Bonjour,
Tout d’abord et en résumé, je cherche comment forcer à décrypter avec LUKS dans les options de Grub2…
J’ai donc plusieurs distros sur ma machine :
- Une Debian Wheezy sur un LVM chiffré avec LUKS (amd64) ;
- Une Debian Sid (i686) ;
- Une Debian Squeeze de secours dont j’ai eu besoin pour quelques bidouilles (amd64) ;
- Une vieille Gentoo qui n’est plus utilisée.
Le tout sur deux disques : la Wheezy (1.) sur un premier disque de 160 Go, le reste sur un autre disque de 1 To.
Mon système quotidien est la Wheezy sur le LVM chiffré (1.).
Problème : Une mise à jour de la Sid (2.) a modifié le Grub et je n’ai plus accès à mon Wheezy (1.).
Je suis donc allé dans le Squeeze de secours (3.) et je me suis chrooté dans le (1.). J’ai fait un grub-install /dev/sda et un update-grub mais ça n’a pas fonctionné. Quand je boote, il recherche longtemps le LVM sans tenter de décrypter la partition chiffrée avec LUKS.
Voici le /etc/default/grub du Wheezy :
[code]# If you change this file, run ‘update-grub’ afterwards to update
/boot/grub/grub.cfg.
For full documentation of the options in this file, see:
info -f grub -n ‘Simple configuration’
GRUB_DEFAULT=0
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR=lsb_release -i -s 2> /dev/null || echo Debian
GRUB_CMDLINE_LINUX_DEFAULT=“cryptdevice=/dev/sda5:debian” # <----- Ça c’est moi qui l’ai rajouté mais ça ne change rien au boot
GRUB_CMDLINE_LINUX=""
Uncomment to enable BadRAM filtering, modify to suit your needs
This works with Linux (no patch required) and with any kernel that obtains
the memory map information from GRUB (GNU Mach, kernel of FreeBSD …)
#GRUB_BADRAM=“0x01234567,0xfefefefe,0x89abcdef,0xefefefef”
Uncomment to disable graphical terminal (grub-pc only)
#GRUB_TERMINAL=console
The resolution used on graphical terminal
note that you can use only modes which your graphic card supports via VBE
you can see them in real GRUB with the command `vbeinfo’
#GRUB_GFXMODE=640x480
Uncomment if you don’t want GRUB to pass “root=UUID=xxx” parameter to Linux
#GRUB_DISABLE_LINUX_UUID=true
Uncomment to disable generation of recovery mode menu entries
#GRUB_DISABLE_RECOVERY=“true”
Uncomment to get a beep at grub start
#GRUB_INIT_TUNE=“480 440 1”
[/code]
Voici le /boot/grub/grub.cfg du Wheezy :
[code]#
DO NOT EDIT THIS FILE
It is automatically generated by grub-mkconfig using templates
from /etc/grub.d and settings from /etc/default/grub
BEGIN /etc/grub.d/00_header
if [ -s $prefix/grubenv ]; then
load_env
fi
set default=“0"
if [ “${prev_saved_entry}” ]; then
set saved_entry=”${prev_saved_entry}"
save_env saved_entry
set prev_saved_entry=
save_env prev_saved_entry
set boot_once=true
fi
function savedefault {
if [ -z “${boot_once}” ]; then
saved_entry="${chosen}"
save_env saved_entry
fi
}
function load_video {
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
}
insmod part_msdos
insmod ext2
set root=’(hd0,msdos1)‘
search --no-floppy --fs-uuid --set=root 36c37f3c-99c5-4a10-98bc-aa1f8a74610a
if loadfont /grub/unicode.pf2 ; then
set gfxmode=640x480
load_video
insmod gfxterm
insmod part_msdos
insmod ext2
set root=’(hd0,msdos1)'
search --no-floppy --fs-uuid --set=root 36c37f3c-99c5-4a10-98bc-aa1f8a74610a
set locale_dir=($root)/grub/locale
set lang=fr_FR
insmod gettext
fi
terminal_output gfxterm
set timeout=5
END /etc/grub.d/00_header
BEGIN /etc/grub.d/05_debian_theme
insmod part_msdos
