[SOLVED]initramfs cryptroot (evms_activate is not available)

Kernels & Hardware, configuring network, installing services

[SOLVED]initramfs cryptroot (evms_activate is not available)

Postby narcisgarcia » 2011-12-29 16:40

I'm using Debian GNU/Linux 6.03

This is in a single-disk computer (x86) with encrypted partition for root filesystem (boots well):
Code: Select all
$ cryptsetup --version
cryptsetup 1.1.3
$ apt-cache show initramfs-tools | grep -ie "version"
Version: 0.98.8
$ mkdir /tmp/test1
$ cd /tmp/test1
$ cp /boot/initrd.img-2.6.32-5-686 .
$ gunzip -c -9 initrd.img-2.6.32-5-686 | cpio -i -d -H newc --no-absolute-filenames
48241 blocks
$ find / -name "cryptroot"
/usr/share/initramfs-tools/hooks/cryptroot
/usr/share/initramfs-tools/scripts/local-top/cryptroot
/tmp/test1/conf/conf.d/cryptroot
/tmp/test1/scripts/local-top/cryptroot


This is in a multiple-disk (software RAID5e) computer (amd64) with encrypted volume for root filesystem in it (fails to boot):
Code: Select all
$ cryptsetup --version
cryptsetup 1.1.3
$ apt-cache show initramfs-tools | grep -ie "version"
Version: 0.98.8
$ mkdir /tmp/test1
$ cd /tmp/test1
$ cp /boot/initrd.img-2.6.32-5-amd64 .
$ gunzip -c -9 initrd.img-2.6.32-5-amd64 | cpio -i -d -H newc --no-absolute-filenames
71017 blocks
$ find / -name "cryptroot"
/usr/share/initramfs-tools/hooks/cryptroot
/usr/share/initramfs-tools/scripts/local-top/cryptroot
/tmp/test1/scripts/local-top/cryptroot


Note that in the second computer update-initramfs doesn't include the file "conf/conf.d/cryptroot" (as I read somewhere it should be generated by cryptsetup), and then when booting cryptsetup shows an error "evms_activate is not available".

I've seen the following related pages:
https://bugs.launchpad.net/bugs/663053
viewtopic.php?f=10&t=59239
http://us.generation-nt.com/answer/bug- ... 93941.html

But no one explains how to fix this behaviour for future kernel updates.
Last edited by narcisgarcia on 2011-12-29 17:50, edited 1 time in total.
narcisgarcia
 
Posts: 5
Joined: 2010-10-14 11:02

Re: initramfs without cryptroot (evms_activate is not availa

Postby narcisgarcia » 2011-12-29 17:48

I see this is a bug in the installation process.
To solve it in my case, I had to boot in a Live-USB, assemble the RAID with the same path as expected in the installed system (/dev/md/0), unlock the encrypted volume with the same name as expected in the installed system (md0_crypt), chroot into the installed root filesystem and mount /boot , and finally rebuild the initrd:
Code: Select all
update-initramfs -u -k all


Before this, when update-initramfs I was getting the following messages, because I was using a different name for encrypted volume than in /etc/crypttab
Code: Select all
cryptsetup: WARNING: invalid line in /etc/crypttab -

It's necessary to have the content in /etc/crypttab matching all the data with the available devices/mounts.
narcisgarcia
 
Posts: 5
Joined: 2010-10-14 11:02

Re: [SOLVED]initramfs cryptroot (evms_activate is not availa

Postby brownster » 2013-01-16 11:19

Just wanted to thank you for posting your solution, it helped me pin point the problem which in my case was I had incorrectly set the UUID in the /etc/crypttab file to point to the logical volume when it should the UUID of the physical device partition, in my case /dev/sda2

Cheers,

Brownster
brownster
 
Posts: 1
Joined: 2012-12-27 21:25

Re: [SOLVED]initramfs cryptroot (evms_activate is not availa

Postby fedek9 » 2013-07-22 21:50

I just wanted to follow up on this one as I had an issue with LVM on luks encrypted RAID partition, running Debian Wheezy. Besides the installer not being able to do this (perhaps due to large disks, GPT) so you have to install on one disk and then set up the software raid afterwards, the debian initramfs-tools won't handle this in the right order. You will be dropped into the (initramfs)-shell, before being able to enter passphrase, because it fails finding your volume group/logical volumes before doing cryptsetup. I eventually solved this with this script in /etc/initramfs-tools/scripts/local-top/cryptraid
Code: Select all
#!/bin/sh
PREREQ="mdadm"
prereqs()
{
     echo "$PREREQ"
}

case $1 in
prereqs)
     prereqs
     exit 0
     ;;
esac

cryptsetup luksOpen /dev/md1 unlockedevicename
lvm vgscan
lvm vgchange -ay

And then 'dpkg-reconfigure <kernel-package-name>'.


I hope this will help someone. Don't forget to read the man page for initramfs-tools(8) and others, also have a look under /usr/share/initramfs-tools/ .
fedek9
 
Posts: 1
Joined: 2013-07-22 21:36

Re: [SOLVED]initramfs cryptroot (evms_activate is not availa

Postby fmarier » 2013-10-15 19:48

Thanks to fedek9's script, I also fixed my unbootable-when-degraded RAID1+LUKS system by writing a (different) initramfs boot script: http://feeding.cloud.geek.nz/posts/the- ... on-ubuntu/
fmarier
 
Posts: 3
Joined: 2013-10-15 19:46


Return to System configuration

Who is online

Users browsing this forum: No registered users and 13 guests

fashionable