mdadm /boot RAID 1 not booting properly

[s3a]

Hello to everyone who's reading this.

I successfully got my LUKS+LVM+Btrfs RAID 1 setup working with a non-RAID 1 /boot (technically there are two partitions, but I have /etc/fstab using one of them), but when I try to have the /boot partition be set up, it doesn't boot properly.

Here is a terminal interaction so you can see what is going on.:

Code: Select all

user@debian:~$ apt-cache policy mdadm cryptsetup-initramfs keyutils 
mdadm:
  Installed: 4.2-5
  Candidate: 4.2-5
  Version table:
 *** 4.2-5 500
        500 http://deb.debian.org/debian bookworm/main amd64 Packages
        100 /var/lib/dpkg/status
cryptsetup-initramfs:
  Installed: 2:2.6.1-4~deb12u1
  Candidate: 2:2.6.1-4~deb12u1
  Version table:
 *** 2:2.6.1-4~deb12u1 500
        500 http://deb.debian.org/debian bookworm/main amd64 Packages
        100 /var/lib/dpkg/status
keyutils:
  Installed: 1.6.3-2
  Candidate: 1.6.3-2
  Version table:
 *** 1.6.3-2 500
        500 http://deb.debian.org/debian bookworm/main amd64 Packages
        100 /var/lib/dpkg/status
user@debian:~$ su -
Password: 
root@debian:~# umount /boot
root@debian:~# mdadm --create --verbose /dev/md0 --level=1 --raid-devices=2 /dev/vda1 /dev/vb1 --metadata=0.90
mdadm: /dev/vda1 appears to contain an ext2fs file system
       size=498688K  mtime=Mon Nov 20 13:59:52 2023
mdadm: cannot open /dev/vb1: No such file or directory
root@debian:~# mdadm --create --verbose /dev/md0 --level=1 --raid-devices=2 /dev/vda1 /dev/vdb1 --metadata=0.90
mdadm: /dev/vda1 appears to contain an ext2fs file system
       size=498688K  mtime=Mon Nov 20 13:59:52 2023
mdadm: /dev/vdb1 appears to contain an ext2fs file system
       size=498688K  mtime=Wed Dec 31 19:00:00 1969
mdadm: size set to 498624K
Continue creating array? y
mdadm: array /dev/md0 started.
root@debian:~# mkfs.ext2 /dev/md0
mke2fs 1.47.0 (5-Feb-2023)
/dev/md0 contains a ext2 file system
	last mounted on /boot on Mon Nov 20 13:59:52 2023
Proceed anyway? (y,N) 

root@debian:~# dd if=/dev/urandom of=/dev/md0
^C170137+0 records in
170137+0 records out
87110144 bytes (87 MB, 83 MiB) copied, 3.90138 s, 22.3 MB/s

root@debian:~# mkfs.ext2 /dev/md0
mke2fs 1.47.0 (5-Feb-2023)
Discarding device blocks: done                            
Creating filesystem with 498624 1k blocks and 124440 inodes
Filesystem UUID: 72b0a791-99fa-4af2-b7d7-1389ca0c8be0
Superblock backups stored on blocks: 
	8193, 24577, 40961, 57345, 73729, 204801, 221185, 401409

Allocating group tables: done                            
Writing inode tables: done                            
Writing superblocks and filesystem accounting information: done 

