Bug#997844: grub2-common: GRUB_THEME setting broken when used with encrypted disks
ಚಿರಾಗ್ ನಟರಾಜ್
debbugs at chiraag.me
Mon Oct 25 20:08:31 BST 2021
Package: grub2-common
Version: 2.04-20
Severity: normal
X-Debbugs-Cc: debbugs at chiraag.me
Dear Maintainer,
My setup is as follows. I have 2 storage disks, one SATA HDD and one M.2 NVME SSD. Both disks are encrypted, and the layout is as follows:
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 1.8T 0 disk
└─sda1 8:1 0 1.8T 0 part
└─sda1_crypt 254:3 0 1.8T 0 crypt
└─Crypto--Data-Home 254:4 0 1.8T 0 lvm /home
nvme0n1 259:0 0 465.8G 0 disk
├─nvme0n1p1 259:1 0 476M 0 part /boot/efi
├─nvme0n1p2 259:2 0 477M 0 part /boot
└─nvme0n1p3 259:3 0 464.8G 0 part
└─nvme0n1p3_crypt 254:0 0 464.8G 0 crypt
├─Crypto-Root 254:1 0 425.6G 0 lvm /
└─Crypto-Swap 254:2 0 29.8G 0 lvm [SWAP]
That is, the NVME SSD is split into 3 partitions: one for /boot/efi, one for /boot, and one encrypted partition which provides both / and swap through LVM partitions. The HDD is quite simple — just one giant encrypted partition with a single LVM partition inside (mainly for consistency). That's the setup.
Okay, so here's the issue. I don't normally view the GRUB menu (I have a hidden timeout and I normally go straight to my plymouth splash screen), but I'd like it to look nice if I ever have to open it up. Accordingly, I set a theme by putting GRUB_THEME="/usr/share/grub/themes/starfield/theme.txt" in /etc/default/grub. I even get the appropriate output when I run sudo update-grub (also reflected by the /boot/grub/grub.cfg attached by reportbug):
Generating grub configuration file ...
Found theme: /usr/share/grub/themes/starfield/theme.txt
Found background image: /usr/share/images/desktop-base/desktop-grub.png
Found linux image: /boot/vmlinuz-5.14.0-3-amd64
Found initrd image: /boot/initrd.img-5.14.0-3-amd64
Found linux image: /boot/vmlinuz-5.14.0-2-amd64
Found initrd image: /boot/initrd.img-5.14.0-2-amd64
Adding boot menu entry for EFI firmware configuration
done
However, the menu still takes on the default look (blue menu, no background image, etc). What I realized is that GRUB doesn't seem to copy the background image into /boot/grub/, and since the disk isn't yet decrypted, it can't access the background image at the place it's looking for it.
This feels like a bug because there is every indication (including from update-grub2) that a theme will be used, but then the theme silently fails.
I'd be happy to answer any questions or provide further info if required.
Sincerely,
Chiraag
-- Package-specific info:
*********************** BEGIN /proc/mounts
/dev/mapper/Crypto-Root / ext4 rw,relatime,errors=remount-ro 0 0
/dev/nvme0n1p2 /boot ext4 rw,relatime 0 0
/dev/nvme0n1p1 /boot/efi vfat rw,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro 0 0
/dev/mapper/Crypto--Data-Home /home ext4 rw,relatime 0 0
*********************** END /proc/mounts
*********************** BEGIN /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#
### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
set have_grubenv=true
load_env
fi
if [ "${next_entry}" ] ; then
set default="${next_entry}"
set next_entry=
save_env next_entry
set boot_once=true
else
set default="0"
fi
if [ x"${feature_menuentry_id}" = xy ]; then
menuentry_id_option="--id"
else
menuentry_id_option=""
fi
export menuentry_id_option
if [ "${prev_saved_entry}" ]; then
set saved_entry="${prev_saved_entry}"
save_env saved_entry
set prev_saved_entry=
save_env prev_saved_entry
set boot_once=true
fi
function savedefault {
if [ -z "${boot_once}" ]; then
saved_entry="${chosen}"
save_env saved_entry
fi
}
function load_video {
if [ x$feature_all_video_module = xy ]; then
insmod all_video
else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
fi
}
