Bug#926689: cryptsetup-initramfs: config lines in grub.cfg for cryptodisk/luks and other modules missing
Kyle Rose
krose at krose.org
Sun Apr 3 18:33:27 BST 2022
Package: grub-common
Version: 2.06-2
Followup-For: Bug #926689
Dear Maintainer,
I want to second OP's report, and add a related issue.
I have run into two problems with grub 2.06-2:
* LUKS2 metadata support is not compiled in. This is a simple fix,
simply requiring that luks2 be added to GRUB_MODULES in
debian/build-efi-images.
* grub-install installs the modular EFI image into the EFI system
partition. This image lacks the modules required for
GRUB_ENABLE_CRYPTODISK=y support to work, so the user is dumped into
the rescue shell. Whatever logic that previously resulted in the
monolithic image being installed is broken.
-- Package-specific info:
*********************** BEGIN /proc/mounts
/dev/mapper/nausicaamain-root / ext4 rw,relatime,errors=remount-ro 0 0
/dev/nvme0n1p2 /boot/efi vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro 0 0
/dev/mapper/nausicaamain-home /home ext4 rw,relatime 0 0
/dev/mapper/nausicaawork /work ext4 rw,relatime,stripe=256 0 0
/dev/mapper/nausicaawork /home/krose/work ext4 rw,relatime,stripe=256 0 0
*********************** END /proc/mounts
*********************** BEGIN /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#
### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
set have_grubenv=true
load_env
fi
if [ "${next_entry}" ] ; then
set default="${next_entry}"
set next_entry=
save_env next_entry
set boot_once=true
else
set default="0"
fi
if [ x"${feature_menuentry_id}" = xy ]; then
menuentry_id_option="--id"
else
menuentry_id_option=""
fi
export menuentry_id_option
if [ "${prev_saved_entry}" ]; then
set saved_entry="${prev_saved_entry}"
save_env saved_entry
set prev_saved_entry=
save_env prev_saved_entry
set boot_once=true
fi
function savedefault {
if [ -z "${boot_once}" ]; then
saved_entry="${chosen}"
save_env saved_entry
fi
}
function load_video {
if [ x$feature_all_video_module = xy ]; then
insmod all_video
else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
fi
}
terminal_input console
terminal_output console
if [ "${recordfail}" = 1 ] ; then
set timeout=30
else
if [ x$feature_timeout_style = xy ] ; then
set timeout_style=menu
set timeout=5
# Fallback normal timeout code in case the timeout_style feature is
# unavailable.
else
set timeout=5
fi
fi
### END /etc/grub.d/00_header ###
### BEGIN /etc/grub.d/05_debian_theme ###
set menu_color_normal=cyan/blue
set menu_color_highlight=white/blue
### END /etc/grub.d/05_debian_theme ###
### BEGIN /etc/grub.d/10_linux ###
function gfxmode {
set gfxpayload="${1}"
}
set linux_gfx_mode=
export linux_gfx_mode
menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-5ff05376-4105-4d5a-9d08-3c19a187bf5f' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod lvm
insmod ext2
set root='lvmid/CHS1Km-Ej3O-BzCE-jjRr-FTAW-z7Z1-fxfjQO/OLHIBB-fUee-zo0b-AJY9-fxrl-1qT1-H9TOZU'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint='lvmid/CHS1Km-Ej3O-BzCE-jjRr-FTAW-z7Z1-fxfjQO/OLHIBB-fUee-zo0b-AJY9-fxrl-1qT1-H9TOZU' 5ff05376-4105-4d5a-9d08-3c19a187bf5f
else
search --no-floppy --fs-uuid --set=root 5ff05376-4105-4d5a-9d08-3c19a187bf5f
fi
echo 'Loading Linux 5.16.0-5-amd64 ...'
linux /boot/vmlinuz-5.16.0-5-amd64 root=/dev/mapper/nausicaamain-root ro cryptdevice=UUID=5bc07e8a-6a75-4d68-925b-8c107abf2ed0:lvm mitigations=off ip=192.168.32.7::192.168.32.1:255.255.255.0::enp6s0:off noirqdebug add_efi_memmap
echo 'Loading initial ramdisk ...'
