OpenSuse Grub Acting weird with Dual Boot


when my computer starts before i see even my boot loader or grub or any menu Grub brings up a password prompt. If you want i can give you the exact prompt but it asks for a password however from what I’ve noticed it really doesn’t matter what i input - it always proceeds however, sometimes instead of bringing Opensuse’s grub menu it goes straight into a grub command line where i have to type exit to get out and then it takes me into bios. In the past it used to go into windows but i modified my OS boot priority in my UEFI to go to Opensuse and even set it as the fallback (rather than windows) but now i have this stupid login prompt that takes a solid 5 seconds do to anything and doesn’t care about what i type - then i have to deal with it sometimes flat out refusing to go into windows despite me exiting UEFI even after multiple times and i have to shutdown and hope it goes into Opensuse instead of a UEFI loop next time. Another thing to note is that, this time when i logged in Opensuse specifically asked for my password on my main btrfs partition (note my fat32 efi partition is not password protected) So could you guys help me out with:

  • Removing GRUB’s request for a password prompt
  • Reliably going into Opensuse rather than UEFI&or Windows

What makes you think it is grub?

That sounds amusing. Make photo of the screen with this prompt and post here.

btw sorry for the image rotation

Boot into openSUSE, provide full output of

fdisk -l
lsblk -f -o +partuuid
findmnt --real -u

as plain preformatted text, not as screenshot.

efibootmgr gave the output of:

BootCurrent: 0000
Timeout: 1 seconds
BootOrder: 0000,0002
Boot0000* opensuse-secureboot   HD(1,GPT,7007c617-5fd9-40da-ac14-e1f533742d5a,0x800,0xc8000)/File(\EFI\opensuse\shim.efi)
Boot0002  Windows Boot Manager  HD(4,GPT,01a0a702-66e3-43c6-85e5-36dcf25cfc15,0x55b65000,0x32000)/File(\EFI\Microsoft\Boot\bootmgfw.efi)0000424f

fdisk -l gives:

Disk /dev/nvme0n1: 931.51 GiB, 1000204886016 bytes, 1953525168 sectors
Disk model: WD_BLACK SN770 1TB                      
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 469160F3-F6B5-4E12-BD7E-448A3ACAA167

Device              Start        End    Sectors   Size Type
/dev/nvme0n1p1       2048     821247     819200   400M Microsoft basic data
/dev/nvme0n1p2     821248   15501311   14680064     7G Linux swap
/dev/nvme0n1p3   15501312 1438011391 1422510080 678.3G Linux filesystem
/dev/nvme0n1p4 1438011392 1438216191     204800   100M EFI System
/dev/nvme0n1p5 1438216192 1438248959      32768    16M Microsoft reserved
/dev/nvme0n1p6 1438248960 1952451044  514202085 245.2G Microsoft basic data
/dev/nvme0n1p7 1952452608 1953521663    1069056   522M Windows recovery environment

Disk /dev/sda: 931.51 GiB, 1000204886016 bytes, 1953525168 sectors
Disk model: ST1000LM035-1RK1
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: gpt
Disk identifier: 964E4770-B35D-4888-8736-59DF850A4F1F

Device          Start        End    Sectors   Size Type
/dev/sda1          34       2081       2048     1M Microsoft LDM metadata
/dev/sda2        2082     239615     237534   116M Microsoft reserved
/dev/sda3      239616 1952452607 1952212992 930.9G Microsoft LDM data
/dev/sda4  1952452608 1953521663    1069056   522M Windows recovery environment

Partition 1 does not start on physical sector boundary.
Partition 2 does not start on physical sector boundary.

Disk /dev/sdb: 931.51 GiB, 1000204886016 bytes, 1953525168 sectors
Disk model: TOSHIBA MQ01ABD1
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: E2732598-78A6-4897-BBE7-8113ABD1FB9A

Device       Start        End    Sectors   Size Type
/dev/sdb2  2203648 1953521663 1951318016 930.5G Microsoft basic data

Disk /dev/mapper/cr_root: 678.29 GiB, 728308383744 bytes, 1422477312 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes

lsblk -f -o +partuuid gave:

│                                                                                            a3ae4089-199c-11ef-8940-f0a6544f24d6
│                                                                                            a3ae408a-199c-11ef-8940-f0a6544f24d6
│    ntfs         New Volume ACF2A8EEF2A8BE48                                                a3ae408e-199c-11ef-8940-f0a6544f24d6
     ntfs                    563CECA73CEC82FB                                                2598ac36-b95b-4d07-8c49-f8341e3c14d7
     ntfs         New Volume 3C8880E68880A04E                                                005b46ea-c19f-4bcf-a7f9-e03d1103378d
│    vfat   FAT16            55FF-3619                             393.7M     2% /boot/efi   7007c617-5fd9-40da-ac14-e1f533742d5a
│    swap   1                51b669c9-05a0-4304-b991-b80c2a76bc10                [SWAP]      47eb56c3-7304-4704-97bf-9fdc345f33a0
│ │  crypto 2                7c00c896-a0d6-4f22-8abe-429b60cfb6dd                            2c601375-58e9-4290-b320-14d7454bde27
│ └─cr_root
│    btrfs                   00d81f6b-3e78-4c2a-8253-f73a8559eb22  614.7G     9% /var        
│                                                                                /usr/local  
│                                                                                /srv        
│                                                                                /root       
│                                                                                /boot/grub2/x86_64-efi 
│                                                                                /home       
│                                                                                /opt        
│                                                                                /boot/grub2/i386-pc 
│                                                                                /.snapshots 
│                                                                                /           
│    vfat   FAT32            1E3E-B34E                                                       01a0a702-66e3-43c6-85e5-36dcf25cfc15
│                                                                                            1e9ff6e1-c363-4a71-bc94-45aa3aa93658
│    ntfs                    1C3C42333C4207EA                                                7a6a7dfc-d8e7-4c52-ac89-706e6316995c
     ntfs                    A6FC16BCFC168729                                                2fa68b81-9f2d-4d78-95bb-07cefaabb2f0

