GNU bug report logs - #21843
Generated grub.cfg does not support encrypted roots

Previous Next

Package: guix;

Reported by: ludo <at> gnu.org (Ludovic Courtès)

Date: Fri, 6 Nov 2015 15:53:02 UTC

Severity: important

Tags: fixed, patch

Done: ludo <at> gnu.org (Ludovic Courtès)

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Andreas Enge <andreas <at> enge.fr>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 21843 <at> debbugs.gnu.org
Subject: bug#21843: Generated grub.cfg does not support encrypted roots
Date: Tue, 8 Mar 2016 20:33:09 +0100

What is needed are the following two lines at the beginning of grub.cfg:

insmod luks
cryptomount -u 1aa...

where 1aa... is the result of "cryptsetup luksUUID /dev/sda2".

So the logic outlined in my previous message works:
Determine the mapped-devices /dev/sdXY of type luks-device-mapping that
lead to a file-system with needed-for-boot? set to #t.
Using
   cryptsetup luksUUID /dev/sdXY
determine a corresponding uuid 12345...0.
If any such mapped-device exists, add
   insmod luks
as the first line of grub.cfg. For any such mapped-device, add a line
   cryptomount -u 12345...0
right after that.

To simplify the logic, we could also move the needed-for-boot? parameter
to mapped-device, or add such a parameter there.

Andreas
This bug report was last modified 8 years and 242 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.