initrd /boot/initrd.img-5.16.0-5-amd64
}
submenu 'Advanced options for Debian GNU/Linux' $menuentry_id_option 'gnulinux-advanced-5ff05376-4105-4d5a-9d08-3c19a187bf5f' {
menuentry 'Debian GNU/Linux, with Linux 5.16.0-5-amd64' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-5.16.0-5-amd64-advanced-5ff05376-4105-4d5a-9d08-3c19a187bf5f' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod lvm
insmod ext2
set root='lvmid/CHS1Km-Ej3O-BzCE-jjRr-FTAW-z7Z1-fxfjQO/OLHIBB-fUee-zo0b-AJY9-fxrl-1qT1-H9TOZU'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint='lvmid/CHS1Km-Ej3O-BzCE-jjRr-FTAW-z7Z1-fxfjQO/OLHIBB-fUee-zo0b-AJY9-fxrl-1qT1-H9TOZU' 5ff05376-4105-4d5a-9d08-3c19a187bf5f
else
search --no-floppy --fs-uuid --set=root 5ff05376-4105-4d5a-9d08-3c19a187bf5f
fi
echo 'Loading Linux 5.16.0-5-amd64 ...'
linux /boot/vmlinuz-5.16.0-5-amd64 root=/dev/mapper/nausicaamain-root ro cryptdevice=UUID=5bc07e8a-6a75-4d68-925b-8c107abf2ed0:lvm mitigations=off ip=192.168.32.7::192.168.32.1:255.255.255.0::enp6s0:off noirqdebug add_efi_memmap
echo 'Loading initial ramdisk ...'
initrd /boot/initrd.img-5.16.0-5-amd64
}
menuentry 'Debian GNU/Linux, with Linux 5.16.0-5-amd64 (recovery mode)' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-5.16.0-5-amd64-recovery-5ff05376-4105-4d5a-9d08-3c19a187bf5f' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod lvm
insmod ext2
set root='lvmid/CHS1Km-Ej3O-BzCE-jjRr-FTAW-z7Z1-fxfjQO/OLHIBB-fUee-zo0b-AJY9-fxrl-1qT1-H9TOZU'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint='lvmid/CHS1Km-Ej3O-BzCE-jjRr-FTAW-z7Z1-fxfjQO/OLHIBB-fUee-zo0b-AJY9-fxrl-1qT1-H9TOZU' 5ff05376-4105-4d5a-9d08-3c19a187bf5f
else
search --no-floppy --fs-uuid --set=root 5ff05376-4105-4d5a-9d08-3c19a187bf5f
fi
echo 'Loading Linux 5.16.0-5-amd64 ...'
linux /boot/vmlinuz-5.16.0-5-amd64 root=/dev/mapper/nausicaamain-root ro single
echo 'Loading initial ramdisk ...'
initrd /boot/initrd.img-5.16.0-5-amd64
}
menuentry 'Debian GNU/Linux, with Linux 5.16.0-3-amd64' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-5.16.0-3-amd64-advanced-5ff05376-4105-4d5a-9d08-3c19a187bf5f' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod lvm
insmod ext2
set root='lvmid/CHS1Km-Ej3O-BzCE-jjRr-FTAW-z7Z1-fxfjQO/OLHIBB-fUee-zo0b-AJY9-fxrl-1qT1-H9TOZU'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint='lvmid/CHS1Km-Ej3O-BzCE-jjRr-FTAW-z7Z1-fxfjQO/OLHIBB-fUee-zo0b-AJY9-fxrl-1qT1-H9TOZU' 5ff05376-4105-4d5a-9d08-3c19a187bf5f
else
search --no-floppy --fs-uuid --set=root 5ff05376-4105-4d5a-9d08-3c19a187bf5f
fi
echo 'Loading Linux 5.16.0-3-amd64 ...'
linux /boot/vmlinuz-5.16.0-3-amd64 root=/dev/mapper/nausicaamain-root ro cryptdevice=UUID=5bc07e8a-6a75-4d68-925b-8c107abf2ed0:lvm mitigations=off ip=192.168.32.7::192.168.32.1:255.255.255.0::enp6s0:off noirqdebug add_efi_memmap
echo 'Loading initial ramdisk ...'