and findmnt --real -u

TARGET                   SOURCE                                        FSTYPE      OPTIONS
/                        /dev/mapper/cr_root[/@/.snapshots/1/snapshot] btrfs       rw,relatime,ssd,space_cache=v2,subvolid=266,subvol=/@/.snapshots/1/snapshot
├─/run/user/1000/doc     portal                                        fuse.portal rw,nosuid,nodev,relatime,user_id=1000,group_id=100
├─/.snapshots            /dev/mapper/cr_root[/@/.snapshots]            btrfs       rw,relatime,ssd,space_cache=v2,subvolid=265,subvol=/@/.snapshots
├─/boot/grub2/i386-pc    /dev/mapper/cr_root[/@/boot/grub2/i386-pc]    btrfs       rw,relatime,ssd,space_cache=v2,subvolid=264,subvol=/@/boot/grub2/i386-pc
├─/boot/grub2/x86_64-efi /dev/mapper/cr_root[/@/boot/grub2/x86_64-efi] btrfs       rw,relatime,ssd,space_cache=v2,subvolid=263,subvol=/@/boot/grub2/x86_64-efi
├─/opt                   /dev/mapper/cr_root[/@/opt]                   btrfs       rw,relatime,ssd,space_cache=v2,subvolid=261,subvol=/@/opt
├─/home                  /dev/mapper/cr_root[/@/home]                  btrfs       rw,relatime,ssd,space_cache=v2,subvolid=262,subvol=/@/home
├─/root                  /dev/mapper/cr_root[/@/root]                  btrfs       rw,relatime,ssd,space_cache=v2,subvolid=260,subvol=/@/root
│ └─/root/.cache/doc     portal                                        fuse.portal rw,nosuid,nodev,relatime,user_id=0,group_id=0
├─/srv                   /dev/mapper/cr_root[/@/srv]                   btrfs       rw,relatime,ssd,space_cache=v2,subvolid=259,subvol=/@/srv
├─/var                   /dev/mapper/cr_root[/@/var]                   btrfs       rw,relatime,ssd,space_cache=v2,subvolid=257,subvol=/@/var
├─/usr/local             /dev/mapper/cr_root[/@/usr/local]             btrfs       rw,relatime,ssd,space_cache=v2,subvolid=258,subvol=/@/usr/local
└─/boot/efi              /dev/nvme0n1p1                                vfat        rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,utf8,errors=remount-ro

grub requests password for your encrypted root filesystem which contains /boot/grub2/grub.cfg file with grub configuration. It is not possible to (automatically) boot without this file so you must provide the correct password. When password is incorrect, grub will stop in CLI. Exiting grub goes back to EFI boot manager which should try the next boot entry. Now, this entry is not active (although boot manager is free to ignore it). It also points to the different partition. grub is on /dev/nvme0n1p1 and Windows boot entry points to /dev/nvme0n1p4. I have no idea whether it is correct, but if it boots into Windows it probably is.

Back to your questions.

You would need to move /boot to separate partition. It can be done, but you will lose snapshot rollback possibility.

You should reliably boot into openSUSE if you enter the correct LUKS2 password. You will need to enter password anyway, if not in grub then later in the boot sequence, so removing grub password prompt will not really change anything.

If you do not need encryption at all, it should be possible to decrypt in place. If you have TPM2 it is possible to store LUKS2 key in TPM2 for unattended decryption (but it has its own can of worms).

Alright. So if im correct by what your trying to imply the reason why this sometimes doesn’t work is because i enter my password incorrectly right? in that case cant i just skip to decrypt when opensuse is loading? rather than before that stage. Cause my windows partition isnt encrypted and i have to wait more time to get into windows just cause this thing wants a password


I think I answered this already. Yes, you can, but you will lose snapshot rollback.

Cannot you use your BIOS boot manager to directly boot into Windows?

After i enter my password it goes into opensuses boot loader
^ this one
and here i’ll have the option to go into windows but i still gotta enter that password.
about moving that /boot to a separate partition. how would i go about doing that?

  1. Create new partition, preferably on your boot device (to make sure grub can access it) and file system on it.
  2. Move content of /boot to it except /boot/efi. It also includes /boot/grub2/x86_64-efi and /boot/grub2/i386-pc.
  3. Adjust /etc/fstab, remount new partition as /boot(and of course remount/boot/efi` to the new mount point)
  4. Run update-bootloader --reinit

You may be able to reuse /dev/nvme0n1p1 - 400MiB should be enough for a couple of kernels, but it is still tight. Check current space consumption on /boot. In this case just use /dev/nvme0n1p4 as /boot/efi. Otherwise you will need to resize some partition to get more space.