Manual root and boot encrypted LUKS non-lvm partition on EFI unable to boot
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Hello!
I followed cryptsetup manual to setup LUKS encrypted root partition
https:/
- EFI bios
- EFI partition 700Mb
- LUKS encrypted partition containing both / and /boot
- LUKS mapped device directly contains ext4 partition without LVM
To do this I added a second disk, added EFI and root partions on it and copied all files preserving
attributes and permissions.
I modified files in etc and after chroot I executed:
> update-grub
> grub-install /dev/sdb
After rebooting and disabling first disk (/dev/sda) I was immediately brought into grub shell
I can notice what there is an error message flashes before booting
"No such device: c740ceea-
I can also "source" (hd1,gpt1)
Also cryptodisk.mod module is not loaded.
I can also add insmod ... lines into the (hd1,gpt1)
but it does not help find partioon using following line:
search.fs_uuid 85030321-
If I try to type ls (hd1<TAB>
it will show me following information:
grub> ls (hd1)
Possible partitions are:
Device hd1: No known filesystem detected - Sector size 512B - Total size 10485760KiB
Partition hd1,gpt1: Filesystem type fat, UUID C3AC-7168 - Partition start at 1024KiB - Total size 716800KiB
Partition hd1,gpt2: No known filesystem detected - Partition start at 717824KiB - Total size 9767919.5KiB
Relevant files:
Mounting script I used to mount everything before chroot:
cryptsetup open /dev/sdb2 root
mount /dev/mapper/root root
mount /dev/sdb1 root/boot/efi
mount --bind /dev root/dev
mount --bind /sys root/sys
mount --bind /proc root/proc
/etc/crypttab
root UUID=c740ceea-
/etc/default/grub
GRUB_DISABLE_
GRUB_ENABLE_
/boot/efi/
search.fs_uuid 85030321-
set prefix=
configfile $prefix/grub.cfg
> blkid
/dev/sdb1: UUID="C3AC-7168" TYPE="vfat" PARTUUID=
/dev/sdb2: UUID="c740ceea-
/dev/mapper/root: UUID="85030321-
Relevant versions:
Ubuntu 18.04.3 LTS
cryptsetup 2:2.0.2-1ubuntu1.1
grub2-common 2.02-2ubuntu8.13
Cleanup script:
umount root/dev
umount root/sys
umount root/proc
umount root/boot/efi
umount root
sync
Added GRUB_PRELOAD_
crypto gcry_rijndael gcry_sha256 pbkdf2 cryptodisk luks
More links:
- https:/
- https:/
---
ProblemType: Bug
ApportVersion: 2.20.9-0ubuntu7.7
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/
CurrentDesktop: ubuntu:GNOME
DistroRelease: Ubuntu 18.04
InstallationDate: Installed on 2019-09-16 (0 days ago)
InstallationMedia: Ubuntu 18.04.3 LTS "Bionic Beaver" - Release amd64 (20190805)
IwConfig:
lo no wireless extensions.
enp0s3 no wireless extensions.
Lsusb:
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 002: ID 80ee:0021 VirtualBox USB Tablet
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: innotek GmbH VirtualBox
Package: linux (not installed)
ProcFB: 0 vboxdrmfb
ProcKernelCmdLine: BOOT_IMAGE=
ProcVersionSign
RelatedPackageV
linux-
linux-
linux-firmware 1.173.9
RfKill:
Tags: bionic
Uname: Linux 5.0.0-27-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo
_MarkForUpload: True
dmi.bios.date: 12/01/2006
dmi.bios.vendor: innotek GmbH
dmi.bios.version: VirtualBox
dmi.board.name: VirtualBox
dmi.board.vendor: Oracle Corporation
dmi.board.version: 1.2
dmi.chassis.type: 1
dmi.chassis.vendor: Oracle Corporation
dmi.modalias: dmi:bvninnotekG
dmi.product.family: Virtual Machine
dmi.product.name: VirtualBox
dmi.product.
dmi.sys.vendor: innotek GmbH
I was able to completely reproduce it using VirtualBox environment by installing Ubuntu from scratch with encryption enabled and then adding the second disk and enabling encryption on it manually.