help-guix
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

grub with encrpted root no longer automatically loads luks


From: Jack Hill
Subject: grub with encrpted root no longer automatically loads luks
Date: Fri, 21 Jun 2019 00:21:55 -0400 (EDT)
User-agent: Alpine 2.20 (DEB 67 2015-01-07)

Hi Guix,

I've noticed that recently (unfortunately, I don't know exactly when it started), that grub no longer prompts me to enter my password to unlock my root filesystem. I notice that at the grub command line, if I enter `cryptomount -a`, I am not prompted for a password, and the root filesystem does not become available. However, if I first run `insmod luks` and then `cryptomount -a`, I am prompted for my password, and the root filesystem become available and I can boot normally.

Therefore, it seem like grub is not auto-loading the luks module for some reason. Why might this be the case? What needs to be changed so that luks is auto loaded?

Best,
Jack

my config.scm:

;; This is an operating system configuration template
;; for a "desktop" setup with GNOME and Xfce where the
;; root partition is encrypted with LUKS.

(use-modules (gnu) (gnu system nss) (gnu services xorg)
             (gnu packages linux))
(use-service-modules desktop)
(use-package-modules certs gnome scanner security-token)

(operating-system
 (host-name "alperton")
 (timezone "America/New_York")
 (locale "en_US.utf8")

 (bootloader (bootloader-configuration
              (bootloader grub-bootloader)
              (target "/dev/sda")))

 ;; Specify a mapped device for the encrypted root partition.
 ;; The UUID is that returned by 'cryptsetup luksUUID'.
 (mapped-devices
  (list (mapped-device
         (source (uuid "f7776767-70c9-44e3-9973-c1334d301348"))
         (target "alperton_root")
         (type luks-device-mapping))))

 (file-systems (cons*
                (file-system
                 (device (file-system-label "boot"))
                 (mount-point "/boot")
                 (type "ext4"))
                (file-system
                 (device (file-system-label "alperton_root"))
                 (mount-point "/")
                 (type "ext4")
                 (dependencies mapped-devices))
                %base-file-systems))

 (swap-devices (list "/root/swap"))

 (users (cons (user-account
               (name "jackhill")
               (comment "Jack Hill")
               (group "users")
               (supplementary-groups '("wheel" "netdev"
                                       "audio" "lp" "video"))
               (home-directory "/home/jackhill"))
              %base-user-accounts))

 ;; This is where we specify system-wide packages.
 (packages (cons* nss-certs         ;for HTTPS access
                  fuse-exfat
                  gvfs              ;for user mounts
                  %base-packages))

 ;; Add GNOME and/or Xfce---we can choose at the log-in
 ;; screen with F1.  Use the "desktop" services, which
 ;; include the X11 log-in service, networking with
 ;; NetworkManager, and more.
 (services (cons* (service gnome-desktop-service-type)
                  (bluetooth-service)
                  (simple-service 'custom-udev-rules udev-service-type (list 
sane-backends libu2f-host))
                  %desktop-services))

 ;; Allow resolution of '.local' host names with mDNS.
 (name-service-switch %mdns-host-lookup-nss))



reply via email to

[Prev in Thread] Current Thread [Next in Thread]