When selecting “Create LVM Based Proposal” and “Encrypt Volume Group” in the “Disk” part of the DVD installer the installation overview says “Because of the partitioning, the bootloader cannot be installed properly”.
The release notes mention this problem:
3.6. Crypted LVM in UEFI Mode Needs /boot Partition
This only affects installations in UEFI mode.
In the partitioning proposal when checking the option to use LVM (which is required for full disk encryption) YaST does not create a separate /boot partition. That means kernel and initrd end up in the (potentially encrypted) LVM container, inaccessible to the boot loader. To get full disk encryption when using UEFI, partitioning has to be done manually.
I’ve tried adding an additional /boot partition (so that I have both a /boot/efi and a /boot partition), but the same error remains. The expert partitioner says:
Warning: With your current setup, your installation will encounter problems when booting, because the disk on which your /boot partition is located does not contain a GPT disk label.
It will probably not be possible to boot such a setup.
If you need to use this disk for installation, you should destroy the disk label in the expert partitioner.
Really use this setup?
I can’t find any way to “destroy the disk label” in the expert partitioner, and I’m not really sure what I can do about this warning.
Using UEFI isn’t a hugely important issue for me, but I’m still curious to try it out. Is it possible to get this working somehow?