insmod ext2
set root=’(hd0,msdos1)'
search --no-floppy --fs-uuid --set=root 36c37f3c-99c5-4a10-98bc-aa1f8a74610a
insmod png
if background_image /grub/.background_cache.png; then
set color_normal=white/black
set color_highlight=black/white
else
set menu_color_normal=cyan/blue
set menu_color_highlight=white/blue
fi
END /etc/grub.d/05_debian_theme
BEGIN /etc/grub.d/10_linux
menuentry ‘Debian GNU/Linux, avec Linux 3.2.0-4-amd64’ --class debian --class gnu-linux --class gnu --class os {
load_video
insmod gzio
insmod part_msdos
insmod ext2
set root=’(hd0,msdos1)'
search --no-floppy --fs-uuid --set=root 36c37f3c-99c5-4a10-98bc-aa1f8a74610a
echo 'Chargement de Linux 3.2.0-4-amd64 …'
linux /vmlinuz-3.2.0-4-amd64 root=/dev/mapper/debian-debian ro cryptdevice=/dev/sda5:debian
echo 'Chargement du disque mémoire initial …‘
initrd /initrd.img-3.2.0-4-amd64
}
menuentry ‘Debian GNU/Linux, avec Linux 3.2.0-4-amd64 (mode de dépannage)’ --class debian --class gnu-linux --class gnu --class os {
load_video
insmod gzio
insmod part_msdos
insmod ext2
set root=’(hd0,msdos1)'
search --no-floppy --fs-uuid --set=root 36c37f3c-99c5-4a10-98bc-aa1f8a74610a
echo 'Chargement de Linux 3.2.0-4-amd64 …'
linux /vmlinuz-3.2.0-4-amd64 root=/dev/mapper/debian-debian ro single
echo 'Chargement du disque mémoire initial …‘
initrd /initrd.img-3.2.0-4-amd64
}
menuentry ‘Debian GNU/Linux, avec Linux 2.6.32-5-amd64’ --class debian --class gnu-linux --class gnu --class os {
load_video
insmod gzio
insmod part_msdos
insmod ext2
set root=’(hd0,msdos1)'
search --no-floppy --fs-uuid --set=root 36c37f3c-99c5-4a10-98bc-aa1f8a74610a
echo 'Chargement de Linux 2.6.32-5-amd64 …'
linux /vmlinuz-2.6.32-5-amd64 root=/dev/mapper/debian-debian ro cryptdevice=/dev/sda5:debian
echo 'Chargement du disque mémoire initial …‘
initrd /initrd.img-2.6.32-5-amd64
}
menuentry ‘Debian GNU/Linux, avec Linux 2.6.32-5-amd64 (mode de dépannage)’ --class debian --class gnu-linux --class gnu --class os {
load_video
insmod gzio
insmod part_msdos
insmod ext2
set root=’(hd0,msdos1)'
search --no-floppy --fs-uuid --set=root 36c37f3c-99c5-4a10-98bc-aa1f8a74610a
echo 'Chargement de Linux 2.6.32-5-amd64 …'
linux /vmlinuz-2.6.32-5-amd64 root=/dev/mapper/debian-debian ro single
echo 'Chargement du disque mémoire initial …'
initrd /initrd.img-2.6.32-5-amd64
}
END /etc/grub.d/10_linux
BEGIN /etc/grub.d/20_linux_xen
END /etc/grub.d/20_linux_xen
BEGIN /etc/grub.d/30_os-prober
menuentry “Debian GNU/Linux (7.0) (on /dev/sdb3)” --class gnu-linux --class gnu --class os {
insmod part_gpt
insmod ext2
set root=’(hd1,gpt3)‘
search --no-floppy --fs-uuid --set=root 3c3e5391-6ffb-4a97-861d-c7e93aa85d31
linux /vmlinuz root=/dev/sdb3
initrd /initrd.img
}
menuentry “Debian GNU/Linux (7.0) (on /dev/sdb3)” --class gnu-linux --class gnu --class os {
insmod part_gpt
insmod ext2
set root=’(hd1,gpt3)‘
search --no-floppy --fs-uuid --set=root 3c3e5391-6ffb-4a97-861d-c7e93aa85d31
linux /vmlinuz root=/dev/sdb3
initrd /initrd.img
}
menuentry “Debian GNU/Linux (7.0) (on /dev/sdb3)” --class gnu-linux --class gnu --class os {
insmod part_gpt
insmod ext2
set root=’(hd1,gpt3)‘
search --no-floppy --fs-uuid --set=root 3c3e5391-6ffb-4a97-861d-c7e93aa85d31
linux /vmlinuz root=/dev/sdb3
initrd /initrd.img.old
}
menuentry “Debian GNU/Linux (7.0) (on /dev/sdb3)” --class gnu-linux --class gnu --class os {
insmod part_gpt
insmod ext2
