So,
I must have been doing some step in the wrong order before, because, after cleaning up my notes for others to read, it now seems to work fine. I'm still sort of confused why I was running into that error consistently, but clearly I'm doing something differently this time. Attached steps for creating full disk encryption with btrfs with Ubuntu 14.10, which worked successfully for me.
----
---- Start of steps to reproduce
----
I'm using Ubuntu Desktop 14.10 LiveCD, with only one hard drive in my computer: a 32GB flash drive. (Note: I tried this on a 500GB hard drive as well, same results.) I'm doing all of this offline (as in not connected to Internet.)
I use GParted to partition the flash drive as follows (GPT):
/dev/sda1 1MiB bios_grub ( < I make sure to set the bios_grub flag here )
/dev/sda2 256MiB btrfs ( /boot )
/dev/sda3 6.84GiB crypt-luks ( encrypted swap )
/dev/sda4 22.82GiB crypt-luks ( encrypted / )
I then format/open the LUKS partitons:
cryptsetup luksFormat /dev/sda3
cryptsetup luksFormat /dev/sda4
cryptsetup luksOpen /dev/sda3 neoswap
cryptsetup luksOpen /dev/sda4 neoroot
I then format all my boot, swap, and root partitions:
mkfs.btrfs -f -L neoboot /dev/sda2
mkswap -L neoswap /dev/mapper/neoswap
mkfs.btrfs -f -L neoroot /dev/mapper/neoroot
I then run the graphical "Install Ubuntu 14.10" installer from the desktop. When it asks how I want to install, I choose "Something else", and tell it to use the following partitioning scheme, instructing it NOT to format any partitions (since we already did):
/dev/sda2 btrfs /boot
/dev/mapper/neoswap swap
/dev/mapper/neoroot btrfs /
(Note: It will insist on formatting the swap partiton, that's fine. It will insist on installing a bootloader to /dev/sda, that's fine, although we will override this step in a second.) I continue with the installation, waiting until the installation is finished.
At this point, it's possible for me to list all of the partition GUIDs, which I'll need for crypttab and fstab:
/dev/sda1 1MiB bios_grub
/dev/sda2 256MiB btrfs ( /boot ) UUID=23fa61d2-0b74-465a-be83-e026ebb373bc
/dev/sda3 6.84GiB crypt-luks UUID=5d60aeca-6e5d-4a0c-9d28-b31c79213589
/dev/mapper/neoswap ( swap ) UUID=ee13478f-b310-4c3c-b14a-579dea9ee25c
/dev/sda4 22.82GiB crypt-luks UUID=badb304c-38de-4d04-9456-e9759c3150ab
/dev/mapper/neoroot ( / ) UUID=aa67f7ba-08cc-4760-aa30-fa5bc10b88cc
Once installation is done, and before I restart, I open a root shell and chroot into the newly-installed setup:
# mount /dev/mapper/neoroot /mnt -o subvol=@
# mount /dev/mapper/neoroot /mnt/home -o subvol=@home
# mount /dev/sda2 /mnt/boot
# mount --bind /dev /mnt/dev
# mount --bind /proc /mnt/proc
# mount --bind /sys /mnt/sys
# mount --bind /etc/resolv.conf /mnt/etc/resolv.conf
# chroot /mnt
Now that I'm in, I update /etc/crypttab as follows:
neoswap UUID=5d60aeca-6e5d-4a0c-9d28-b31c79213589 none luks
neoroot UUID=badb304c-38de-4d04-9456-e9759c3150ab none luks
I then update /etc/fstab:
UUID=23fa61d2-0b74-465a-be83-e026ebb373bc /boot btrfs defaults,noatime 0 2
UUID=ee13478f-b310-4c3c-b14a-579dea9ee25c none swap sw 0 0
UUID=aa67f7ba-08cc-4760-aa30-fa5bc10b88cc / btrfs defaults,noatime,subvol=@ 0 1
UUID=aa67f7ba-08cc-4760-aa30-fa5bc10b88cc /home btrfs defaults,noatime,subvol=@home 0 2
Almost done. Still chroot'ed, I run:
update-initramfs -k all -c
update-grub
grub-install /dev/sda
I restart my computer, boot into GRUB, and boot with the following:
insmod gzio
insmod part_gpt
insmod btrfs
search --no-floppy --fs-uuid --set=root 23fa61d2-0b74-465a-be83-e026ebb373bc
linux /vmlinuz-3.16.0-23-generic root=UUID=aa67f7ba-08cc-4760-aa30-fa5bc10b88cc rootflags=noatime,subvol=@
initrd /initrd.img-3.16.0-23-generic
----
---- End of steps to reproduce
----
I just did this and it booted successfully 15 times in a row.
Jay
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt