Configuration generated for encrypted boot is not bootable
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
grub2 (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
I've being experimenting with completely encrypted system on virtual machine and got some problems with automatically generated configs.
In my test setup:
/dev/sda - ESP partition, mounted as /boot/efi
/dev/mapper/system1 is BTRFS partition on /dev/sdb with LUKS encryption
/etc/fstab:
/dev/mapper/system1 / btrfs defaults,subvol=@ 0 1
UUID=6EF4-C0FE /boot/efi vfat umask=0077 0 1
/dev/mapper/system1 /home btrfs defaults,
Except first column generated during initial installation.
/etc/crypttab:
system1 UUID=6a01d12f-
File /etc/cryptroot/
/etc/default/grub contains:
- `GRUB_ENABLE_
- and even `GRUB_PRELOAD_
What goes wrong in this setup out of the box:
1) `ESP\EFI\
2) `ESP\EFI\
`ESP\EFI\
cryptomount -u 6a01d12ff4c4481
search.fs_uuid bb3594a7-
set prefix=
configfile $prefix/grub.cfg
What I did instead is I've copied `/boot/
search.fs_uuid 6EF4-C0FE boot
set prefix=($boot)
insmod luks
cryptomount -u 6a01d12ff4c4481
search.fs_uuid bb3594a7-
set prefix=
configfile $prefix/grub.cfg
Things are getting even worse when BTRFS is not on single partition/disk, but on few in RAID, since more manual configuration is needed.
Would be nice to see additional modules added to `grubx64.efi` and fixed `ESP\EFI\
Status changed to 'Confirmed' because the bug affects multiple users.