initrd /boot/initrd.img-5.16.0-3-amd64
}
menuentry 'Debian GNU/Linux, with Linux 5.16.0-3-amd64 (recovery mode)' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-5.16.0-3-amd64-recovery-5ff05376-4105-4d5a-9d08-3c19a187bf5f' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod lvm
insmod ext2
set root='lvmid/CHS1Km-Ej3O-BzCE-jjRr-FTAW-z7Z1-fxfjQO/OLHIBB-fUee-zo0b-AJY9-fxrl-1qT1-H9TOZU'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint='lvmid/CHS1Km-Ej3O-BzCE-jjRr-FTAW-z7Z1-fxfjQO/OLHIBB-fUee-zo0b-AJY9-fxrl-1qT1-H9TOZU' 5ff05376-4105-4d5a-9d08-3c19a187bf5f
else
search --no-floppy --fs-uuid --set=root 5ff05376-4105-4d5a-9d08-3c19a187bf5f
fi
echo 'Loading Linux 5.16.0-3-amd64 ...'
linux /boot/vmlinuz-5.16.0-3-amd64 root=/dev/mapper/nausicaamain-root ro single
echo 'Loading initial ramdisk ...'
initrd /boot/initrd.img-5.16.0-3-amd64
}
}
### END /etc/grub.d/10_linux ###
### BEGIN /etc/grub.d/20_linux_xen ###
### END /etc/grub.d/20_linux_xen ###
### BEGIN /etc/grub.d/30_os-prober ###
### END /etc/grub.d/30_os-prober ###
### BEGIN /etc/grub.d/30_uefi-firmware ###
menuentry 'UEFI Firmware Settings' $menuentry_id_option 'uefi-firmware' {
fwsetup
}
### END /etc/grub.d/30_uefi-firmware ###
### BEGIN /etc/grub.d/35_fwupd ###
### END /etc/grub.d/35_fwupd ###
### BEGIN /etc/grub.d/40_custom ###
# This file provides an easy way to add custom menu entries. Simply type the
# menu entries you want to add after this comment. Be careful not to change
# the 'exec tail' line above.
### END /etc/grub.d/40_custom ###
### BEGIN /etc/grub.d/41_custom ###
if [ -f ${config_directory}/custom.cfg ]; then
source ${config_directory}/custom.cfg
elif [ -z "${config_directory}" -a -f $prefix/custom.cfg ]; then
source $prefix/custom.cfg
fi
### END /etc/grub.d/41_custom ###
*********************** END /boot/grub/grub.cfg
*********************** BEGIN /proc/mdstat
Personalities : [raid0] [linear] [multipath] [raid1] [raid6] [raid5] [raid4] [raid10]
md127 : active raid0 sdc1[1] sdb1[0]
5860265984 blocks super 1.2 512k chunks
unused devices: <none>
*********************** END /proc/mdstat
*********************** BEGIN /dev/disk/by-id
total 0
lrwxrwxrwx 1 root root 9 Apr 2 13:44 ata-HL-DT-ST_BD-RE_WH16NS60_KL7L5AJ2629 -> ../../sr0
lrwxrwxrwx 1 root root 9 Apr 2 13:44 ata-WDC_WD20EARS-00MVWB0_WD-WMAZ20445283 -> ../../sda
lrwxrwxrwx 1 root root 10 Apr 2 13:44 ata-WDC_WD20EARS-00MVWB0_WD-WMAZ20445283-part1 -> ../../sda1
lrwxrwxrwx 1 root root 10 Apr 2 13:44 ata-WDC_WD20EARS-00MVWB0_WD-WMAZ20445283-part2 -> ../../sda2
lrwxrwxrwx 1 root root 9 Apr 2 13:44 ata-WDC_WD30EZRX-00DC0B0_WD-WMC1T1222010 -> ../../sdc
lrwxrwxrwx 1 root root 10 Apr 2 13:44 ata-WDC_WD30EZRX-00DC0B0_WD-WMC1T1222010-part1 -> ../../sdc1
