Difference between revisions of "Talk:Rootfs over encrypted lvm"

From Funtoo
Jump to: navigation, search
(add notes about other known working systems)
 
m (add debian known working configs.)
Line 1: Line 1:
 +
from debian 10 vm known working config:
 +
mkultra@debian:~$ cat /etc/crypttab
 +
sda3_crypt UUID=6c0c8520-4caf-4189-be01-9e94b020959f none luks,discard
 +
mkultra@debian:~$ sudo lsblk
 +
NAME                    MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
 +
sda                      8:0    0  30G  0 disk 
 +
├─sda1                    8:1    0  512M  0 part  /boot/efi
 +
├─sda2                    8:2    0  244M  0 part  /boot
 +
└─sda3                    8:3    0 29.3G  0 part 
 +
  └─sda3_crypt          254:0    0 29.2G  0 crypt
 +
    ├─debian--vg-root  254:1    0 25.2G  0 lvm  /
 +
    └─debian--vg-swap_1 254:2    0    4G  0 lvm  [SWAP]
 +
 +
mkultra@debian:~$ sudo blkid
 +
[sudo] password for mkultra:
 +
/dev/sda1: UUID="CFA9-ECD1" BLOCK_SIZE="512" TYPE="vfat" PARTUUID="e0187031-4396-43e5-9fe0-a5dbf640792a"
 +
/dev/sda2: UUID="c8055dcc-11b8-400a-99ec-f6bdf9deb065" BLOCK_SIZE="1024" TYPE="ext2" PARTUUID="587f27f6-0ef7-4074-bc84-9444c4ff8515"
 +
/dev/sda3: UUID="6c0c8520-4caf-4189-be01-9e94b020959f" TYPE="crypto_LUKS" PARTUUID="4778e186-a613-4216-82a9-954b329e9446"
 +
/dev/mapper/sda3_crypt: UUID="FAYY8S-Ozqi-YDbD-cSIG-PG7B-XNzv-ukCbeA" TYPE="LVM2_member"
 +
/dev/mapper/debian--vg-root: UUID="437c29f6-d5a6-40cd-b845-8f8ad59cd917" BLOCK_SIZE="4096" TYPE="ext4"
 +
/dev/mapper/debian--vg-swap_1: UUID="ec44168e-e517-4284-bb9c-d8dff4c2a38a" TYPE="swap"
 +
 +
cat /boot/grub/grub.cfg
 +
menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-437c29f6-d5a6-40cd-b845-8f8ad59cd917' {
 +
load_video
 +
insmod gzio
 +
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
 +
insmod part_gpt
 +
insmod ext2
 +
set root='hd0,gpt2'
 +
if [ x$feature_platform_search_hint = xy ]; then
 +
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2  c8055dcc-11b8-400a-99ec-f6bdf9deb065
 +
else
 +
  search --no-floppy --fs-uuid --set=root c8055dcc-11b8-400a-99ec-f6bdf9deb065
 +
fi
 +
echo 'Loading Linux 5.9.0-3-amd64 ...'
 +
linux /vmlinuz-5.9.0-3-amd64 root=/dev/mapper/debian--vg-root ro  quiet
 +
echo 'Loading initial ramdisk ...'
 +
initrd /initrd.img-5.9.0-3-amd64
 +
}
 +
 +
 +
 +
 +
 
from centos virtual machine known working config:
 
from centos virtual machine known working config:
  

Revision as of 13:41, November 28, 2020

from debian 10 vm known working config: mkultra@debian:~$ cat /etc/crypttab sda3_crypt UUID=6c0c8520-4caf-4189-be01-9e94b020959f none luks,discard mkultra@debian:~$ sudo lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 30G 0 disk ├─sda1 8:1 0 512M 0 part /boot/efi ├─sda2 8:2 0 244M 0 part /boot └─sda3 8:3 0 29.3G 0 part

 └─sda3_crypt          254:0    0 29.2G  0 crypt 
   ├─debian--vg-root   254:1    0 25.2G  0 lvm   /
   └─debian--vg-swap_1 254:2    0    4G  0 lvm   [SWAP]

mkultra@debian:~$ sudo blkid [sudo] password for mkultra: /dev/sda1: UUID="CFA9-ECD1" BLOCK_SIZE="512" TYPE="vfat" PARTUUID="e0187031-4396-43e5-9fe0-a5dbf640792a" /dev/sda2: UUID="c8055dcc-11b8-400a-99ec-f6bdf9deb065" BLOCK_SIZE="1024" TYPE="ext2" PARTUUID="587f27f6-0ef7-4074-bc84-9444c4ff8515" /dev/sda3: UUID="6c0c8520-4caf-4189-be01-9e94b020959f" TYPE="crypto_LUKS" PARTUUID="4778e186-a613-4216-82a9-954b329e9446" /dev/mapper/sda3_crypt: UUID="FAYY8S-Ozqi-YDbD-cSIG-PG7B-XNzv-ukCbeA" TYPE="LVM2_member" /dev/mapper/debian--vg-root: UUID="437c29f6-d5a6-40cd-b845-8f8ad59cd917" BLOCK_SIZE="4096" TYPE="ext4" /dev/mapper/debian--vg-swap_1: UUID="ec44168e-e517-4284-bb9c-d8dff4c2a38a" TYPE="swap"

cat /boot/grub/grub.cfg menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-437c29f6-d5a6-40cd-b845-8f8ad59cd917' { load_video insmod gzio if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi insmod part_gpt insmod ext2 set root='hd0,gpt2' if [ x$feature_platform_search_hint = xy ]; then search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2 c8055dcc-11b8-400a-99ec-f6bdf9deb065 else search --no-floppy --fs-uuid --set=root c8055dcc-11b8-400a-99ec-f6bdf9deb065 fi echo 'Loading Linux 5.9.0-3-amd64 ...' linux /vmlinuz-5.9.0-3-amd64 root=/dev/mapper/debian--vg-root ro quiet echo 'Loading initial ramdisk ...' initrd /initrd.img-5.9.0-3-amd64 }



from centos virtual machine known working config:

lsblk says: sda1 type:part /boot/efi sda2 type:part /boot sda3 type:part

  luks-28c13 type:crypt
     cl-root type:lvm /
     cl-swap type:lvm [swap]

grub.cfg strange set=root pointing to uuid of efi partition and set boot as uuid of boot partition.... & set default_kernelopts="root=/dev/mapper/cl-root ro crashkernel=auto resume=/dev/mapper/cl-swap rd.lvm.lv=cl/root rd.luks.uuid=luks-28c13191-etc-f4 rd.lvm.lv=cl/swap rhgb "

/etc/crypttab luks-28c13191-etc-f4 UUID=28c13191-etc-f4 none discard

/etc/fstab says /dev/mapper/cl-root / xfs uuid=omitted /boot uuid=omitted /boot/efi /dev/mapper/cl-swap swap swap

blkid says /dev/mapper/cl-root: type="xfs" /dev/mapper/luks-28c13191 TYPE="LVM2_member" /dev/sda3 TYPE="crypto_LUKS" /dev/sda1 type vfat /dev/sda2 /dev/mapper/cl-swap: TYPE="swap"