I’m in the process of restoring my old encrypted partition to a new install from the Manjaro installer.
So far I’ve:
-Migrated the Data Over from a Live USB
-Edited the UUID’s in /etc/fstab & /etc/crypttab
-Installed and Updated Grub & EFI
I reach the password screen from a reboot and enter the password and it says 'slot 0 open" which is great. The OS starts to boot, but then hits a brick wall with “device dev/disk-by-uuid not found” which I discovered is due to /etc/default/grub being old.
Here is my fstab:
UUID=4B3B-683F /boot/efi vfat umask=0077 0 2
/dev/mapper/luks-disk / btrfs subvol=@,defaults,noatime,space_cache,compress=zstd:9 0 1
/dev/mapper/luks-disk /home btrfs subvol=@home,defaults,noatime,space_cache,compress=zstd:9 0 2
/dev/mapper/luks-swap swap swap defaults,noatime 0 2
#MSS EXtended Automount & Properties
UUID=20339e0b-8343-433e-9209-ac67e31d9d73 /run/media/sarah/MSS_EXtended xfs defaults,noatime 0 0
lsblk -f :
nvme0n1
├─nvme0n1p1 vfat FAT32 EFI 8922-E04D
├─nvme0n1p2 crypto_LUKS 1 58b7410b-402a-42e6-9514-cce9560b0a76
└─nvme0n1p3 crypto_LUKS 1 059df4b4-5be4-44d6-a23a-de81135eb5b4
└─DISK btrfs MSS f11386cf-342d-47ac-84e6-484b7b2f377d 324.2G 65% /mnt/D
nvme1n1
├─nvme1n1p1 xfs MSS EXtended 20339e0b-8343-433e-9209-ac67e31d9d73
├─nvme1n1p2
└─nvme1n1p3 ntfs E658FD3258FD025B```
Crypttab:
## cryptsetup open $swap_device $crypt_swap_name
## get uuid using e.g. lsblk -f
swap_device=/dev/disk/by-uuid/58b7410b-402a-42e6-9514-cce9560b0a76
crypt_swap_name=luks-swap
## one can optionally provide a keyfile device and path on this device
## to the keyfile
keyfile_device=/dev/mapper/luks-disk
keyfile_filename=crypto_keyfile.bin
## additional arguments are given to mount for keyfile_device
## has to start with --options (if so desired)
keyfile_device_mount_options="--options=subvol=@"
## additional arguments are given to cryptsetup
## --allow-discards options is desired in case swap is on SSD partition
cryptsetup_options="--type luks"
luks-disk UUID=059df4b4-5be4-44d6-a23a-de81135eb5b4 /crypto_keyfile.bin luks
luks-swap UUID=58b7410b-402a-42e6-9514-cce9560b0a76 /crypto_keyfile.bin luks
/etc/openswap.conf:
## cryptsetup open $swap_device $crypt_swap_name
## get uuid using e.g. lsblk -f
swap_device=/dev/disk/by-uuid/58b7410b-402a-42e6-9514-cce9560b0a76
crypt_swap_name=luks-swap
## one can optionally provide a keyfile device and path on this device
## to the keyfile
keyfile_device=/dev/mapper/luks-disk
keyfile_filename=crypto_keyfile.bin
## additional arguments are given to mount for keyfile_device
## has to start with --options (if so desired)
keyfile_device_mount_options="--options=subvol=@"
## additional arguments are given to cryptsetup
## --allow-discards options is desired in case swap is on SSD partition
cryptsetup_options="--type luks"
/etc/default/grub:
GRUB_DEFAULT=saved
GRUB_TIMEOUT=10
GRUB_TIMEOUT_STYLE=hidden
GRUB_DISTRIBUTOR="Manjaro"
GRUB_CMDLINE_LINUX_DEFAULT="quiet cryptdevice=UUID=059df4b4-5be4-44d6-a23a-de81135eb5b4:luks-disk root=/dev/mapper/luks-disk apparmor=1 security=apparmor resume=/dev/mapper/luks-81b2dc57-06f5-4471-b484-77c3a516f307 udev.log_priority=3"
GRUB_CMDLINE_LINUX=""
# If you want to enable the save default function, uncomment the following
# line, and set GRUB_DEFAULT to saved.
#GRUB_SAVEDEFAULT="true"
# Preload both GPT and MBR modules so that they are not missed
GRUB_PRELOAD_MODULES="part_gpt part_msdos"
# Uncomment to enable booting from LUKS encrypted devices
#GRUB_ENABLE_CRYPTODISK=y
# Uncomment to use basic console
GRUB_TERMINAL_INPUT=console
# Uncomment to disable graphical terminal
#GRUB_TERMINAL_OUTPUT=console
# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command 'videoinfo'
