GNU bug report logs -
#35875
Guix won't boot after installation with fully encrypted disk
Previous Next
To reply to this bug, email your comments to 35875 AT debbugs.gnu.org.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Thu, 23 May 2019 22:14:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Reg <reg <at> disroot.org>:
New bug report received and forwarded. Copy sent to
bug-guix <at> gnu.org.
(Thu, 23 May 2019 22:14:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi!
Note: There was some discussion about this on IRC a couple of weeks ago.
Guix won't boot on my ThinkPad T430 after an installation with fully
encrypted disk:
* First, at the end of the installation, I'm getting the following error
message multiple times: "device-mapper: remove ioctl on cryptroot
failed: Device or resource busy"
* On boot, I am being prompted for the encryption key. So far so good.
The Grub menu is then displayed and disappears after a few seconds – as
it should – after which the computer is stuck on the Grub background image:
* Here are the Grub commands:
* As a test, I added an echo command at the very end. It got displayed.
* It happens on both 1.0.0 and 1.0.1.
* It happens both with and without a separate home partition.
* It happens on the two SSDs I had at hand.
* It does not happen if only the home partition is encrypted.
* I also tested this in a virtual machine. The issue did NOT happen.
Thanks,
Reg
[Message part 2 (text/html, inline)]
[installation_error.jpg (image/jpeg, inline)]
[stuck.jpg (image/jpeg, inline)]
[grub_commands.png (image/png, inline)]
[0x9F050302D494046E.asc (application/pgp-keys, attachment)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Fri, 24 May 2019 17:01:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 35875 <at> debbugs.gnu.org (full text, mbox):
Hello,
Reg <reg <at> disroot.org> skribis:
> Note: There was some discussion about this on IRC a couple of weeks ago.
>
> Guix won't boot on my ThinkPad T430 after an installation with fully encrypted disk:
>
> * First, at the end of the installation, I'm getting the following error message multiple times: "device-mapper: remove ioctl on cryptroot failed: Device or resource busy"
These messages are annoying but really harmless.
> * On boot, I am being prompted for the encryption key. So far so good. The Grub menu is then displayed and disappears after a few seconds – as it should – after which the computer is stuck on the Grub
Weird.
Does your compute have an AMD graphics card that could lead the kernel
(KMS) to wreck havoc during initialization?
Did you have hardware-related problems with other free GNU/Linux distros
on this machine before?
Thanks,
Ludo’.
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Sat, 25 May 2019 08:38:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 35875 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hello Reg,
Ludovic Courtès <ludo <at> gnu.org> writes:
[...]
>> On boot, I am being prompted for the encryption key. So far so
>> good. The Grub menu is then displayed and disappears after a few
>> seconds – as it should – after which the computer is stuck on the
>> Grub
>
> Weird.
The strange behaviour here is that you reported it does not happen if
only the home partition is encrypted: if this is true this could not be
a GPU issue.
I'm going to test a full encrypted root install on bare metal and will
report back on this
> Does your compute have an AMD graphics card that could lead the kernel
> (KMS) to wreck havoc during initialization?
AFAIU ThinkPad T430 could come with an additional "NVIDIA NVS 5400M" GPU
[1] that is very Linux _unfriendly_; you can check this by booting
your machine as detailed below and doing a "lspci -nnn | grep VGA"
Anyway, to check if GPU is the problem here could you please add
"modprobe.blacklist=radeon" [2] (or vga=791 if this does not work [3])
to the "linux" kernel arguments and report back the error messages, if
any?
To add that kernel argument, you have to enter edit mode in Grub by
pressing "e" before the timeout (or press ESC to stop the timeout) and
edit the "linux" Grub line
If blacklisting radeon module works for you, you should add it to your
(operating-system ...) definition to make it permanent, something like:
(kernel-arguments '("modprobe.blacklist=radeon"))
HTH! Gio'.
[...]
[1] http://www.lapspecs.com/detail/lenovo+thinkpad+t430
http://www.thinkwiki.org/wiki/Debian_Nvidia_Drivers_on_the_T530
[2] Grub configuration in the installarion ISO have that parameter
[3] should not be the case since the installer worked for you without
that kernel argument
--
Giovanni Biscuolo
Xelera IT Infrastructures
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Sat, 25 May 2019 12:55:01 GMT)
Full text and
rfc822 format available.