lrwxrwxrwx 1 root root 9 Apr 2 13:44 ata-WDC_WD30EZRX-00DC0B0_WD-WMC1T1319847 -> ../../sdb
lrwxrwxrwx 1 root root 10 Apr 2 13:44 ata-WDC_WD30EZRX-00DC0B0_WD-WMC1T1319847-part1 -> ../../sdb1
lrwxrwxrwx 1 root root 10 Apr 2 13:44 dm-name-nausicaamain-home -> ../../dm-2
lrwxrwxrwx 1 root root 10 Apr 2 13:44 dm-name-nausicaamain-lvm -> ../../dm-0
lrwxrwxrwx 1 root root 10 Apr 2 13:44 dm-name-nausicaamain-root -> ../../dm-1
lrwxrwxrwx 1 root root 10 Apr 2 13:44 dm-name-nausicaamain-swap -> ../../dm-3
lrwxrwxrwx 1 root root 10 Apr 2 13:44 dm-name-nausicaawork -> ../../dm-4
lrwxrwxrwx 1 root root 10 Apr 2 13:44 dm-uuid-CRYPT-LUKS2-277da54d17624ddea8beca697ba1f71e-nausicaawork -> ../../dm-4
lrwxrwxrwx 1 root root 10 Apr 2 13:44 dm-uuid-CRYPT-LUKS2-5bc07e8a6a754d68925b8c107abf2ed0-nausicaamain-lvm -> ../../dm-0
lrwxrwxrwx 1 root root 10 Apr 2 13:44 dm-uuid-LVM-CHS1KmEj3OBzCEjjRrFTAWz7Z1fxfjQO3wzthOjo9yX576kwemcGE1h23CjGT3TU -> ../../dm-3
lrwxrwxrwx 1 root root 10 Apr 2 13:44 dm-uuid-LVM-CHS1KmEj3OBzCEjjRrFTAWz7Z1fxfjQOOLHIBBfUeezo0bAJY9fxrl1qT1H9TOZU -> ../../dm-1
lrwxrwxrwx 1 root root 10 Apr 2 13:44 dm-uuid-LVM-CHS1KmEj3OBzCEjjRrFTAWz7Z1fxfjQOlhnf9Zr2mk1w9fj1P0voX5EerL83D3b4 -> ../../dm-2
lrwxrwxrwx 1 root root 10 Apr 2 13:44 lvm-pv-uuid-Tz6Qfj-Ye5e-uEGF-azSY-hXcG-PJPn-EFd8wO -> ../../dm-0
lrwxrwxrwx 1 root root 11 Apr 2 13:44 md-name-nausicaa:nausicaawork_crypt -> ../../md127
lrwxrwxrwx 1 root root 13 Apr 2 13:44 md-name-nausicaa:nausicaawork_crypt-part2 -> ../../md127p2
lrwxrwxrwx 1 root root 11 Apr 2 13:44 md-uuid-8310049d:de6b0ca4:b9795d7e:a7689992 -> ../../md127
lrwxrwxrwx 1 root root 13 Apr 2 13:44 md-uuid-8310049d:de6b0ca4:b9795d7e:a7689992-part2 -> ../../md127p2
lrwxrwxrwx 1 root root 13 Apr 2 13:44 nvme-GIGABYTE_GP-ASM2NE6100TTTD_SN202308901074 -> ../../nvme0n1
lrwxrwxrwx 1 root root 15 Apr 3 13:07 nvme-GIGABYTE_GP-ASM2NE6100TTTD_SN202308901074-part1 -> ../../nvme0n1p1
lrwxrwxrwx 1 root root 15 Apr 2 13:44 nvme-GIGABYTE_GP-ASM2NE6100TTTD_SN202308901074-part2 -> ../../nvme0n1p2
lrwxrwxrwx 1 root root 13 Apr 2 13:44 nvme-XPG_GAMMIX_S50_PJ3520000559 -> ../../nvme1n1
lrwxrwxrwx 1 root root 15 Apr 2 13:44 nvme-XPG_GAMMIX_S50_PJ3520000559-part1 -> ../../nvme1n1p1
lrwxrwxrwx 1 root root 15 Apr 2 13:44 nvme-XPG_GAMMIX_S50_PJ3520000559-part2 -> ../../nvme1n1p2
lrwxrwxrwx 1 root root 15 Apr 2 13:44 nvme-XPG_GAMMIX_S50_PJ3520000559-part3 -> ../../nvme1n1p3
lrwxrwxrwx 1 root root 15 Apr 2 13:44 nvme-XPG_GAMMIX_S50_PJ3520000559-part4 -> ../../nvme1n1p4
lrwxrwxrwx 1 root root 13 Apr 2 13:44 nvme-eui.6479a724d3072020 -> ../../nvme1n1
lrwxrwxrwx 1 root root 15 Apr 2 13:44 nvme-eui.6479a724d3072020-part1 -> ../../nvme1n1p1
