Hello,
On Wed, May 22, 2024 at 10:13:06AM +0000, Andy Smith wrote:
> metadata tags to some PVs prevented grub from assembling them,
grub is indeed very fragile if you use dm-integrity anywhere on any of
your LVs on the same VG where /boot is (or at least if in the list
of LVs, the dm-integrity protected ones come first).
I guess it's a general problem how grub2 parses LVM, yes,
as soon as their are special things going on, it somehow breaks.
However, if you don't have /boot on LVM, hand-fixing grub2 can be
trivial, e.g. here on another system with /boot/efi on 1st disk's first
partition and /boot on 2nd disk's first partition.
linux (hd1,1)vmlinuz-5.10.0-29-amd64 root=/dev/mapper/vg1-root ro quiet
initrd (hd1,1)initrd.img-5.10.0-29-amd64
boot
(you even have completions in grub's interactive boot system)
and it boots. Next step: I am going to make me a USB boot key for that
system, in case (first using a simple mount of two partitions of the
USB key on /boot, respectively /boot/efi (vfat), then update-grub,
or if it breaks, completely by hand like above -- I have been using
syslinux for the last 20 years or so for that purpose, but it gets
apparently too complicated with Secure Boot and stuff).
PS: I have from now on decided I will always use a /boot no longer
on LVM but on a separate partition, like the /boot/efi, it
seems, indeed, much less fragile. Aka, back to what I
was doing a few years ago before my confidence in grub2
got apparently too high :)
