My manjaro system is installed to sda1 (root (/), boot (/boot), home (/home) are all on sda1) and swap on sda2.
Both sda1 and sda2 are encrypted with LUKS. And my system uses BIOS and not UEFI (sda has an msdos partition table and there isn’t any /boot/EFI directory on my system).
Currently, everything works fine. I don’t want to mess something when I reinstall grub. So I want to verify in advance that I’m doing things correctly. manjaro is my main workstation.
Maybe I should also mention that I have another disk (sde) with a ubuntu partition and a swap partition on it.
When I start my PC I get to a screen where I need to type the password to un-encrypt sda1. After I put the correct password, I get to the manjaro grub menu where I can choose between manjaro (the default OS) and ubuntu. If I change boot sequence to the ubuntu disk, then ubuntu loads without having to unencrypt sda1 and without entering the manjaro grub menu. I get directly to the ubuntu grub menu).
I tried finding some information about grub-installer with LUKS and BIOS and couldn’t find what I was looking for.
So my main question is:
What should I do in order to fix the boot hole and not find myself locked out because of the LUKS encryption on sda1?
- Should I upgrade all packages and then, before I reboot the pc do:
grub-install --recheck /dev/sda
Or should I first reboot so that the new packages be loaded and then run those 3 commands?
Some people suggested using “sudo grub-install --recheck –no-rs-codes /dev/sda”. How can I know if in order to keep everything as it is, I should or shouldn’t use --no-rs-codes?
Should I do anything special because of the LUKS encryption of the root directory? I read that people that only encrypt /home don’t need to fear anything. But I couldn’t find any reference to people who have their whole system encrypted.
I hope you can give me some advice.