This bug is missing log files that will aid in diagnosing the problem.
While running an Ubuntu kernel (not a mainline or third-party kernel)
please enter the following command in a terminal window:
apport-collect 1844153
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.
** Changed in: linux (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1844153
Title:
Manual root and boot encrypted LUKS non-lvm partition on EFI unable to
boot
Status in linux package in Ubuntu:
Incomplete
Bug description:
Hello!
I followed cryptsetup manual to setup LUKS encrypted root partition
https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html
- EFI bios
- EFI partition 700Mb
- LUKS encrypted partition containing both / and /boot
- LUKS mapped device directly contains ext4 partition without LVM
To do this I added a second disk, added EFI and root partions on it and
copied all files preserving
attributes and permissions.
I modified files in etc and after chroot I executed:
> update-grub
> grub-install /dev/sdb
After rebooting and disabling first disk (/dev/sda) I was immediately brought
into grub shell
I can notice what there is an error message flashes before booting
"No such device: c740ceea-853c-487c-82ef-3d2138f9a7d7"
I can also "source" (hd1,gpt1)/efi/ubuntu/grub.cfg and it will produce the
same error.
Also cryptodisk.mod module is not loaded.
I can also add insmod ... lines into the (hd1,gpt1)/efi/ubuntu/grub.cfg
but it does not help find partioon using following line:
search.fs_uuid 85030321-f93d-47dc-aa4c-70bf751ad3f7 root
cryptouuid/c740ceea853c487c82ef3d2138f9a7d7
If I try to type ls (hd1<TAB>
it will show me following information:
grub> ls (hd1)
Possible partitions are:
Device hd1: No known filesystem detected - Sector size 512B - Total size
10485760KiB
Partition hd1,gpt1: Filesystem type fat, UUID C3AC-7168 - Partition start at
1024KiB - Total size 716800KiB
Partition hd1,gpt2: No known filesystem detected - Partition start at
717824KiB - Total size 9767919.5KiB
Relevant files:
Mounting script I used to mount everything before chroot:
cryptsetup open /dev/sdb2 root
mount /dev/mapper/root root
mount /dev/sdb1 root/boot/efi
mount --bind /dev root/dev
mount --bind /sys root/sys
mount --bind /proc root/proc
/etc/crypttab
root UUID=c740ceea-853c-487c-82ef-3d2138f9a7d7 none luks,discard
/etc/default/grub
GRUB_DISABLE_OS_PROBER=true
GRUB_ENABLE_CRYPTODISK=y
/boot/efi/EFI/ubuntu/grub.cfg
search.fs_uuid 85030321-f93d-47dc-aa4c-70bf751ad3f7 root
cryptouuid/c740ceea853c487c82ef3d2138f9a7d7
set prefix=($root)'/boot/grub'
configfile $prefix/grub.cfg
> blkid
/dev/sdb1: UUID="C3AC-7168" TYPE="vfat"
PARTUUID="d50cd38a-ada3-f44a-bd39-0ea2f8355158"
/dev/sdb2: UUID="c740ceea-853c-487c-82ef-3d2138f9a7d7" TYPE="crypto_LUKS"
PARTUUID="e527fa37-f546-6041-b376-40d2463d0812"
/dev/mapper/root: UUID="85030321-f93d-47dc-aa4c-70bf751ad3f7" TYPE="ext2"
Relevant versions:
Ubuntu 18.04.3 LTS
cryptsetup 2:2.0.2-1ubuntu1.1
grub2-common 2.02-2ubuntu8.13
Cleanup script:
umount root/dev
umount root/sys
umount root/proc
umount root/boot/efi
umount root
sync
Added GRUB_PRELOAD_MODULES:
crypto gcry_rijndael gcry_sha256 pbkdf2 cryptodisk luks
More links:
-
https://gitlab.com/cryptsetup/cryptsetup/wikis/LUKS-standard/on-disk-format.pdf
-
https://www.gnu.org/software/grub/manual/grub/html_node/Simple-configuration.html#Simple-configuration
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1844153/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
