From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jack Hill Subject: Re: grub with encrpted root no longer automatically loads luks Date: Tue, 25 Jun 2019 23:50:00 -0400 (EDT) Message-ID: References: <8736k385t4.fsf@roquette.mug.biscuolo.net> Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=UTF-8 Content-Transfer-Encoding: 8BIT Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:41891) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hfywe-0006jg-OS for help-guix@gnu.org; Tue, 25 Jun 2019 23:50:05 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hfywd-0001sL-Hi for help-guix@gnu.org; Tue, 25 Jun 2019 23:50:04 -0400 Received: from minsky.hcoop.net ([104.248.1.95]:49828) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hfywd-0001rg-E4 for help-guix@gnu.org; Tue, 25 Jun 2019 23:50:03 -0400 In-Reply-To: <8736k385t4.fsf@roquette.mug.biscuolo.net> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org Sender: "Help-Guix" To: Giovanni Biscuolo Cc: help-guix@gnu.org Thanks for you reply. On Fri, 21 Jun 2019, Giovanni Biscuolo wrote: > Hello Jack, > > I don't have a Guix machine using root on encrypted LUKS now, but I > tested this non so long ago and it worked well > > Jack Hill writes: > >> I've noticed that recently (unfortunately, I don't know exactly when it >> started), that grub no longer prompts me to enter my password to unlock my >> root filesystem. > > Are you able to boot to a previous Guix System generation and try to > find the one that introduced this behaviour? No, I can't boot into a previous generation, as the problem seems to be with grub reading from the store. I have not yet tried reconfiguring with an older version of Guix. > Are you sure you did not reconfigured your device mapping meanwhile? I am reasonable certain that I have not done this. >> I notice that at the grub command line, if I enter >> `cryptomount -a`, I am not prompted for a password, and the root >> filesystem does not become available. However, if I first run `insmod >> luks` and then `cryptomount -a`, I am prompted for my password, and the >> root filesystem become available and I can boot normally. > > I imagine you are entering the grub CLI because you get some error: > what's the error please? no such file /gnu/store/…/bzImage. error: try loading kernel first That's not the exact error, but pretty close. > AFAIU (mapped-device ..(target "name") (type luks-device-mapping))) > creates the mapped device /dev/mapper/name; file-system should be: > > --8<---------------cut here---------------start------------->8--- > > (file-system > (device "/dev/mapper/alperton_root") > (mount-point "/") > (type "ext4") > (dependencies mapped-devices)) > %base-file-systems)) > > --8<---------------cut here---------------end--------------->8--- Making the this change unfortunately did not help. Once I get the system booted, the root file system is mounted correctly with both configs. > Did your configuration worked in a prior Guix System generation? Yes, but I haven't yet had a chance to try it again with an older version of Guix. Best, Jack