[Bug 1062623] Re: enable grub-2.00 boot-from-luks support
Nazar Mokrynskyi
nazar at mokrynskyi.com
Wed Mar 8 01:42:01 UTC 2017
Some more details with exact steps needed for this to be fixed on UEFI
system in following bug report:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1670552
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2 in Ubuntu.
https://bugs.launchpad.net/bugs/1062623
Title:
enable grub-2.00 boot-from-luks support
Status in grub2 package in Ubuntu:
Triaged
Bug description:
(I suppose this comes too late in the release cycle to make the
change, but perhaps it's simple enough:)
With only minimal manual intervention, I found I could use today's
Ubuntu Server 12.10 daily iso to install a system with luks+lvm and no
separate /boot partition (which doesn't really have any security
advantages, but it makes managing space on a smallish disk easier). If
grub-installer could manage the final 2 steps below, it would all be
fully automatic. Thanks!
Steps:
1: go through the default installer motions
2: in partman, choose the manual option
3: create a single, whole-disk primary partition, use it as a luks encrypted volume
4: on top of that, create an lvm physical volume
5: insert lvm logical volumes for swap and / (I used btrfs, probably irrelevant)
6: finish remaining installer steps; find that grub install fails
7: drop into shell, per alt+f2, and chroot to /target
8: append "GRUB_CRYPTODISK_ENABLE=y" to /etc/default/grub
9: run "grub-install /dev/sda" (replace sda etc etc), then "update-grub", reboot
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1062623/+subscriptions
More information about the foundations-bugs
mailing list