From mboxrd@z Thu Jan 1 00:00:00 1970 From: Miguel Arruga Vivas Subject: bug#37851: Grub installation only checks for encrypted /boot folder Date: Mon, 21 Oct 2019 13:07:09 +0200 Message-ID: <20191021130709.21d6ac20@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:47281) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iMVXf-0002qV-6w for bug-guix@gnu.org; Mon, 21 Oct 2019 07:08:04 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iMVXe-0005yx-5E for bug-guix@gnu.org; Mon, 21 Oct 2019 07:08:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:46991) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1iMVXd-0005yp-VU for bug-guix@gnu.org; Mon, 21 Oct 2019 07:08:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1iMVXd-0006cc-QP for bug-guix@gnu.org; Mon, 21 Oct 2019 07:08:01 -0400 Sender: "Debbugs-submit" Resent-Message-ID: Received: from eggs.gnu.org ([2001:470:142:3::10]:47181) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iMVWu-0001mf-RT for bug-guix@gnu.org; Mon, 21 Oct 2019 07:07:17 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iMVWt-0005sP-Kv for bug-guix@gnu.org; Mon, 21 Oct 2019 07:07:16 -0400 Received: from mail-wm1-x330.google.com ([2a00:1450:4864:20::330]:35607) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1iMVWs-0005ry-VD for bug-guix@gnu.org; Mon, 21 Oct 2019 07:07:15 -0400 Received: by mail-wm1-x330.google.com with SMTP id 14so5671042wmu.0 for ; Mon, 21 Oct 2019 04:07:14 -0700 (PDT) Received: from localhost (115.201.218.87.dynamic.jazztel.es. [87.218.201.115]) by smtp.gmail.com with ESMTPSA id z15sm14874256wrr.19.2019.10.21.04.07.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 21 Oct 2019 04:07:12 -0700 (PDT) List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: 37851@debbugs.gnu.org Hi, The following configuration results in an unbootable system. The root partition must be manually mounted with cryptomount in order to boot the system. The core issue is that grub unencrypts automatically, as GRUB_ENABLE_CRYPTODISK=y was provided during installation, the /boot partition, but not the partition which contains /gnu/store. Happy hacking! Miguel ==================== config.scm ==================== ;; .... (operating-system ;; ... (bootloader (bootloader-configuration (bootloader grub-bootloader) (target "/dev/sda"))) (mapped-devices (list (mapped-device (source (uuid "uuid root device")) (target "root") (type luks-device-mapping)) (mapped-device (source (uuid "uuid boot device")) (target "boot") (type luks-device-mapping)))) (file-systems (cons* (file-system (mount-point "/") (device "/dev/mapper/root") (type "btrfs") (dependencies mapped-devices)) (file-system (mount-point "/boot") (device "/dev/mapper/boot") (type "ext4") (dependencies mapped-devices)) %base-file-systems))) ==================== config.scm ====================