Message #14 received at 35875 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi Ludovic and Giovanni,
>> Does your compute have an AMD graphics card that could lead the kernel
>> (KMS) to wreck havoc during initialization?
No AMD but...
> AFAIU ThinkPad T430 could come with an additional "NVIDIA NVS 5400M" GPU
> [1] that is very Linux _unfriendly_; you can check this by booting
> your machine as detailed below and doing a "lspci -nnn | grep VGA"
...indeed:
$ lspci -nnn|grep VGA
00:02.0 VGA compatible controller [0300]: Intel Corporation 3rd Gen Core
processor Graphics Controller [8086:0166] (rev 09)
01:00.0 VGA compatible controller [0300]: NVIDIA Corporation GF108M [NVS
5400M] [10de:0def] (rev a1)
> Anyway, to check if GPU is the problem here could you please add
> "modprobe.blacklist=radeon" [2] (or vga=791 if this does not work [3])
> to the "linux" kernel arguments and report back the error messages, if
> any?
No error message & still the same issue with both these arguments.
> Did you have hardware-related problems with other free GNU/Linux distros
> on this machine before?
I've been using Parabola on this computer for several years without
problems, but none of my disks were encrypted.
Thanks for the support,
Reg
[0x9F050302D494046E.asc (application/pgp-keys, attachment)]
[signature.asc (application/pgp-signature, attachment)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Wed, 29 May 2019 16:25:01 GMT)
Full text and
rfc822 format available.
Message #17 received at 35875 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hello Reg,
Reg <reg <at> disroot.org> writes:
[...]
>> Anyway, to check if GPU is the problem here could you please add
>> "modprobe.blacklist=radeon" [2] (or vga=791 if this does not work [3])
>> to the "linux" kernel arguments and report back the error messages, if
>> any?
> No error message & still the same issue with both these arguments.
OK so it seems this is not related to your GPU but to disk encryption
I cannot reproduce your very same situation: I'm using a manual
partition scheme (not the guided one) since I want to presenve a couple
partitions on my HD
I was able to install and boot Guix on an encrypted BTRFS partition with
no issues, this is what the installer configured for bootloader,
mapped-devices and file-systems:
--8<---------------cut here---------------start------------->8---
(bootloader
(bootloader-configuration
(bootloader grub-efi-bootloader)
(target "/boot/efi")
(keyboard-layout keyboard-layout)))
(mapped-devices
(list (mapped-device
(source
(uuid "228371e9-9cd7-4bb5-8976-d65029892b8e"))
(target "guix")
(type luks-device-mapping))))
(file-systems
(cons* (file-system
(mount-point "/")
(device "/dev/mapper/guix")
(type "btrfs")
(dependencies mapped-devices))
(file-system
(mount-point "/boot/efi")
(type "vfat"))
%base-file-systems))
--8<---------------cut here---------------end--------------->8---
I first had to insert the LUKS encryption key to let Grub start, then I
had to enter the same key after Grub booted
>> Did you have hardware-related problems with other free GNU/Linux distros
>> on this machine before?
> I've been using Parabola on this computer for several years without
> problems, but none of my disks were encrypted.
Please are you able to connect to ssh to your laptop during installation
(before rebooting) [1] and paste here the content of /mnt/etc/config.scm
generated by the installer?
Thanks! Gio'.
[1] you can switch to a console with CTRL-ALT-F3, set the root password
(passwd) and "herd start ssh-daemon"
--
Giovanni Biscuolo
Xelera IT Infrastructures
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Wed, 29 May 2019 20:54:01 GMT)
Full text and
rfc822 format available.
Message #20 received at 35875 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi Giovanni,
Here's the content of /mnt/etc/config.scm:
--8<---------------cut here---------------start------------->8---
;; This is an operating system configuration generated
;; by the graphical installer.
