Open TobiPeterG opened 3 days ago
TobiPeterG
commented
3 days ago UPDATE: I found a way to uninstall dracut-pcr-signature without removing sdbootutil, regenerated my initrd and voila, my system boots again, so it's an issue of dracut-pcr-signature :)
But without any logs it's hard to find out why :cry:
aplanas
commented
3 days ago The idea of this module is simple: copy the json file form the ESP into the running initrd, so systemd-cryptsetup can unlock the disk.
Today there are two services: one that will mount the ESP, and another one that will do the copy. Those need to be running before systemd-crypsetup, and a way to see if it worked is to see if the json is present in memory.
I suspect that something did go wrong with the update and the re-creation of the initrd. To test this, if you have time, you can re-install the dracut module and validate that there is a new initrd.
TobiPeterG
commented
3 days ago The idea of this module is simple: copy the json file form the ESP into the running initrd, so systemd-cryptsetup can unlock the disk.
Today there are two services: one that will mount the ESP, and another one that will do the copy. Those need to be running before systemd-crypsetup, and a way to see if it worked is to see if the json is present in memory.
I suspect that something did go wrong with the update and the re-creation of the initrd. To test this, if you have time, you can re-install the dracut module and validate that there is a new initrd.
When the module was still installed and I found the way to boot my system, I already ran mkinird in sdbootutil and it finished without errors, so I guess that's not the issue :(
aplanas
commented
3 days ago In one of the screenshots seems that the pcrlock.json file is missing. Do you see it in the ESP?
TobiPeterG
commented
2 days ago In one of the screenshots seems that the pcrlock.json file is missing. Do you see it in the ESP?
On my ESP is a pcrlock.json, yes
Hi there,
Abouta week ago I updated my system after about a month and it doesn't boot anymore. I thought it was due to the plymouth issues, but this is not the case. With the newest snapshot, the plymouth issue is solved, but I still can't start my PC, but at least I have a graphical output now. I attached some screenshots (as saving a log in the emergency shell is hard with only encrypted drives)
The behaviour is the following: dracut tells me cr_root is not mounted. In the emergency shell I see that systemd-cryptsetup@cr_root is dead and didn't seem to run at all. Starting it does nothing (no message. no error), and the same with pcr-signature. HOWEVER, when I run the systemd-cryptsetup command manually, I a) can mount the drive without issues and b) afterwards systemd shows me that these services did run, when I executed the command (afterwards I can also start my system). I can't explain this behaviour and don't really now what causes it to be hones, especially since all logs I found also don't really contain much except the dracut timeout on the drive. My only suspicion is the dracut-pcr-signature module, as that had changes in the last month and caused a similar problem already for me, that's why I'm opening this issue here.
Is there something else I should try? Do you have an idea @aplanas why my computer hates me now? I'd appreciate any help :) If you are certain this tool doesn't cause this behaviour, I will of couse create an issue in the official bug tracker :)
By the way, my other systems are not affected by this, even though they have a similar setup, which makes it even weirder.