The filesystem is encrypted since the installation.
I want to add a device to later on turn it into a RAID.
I already tried this:
create new encrypted partition via YasT (LUKS1)
btrfs dev add /dev/mapper/{…} /
Then I rebooted, but it seems the decryption gets stuck. Booted a rescue disk, removed the new device from the BTRFS, and the system boots again just fine.
I used the same password to encrypt I used for the first device.
Help?
To offer any help you need to at least show something from your system that demonstrates the problem - logs, screenshot, photo - and provide details at which point it happens. We do not even know whether you are talking about root filesystem or not. If it is root, you would need to recreate initrd at the very least to make it aware of new encrypted partition.
The fact that it doesn’t get past the loading screen, even after 20 minutes. Also, my disks don’t make reading noise as they always do otherwise.
you need to at least show something from your system that demonstrates the problem - logs, screenshot, photo - and provide details at which point it happens.
I’m going to post photos since I don’t know what are relevant logs for this case.
In order:
I insert the password for the first partition.
And this is the last screen I see. Doesn’t get through.
The filesystem is root. All I actually did was to open YaST Boot Loader and confirm new settings without changing anything. Does that recreate initrd as well or only runs grub2-mkconfig?
To see more boot with “plymouth.enable=0” on kernel command line, this will show what systemd is waiting for. But if it is root filesystem, then the first step is to run mkinitrd. It may not be enough, depending on how smart dracut is, but we’ll see.
dracut itself knows that it has to wait for this device
5.895866] suse dracut-cmdline[207]: Using kernel command line parameters: rd.driver.pre=btrfs rd.luks.uuid=luks-15b32c81-b723-43b3-bea5-7aa8a5e45901 rd.luks.uuid=luks-0ca54c5e-a5b3-436f-975e-80af9cdc98a3 rd.luks.uuid=luks-bb26fb93-6b78-4760-9cc0-94133cc11223 root=/dev/mapper/cr_root rootfstype=btrfs
but systemd is not aware of this stored command line and so it does not generate corresponding unit to activate it
7.563758] suse dracut-initqueue[473]: Failed to start systemd-cryptsetup@luks\x2d15b32c81\x2db723\x2d43b3\x2dbea5\x2d7aa8a5e45901.service: Unit systemd-cryptsetup@luks\x2d15b32c81\x2db723\x2d43b3\x2dbea5\x2d7aa8a5e45901.service not found.
You should add your LUKS device to /etc/crypttab, I would use the same options as for the original root device, and generate initrd again.
I want to add new a device to the existing encrypted btrfs root filesystem to expand my storage. The new device is a SD card formatted as LUKS2 encrypted btrfs, just as the root filesystem. After configuring /etc/sysconfig/fde-tools and /etc/crypttab following this thread and other instructions, I can now decrypt root and new device at boot time. After booting into system, now I have /dev/mapper/cr_root and /dev/mapper/cr_sdcard (the new device).
However, after I added the new device to /, the next boot would fail and boot into grub command line. Have you encountered this problem?
I can boot again if I remove the device from Live CD.