PDA

View Full Version : [SOLVED] Encrypted Disk Boot Problem



morgandog
8th January 2014, 07:55 PM
Issue:
The boot process is not displaying the passphrase field when trying to boot.

Boot:
The problem is a bit random as on some reboots the passphrase field will display and boot/decrypt will compete successfully - kernel: 3.11.10, 3.12.5 and 3.12.6. On other starts - the process ends with the following messages:

[ OK ] Started to show Plymouth Boot Screen
[ OK ] Reached taget Paths.
Warning: could not boot.
then drops to dracut prompt
running journalctl displays information but only one error:
unknown key '\nSYMLINK' in /etc/udev/rules.d/99-resume.rules:1
I found a bug issue on the error - and made the recommended change with still the same result

Using the grub rescue entry to boot - displays passphrase field and properly decrypts and mounts drive on all attempts.

System 1 (Desktop):
Fedora 20 x64 - full disk encryption - complete wipe and clean install (not upgraded from 19)
Disk is a 120gb Intel SSD

System 2 (Laptop):
Fedora 20 x64 - full disk encryption - complete wipe and clean install clean install (not upgraded from 19)
Disk is a 240gb Samsung SSD

Both systems have the same issue of not displaying the passphrase field and not decrypting/booting properly on random occassions.

I have been using full disk encryption for a number of years on Fedora:
crypttab setup correctly
fstab setup correctly

Any suggestions on what to try to debug the problem would be appreciated.

Thanks.

jmhirata
8th January 2014, 10:00 PM
i get this same problem still on f20, was fine on f19. seems similar to this bug
https://bugzilla.redhat.com/show_bug.cgi?id=902400.

It seemed to show up twice in fedora bug database, but it never got fixed, just had a message saying "sorry, this release version has reached end of life".

This is becoming a very serious issue for me, because now i have to keep wondering if my machine will boot up at all.

Maybe downgrading to f19 might be the best solution until they fix this one.

morgandog
9th January 2014, 05:10 AM
Thanks for the bug link. I recall in a previous version of Fedora the same problem existed (it's been awhile).
Removed rhgb and set gfxpayload from the grub config, this seems to now be working

jmhirata
10th January 2014, 12:16 AM
Just out of curiousity, just why/how does removing the boot option fix anything? is it somehow related?

morgandog
10th January 2014, 01:20 AM
Removing the rhgb and gfxpayload options, displays the passphrase prompt to decrypt the drive - this works consistently now. Prior to the change the passphrase prompt would not display and the boot process would time out and drop to the dracut shell.

rhgb is the graphical boot gui - looks nice, removing the entry will use text boot, doesn't look as nice.

As to why this works, not 100% sure, would need to search through some archives as this fix came from the same problem occurring in a prior version of Fedora (maybe around version 15) and was the suggested workaround at that time
(I had forgot about it until I read the bug report you linked to).

As for this being a fix, it is more a workaround, but I don't have a problem booting with text mode instead of graphical.

another bug report that is related:

https://bugzilla.redhat.com/show_bug.cgi?id=982608

another possible workaround which I am testing is to rebuild initramfs using the following:

cd /boot
rename current initramfs{version}.img

if you are booted into the correct kernel version:
dracut --no-hostonly -a "rescue" initramfs-$(uname -r).img $(uname -r)

for a different kernel version substitue the $(uname-r) with the kernel version

this does create a larger initramfs file but does work properly to display the passphrase box and decrypt the disk

morgandog
18th February 2014, 06:00 PM
kernel 3.13.3-201 works properly without any of the workarounds.

Rebooted numerous times after kernel upgrade, no issues.