GRUB_GFXMODE=auto
# Uncomment to allow the kernel use the same resolution used by grub
GRUB_GFXPAYLOAD_LINUX=keep
# Uncomment if you want GRUB to pass to the Linux kernel the old parameter
# format "root=/dev/xxx" instead of "root=/dev/disk/by-uuid/xxx"
#GRUB_DISABLE_LINUX_UUID=true
# Uncomment to disable generation of recovery mode menu entries
GRUB_DISABLE_RECOVERY=true
# Uncomment and set to the desired menu colors. Used by normal and wallpaper
# modes only. Entries specified as foreground/background.
GRUB_COLOR_NORMAL="light-gray/black"
GRUB_COLOR_HIGHLIGHT="green/black"
# Uncomment one of them for the gfx desired, a image background or a gfxtheme
#GRUB_BACKGROUND="/usr/share/grub/background.png"
GRUB_THEME="/usr/share/grub/themes/manjaro/theme.txt"
# Uncomment to get a beep at GRUB start
#GRUB_INIT_TUNE="480 440 1"
GRUB_ENABLE_CRYPTODISK=y
# Uncomment this option to enable os-prober execution in the grub-mkconfig command
GRUB_DISABLE_OS_PROBER=false
#Custom Options for Dual Graphics Cards
GRUB_CMDLINE_LINUX="radeon.modeset=1 nvdia-drm.modeset=1"
I’m guessing that I’m supposed to modify the GRUB_CMDLINE_LINUX_DEFAULT
variable, but I’m not sure what to modify it to. There is obviously a format to the cryptdevice=UUID=059df4b4-5be4-44d6-a23a-de81135eb5b4:luks-disk root=/dev/mapper/luks-disk apparmor=1 security=apparmor resume=/dev/mapper/luks-81b2dc57-06f5-4471-b484-77c3a516f307
, but I have no idea what it is.
Is it cryptdevice=UUID=ACTUAL_DISK:luks-disk root=/dev/mapper/luks-disk apparmor=1 security=apparmor resume=/dev/mapper/luks-81b2dc57-06f5-4471-b484-77c3a516f307
or something else?
Can someone please help me solve this?
EDIT 0:
Main hypothesis, format is:
GRUB_CMDLINE_LINUX_DEFAULT="quiet cryptdevice=UUID=059df4b4-5be4-44d6-a23a-de81135eb5b4:luks-disk root=/dev/mapper/luks-disk apparmor=1 security=apparmor resume=/dev/mapper/luks-swap udev.log_priority=3"
Essentially of the form:
GRUB_CMDLINE_LINUX_DEFAULT="quiet cryptdevice=UUID=UUID_OF_ROOT:luks-disk root=/dev/mapper/luks-disk apparmor=1 security=apparmor resume=/dev/mapper/luks-swap udev.log_priority=3"
With the last tag being the swap ID.
EDIT 1:
After re-making the grub config file again (with all the grub-install options after mounting the EFI partition) and running update-grub
, the following error occurs:
(Updated the tables with the latest values since editing)
Upon getting past the password screen, I get:
[FAILED] Failed to Start Remount Root and Kernel File Systems
Using journalctl -p 2..3 -b -1
I got these errors:
Sep 10 10:43:23 MidnightStarSign kernel:
Sep 10 10:43:24 MidnightStarSign kernel: BTRFS error (device dm-0: state M): cannot disable free space tree
Sep 10 10:43:23 MidnightStarSign systemd-remount-fs[659]: /usr/bin/mount for / exited with exit status 32.
Sep 10 10:43:23 MidnightStarSign systemd-udevd[704]: /usr/lib/udev/rules.d/40-brscan5.rules:17 Invalid key 'SYSFS'
Sep 10 10:43:25 MidnightStarSign systemd-remount-fs[1815]: /usr/bin/mount for / exited with exit status 32.
Sep 10 10:43:25 MidnightStarSign systemd[1]: Failed to start Remount Root and Kernel File Systems.
Sep 10 10:43:25 MidnightStarSign kernel: BTRFS error (device dm-0: state M): cannot disable free space tree
Sep 10 10:43:25 MidnightStarSign systemd-remount-fs[1893]: /usr/bin/mount for / exited with exit status 32.
Sep 10 10:43:25 MidnightStarSign systemd[1]: Failed to start Remount Root and Kernel File Systems.
Sep 10 10:43:25 MidnightStarSign kernel: BTRFS error (device dm-0: state M): cannot disable free space tree
Sep 10 10:43:25 MidnightStarSign systemd-remount-fs[1968]: /usr/bin/mount for / exited with exit status 32.
Sep 10 10:43:25 MidnightStarSign systemd[1]: Failed to start Remount Root and Kernel File Systems.
Sep 10 10:43:25 MidnightStarSign kernel: BTRFS error (device dm-0: state M): cannot disable free space tree
Sep 10 10:43:25 MidnightStarSign kernel: usb 5-3: 3:1: cannot get freq at ep 0x84
Sep 10 10:43:26 MidnightStarSign systemd-remount-fs[2115]: /usr/bin/mount for / exited with exit status 32.
Sep 10 10:43:26 MidnightStarSign systemd[1]: Failed to start Remount Root and Kernel File Systems.
Sep 10 10:43:26 MidnightStarSign kernel: BTRFS error (device dm-0: state M): cannot disable free space tree
Sep 10 10:43:26 MidnightStarSign systemd[1]: Failed to start Remount Root and Kernel File Systems.
Sep 10 10:43:26 MidnightStarSign systemd[1]: Failed to start Remount Root and Kernel File Systems.
Sep 10 10:43:26 MidnightStarSign systemd[1]: Failed to start Remount Root and Kernel File Systems.
Sep 10 10:43:43 MidnightStarSign systemd-cryptsetup[2318]: Device luks-disk is still in use.
Sep 10 10:43:43 MidnightStarSign systemd-cryptsetup[2318]: Failed to deactivate: Device or resource busy
Sep 10 10:43:43 MidnightStarSign systemd-cryptsetup[2341]: device-mapper: remove ioctl on luks-swap failed: Device or resource busy
Sep 10 10:43:44 MidnightStarSign kernel: watchdog: watchdog0: watchdog did not stop!
Any ideas for what I should edit to get it to boot properly?