if [ x$feature_default_font_path = xy ] ; then
font=unicode
else
insmod lvm
insmod ext2
set root='lvmid/spfV9e-Y509-RNhq-E4Gw-RILD-Q1Hf-qMPadi/9VUvbi-VvjU-eIc9-49fF-Sq33-7Vm9-mEi93Y'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint='lvmid/spfV9e-Y509-RNhq-E4Gw-RILD-Q1Hf-qMPadi/9VUvbi-VvjU-eIc9-49fF-Sq33-7Vm9-mEi93Y' 1784b59b-9d7b-4a59-bb89-6a124262500e
else
search --no-floppy --fs-uuid --set=root 1784b59b-9d7b-4a59-bb89-6a124262500e
fi
font="/usr/share/grub/unicode.pf2"
fi
if loadfont $font ; then
set gfxmode=auto
load_video
insmod gfxterm
set locale_dir=$prefix/locale
set lang=kn_IN
insmod gettext
fi
terminal_output gfxterm
insmod lvm
insmod ext2
set root='lvmid/spfV9e-Y509-RNhq-E4Gw-RILD-Q1Hf-qMPadi/9VUvbi-VvjU-eIc9-49fF-Sq33-7Vm9-mEi93Y'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint='lvmid/spfV9e-Y509-RNhq-E4Gw-RILD-Q1Hf-qMPadi/9VUvbi-VvjU-eIc9-49fF-Sq33-7Vm9-mEi93Y' 1784b59b-9d7b-4a59-bb89-6a124262500e
else
search --no-floppy --fs-uuid --set=root 1784b59b-9d7b-4a59-bb89-6a124262500e
fi
insmod gfxmenu
loadfont ($root)/usr/share/grub/themes/starfield/dejavu_10.pf2
loadfont ($root)/usr/share/grub/themes/starfield/dejavu_12.pf2
loadfont ($root)/usr/share/grub/themes/starfield/dejavu_14.pf2
loadfont ($root)/usr/share/grub/themes/starfield/dejavu_16.pf2
loadfont ($root)/usr/share/grub/themes/starfield/dejavu_bold_14.pf2
insmod png
set theme=($root)/usr/share/grub/themes/starfield/theme.txt
export theme
if [ "${recordfail}" = 1 ] ; then
set timeout=30
else
if [ x$feature_timeout_style = xy ] ; then
set timeout_style=hidden
set timeout=1
# Fallback hidden-timeout code in case the timeout_style feature is
# unavailable.
elif sleep --interruptible 1 ; then
set timeout=0
fi
fi
### END /etc/grub.d/00_header ###
### BEGIN /etc/grub.d/05_debian_theme ###
insmod lvm
insmod ext2
set root='lvmid/spfV9e-Y509-RNhq-E4Gw-RILD-Q1Hf-qMPadi/9VUvbi-VvjU-eIc9-49fF-Sq33-7Vm9-mEi93Y'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint='lvmid/spfV9e-Y509-RNhq-E4Gw-RILD-Q1Hf-qMPadi/9VUvbi-VvjU-eIc9-49fF-Sq33-7Vm9-mEi93Y' 1784b59b-9d7b-4a59-bb89-6a124262500e
else
search --no-floppy --fs-uuid --set=root 1784b59b-9d7b-4a59-bb89-6a124262500e
fi
insmod png
if background_image /usr/share/desktop-base/homeworld-theme/grub/grub-16x9.png; then
set color_normal=white/black
set color_highlight=black/white
else
set menu_color_normal=cyan/blue
set menu_color_highlight=white/blue
fi
### END /etc/grub.d/05_debian_theme ###
### BEGIN /etc/grub.d/10_linux ###
function gfxmode {
set gfxpayload="${1}"
}
set linux_gfx_mode=
export linux_gfx_mode
menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-1784b59b-9d7b-4a59-bb89-6a124262500e' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_gpt
insmod ext2
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root 89d4e3d4-14ba-4419-9191-6d5f31f2cd41
else
search --no-floppy --fs-uuid --set=root 89d4e3d4-14ba-4419-9191-6d5f31f2cd41
fi
echo 'Loading Linux 5.14.0-3-amd64 ...'
linux /vmlinuz-5.14.0-3-amd64 root=/dev/mapper/Crypto-Root ro quiet splash delayacct
echo 'Loading initial ramdisk ...'
initrd /initrd.img-5.14.0-3-amd64
}
submenu 'Advanced options for Debian GNU/Linux' $menuentry_id_option 'gnulinux-advanced-1784b59b-9d7b-4a59-bb89-6a124262500e' {
menuentry 'Debian GNU/Linux, with Linux 5.14.0-3-amd64' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-5.14.0-3-amd64-advanced-1784b59b-9d7b-4a59-bb89-6a124262500e' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_gpt
insmod ext2
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root 89d4e3d4-14ba-4419-9191-6d5f31f2cd41
else
search --no-floppy --fs-uuid --set=root 89d4e3d4-14ba-4419-9191-6d5f31f2cd41
fi
echo 'Loading Linux 5.14.0-3-amd64 ...'
linux /vmlinuz-5.14.0-3-amd64 root=/dev/mapper/Crypto-Root ro quiet splash delayacct
echo 'Loading initial ramdisk ...'
