Installing Salix into luks encrypted multidevice btrfs

[ragbusswarty]

Hello,
I've followed this guide to do fde with btrfs:
https://wiki.archlinux.org/index.php/Dm ... _with_swap
And my problem is "how can i install Salix into this?". I tried to install Salix with installer to other partition and then cp -a it to my encrypted btrfs volume but this way made me into problem with grub-install (it said it can't acces /boot directory).

Is there a simpler way? xd
Like installation with the command line.

[mimosa]

As it says there, /boot/efi needs to be mounted separately elsewhere. I'm not sure if the installer supports this (I didn't even know it was possible), but in any case, it may as well just be /boot. /boot has to be vfat for EFI.

It's possible an initrd will be needed to cope with the encrypted setup, but you could just try without first.

[ragbusswarty]

Thanks for your reply,
I forgot to say that i don't have UEFI so in the partitiom scheme I have bios-boot partition instead. I've been thinking that maybe UEFI is neccesery for this partition scheme to work but I found no info about that.

[mimosa]

Although I have no experience of the kind of setup you describe, it does on the face of it seem likely you'd need an unencrypted /boot. The bootloader doesn't "know" about encryption.

[westms]

@ ragbusswarty
Lilo can not decrypt data from encrypted file systems and GPT partitions are not required.

Please read this: https://saivnoba.wordpress.com/2012/05/ ... trfs-root/
It explains everything and if you can understand it, you will then be able to realize your wishes. The text shows a pattern after you can proceed. It is not only suitable for external USB drives.

[ragbusswarty]

@ westms
Yeah I know that's why I wanted to install grub but thanks to your guide I will give LILO a try. Because with LILO I can't encrypt /boot I decided to modify my scheme. Now i have luks encrypted btrfs but with luksheader and /boot partition on another device.

I followed this guide but when I try to run ./mkinitrd_command_generator.sh this message comes up:

Code: Select all

Modules for kernel 4.4.14 aren't installed.

Which is awkward because I have kernel-modules installed.

Please help
(I try to install Salix 14.2 xfce)

[westms]

@ westms
Yeah I know that's why I wanted to install grub but thanks to your guide I will give LILO a try.

I did't noticed that you use Grub. I did't get the idea, probably because I use GPT together with Lilo.

I followed this guide but when I try to run ./mkinitrd_command_generator.sh this message comes up:

Code: Select all

Modules for kernel 4.4.14 aren't installed.

Which is awkward because I have kernel-modules installed.

Please help
(I try to install Salix 14.2 xfce)

Really the 32-bit version?

The original kernel version for Salix64 Xfce 14.2 is 4.4.19. When I lock in my installation Salix64 Xfce 14.2 -- I usually use 14.1 and can not switch quickly -- then I see that I have kernel modules installed in version 4.4.19.

What are you doing, so the script asks for modules version 4.4.14?
The named shell script checks the module versions in /lib/modules. What versions are listed there on your system?
It also tries to read the version from the first and second parameter in the script call. What parameters did you specify?

Only for clarification, if the kernel version is changed, at least the kernel header files and the kernel modules must also be of the same version. The requirements are described here as examples: https://docs.salixos.org/wiki/How_to_in ... ent_kernel


Some questions about grub and btrfs are also discussed here:
https://btrfs.wiki.kernel.org/index.php ... t_btrfs.3F

I can not stand Grub 2, so I get out of the way as far as I can.

[ragbusswarty]

In the /lib/modules/ I have proper 4.4.19 directory.

I was launching this script without any options I didn't know that it have options. Now I run it with -k 4.4.19 and it generates me a command:

Code: Select all

mkinitrd -c -k 4.4.19 -f btrfs -r salix-1 -m usb-storage:ehci-hcd:ehci-pci:xhci-pci:ohci-pci:xhci-hcd:uhci-hcd:hid:usbhid:i2c-hid:hid_generic:hid-cherry:hid-logitech:hid-logitech-dj:hid-logitech-hidpp:hid-lenovo:hid-microsoft:hid_multitouch:btrfs -C /dev/sda -u -o /boot/initrd.gz

I modified some options in this generated command:
To decrypt other disks that stack up into my btrfs:

Code: Select all

 -C /dev/sda /dev/sdb /dev/sdc /dev/sdd

And I've added -B option to scan for my multidevice btrfs.

