On Thu, Dec 31, 2015 at 10:38:45AM +1000, Hans wrote:
> I have a working VM with Gentoo on LVM on top of LUKS. Works fine in
> change root, Just can't get it to boot. Probably somewhere missed
> something. Will start from scratch using your 10 steps with dracut
> instead of genkernel.
I just tried the steps and indeed I forgot to mention a couple of things.
You should generate the initramfs with dracut before you run
grub2-mkconfig - that way grub will find the initramfs.
The other issue is that of naming the root partition on the kernel
cmdline. When you open the luks partition using `cryptsetup open` you
give it a device-mapper name. In some cases grub will save this name in
grub.cfg. So grub's kernel cmdline would contain e.g.
root=/dev/mapper/crypto
dracut will by default open the luks partition with a name of the form
luks-<uuid>. This mismatch will prevent root from mounting.
To overcome this and guarantee a predictable name add an /etc/crypttab
entry of the form
<name> UUID=<uuid>
then generate the initramfs with dracut again, and it will copy this file
and use it to name the luks partition upon opening. Just make sure you use
the same name during installation and in crypttab - this is not mandatory
but it makes things easier.
Howver, sometimes grub will generate a cmdline entry of the form
`root=UUID=<uuid>` if it finds an initramfs which will prevent this issue.
Also remember that there are two things: the uuid of the encrypted luks
partition (this needs to go in crypttab), and the uuid of the decrypted
partition inside luks (this needs to go in fstab and the root cmdline).
Just make sure everything is consistent.