lrwxrwxrwx 1 root root 15 Apr 2 13:44 nvme-eui.6479a724d3072020-part2 -> ../../nvme1n1p2
lrwxrwxrwx 1 root root 15 Apr 2 13:44 nvme-eui.6479a724d3072020-part3 -> ../../nvme1n1p3
lrwxrwxrwx 1 root root 15 Apr 2 13:44 nvme-eui.6479a724d3072020-part4 -> ../../nvme1n1p4
lrwxrwxrwx 1 root root 13 Apr 2 13:44 nvme-eui.6479a73682430432 -> ../../nvme0n1
lrwxrwxrwx 1 root root 15 Apr 3 13:07 nvme-eui.6479a73682430432-part1 -> ../../nvme0n1p1
lrwxrwxrwx 1 root root 15 Apr 2 13:44 nvme-eui.6479a73682430432-part2 -> ../../nvme0n1p2
lrwxrwxrwx 1 root root 9 Apr 2 13:44 wwn-0x50014ee00378e346 -> ../../sdb
lrwxrwxrwx 1 root root 10 Apr 2 13:44 wwn-0x50014ee00378e346-part1 -> ../../sdb1
lrwxrwxrwx 1 root root 9 Apr 2 13:44 wwn-0x50014ee0ae23b988 -> ../../sdc
lrwxrwxrwx 1 root root 10 Apr 2 13:44 wwn-0x50014ee0ae23b988-part1 -> ../../sdc1
lrwxrwxrwx 1 root root 9 Apr 2 13:44 wwn-0x50014ee6003276ae -> ../../sda
lrwxrwxrwx 1 root root 10 Apr 2 13:44 wwn-0x50014ee6003276ae-part1 -> ../../sda1
lrwxrwxrwx 1 root root 10 Apr 2 13:44 wwn-0x50014ee6003276ae-part2 -> ../../sda2
*********************** END /dev/disk/by-id
*********************** BEGIN /dev/disk/by-uuid
total 0
lrwxrwxrwx 1 root root 10 Apr 2 13:44 1dbcae3a-b07f-4feb-a054-618e4b937cac -> ../../dm-3
lrwxrwxrwx 1 root root 11 Apr 2 13:44 277da54d-1762-4dde-a8be-ca697ba1f71e -> ../../md127
lrwxrwxrwx 1 root root 10 Apr 2 13:44 33ae5fa0-997d-45ab-9766-e0bece6dc339 -> ../../dm-4
lrwxrwxrwx 1 root root 15 Apr 3 13:07 5bc07e8a-6a75-4d68-925b-8c107abf2ed0 -> ../../nvme0n1p1
lrwxrwxrwx 1 root root 10 Apr 2 13:44 5ff05376-4105-4d5a-9d08-3c19a187bf5f -> ../../dm-1
lrwxrwxrwx 1 root root 10 Apr 2 13:44 62B8A358B8A3298D -> ../../sda2
lrwxrwxrwx 1 root root 15 Apr 2 13:44 666AF6006AF5CCB5 -> ../../nvme1n1p3
lrwxrwxrwx 1 root root 15 Apr 2 13:44 CE163D45163D2FB7 -> ../../nvme1n1p4
lrwxrwxrwx 1 root root 15 Apr 2 13:44 FA50-6724 -> ../../nvme0n1p2
lrwxrwxrwx 1 root root 10 Apr 2 13:44 fc02e488-fa83-4087-a79a-53b0da360196 -> ../../dm-2
*********************** END /dev/disk/by-uuid
-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.16.0-5-amd64 (SMP w/32 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages grub-common depends on:
ii gettext-base 0.21-4
ii libc6 2.33-7
ii libdevmapper1.02.1 2:1.02.175-2.1
ii libefiboot1 37-6
ii libefivar1 37-6
ii libfreetype6 2.11.1+dfsg-1
ii libfuse2 2.9.9-5
ii liblzma5 5.2.5-2
Versions of packages grub-common recommends:
ii os-prober 1.79
Versions of packages grub-common suggests:
ii console-setup 1.207
ii desktop-base 11.0.3
pn grub-emu <none>
ii mtools 4.0.33-1+really4.0.32-1
pn multiboot-doc <none>
ii xorriso 1.5.4-2
-- no debconf information
More information about the Pkg-grub-devel
mailing list