But I suppose that it's not enough, I think that I need to somewhat inform luks in initrd of detached headers. (I have no experience with mkinitrd)

(Yes I try to install Salix64 I forgot to mention it)

[westms]

I was launching this script without any options I didn't know that it have options. Now I run it with -k 4.4.19 and it generates me a command:

Code: Select all

mkinitrd -c -k 4.4.19 -f btrfs -r salix-1 -m usb-storage:ehci-hcd:ehci-pci:xhci-pci:ohci-pci:xhci-hcd:uhci-hcd:hid:usbhid:i2c-hid:hid_generic:hid-cherry:hid-logitech:hid-logitech-dj:hid-logitech-hidpp:hid-lenovo:hid-microsoft:hid_multitouch:btrfs -C /dev/sda -u -o /boot/initrd.gz

I modified some options in this generated command:
To decrypt other disks that stack up into my btrfs:

Code: Select all

 -C /dev/sda /dev/sdb /dev/sdc /dev/sdd

And I've added -B option to scan for my multidevice btrfs.

From mkinitrd man page:

Code: Select all

-r root partition
   Specify the device to be used as the root partition.  If this isn't given, the kernel default will be used (which is usually fine).  This option must be used together with the -f option in order to be beneficial.

The generated command has -r salix-1 as parameter.

Is this salix-1 the name, perhaps the partition label, of your root partition?

The man page says:

Code: Select all

-C device list
   A  colon  (:)  delimited list of luks encrypted block devices [...]

But you used -C /dev/sda /dev/sdb /dev/sdc /dev/sdd . Thats not colon delimited, so wrong. The rest does not seem to be wrong.

But I suppose that it's not enough, I think that I need to somewhat inform luks in initrd of detached headers.

Is Btrfs offered as one of the possible file systems for the Salix installation? Or does it have to be set up afterwards? I ask this because I have no memory of this part of the installation process.

Do you have to start immediately with the LUKS extension? Or can you even try btrfs without LUKS set up? If this works, you know that there is a problem with understanding LUKS.

I have only once setup btrfs. That was in the time when Slackware 13.37 was up to date. This is why I have the link to the page "Slackware on external (USB) harddisk with btrfs root".

Perhaps it is useful to look for further and more recent instructions. I saw some on the web, but not for Slackware. If no solution is possible and nothing can be found on the web at all, then a help request at http://www.linuxquestions.org/questions/slackware-14/ could be useful. But do not write that you are trying to use Salix.

You also do not write what happens when you used mkinitrd. Is an initrd image created?
If so, and you have Lilo in use and /etc/lilo.conf is adapted and you boot thereby, what is the consequence?
If necessary, please show your /etc/lilo.conf content.

[ragbusswarty]

salix-1 is the name of decrypted /dev/sda and after writing this post I changed this parameter to full directory -r /dev/mapper/salix-1. And I did not generate it because I want to be sure that parameters are written correct.

Because of lack of documentation I gave up on setting system with detached luks headers, maybe I will try to do this when I will get more expirienced.
For some case LILO didn't want to (boot?) (bios showed me that there is no partiton selected or something like this) from MBR of my pendrive even though it showed me no errors during installation. So I swapped it for grub which worked for me very well (thanks to the guide in this forum). I followed archwiki grub#encryption article and yay! I'm able to boot... but into the initrd error:

Code: Select all

modprobe: ERROR: could not insert 'btrfs' : Cannot allocate memory
Unlocking LUKS encrypted device '/dev/sdd' [        10.806763] sd 8:0:0:0 [sde] No Caching mode
page found
[    10.807129] sd 8:0:0:0 [sde] Assuming drive cache: write through
[    92.711203] udevd[380]: failed to execute '/sbin/dmsetup' '/sbin/dmsetup udev flags 5117933' No such file or directory
[    92.712162] udevd[381]: failed to execute '/sbin/dmsetup' '/sbin/dmsetuo udev complete 5117933' No such file or directory

(I have no other way but to write this log with my bare hands so please ask for clarification if neccesery)
I suppose that this comes from misunderstanding what colon delimited is. xd (I know that colon is : and I also know what delimited means but I can imagine delimitation with colons in many ways) So after your comment I changed -C parm into something like (i don't remember exacly) this "-C /dev/sda:/dev/sdb:/dev/sdc:/dev/sdd". After that I generated it. Can you write me an exemple of proper -C parm?

Installer does not have option to create multidevice btrfs partition nor mdadm raid so I had to partition my drive manually.