help-guix
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: grub with encrpted root no longer automatically loads luks

From: Giovanni Biscuolo
Subject: Re: grub with encrpted root no longer automatically loads luks
Date: Fri, 21 Jun 2019 14:46:15 +0200 
Hello Jack,

I don't have a Guix machine using root on encrypted LUKS now, but I
tested this non so long ago and it worked well

Jack Hill <address@hidden> writes:

> I've noticed that recently (unfortunately, I don't know exactly when it 
> started), that grub no longer prompts me to enter my password to unlock my 
> root filesystem.

Are you able to boot to a previous Guix System generation and try to
find the one that introduced this behaviour?

Are you sure you did not reconfigured your device mapping meanwhile?

> I notice that at the grub command line, if I enter 
> `cryptomount -a`, I am not prompted for a password, and the root 
> filesystem does not become available. However, if I first run `insmod 
> luks` and then `cryptomount -a`, I am prompted for my password, and the 
> root filesystem become available and I can boot normally.

I imagine you are entering the grub CLI because you get some error:
what's the error please?

[...]

>   ;; Specify a mapped device for the encrypted root partition.
>   ;; The UUID is that returned by 'cryptsetup luksUUID'.
>   (mapped-devices
>    (list (mapped-device
>        (source (uuid "f7776767-70c9-44e3-9973-c1334d301348"))
>        (target "alperton_root")
>        (type luks-device-mapping))))
>
>   (file-systems (cons*
>               (file-system
>                (device (file-system-label "boot"))
>                (mount-point "/boot")
>                (type "ext4"))
>               (file-system
>                (device (file-system-label "alperton_root"))
>                (mount-point "/")
>                (type "ext4")
>                (dependencies mapped-devices))
>               %base-file-systems))

AFAIU (mapped-device ..(target "name") (type luks-device-mapping)))
creates the mapped device /dev/mapper/name; file-system should be:

--8<---------------cut here---------------start------------->8---

                (file-system
                 (device "/dev/mapper/alperton_root")
                 (mount-point "/")
                 (type "ext4")
                 (dependencies mapped-devices))
                %base-file-systems))

--8<---------------cut here---------------end--------------->8---

Did your configuration worked in a prior Guix System generation?

[...]


-- 
Giovanni Biscuolo

Xelera IT Infrastructures

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]