb2 Linux filesystem 250G

cryptsetup -s 512 -y luksFormat /dev/sdb2
cryptsetup open /dev/sdb2 luksslack0

pvcreate /dev/mapper/luksslack0
vgcreate luksvg0 /dev/mapper/luksslack0
lvcreate -L 8G -n swap luksvg0
lvcreate -L 40G -n root luksvg0
lvcreate -l 100%FREE -n home luksvg0

mkswap /dev/luksvg0/swap

setup
The rest I've already described.


All times are GMT -5. The time now is 05:51 AM.
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page