When you choose to install Manjaro with below option you may be greeted with a boot error failed to open keyfile and hibernation device not found.
- btrfs filesystem
- with full disk encryption
- enable swap
- enable hibernation (this part requires special attention)
The issue is due a missing configuration in the /etc/openswap.conf and has been troubleshooted in Calamares Github repo with EndevourOS developer @killajoe to nail it.
openswap provides early access to the configured swap thus facilitating resume from a hibernated state.
The file has 4 parts all populated with example values - and thus needs to be setup properly for your system.
The needed values can be retrieved using this command
lsblk -a
The following example is taken from my laptop using a default Manjaro install selecting btrfs, swap and hibernation.
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
nvme0n1 259:0 0 465,8G 0 disk
├─nvme0n1p1 259:1 0 300M 0 part /boot/efi
├─nvme0n1p2 259:2 0 456,7G 0 part
│ └─luks-38e022f5-df0d-4a9a-b63c-0b606bd8650f 254:0 0 456,7G 0 crypt /var/cache
│ /var/log
│ /home
│ /
└─nvme0n1p3 259:3 0 8,8G 0 part
└─luks-0bed12b5-f37f-432a-ac2c-ad2f216ecdca 254:1 0 8,8G 0 crypt [SWAP]
Quite obviously you need to replace the example values with actual values from your system.
1. swap device identification
default entries
## cryptsetup open $swap_device $crypt_swap_name
## get uuid using e.g. lsblk -f
swap_device=/dev/disk/by-uuid/2788eb78-074d-4424-9f1d-ebffc9c37262
crypt_swap_name=cryptswap
modifed entries
Using the output we modify the default to contain the value for the swap partition placing the UUID part in swap_device line
swap_device=/dev/disk/by-uuid/0bed12b5-f37f-432a-ac2c-ad2f216ecdca
And the name luks-UUID as the crypt_swap_name
crypt_swap_name=luks-0bed12b5-f37f-432a-ac2c-ad2f216ecdca
2. keyfile location
default entries
## one can optionally provide a keyfile device and path on this device
## to the keyfile
keyfile_device=/dev/mapper/cryptroot
keyfile_filename=etc/keyfile-cryptswap
modified entries
Then we modify the keyfile deivce options - setting the device identifier - this time it is the luks partition containing the root
keyfile_device=/dev/mapper/luks-38e022f5-df0d-4a9a-b63c-0b606bd8650f
and a pointer to the file - usually in the system root
keyfile_filename=crypto_keyfile.bin
3. keyfile device mount options
default entries
## additional arguments are given to mount for keyfile_device
## has to start with --options (if so desired)
#keyfile_device_mount_options="--options=subvol=__active/__"
modified entry
This part is crucial for the system to be able to mount the device containing the keyfile
keyfile_device_mount_options="--options=subvol=@"
4. luks options for swap device
default entries
## additional arguments are given to cryptsetup
## --allow-discards options is desired in case swap is on SSD partition
cryptsetup_options="--type luks"
modified entry (optional)
This part requires minimal attention - you could do as suggested and add the discards
cryptsetup_options="--type luks --allow-discards"
Then run
sudo mkinitcpio -P
And you are done.