Dracut Shell, LUKS LVM

[robot682]

Hi,

 

I'm trying to boot an encrypted root filesystem off of a LUKS encrypted LVM table. The LUKS key is protected by a GPG key. I  built an initramfs with dracut using both the crypt and crypt-gpg modules. The boot partition and key file are on a USB drive.

 

When I boot, there is a kernel panic. I've tried adding the serial and console options to grub.cfg as well as the rd.shell option, but I can't seem to get Dracut to drop to a shell so I can troubleshoot the issue. Any help would be appreciated.

 

Here is my grub.cfg

set timeout=3
serial --unit=0 --speed=9600
terminal --timeout=5 serial console


  insmod part_gpt
  insmod ext2
  set root=(hostdisk//dev/sdb,gpt1)
  search --no-floppy --fs-uuid --set 79d306ed-2578-4ac9-a199-6f61a6a7e64c
if loadfont /grub/unifont.pf2; then
   set gfxmode=text
   insmod gfxterm
   insmod vbe
   terminal_output gfxterm
fi

set menu_color_normal=cyan/blue
set menu_color_highlight=blue/cyan

menuentry "Funtoo Linux Dracut - vmlinuz-3.16.2-hardened-r2" {
  insmod part_gpt
  insmod ext2
  set root=(hostdisk//dev/sdb,gpt1)
  search --no-floppy --fs-uuid --set 79d306ed-2578-4ac9-a199-6f61a6a7e64c
  linux /vmlinuz-3.16.2-hardened-r2 rootfstype=ext4 luks enc_root=UUID=77f735b0-3d46-4fd7-9751-34df92d460d5 lvm rd.luks.key=/boot/luks-key.gpg root=/dev/mapper/vg1-root console=tty0 console=ttyS0,9600 rd.shell

  set gfxpayload=text
}
set default=0

My fstab looks like this:

# <fs>                  <mountpoint>    <type>          <opts>          <dump/pass>

/dev/sdb1               /boot           ext2            noauto,noatime  1 2
UUID=7e35db9b-f5f7-4bb3-98e1-1466f56ed9b1       none            swap            sw              0 0
UUID=625a0681-e435-429f-976e-e3bb4830ad17       /               ext4            noatime         0 1
UUID=3e09d6e9-2f69-43fd-b718-4d5dbd319e82       /tmp            ext4            noatime         0 2
UUID=25be8c28-fff2-4b37-bf23-c9bad9153036       /var            ext4            noatime         0 2
UUID=9b77ff9d-fa7e-4a30-8995-dbefe0669839       /home           ext4            noatime         0 2
/dev/cdrom              /mnt/sr0        auto            noauto,ro       0 2

Here is the output of blkid

/dev/loop0: TYPE="squashfs"
/dev/sda1: UUID="77f735b0-3d46-4fd7-9751-34df92d460d5" TYPE="crypto_LUKS"
/dev/sr0: LABEL="Ubuntu 14.04.1 LTS amd64" TYPE="iso9660"
/dev/sdb1: UUID="79d306ed-2578-4ac9-a199-6f61a6a7e64c" TYPE="ext2"
/dev/mapper/funtoo: UUID="TTLf8a-U1Vg-r8FZ-L0cl-2KWm-bR3p-u7tSDA" TYPE="LVM2_member"
/dev/mapper/vg1-swap: LABEL="swap" UUID="7e35db9b-f5f7-4bb3-98e1-1466f56ed9b1" TYPE="swap"
/dev/mapper/vg1-root: LABEL="root" UUID="625a0681-e435-429f-976e-e3bb4830ad17" TYPE="ext4"
/dev/mapper/vg1-tmp: LABEL="tmp" UUID="3e09d6e9-2f69-43fd-b718-4d5dbd319e82" TYPE="ext4"
/dev/mapper/vg1-var: LABEL="var" UUID="25be8c28-fff2-4b37-bf23-c9bad9153036" TYPE="ext4"
/dev/mapper/vg1-home: LABEL="home" UUID="9b77ff9d-fa7e-4a30-8995-dbefe0669839" TYPE="ext4"

[j-g-]

 

set timeout=3
serial --unit=0 --speed=9600
terminal --timeout=5 serial console


  insmod part_gpt
  insmod ext2
  set root=(hostdisk//dev/sdb,gpt1)
  search --no-floppy --fs-uuid --set 79d306ed-2578-4ac9-a199-6f61a6a7e64c
if loadfont /grub/unifont.pf2; then
   set gfxmode=text
   insmod gfxterm
   insmod vbe
   terminal_output gfxterm
fi

set menu_color_normal=cyan/blue
set menu_color_highlight=blue/cyan

menuentry "Funtoo Linux Dracut - vmlinuz-3.16.2-hardened-r2" {
  insmod part_gpt
  insmod ext2
  set root=(hostdisk//dev/sdb,gpt1)
  search --no-floppy --fs-uuid --set 79d306ed-2578-4ac9-a199-6f61a6a7e64c
  linux /vmlinuz-3.16.2-hardened-r2 rootfstype=ext4 luks enc_root=UUID=77f735b0-3d46-4fd7-9751-34df92d460d5 lvm rd.luks.key=/boot/luks-key.gpg root=/dev/mapper/vg1-root console=tty0 console=ttyS0,9600 rd.shell

  set gfxpayload=text
}
set default=0

 

If you crafted that manually you missed adding the initrd command to load your dracut generated initramfs, and since you are using dracut you might want to explore more of its options, you can set your kernel command line in /etc/dracut.conf, and other ineresting things, this will make the upgrading kernel process more cleaner since you don't need to add the command line every time, also make sure you have ' hostonly="yes" ' in dracut.conf.