set root=’(hd1,gpt3)‘
search --no-floppy --fs-uuid --set=root 3c3e5391-6ffb-4a97-861d-c7e93aa85d31
linux /boot/vmlinuz-3.1.0-1-686-pae root=/dev/sdb3
initrd /boot/initrd.img-3.1.0-1-686-pae
}
menuentry “Debian GNU/Linux (7.0) (on /dev/sdb3)” --class gnu-linux --class gnu --class os {
insmod part_gpt
insmod ext2
set root=’(hd1,gpt3)‘
search --no-floppy --fs-uuid --set=root 3c3e5391-6ffb-4a97-861d-c7e93aa85d31
linux /boot/vmlinuz-3.2.0-1-686-pae root=/dev/sdb3
initrd /boot/initrd.img-3.2.0-1-686-pae
}
menuentry “Debian GNU/Linux (7.0) (on /dev/sdb3)” --class gnu-linux --class gnu --class os {
insmod part_gpt
insmod ext2
set root=’(hd1,gpt3)‘
search --no-floppy --fs-uuid --set=root 3c3e5391-6ffb-4a97-861d-c7e93aa85d31
linux /boot/vmlinuz-3.2.0-2-686-pae root=/dev/sdb3
initrd /boot/initrd.img-3.2.0-2-686-pae
}
menuentry “Debian GNU/Linux (7.0) (on /dev/sdb3)” --class gnu-linux --class gnu --class os {
insmod part_gpt
insmod ext2
set root=’(hd1,gpt3)‘
search --no-floppy --fs-uuid --set=root 3c3e5391-6ffb-4a97-861d-c7e93aa85d31
linux /boot/vmlinuz-3.2.0-4-686-pae root=/dev/sdb3
initrd /boot/initrd.img-3.2.0-4-686-pae
}
menuentry “Debian GNU/Linux (7.0) (on /dev/sdb3)” --class gnu-linux --class gnu --class os {
insmod part_gpt
insmod ext2
set root=’(hd1,gpt3)‘
search --no-floppy --fs-uuid --set=root 3c3e5391-6ffb-4a97-861d-c7e93aa85d31
linux /vmlinuz root=/dev/sdb3
initrd /initrd.img
}
menuentry “Debian GNU/Linux (7.0) (on /dev/sdb3)” --class gnu-linux --class gnu --class os {
insmod part_gpt
insmod ext2
set root=’(hd1,gpt3)‘
search --no-floppy --fs-uuid --set=root 3c3e5391-6ffb-4a97-861d-c7e93aa85d31
linux /vmlinuz root=/dev/sdb3
initrd /initrd.img
}
menuentry “Debian GNU/Linux (7.0) (on /dev/sdb3)” --class gnu-linux --class gnu --class os {
insmod part_gpt
insmod ext2
set root=’(hd1,gpt3)‘
search --no-floppy --fs-uuid --set=root 3c3e5391-6ffb-4a97-861d-c7e93aa85d31
linux /vmlinuz root=/dev/sdb3
initrd /initrd.img.old
}
menuentry “Debian GNU/Linux (7.0) (on /dev/sdb3)” --class gnu-linux --class gnu --class os {
insmod part_gpt
insmod ext2
set root=’(hd1,gpt3)‘
search --no-floppy --fs-uuid --set=root 3c3e5391-6ffb-4a97-861d-c7e93aa85d31
linux /vmlinuz.old root=/dev/sdb3
initrd /initrd.img.old
}
menuentry “Gentoo Base System release 2.0.2 (on /dev/sdb4)” --class gnu-linux --class gnu --class os {
insmod part_gpt
insmod ext2
set root=’(hd1,gpt4)'
search --no-floppy --fs-uuid --set=root f322f36a-3807-428c-a198-d058d6c41e1b
linux /boot/kernel-2.6.37-gentoo-r4 root=/dev/sdb4
}
END /etc/grub.d/30_os-prober
BEGIN /etc/grub.d/40_custom
This file provides an easy way to add custom menu entries. Simply type the
menu entries you want to add after this comment. Be careful not to change
the ‘exec tail’ line above.
END /etc/grub.d/40_custom
BEGIN /etc/grub.d/41_custom
if [ -f $prefix/custom.cfg ]; then
source $prefix/custom.cfg;
fi
END /etc/grub.d/41_custom
[/code]
Info importante peut-être : quand je fais update-grub :
# update-grub
Generating grub.cfg ...
Found background image: .background_cache.png
Found linux image: /boot/vmlinuz-3.2.0-4-amd64
Found initrd image: /boot/initrd.img-3.2.0-4-amd64
Found linux image: /boot/vmlinuz-2.6.32-5-amd64
Found initrd image: /boot/initrd.img-2.6.32-5-amd64
grub-probe : erreur : no such disk.
Found Debian GNU/Linux (7.0) on /dev/sdb3
Found Gentoo Base System release 2.0.2 on /dev/sdb4
done