Issues with updating Dracut & Crytpo Luks

I updated to Dracut and rebooted. I received a prompt to input password to decrypt my encrypted volume. It was a success and I received the Grub display. I hit enter and the graphical screen hangs half through.

I hit the escape key and it showed it was asking for the password to decrypt the drive again, but it wouldn't allow me to type in the password again. So, I had to use a snaphot to get back into my system.

Any advice on how to fix this?

Thank you.

garuda-inxi
System:
Kernel: 6.2.2-zen1-1-zen arch: x86_64 bits: 64 compiler: gcc v: 12.2.1
parameters: BOOT_IMAGE=/@/boot/vmlinuz-linux-zen
root=UUID=a962e929-025e-47aa-92dc-92802ec4e0ca rw rootflags=subvol=@
quiet
cryptdevice=UUID=52194f99-d513-4d19-b719-32c2be1a2f2a:luks-52194f99-d513-4d19-b719-32c2be1a2f2a
root=/dev/mapper/luks-52194f99-d513-4d19-b719-32c2be1a2f2a quiet splash
rd.udev.log_priority=3 vt.global_cursor_default=0
resume=/dev/mapper/luks-f34dc415-15a1-46de-a16b-7f04444f4935 loglevel=3
ibt=off
Desktop: KDE Plasma v: 5.27.2 tk: Qt v: 5.15.8 wm: kwin_wayland vt: 1
dm: SDDM Distro: Garuda Linux base: Arch Linux
Machine:
Type: Desktop Mobo: Micro-Star model: MAG B650 TOMAHAWK WIFI (MS-7D75)
v: 1.0 serial: UEFI: American Megatrends LLC. v: 1.31
date: 01/09/2023
CPU:
Info: model: AMD Ryzen 9 7900X bits: 64 type: MT MCP arch: Zen 4 gen: 5
level: v4 note: check built: 2022 process: TSMC n5 (5nm) family: 0x19 (25)
model-id: 0x61 (97) stepping: 2 microcode: 0xA601203
Topology: cpus: 1x cores: 12 tpc: 2 threads: 24 smt: enabled cache:
L1: 768 KiB desc: d-12x32 KiB; i-12x32 KiB L2: 12 MiB desc: 12x1024 KiB
L3: 64 MiB desc: 2x32 MiB
Speed (MHz): avg: 4652 high: 4700 min/max: 3000/5733 boost: enabled
scaling: driver: acpi-cpufreq governor: performance cores: 1: 4700 2: 4700
3: 4700 4: 4700 5: 4700 6: 4700 7: 4700 8: 4700 9: 4700 10: 4700 11: 4700
12: 3559 13: 4700 14: 4700 15: 4700 16: 4700 17: 4700 18: 4700 19: 4700
20: 4700 21: 4700 22: 4700 23: 4700 24: 4700 bogomips: 225586
Flags: avx avx2 ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm
Vulnerabilities:
Graphics:
Device-1: AMD Navi 31 [Radeon RX 7900 XT/7900 XTX] vendor: Sapphire NITRO+
driver: amdgpu v: kernel arch: RDNA-3 code: Navi-3x process: TSMC n5 (5nm)
built: 2022+ pcie: gen: 4 speed: 16 GT/s lanes: 16 ports: active: DP-1
empty: DP-2,HDMI-A-1,HDMI-A-2 bus-ID: 03:00.0 chip-ID: 1002:744c
class-ID: 0300
Device-2: AMD Raphael vendor: Micro-Star MSI driver: amdgpu v: kernel
arch: RDNA-2 code: Navi-2x process: TSMC n7 (7nm) built: 2020-22 pcie:
gen: 4 speed: 16 GT/s lanes: 16 ports: active: none empty: DP-3, DP-4,
DP-5, HDMI-A-3 bus-ID: 12:00.0 chip-ID: 1002:164e class-ID: 0300
temp: 42.0 C
Display: wayland server: X.org v: 1.21.1.7 with: Xwayland v: 22.1.8
compositor: kwin_wayland driver: X: loaded: modesetting
alternate: fbdev,vesa dri: radeonsi gpu: amdgpu display-ID: 0
Monitor-1: DP-1 model: Dell AW3423DWF serial: built: 2022
res: 3440x1440 dpi: 109 gamma: 1.2 size: 800x337mm (31.5x13.27")
diag: 868mm (34.2") modes: max: 3440x1440 min: 720x400
API: OpenGL v: 4.6 Mesa 23.1.0-devel (git-8bc78e8eb9) renderer: AMD
Radeon RX 7900 XTX (gfx1100 LLVM 15.0.7 DRM 3.49 6.2.2-zen1-1-zen)
direct-render: Yes
Audio:
Device-1: AMD driver: snd_hda_intel v: kernel bus-ID: 4-6:3 pcie: gen: 4
chip-ID: 0db0:422d speed: 16 GT/s class-ID: 0300 lanes: 16 bus-ID: 03:00.1
chip-ID: 1002:ab30 class-ID: 0403
Device-2: AMD Rembrandt Radeon High Definition Audio
