[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GuixSD encrypted root?
From: |
Danny Milosavljevic |
Subject: |
Re: GuixSD encrypted root? |
Date: |
Mon, 25 Apr 2016 03:24:13 +0200 |
Hi,
> Or, as Leo suggests, it could be that shepherd starts the device-mapping
> service, which runs “cryptsetup luksOpen”, which never completes because
> you don’t know it’s waiting for you to enter a passphrase.
I doubt that it's that. The only change I have to do for it to work just fine
is to add "(mount? #f)". So I suspect that the cryptsetup works. (The only
thing I have to type manually is "mount /x" later - and that works, too)
But I didn't know that Guix would run fsck on guix reconfigure. Maybe I just
have to wait longer as it's a huge partition (with almost nothing on it,
though). Also, I've checked gnu/services/base.scm and it seems to hard-code
e2fsprogs. I use btrfs, though.
My config (which is working fine because of the "(mount #f)") is:
(define dayas-sys (mapped-device
(source (uuid "cedd378f-329c-44c4-ab40-f74f0c1701a2"))
(target "dayas-sys")
(type luks-device-mapping)))
(operating-system
;; ...
(mapped-devices (list dayas-sys))
(file-systems (cons* (file-system
(device "/dev/sda1")
(title 'dayas:/)
(mount-point "/")
(type "ext4")
(needed-for-boot? #t))
(file-system
(device "/dev/mapper/dayas-sys")
(mount-point "/x")
(type "btrfs")
(needed-for-boot? #f)
(mount? #f) ; otherwise does not work.
(dependencies (list dayas-sys)))
%base-file-systems))
;...
)
How come yours doesn't have a "dependencies" entry? Is it somehow computed by
examining the "device" (/dev/mapper/...) entry?