(use-modules (gnu))
(use-service-modules desktop networking ssh xorg)
(operating-system
(locale "en_US.utf8")
(timezone "Europe/Stockholm")
(keyboard-layout (keyboard-layout "fr" "mac"))
(bootloader
(bootloader-configuration
(bootloader grub-efi-bootloader)
(target "/boot/efi")
(keyboard-layout keyboard-layout)))
(mapped-devices
(list (mapped-device
(source
(uuid "e613d30e-c46f-4cb3-8bde-409009be5e2e"))
(target "cryptroot")
(type luks-device-mapping))))
(file-systems
(cons* (file-system
(mount-point "/boot/efi")
(device (uuid "2E91-4865" 'fat32))
(type "vfat"))
(file-system
(mount-point "/")
(device "/dev/mapper/cryptroot")
(type "ext4")
(dependencies mapped-devices))
%base-file-systems))
(host-name "xiu")
(users (cons* (user-account
(name "reg")
(comment "Reg")
(group "users")
(home-directory "/home/reg")
(supplementary-groups
'("wheel" "netdev" "audio" "video")))
%base-user-accounts))
(packages
(append
(list (specification->package "i3-wm")
(specification->package "nss-certs"))
%base-packages))
(services
(append
(list (service gnome-desktop-service-type)
(service openssh-service-type)
(set-xorg-configuration
(xorg-configuration
(keyboard-layout keyboard-layout))))
%desktop-services)))
--8<---------------cut here---------------end--------------->8---
Thanks for the support,
Reg
Am 2019-05-29 um 18:24 schrieb Giovanni Biscuolo:
> Hello Reg,
>
> Reg <reg <at> disroot.org> writes:
>
> [...]
>
>>> Anyway, to check if GPU is the problem here could you please add
>>> "modprobe.blacklist=radeon" [2] (or vga=791 if this does not work [3])
>>> to the "linux" kernel arguments and report back the error messages, if
>>> any?
>> No error message & still the same issue with both these arguments.
> OK so it seems this is not related to your GPU but to disk encryption
>
> I cannot reproduce your very same situation: I'm using a manual
> partition scheme (not the guided one) since I want to presenve a couple
> partitions on my HD
>
> I was able to install and boot Guix on an encrypted BTRFS partition with
> no issues, this is what the installer configured for bootloader,
> mapped-devices and file-systems:
>
> --8<---------------cut here---------------start------------->8---
> (bootloader
> (bootloader-configuration
> (bootloader grub-efi-bootloader)
> (target "/boot/efi")
> (keyboard-layout keyboard-layout)))
> (mapped-devices
> (list (mapped-device
> (source
> (uuid "228371e9-9cd7-4bb5-8976-d65029892b8e"))
> (target "guix")
> (type luks-device-mapping))))
> (file-systems
> (cons* (file-system
> (mount-point "/")
> (device "/dev/mapper/guix")
> (type "btrfs")
> (dependencies mapped-devices))
> (file-system
> (mount-point "/boot/efi")
> (type "vfat"))
> %base-file-systems))
> --8<---------------cut here---------------end--------------->8---
>
> I first had to insert the LUKS encryption key to let Grub start, then I
> had to enter the same key after Grub booted
>
>>> Did you have hardware-related problems with other free GNU/Linux distros
>>> on this machine before?
>> I've been using Parabola on this computer for several years without
>> problems, but none of my disks were encrypted.
> Please are you able to connect to ssh to your laptop during installation
> (before rebooting) [1] and paste here the content of /mnt/etc/config.scm
> generated by the installer?
>
> Thanks! Gio'.
>
> [1] you can switch to a console with CTRL-ALT-F3, set the root password
> (passwd) and "herd start ssh-daemon"
>
[signature.asc (application/pgp-signature, attachment)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Thu, 30 May 2019 12:12:01 GMT)
Full text and
rfc822 format available.
Message #23 received at 35875 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hello Reg,
Reg <reg <at> disroot.org> writes:
[...]
> (bootloader
> (bootloader-configuration
> (bootloader grub-efi-bootloader)
> (target "/boot/efi")
> (keyboard-layout keyboard-layout)))
> (mapped-devices
> (list (mapped-device
> (source
> (uuid "e613d30e-c46f-4cb3-8bde-409009be5e2e"))
> (target "cryptroot")
> (type luks-device-mapping))))
> (file-systems
> (cons* (file-system
> (mount-point "/boot/efi")
> (device (uuid "2E91-4865" 'fat32))
> (type "vfat"))
> (file-system
> (mount-point "/")
> (device "/dev/mapper/cryptroot")
> (type "ext4")
> (dependencies mapped-devices))
> %base-file-systems))
[...]
