Hello,
I'm installing a new system with testing and I have root filesystem encrypted with luks (but not /boot). To unlock it automatically at boot with a usb key, I'm following
this guide, which I have already successfully employed on another system of mine (this one with stable). While, as I said, this guide works like a charm on my other system, with the machine I'm configuring now it fails miserably. At boot I get errors when the time comes to unlock luks devices and the boot process is interrupted, leaving me with the initramfs prompt (busybox), from which I can unlock the two devices (root and swap) and resume boot (which in the end works).
After a lot of debugging, I have finally found the root of my problem: the initrd.img file in the new machine does not contain a lot of the directories that my other working machine has, and some of the missing directories contain the scripts that automate luks opening. To give you a better idea, I have extracted initrd.img files on both system using unmkinitramfs. This is the output of ls -l of the extracted initrd.img directory (actually, its "main" subdirectory) on the working machine:
Code:
drwxr-xr-x 2 root root 3660 mar 17 01:39 bin
drwxr-xr-x 3 root root 120 mar 17 01:39 conf
drwxr-xr-x 7 root root 260 mar 17 01:39 etc
-rwxr-xr-x 1 root root 5960 apr 24 2017 init
drwxr-xr-x 9 root root 200 mar 17 01:39 lib
drwxr-xr-x 2 root root 60 mar 17 01:39 lib64
drwxr-xr-x 2 root root 40 feb 24 21:39 run
drwxr-xr-x 2 root root 1200 mar 17 01:39 sbin
drwxr-xr-x 8 root root 220 mar 17 01:39 scripts
drwxr-xr-x 3 root root 60 mar 17 01:39 usr
and this is the output of the same command on the non-working machine:
Code:
lrwxrwxrwx 1 root root 7 mar 17 01:58 bin -> usr/bin
drwxr-xr-x 1 root root 72 mar 17 01:57 conf
drwxr-xr-x 1 root root 16 mar 17 01:57 cryptroot
drwxr-xr-x 1 root root 146 mar 17 01:57 etc
-rwxr-xr-x 1 root root 6338 feb 6 04:48 init
lrwxrwxrwx 1 root root 7 mar 17 01:58 lib -> usr/lib
lrwxrwxrwx 1 root root 9 mar 17 01:58 lib32 -> usr/lib32
lrwxrwxrwx 1 root root 9 mar 17 01:58 lib64 -> usr/lib64
lrwxrwxrwx 1 root root 10 mar 17 01:58 libx32 -> usr/libx32
drwxr-xr-x 1 root root 0 mar 17 01:57 run
lrwxrwxrwx 1 root root 8 mar 17 01:58 sbin -> usr/sbin
drwxr-xr-x 1 root root 164 mar 17 01:57 scripts
drwxr-xr-x 1 root root 62 mar 17 01:57 usr
As you can see, the bin, sbin and lib* directories are symlinks to the related directories in the root filesystem, rather than being actual directories integrated in the initrd.img file. Since the root filesystem is still locked at this stage, all these become unaccessible and boot fails.
Now for the question: how can I make all these directories be included in the actual initrd.img file, rather than just having symlinks? As the guide explains, the two files that I need for the automatic unlocking to work should be in the "lib/cryptsetup/scripts" and "lib/udev/rules.d/" directories inside the initrd.img files, which are not present.