initrd /initrd.img-5.14.0-3-amd64
}
menuentry 'Debian GNU/Linux, with Linux 5.14.0-3-amd64 (recovery mode)' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-5.14.0-3-amd64-recovery-1784b59b-9d7b-4a59-bb89-6a124262500e' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_gpt
insmod ext2
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root 89d4e3d4-14ba-4419-9191-6d5f31f2cd41
else
search --no-floppy --fs-uuid --set=root 89d4e3d4-14ba-4419-9191-6d5f31f2cd41
fi
echo 'Loading Linux 5.14.0-3-amd64 ...'
linux /vmlinuz-5.14.0-3-amd64 root=/dev/mapper/Crypto-Root ro single
echo 'Loading initial ramdisk ...'
initrd /initrd.img-5.14.0-3-amd64
}
menuentry 'Debian GNU/Linux, with Linux 5.14.0-2-amd64' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-5.14.0-2-amd64-advanced-1784b59b-9d7b-4a59-bb89-6a124262500e' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_gpt
insmod ext2
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root 89d4e3d4-14ba-4419-9191-6d5f31f2cd41
else
search --no-floppy --fs-uuid --set=root 89d4e3d4-14ba-4419-9191-6d5f31f2cd41
fi
echo 'Loading Linux 5.14.0-2-amd64 ...'
linux /vmlinuz-5.14.0-2-amd64 root=/dev/mapper/Crypto-Root ro quiet splash delayacct
echo 'Loading initial ramdisk ...'
initrd /initrd.img-5.14.0-2-amd64
}
menuentry 'Debian GNU/Linux, with Linux 5.14.0-2-amd64 (recovery mode)' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-5.14.0-2-amd64-recovery-1784b59b-9d7b-4a59-bb89-6a124262500e' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_gpt
insmod ext2
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root 89d4e3d4-14ba-4419-9191-6d5f31f2cd41
else
search --no-floppy --fs-uuid --set=root 89d4e3d4-14ba-4419-9191-6d5f31f2cd41
fi
echo 'Loading Linux 5.14.0-2-amd64 ...'
linux /vmlinuz-5.14.0-2-amd64 root=/dev/mapper/Crypto-Root ro single
echo 'Loading initial ramdisk ...'
initrd /initrd.img-5.14.0-2-amd64
}
}
### END /etc/grub.d/10_linux ###
### BEGIN /etc/grub.d/20_linux_xen ###
### END /etc/grub.d/20_linux_xen ###
### BEGIN /etc/grub.d/30_os-prober ###
### END /etc/grub.d/30_os-prober ###
### BEGIN /etc/grub.d/30_uefi-firmware ###
menuentry 'System setup' $menuentry_id_option 'uefi-firmware' {
fwsetup
}
### END /etc/grub.d/30_uefi-firmware ###
### BEGIN /etc/grub.d/40_custom ###
# This file provides an easy way to add custom menu entries. Simply type the
# menu entries you want to add after this comment. Be careful not to change
# the 'exec tail' line above.
### END /etc/grub.d/40_custom ###
### BEGIN /etc/grub.d/41_custom ###
if [ -f ${config_directory}/custom.cfg ]; then
source ${config_directory}/custom.cfg
elif [ -z "${config_directory}" -a -f $prefix/custom.cfg ]; then
source $prefix/custom.cfg;
fi
### END /etc/grub.d/41_custom ###
*********************** END /boot/grub/grub.cfg
*********************** BEGIN /proc/mdstat
cat: /proc/mdstat: No such file or directory
*********************** END /proc/mdstat
*********************** BEGIN LVM
*********************** END LVM
*********************** BEGIN /dev/disk/by-id
total 0
lrwxrwxrwx 1 root root 9 Oct 24 19:20 ata-ST2000DM008-2FR102_ZK205DAJ -> ../../sda
lrwxrwxrwx 1 root root 10 Oct 24 19:20 ata-ST2000DM008-2FR102_ZK205DAJ-part1 -> ../../sda1
lrwxrwxrwx 1 root root 10 Oct 24 19:20 dm-name-Crypto--Data-Home -> ../../dm-4
lrwxrwxrwx 1 root root 10 Oct 24 19:20 dm-name-Crypto-Root -> ../../dm-1