vendor: Micro-Star MSI driver: snd_hda_intel v: kernel pcie: gen: 4
speed: 16 GT/s lanes: 16 bus-ID: 12:00.1 chip-ID: 1002:1640 class-ID: 0403
Device-3: AMD Family 17h/19h HD Audio vendor: Micro-Star MSI
driver: snd_hda_intel v: kernel pcie: gen: 4 speed: 16 GT/s lanes: 16
bus-ID: 12:00.6 chip-ID: 1022:15e3 class-ID: 0403
Device-4: Micro Star USB Audio type: USB
driver: hid-generic,snd-usb-audio,usbhid
Sound API: ALSA v: k6.2.2-zen1-1-zen running: yes
Sound Interface: sndio v: N/A running: no
Sound Server-1: PulseAudio v: 16.1 running: no
Sound Server-2: PipeWire v: 0.3.66 running: yes
Network:
Device-1: Realtek RTL8125 2.5GbE vendor: Micro-Star MSI driver: r8169
v: kernel pcie: gen: 2 speed: 5 GT/s lanes: 1 port: c000 bus-ID: 0e:00.0
chip-ID: 10ec:8125 class-ID: 0200
IF: enp14s0 state: up speed: 1000 Mbps duplex: full mac:
Bluetooth:
Device-1: MediaTek Wireless_Device type: USB driver: btusb v: 0.8
bus-ID: 4-7:6 chip-ID: 0e8d:0616 class-ID: e001 serial:
Report: bt-adapter ID: hci0 rfk-id: 0 state: up address:
Drives:
Local Storage: total: 2.05 TiB used: 509.08 GiB (24.3%)
SMART Message: Unable to run smartctl. Root privileges required.
ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: Smart Modular Tech.
model: SHPP41-2000GM size: 1.82 TiB block-size: physical: 512 B
logical: 512 B speed: 63.2 Gb/s lanes: 4 type: SSD serial:
rev: 51060A20 temp: 44.9 C scheme: GPT
ID-2: /dev/nvme1n1 maj-min: 259:4 vendor: Samsung model: SSD 960 EVO 250GB
size: 232.89 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s
lanes: 4 type: SSD serial: rev: 3B7QCXE7 temp: 40.9 C scheme: GPT
Partition:
ID-1: / raw-size: 1.79 TiB size: 1.79 TiB (100.00%) used: 509.08 GiB (27.8%)
fs: btrfs dev: /dev/dm-0 maj-min: 254:0
mapped: luks-52194f99-d513-4d19-b719-32c2be1a2f2a
ID-2: /boot/efi raw-size: 300 MiB size: 299.4 MiB (99.80%)
used: 752 KiB (0.2%) fs: vfat dev: /dev/nvme0n1p1 maj-min: 259:1
ID-3: /home raw-size: 1.79 TiB size: 1.79 TiB (100.00%)
used: 509.08 GiB (27.8%) fs: btrfs dev: /dev/dm-0 maj-min: 254:0
mapped: luks-52194f99-d513-4d19-b719-32c2be1a2f2a
ID-4: /var/log raw-size: 1.79 TiB size: 1.79 TiB (100.00%)
used: 509.08 GiB (27.8%) fs: btrfs dev: /dev/dm-0 maj-min: 254:0
mapped: luks-52194f99-d513-4d19-b719-32c2be1a2f2a
ID-5: /var/tmp raw-size: 1.79 TiB size: 1.79 TiB (100.00%)
used: 509.08 GiB (27.8%) fs: btrfs dev: /dev/dm-0 maj-min: 254:0
mapped: luks-52194f99-d513-4d19-b719-32c2be1a2f2a
Swap:
Kernel: swappiness: 133 (default 60) cache-pressure: 100 (default)
ID-1: swap-1 type: zram size: 30.51 GiB used: 2.2 MiB (0.0%) priority: 100
dev: /dev/zram0
ID-2: swap-2 type: partition size: 33.56 GiB used: 0 KiB (0.0%)
priority: -2 dev: /dev/dm-1 maj-min: 254:1
mapped: luks-f34dc415-15a1-46de-a16b-7f04444f4935
Sensors:
System Temperatures: cpu: 52.4 C mobo: N/A
Fan Speeds (RPM): N/A
GPU: device: amdgpu temp: 42.0 C device: amdgpu temp: 57.0 C mem: 66.0 C
fan: 239 watts: 56.00
Info:
Processes: 490 Uptime: 1h 11m wakeups: 0 Memory: 30.51 GiB
used: 5.82 GiB (19.1%) Init: systemd v: 253 default: graphical
tool: systemctl Compilers: gcc: 12.2.1 clang: 15.0.7 Packages: pm: pacman
pkgs: 2223 libs: 584 tools: octopi,paru,yay Shell: fish v: 3.6.0
running-in: konsole inxi: 3.3.25
Garuda (2.6.15-1):
System install date: 2023-03-03
Last full system update: 2023-03-07
Is partially upgraded: No
Relevant software: snapper NetworkManager mkinitcpio
Windows dual boot: Probably (Run as root to verify)
Failed units:

