On Sun 11 Jul 2021 at 11:31:09 (-0500), David Wright wrote:
> On Sat 10 Jul 2021 at 11:13:31 (+0200), Stella Ashburne wrote:
> > My LUKS-encrypted partition consists of / and swap area. I assume the /
> > contains /home, /var, /usr, etc...
>
> It would be nice to give you a set of Grub commands to manually
> boot your system with, so that you could fix up the Grub
> configuration.
>
> However, two things put that beyond my capabilities: encrypted
> root, and "logical volumes".
> [ … ]
Just for the record, I installed bullseye rc2 with encrypted root
on a couple of spare partitions (/boot on a borrowed ESP, and
root over an unencrypted bullseye rc1).
> Grub needs to find the kernel and initrd, and this should work
> as they're on a simple unencypted partition:
>
> grub> set root=(hd0,gpt2)
If this doesn't work, use single quotes.
> Now /I/ would be able to type:
>
> grub> linux /vmlinuz-4.19.0-17-amd64 root=LABEL=toto04 ro
> systemd.show_status=true quiet
> grub> initrd /initrd.img-4.19.0-17-amd64
>
> but 'root=LABEL=toto04' wouldn't work for you,
Actually, this does work, as Grub doesn't have to actually find
the root filesystem: the initrd contains its partition UUID in
cryptroot/crypttab, and when that partition is unlocked, the
LABEL becomes visible. So, assuming you know the LABEL you gave
it at this stage in the installation:
┌────────────────────────┤ [!!] Partition disks ├─────────────────────────┐
│ │
│ You are editing partition #1 of Encrypted volume (sda5_crypt). No │
│ existing file system was detected in this partition. │
│ │
│ Partition settings: │
│ │
│ Use as: Ext4 journaling file system │
│ │
│ Mount point: / │
│ Mount options: defaults │
│ Label: viva05 │
│ Reserved blocks: 5% │
│ Typical usage: standard │
│ │
│ Erase data on this partition │
│ Done setting up the partition │
│ │
│ <Go Back> │
│ │
└─────────────────────────────────────────────────────────────────────────┘
(viva05 in this instance), you can just plug that in.
You can even give the device mapper's name for the unlocked partition:
> grub> linux /vmlinuz-4.19.0-17-amd64 root=/dev/dm-N ro
> systemd.show_status=true quiet
This works if you can deduce the value of N; that's simple for me
as there's only one partition involved (I didn't configure swap),
so it's simply dm-0.
You could use trial and error to work out the value, too.
It only takes a couple of minutes to type in the Grub commands
using dm-0, dm-1 etc each time, and seeing whether the kernel
finds the root filesystem. If not, reboot.
However, I don't intend getting into LVMs any time soon as I'll be
overwriting the partition above with unencrypted 11.0 whenever it's
released. So I'm no help there.
Cheers,
David.