On a test machine I practically have the very same bootloader,
mapped-device and file-systems configuration and I've no problems
booting
Are you sure your laptop does not boot at all? I mean: can't you switch
to a different tty (CTRL-ALT-F2) and see a console login?
I'm out of ideas here, sorry
HTH! Gio'.
--
Giovanni Biscuolo
Xelera IT Infrastructures
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Thu, 30 May 2019 13:41:01 GMT)
Full text and
rfc822 format available.
Message #26 received at 35875 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi,
On 2019-05-30 14:10, Giovanni Biscuolo wrote:
> Are you sure your laptop does not boot at all? I mean: can't you switch
> to a different tty (CTRL-ALT-F2) and see a console login?
Nothing happens when I press CTRL-ALT-F2, F3, ...
The only key combination that has any effect is CTRL-ALT-DEL.
Thanks for the support,
Reg
[signature.asc (application/pgp-signature, attachment)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Fri, 31 May 2019 22:02:02 GMT)
Full text and
rfc822 format available.
Message #29 received at 35875 <at> debbugs.gnu.org (full text, mbox):
Hi Reg,
Reg <reg <at> disroot.org> skribis:
> On 2019-05-30 14:10, Giovanni Biscuolo wrote:
>> Are you sure your laptop does not boot at all? I mean: can't you switch
>> to a different tty (CTRL-ALT-F2) and see a console login?
> Nothing happens when I press CTRL-ALT-F2, F3, ...
> The only key combination that has any effect is CTRL-ALT-DEL.
Could it be that it boots but that display is completely broken?
Can you ping it or connect to it over SSH?
Thanks,
Ludo’.
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Sat, 01 Jun 2019 07:20:01 GMT)
Full text and
rfc822 format available.
Message #32 received at 35875 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi Ludo,
SSH does not work. No response to ping.
Thanks for the support,
Reg
On 2019-06-01 00:01, Ludovic Courtès wrote:
> Hi Reg,
>
> Reg <reg <at> disroot.org> skribis:
>
>> On 2019-05-30 14:10, Giovanni Biscuolo wrote:
>>> Are you sure your laptop does not boot at all? I mean: can't you switch
>>> to a different tty (CTRL-ALT-F2) and see a console login?
>> Nothing happens when I press CTRL-ALT-F2, F3, ...
>> The only key combination that has any effect is CTRL-ALT-DEL.
> Could it be that it boots but that display is completely broken?
>
> Can you ping it or connect to it over SSH?
>
> Thanks,
> Ludo’.
[0x9F050302D494046E.asc (application/pgp-keys, attachment)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Sat, 28 Mar 2020 12:43:02 GMT)
Full text and
rfc822 format available.
Message #35 received at submit <at> debbugs.gnu.org (full text, mbox):
Hello Reg!
On Thu, May 23, 2019 at 11:41:40PM +0200, Reg wrote:
> Guix won't boot on my ThinkPad T430 after an installation with fully
> encrypted disk:
A friend had an issue that looked similar on an HP laptop (no
Thinkpad) in Guix System. GRUB got stuck either after entering the
encryption key or, without encryption, when booting Guix. The
resolution was to enable CSM Legacy Support in the UEFI/BIOS settings
(even though it is a grub-efi-bootloader install). Maybe this is
something to try if you or someone else has such an issue again.
Regards,
Florian
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Mon, 30 Mar 2020 02:36:06 GMT)
Full text and
rfc822 format available.
Message #38 received at submit <at> debbugs.gnu.org (full text, mbox):
Hi Florian,
Thank you very much for getting back to me! CSM legacy support was
already enabled on my ThinkPad but guess what.. *Disabling* it fixed the
problem! My computer is booting without issues now with a fully
encrypted disk.
Thank you so much!