so the solution is to install:

sudo pacman -S garuda-dracut-support

and right after run: sudo dracut-rebuild ??

just click my link and read...

hmmm..didn't work for me and I created the file /etc/dracut.conf.d/luks.conf which contains: install_items+=" /etc/crypttab /crypto_keyfile.bin "

The “padding” spaces inside the quotes are correct, but I think the space between /etc/crypttab and crypto_keyfile.bin is a typo.

Don’t forget to rebuild the image after changing a dracut config.

sudo dracut-rebuild

I just doubled checked what I have and it is exactly
install_items+=" /etc/crypttab /crypto_keyfile.bin "
and its working for me…

I see that /etc/crypttab and /crypto_keyfile.bin are files that only root has access to, so I think it might be that way to work with GRUB correctly.
Take a look at Dalto’s dracut EndeavourOS wiki entry and I think you will see what I mean Dracut – Discovery

Looks like you have a LUKS swap that might be holding you back. Going from Dalto’s wiki entry on dracut using GRUB, looks like you will have to add something kind of like this:
In /etc/dracut.conf.d/luks.conf add this as well, in a new line:

add_device+=" /dev/disk/by-uuid/ad44a367-09ec-4f74-bf66-f284438280db "

Be sure to replace the ad44a367-09ec-4f74-bf66-f284438280db part with the UUID for your swap LUKS partition.

Edit: changed the .conf file name to luks.conf for consistency.

Following EndeavourOS he created a filed called encryption.conf and not luks.conf in /etc/dracut.conf.d/ . Not sure if this matters, but it seems like it should.

You can name these files whatever you like. As long as the file name ends in .conf and is located in the correct directory, dracut should find them and honor any valid options within.

Okay, I'll give it a try again. Thank you for the prompt reply.

This worked if swap is encrypted, my computer booted up in a few seconds =)

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.