lrwxrwxrwx 1 root root 10 Oct 24 19:20 dm-name-Crypto-Swap -> ../../dm-2
lrwxrwxrwx 1 root root 10 Oct 24 19:20 dm-name-nvme0n1p3_crypt -> ../../dm-0
lrwxrwxrwx 1 root root 10 Oct 24 19:20 dm-name-sda1_crypt -> ../../dm-3
lrwxrwxrwx 1 root root 10 Oct 24 19:20 dm-uuid-CRYPT-LUKS2-0dbd967189414a8ab650d91c6fc60bfa-nvme0n1p3_crypt -> ../../dm-0
lrwxrwxrwx 1 root root 10 Oct 24 19:20 dm-uuid-CRYPT-LUKS2-300c972cf72042dc9a624a852720cce2-sda1_crypt -> ../../dm-3
lrwxrwxrwx 1 root root 10 Oct 24 19:20 dm-uuid-LVM-2XQ1rk6AB8VAaV76dNAaPPpKRRhOdH2hNW7ABiSTjtqchudDvcst1FOW2VOAis7U -> ../../dm-4
lrwxrwxrwx 1 root root 10 Oct 24 19:20 dm-uuid-LVM-spfV9eY509RNhqE4GwRILDQ1HfqMPadi4AXensQIqadN2kgH823D0zOsFzaXdEZ5 -> ../../dm-2
lrwxrwxrwx 1 root root 10 Oct 24 19:20 dm-uuid-LVM-spfV9eY509RNhqE4GwRILDQ1HfqMPadi9VUvbiVvjUeIc949fFSq337Vm9mEi93Y -> ../../dm-1
lrwxrwxrwx 1 root root 10 Oct 24 19:20 lvm-pv-uuid-NXw4jr-29h2-oZxz-psg5-bB2D-q5M9-cJRo1P -> ../../dm-0
lrwxrwxrwx 1 root root 10 Oct 24 19:20 lvm-pv-uuid-PsFPXM-I5lS-jaah-ms2q-DTjo-6GOR-qi2nZY -> ../../dm-3
lrwxrwxrwx 1 root root 13 Oct 24 19:20 nvme-Samsung_SSD_980_PRO_500GB_S5NYNG0R803995V -> ../../nvme0n1
lrwxrwxrwx 1 root root 15 Oct 24 19:20 nvme-Samsung_SSD_980_PRO_500GB_S5NYNG0R803995V-part1 -> ../../nvme0n1p1
lrwxrwxrwx 1 root root 15 Oct 24 19:20 nvme-Samsung_SSD_980_PRO_500GB_S5NYNG0R803995V-part2 -> ../../nvme0n1p2
lrwxrwxrwx 1 root root 15 Oct 24 19:20 nvme-Samsung_SSD_980_PRO_500GB_S5NYNG0R803995V-part3 -> ../../nvme0n1p3
lrwxrwxrwx 1 root root 13 Oct 24 19:20 nvme-eui.002538b81151356d -> ../../nvme0n1
lrwxrwxrwx 1 root root 15 Oct 24 19:20 nvme-eui.002538b81151356d-part1 -> ../../nvme0n1p1
lrwxrwxrwx 1 root root 15 Oct 24 19:20 nvme-eui.002538b81151356d-part2 -> ../../nvme0n1p2
lrwxrwxrwx 1 root root 15 Oct 24 19:20 nvme-eui.002538b81151356d-part3 -> ../../nvme0n1p3
lrwxrwxrwx 1 root root 9 Oct 24 19:20 wwn-0x5000c500c888823e -> ../../sda
lrwxrwxrwx 1 root root 10 Oct 24 19:20 wwn-0x5000c500c888823e-part1 -> ../../sda1
*********************** END /dev/disk/by-id
*********************** BEGIN /dev/disk/by-uuid
total 0
lrwxrwxrwx 1 root root 10 Oct 24 19:20 05c6124f-7dd8-401e-9643-9104f4a04ca3 -> ../../dm-4
lrwxrwxrwx 1 root root 15 Oct 24 19:20 0dbd9671-8941-4a8a-b650-d91c6fc60bfa -> ../../nvme0n1p3
lrwxrwxrwx 1 root root 15 Oct 24 19:20 148C-4ADD -> ../../nvme0n1p1
lrwxrwxrwx 1 root root 10 Oct 24 19:20 1784b59b-9d7b-4a59-bb89-6a124262500e -> ../../dm-1
lrwxrwxrwx 1 root root 10 Oct 24 19:20 300c972c-f720-42dc-9a62-4a852720cce2 -> ../../sda1
lrwxrwxrwx 1 root root 10 Oct 24 19:20 869509e5-530d-4b03-b9b7-42d8dc62945b -> ../../dm-2
lrwxrwxrwx 1 root root 15 Oct 24 19:20 89d4e3d4-14ba-4419-9191-6d5f31f2cd41 -> ../../nvme0n1p2
*********************** END /dev/disk/by-uuid
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.14.0-3-amd64 (SMP w/24 CPU threads)
Locale: LANG=kn_IN.UTF-8, LC_CTYPE=kn_IN.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages grub2-common depends on:
ii dpkg 1.20.9
ii grub-common 2.04-20
ii install-info 6.8-3
ii libc6 2.33-0experimental2
ii libdevmapper1.02.1 2:1.02.175-2.1
ii libefiboot1 37-6
ii libefivar1 37-6
ii liblzma5 5.2.5-2
grub2-common recommends no packages.
grub2-common suggests no packages.
-- no debconf information
More information about the Pkg-grub-devel
mailing list