Best regards,
Reg
On 2020-03-28 13:42, pelzflorian (Florian Pelz) wrote:
> Hello Reg!
>
> On Thu, May 23, 2019 at 11:41:40PM +0200, Reg wrote:
>> Guix won't boot on my ThinkPad T430 after an installation with fully
>> encrypted disk:
>
> A friend had an issue that looked similar on an HP laptop (no
> Thinkpad) in Guix System. GRUB got stuck either after entering the
> encryption key or, without encryption, when booting Guix. The
> resolution was to enable CSM Legacy Support in the UEFI/BIOS settings
> (even though it is a grub-efi-bootloader install). Maybe this is
> something to try if you or someone else has such an issue again.
>
> Regards,
> Florian
>
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Mon, 30 Mar 2020 02:36:26 GMT)
Full text and
rfc822 format available.
Message #41 received at 35875 <at> debbugs.gnu.org (full text, mbox):
On Sat, Mar 28, 2020 at 10:39:28PM +0100, Reg wrote:
> Hi Florian,
>
> Thank you very much for getting back to me! CSM legacy support was already
> enabled on my ThinkPad but guess what.. *Disabling* it fixed the problem! My
> computer is booting without issues now with a fully encrypted disk.
>
> Thank you so much!
>
> Best regards,
> Reg
>
This is nice to hear. Thank you for testing; very quick. BTW your
message did not go through to the bug report; probably it was my
mistake putting the wrong list in Cc.
Now I wonder where this should be documented. Should there be a
Troubleshooting section in the manual?
Regards,
Florian
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Sat, 29 Oct 2022 18:29:02 GMT)
Full text and
rfc822 format available.
Message #44 received at submit <at> debbugs.gnu.org (full text, mbox):
Hi,
Im having this exact same issue: I can enter the password once to unlock
the disk, then after selecting the grub entry I am stuck at the Guix
grub screen.
I have used terminal based "manual" install, graphical guided install
for full disk - all on one partition - and graphical guided install with
manually created separate /boot partition.
Only non-encrypted disk works to boot install. Also, btrfs fails, ext4
works.
This is using the current 1.3 installer image.
The reason I attempted this installation is because my
full-disk-encryption installation that's a couple years old or so failed
to boot upon reboot, and I did not have any previous generation that I
could select from the grub menu that would boot either - i.e. my Guix
system broke.
I'm considering using an old 1.2 installer image, but Im not sure
whether I should just wait for a 1.4 release, or if there are other
suggestions?
And, I can't ping or ssh to the machine, after Im stuck at the Guix grub
boot screen.
If this is just me and Reg - it's weird. I mean I suppose the full disk
encryption option has been tested by someone before releasing the
installer?
What should I try next?
Best regards,
David
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Sun, 30 Oct 2022 09:06:02 GMT)
Full text and
rfc822 format available.
Message #47 received at 35875 <at> debbugs.gnu.org (full text, mbox):
Hi david,
david larsson <david.larsson <at> selfhosted.xyz> writes:
> What should I try next?
Can you try the latest installer iso in the meantime, the one at [1]?
[1] https://guix.gnu.org/en/download/latest/
Best,
--
Josselin Poiret
Information forwarded
to
bug-guix <at> gnu.org:
bug#35875; Package
guix.
(Sun, 30 Oct 2022 12:28:02 GMT)
Full text and
rfc822 format available.
Message #50 received at 35875 <at> debbugs.gnu.org (full text, mbox):
Hi Josselin,
Thanks for your help with this issue. I tried ur suggestion and got the
same results. However, the comment about CSM legacy support gave me a
hint from which I managed to "solve" it: my laptop uses OSBoot, and I
always boot with the Seabios payload, but booting from the Grub
commandline without loading Seabios actually worked fine. Just never
occured to me to try it until I saw that email reply.
Thanks!
//David
On 2022-10-30 10:05, Josselin Poiret wrote:
> Hi david,
>
> david larsson <david.larsson <at> selfhosted.xyz> writes:
>
>> What should I try next?
>
> Can you try the latest installer iso in the meantime, the one at [1]?
>
> [1] https://guix.gnu.org/en/download/latest/
>
> Best,
This bug report was last modified 2 years and 224 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.