root@debian:~# mount /dev/md0 /boot
root@debian:~# cat /etc/fstab 
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# systemd generates mount units based on this file, see systemd.mount(5).
# Please run 'systemctl daemon-reload' after making changes here.
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
#OLD_BUT_KEEP_FOR_REFERENCE/dev/mapper/debian--vg-root /               btrfs   defaults,subvol=@rootfs 0       0
UUID=787e196d-c852-491e-9583-34d1bc621ace /               btrfs   defaults,subvol=@rootfs 0       0
# /boot was on /dev/vda1 during installation
UUID=c2206369-9b9f-44b3-8319-1d46ed4c559e /boot           ext2    defaults        0       2
/dev/mapper/debian--vg-swap_1 none            swap    sw              0       0
/dev/mapper/debian--vg2-swap_2 none            swap    sw              0       0
/dev/sr0        /media/cdrom0   udf,iso9660 user,noauto     0       0
root@debian:~# cat /etc/crptt
cat: /etc/crptt: No such file or directory
root@debian:~# cat /etc/crypttab 
vda5_crypt UUID=c8e57554-de8b-44c0-862a-32cd1e4f92b1 btrfs_r1 luks,discard,keyscript=/lib/cryptsetup/scripts/decrypt_keyctl
vdb5_crypt UUID=584aa6ad-c8c0-43e5-b32d-eda94ea8501b btrfs_r1 luks,discard,keyscript=/lib/cryptsetup/scripts/decrypt_keyctl
root@debian:~# cat /etc/default/grub
# If you change this file, run 'update-grub' afterwards to update
# /boot/grub/grub.cfg.
# For full documentation of the options in this file, see:
#   info -f grub -n 'Simple configuration'

GRUB_DEFAULT=0
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="quiet"
GRUB_CMDLINE_LINUX=""

# If your computer has multiple operating systems installed, then you
# probably want to run os-prober. However, if your computer is a host
# for guest OSes installed via LVM or raw disk devices, running
# os-prober can cause damage to those guest OSes as it mounts
# filesystems to look for things.
#GRUB_DISABLE_OS_PROBER=false

# Uncomment to enable BadRAM filtering, modify to suit your needs
# This works with Linux (no patch required) and with any kernel that obtains
# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...)
#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef"

# Uncomment to disable graphical terminal
#GRUB_TERMINAL=console

# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command `vbeinfo'
#GRUB_GFXMODE=640x480

# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux
#GRUB_DISABLE_LINUX_UUID=true

# Uncomment to disable generation of recovery mode menu entries
#GRUB_DISABLE_RECOVERY="true"

# Uncomment to get a beep at grub start
#GRUB_INIT_TUNE="480 440 1"
root@debian:~# vim /etc/default/grub
root@debian:~# lsblk && blkid
NAME                     MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
sr0                       11:0    1   3.7G  0 rom   
vda                      254:0    0    20G  0 disk  
├─vda1                   254:1    0   487M  0 part  
│ └─md0                    9:0    0 486.9M  0 raid1 /boot
├─vda2                   254:2    0     1K  0 part  
└─vda5                   254:5    0  19.5G  0 part  
  └─vda5_crypt           252:0    0  19.5G  0 crypt 
    ├─debian--vg-root    252:1    0  18.5G  0 lvm   /
    └─debian--vg-swap_1  252:2    0   980M  0 lvm   [SWAP]
vdb                      254:16   0    20G  0 disk  
├─vdb1                   254:17   0   487M  0 part  
│ └─md0                    9:0    0 486.9M  0 raid1 /boot
├─vdb2                   254:18   0     1K  0 part  
└─vdb5                   254:21   0  19.5G  0 part  
  └─vdb5_crypt           252:3    0  19.5G  0 crypt 
    ├─debian--vg2-swap_2 252:4    0   980M  0 lvm   [SWAP]
    └─debian--vg2-root   252:5    0  18.5G  0 lvm   
/dev/mapper/debian--vg-root: UUID="787e196d-c852-491e-9583-34d1bc621ace" UUID_SUB="5246486c-8c05-4d72-b494-b9bbf2e62825" BLOCK_SIZE="4096" TYPE="btrfs"
/dev/vdb5: UUID="584aa6ad-c8c0-43e5-b32d-eda94ea8501b" TYPE="crypto_LUKS" PARTUUID="a36f14d2-05"
/dev/vdb1: UUID="25deb431-030c-ac35-9d4d-eba647ca997f" TYPE="linux_raid_member" PARTUUID="a36f14d2-01"
/dev/mapper/debian--vg2-swap_2: UUID="662d79c0-2db1-4247-bb77-7d05dfb6917c" TYPE="swap"
/dev/sr0: BLOCK_SIZE="2048" UUID="2023-10-07-11-48-54-00" LABEL="Debian 12.2.0 amd64 1" TYPE="iso9660" PTUUID="515b3f36" PTTYPE="dos"
/dev/mapper/debian--vg-swap_1: UUID="3f8a7e7e-21c1-47d3-a19a-72dfe9f8b164" TYPE="swap"
/dev/mapper/vda5_crypt: UUID="UmwnNd-voGV-v1lc-eKPP-nLeP-cwpX-tXaA7V" TYPE="LVM2_member"
/dev/mapper/debian--vg2-root: UUID="787e196d-c852-491e-9583-34d1bc621ace" UUID_SUB="2c6c20fe-abf0-4b5c-9896-3239dbbbe8f5" BLOCK_SIZE="4096" TYPE="btrfs"
/dev/vda5: UUID="c8e57554-de8b-44c0-862a-32cd1e4f92b1" TYPE="crypto_LUKS" PARTUUID="00819e90-05"
/dev/vda1: UUID="25deb431-030c-ac35-9d4d-eba647ca997f" TYPE="linux_raid_member" PARTUUID="00819e90-01"
/dev/mapper/vdb5_crypt: UUID="mtToH2-apOl-L8Wq-UrcM-QmF9-cUBk-7POUGH" TYPE="LVM2_member"
/dev/md0: UUID="72b0a791-99fa-4af2-b7d7-1389ca0c8be0" BLOCK_SIZE="1024" TYPE="ext2"
root@debian:~# vim /etc/default/grub
root@debian:~# tail /etc/default/grub
#GRUB_DISABLE_LINUX_UUID=true

