[arch-general] booting from encrypted partition - reevaluate partition table (gpt, kpartx, cryptdevice, grub2)
Hi fellow archers, I have the following problem: On a physical (gpt) partition I have an encrypted LUKS partition which contains GPT partition table with desired final partitions (/,/home, etc..) I decided to skip LVM as gpt fulfils my needs (many primary partitions, easy resize), but using kernel boot parameters (grub2): linux /vmlinuz-linux root=/dev/mapper/crypto3 cryptdevice=/dev/sdb6:crypto:allow-discards resume=/dev/mapper/crypto1 ro quiet I do not get expected result (and how partitions really look like): # lsblk -f NAME FSTYPE LABEL MOUNTPOINT sda ├─sda1 ntfs data ├─sda2 btrfs backup ├─sda9 ext4 / └─sda10 └─cryptswap1 (dm-0) swap [SWAP] sdb ├─sdb1 ext4 boot /boot ├─sdb2 vfat EFI /boot/efi ├─sdb3 ├─sdb4 ntfs win8 ├─sdb5 crypto_LUKS └─sdb6 crypto_LUKS └─crypto (dm-1) ├─crypto1 (dm-2) swap swap ├─crypto2 (dm-3) btrfs var ├─crypto3 (dm-4) btrfs arch └─crypto4 (dm-5) btrfs home This is what I really get (and what I get when cryptsetup luksOpen /dev/sdb6 crypto ): # lsblk -f NAME FSTYPE LABEL MOUNTPOINT sda ├─sda1 ntfs data ├─sda2 btrfs backup ├─sda9 ext4 / └─sda10 └─cryptswap1 (dm-0) swap [SWAP] sdb ├─sdb1 ext4 boot /boot ├─sdb2 vfat EFI /boot/efi ├─sdb3 ├─sdb4 ntfs win8 ├─sdb5 crypto_LUKS └─sdb6 crypto_LUKS └─crypto (dm-1) I would need the system to reevaluate/recheck the newly opened partition if it contains other partitions! I found a related thread: http://comments.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/5896 Now a workaround: 1/ install kpartx and add it to BINARIES="kpartx" in /etc/mkinitcpio.conf 2/ hack /lib/initcpio/hooks/encrypt and put line kpartx -a /dev/mapper/crypto right behind every "cryptsetup .. luksOpen ..." line there. 3/ similarly, I should place "kpartx -d /dev/mapper/crypto" before "cryptsetup .. luksClose ..." is called during shutdown. I did not find these routine in hooks/encrypt, where does it happen? I'd like to know if there is any supported solution for this, or any advice from you. Thank you for help! Have a nice day, Mark -- Marek Otahal :o)
participants (1)
-
Marek Otahal