# Uncomment to disable generation of recovery mode menu entries
#GRUB_DISABLE_RECOVERY="true"

# Uncomment to get a beep at grub start
#GRUB_INIT_TUNE="480 440 1"

GRUB_ENABLE_CRYPTODISK=y
GRUB_DEVICE_UUID=c8e57554-de8b-44c0-862a-32cd1e4f92b1
root@debian:~# ls -a /boot && grub-install /dev/vda && ls -a /boot && grub-install /dev/vdb && ls -a /boot && update-initramfs -u && update-grub && ls -a /boot
.  ..  lost+found
Installing for i386-pc platform.
Installation finished. No error reported.
.  ..  grub  lost+found
Installing for i386-pc platform.
Installation finished. No error reported.
.  ..  grub  lost+found
Generating grub configuration file ...
Found background image: /usr/share/images/desktop-base/desktop-grub.png
Warning: os-prober will not be executed to detect other bootable partitions.
Systems on them will not be added to the GRUB boot configuration.
Check GRUB_DISABLE_OS_PROBER documentation entry.
done
.  ..  grub  lost+found
root@debian:~#

After that, when I reboot, it says

Code: Select all

Enter passphrase for hd0,msdos5 (c8e57554-de8b-44c0-862a-32cd1e4f92b1):

, and when I enter that passphrase, it then says

Code: Select all

error: Invalid passphrase.
error: no such cryptodisk found.
Enter passphrase for hd1,msdos5 (584aa6ad-c8c0-43e5-b32d-eda94ea8501b)

Then, when I enter the password for that (which is the same password), I get

Code: Select all

GNU GRUB version 2.06-13+deb12u1
Minimal BASH-like line editing is supported. For the first word, TAB lists possible command completions. Anywhere else TAB lists possible device or file completions.


grub>

Unless I'm making a stupid mistake, I am entering the right password, which is the same one as the one I have to enter when booting the system before ruining it as shown in the terminal interaction above. (It's a virtual machine, so I can keep reverting the latest snapshot.)

Could someone please help me figure out what I am doing wrong? If you're not sure, but have some suggestions, I'd still be willing to "hear" / read you out.

Any input would be GREATLY appreciated!