Change from grub2 to systemd-boot in an encrypted Linux Mint
by blueray from LinuxQuestions.org on (#501YV)
My System:
Code:System: Host: My-PC Kernel: 5.0.0-32-generic x86_64 bits: 64 compiler: gcc v: 7.4.0 Desktop: Cinnamon 4.4.5
Distro: Linux Mint 19.3 Tricia base: Ubuntu 18.04 bionic
Machine: Type: Desktop Mobo: ASUSTeK model: PRIME H370-PLUS v: Rev 1.xx serial: <filter> UEFI: American Megatrends v: 0904
date: 09/14/2018
CPU: Topology: 6-Core model: Intel Core i5-8600K bits: 64 type: MCP arch: Kaby Lake rev: A L2 cache: 9216 KiB
flags: lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 43200
Speed: 800 MHz min/max: 800/4300 MHz Core speeds (MHz): 1: 800 2: 800 3: 801 4: 800 5: 800 6: 800
Graphics: Device-1: Intel vendor: ASUSTeK driver: i915 v: kernel bus ID: 00:02.0
Display: x11 server: X.Org 1.20.4 driver: modesetting unloaded: fbdev,vesa
resolution: 1920x1080~60Hz, 1920x1080~60Hz
OpenGL: renderer: Mesa DRI Intel UHD Graphics 630 (Coffeelake 3x8 GT2) v: 4.5 Mesa 19.0.8 direct render: Yes
Audio: Device-1: Intel Cannon Lake PCH cAVS vendor: ASUSTeK driver: snd_hda_intel v: kernel bus ID: 00:1f.3
Sound Server: ALSA v: k5.0.0-32-generic
Network: Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: ASUSTeK driver: r8169 v: kernel port: 3000
bus ID: 05:00.0
IF: enp5s0 state: up speed: 100 Mbps duplex: full mac: <filter>
Drives: Local Storage: total: 7.50 TiB used: 1.44 TiB (19.2%)
ID-1: /dev/sda vendor: Samsung model: SSD 860 EVO 250GB size: 232.89 GiB
Partition: ID-1: / size: 226.04 GiB used: 5.62 GiB (2.5%) fs: ext4 dev: /dev/dm-1
ID-2: /boot size: 704.5 MiB used: 84.9 MiB (12.0%) fs: ext4 dev: /dev/sda2
ID-3: swap-1 size: 976.0 MiB used: 0 KiB (0.0%) fs: swap dev: /dev/dm-2
Sensors: System Temperatures: cpu: 35.0 C mobo: N/A
Fan Speeds (RPM): cpu: 0
Info: Processes: 242 Uptime: 40m Memory: 15.51 GiB used: 1.53 GiB (9.9%) Init: systemd runlevel: 5 Compilers: gcc: 7.4.0
Shell: bash v: 4.4.20 inxi: 3.0.32I am using Full Disk Encryption. My system HDD looks something like:
Code:$ blkid
/dev/mapper/sda3_crypt: UUID="p6K7w9-XJqD-HBvG-VceV-Xd4T-yVP4-YuKvu8" TYPE="LVM2_member"
/dev/mapper/mint--vg-root: UUID="1960c343-9e51-4e7b-8ef8-758589ce91ce" TYPE="ext4"
/dev/sda1: UUID="60F9-5B14" TYPE="vfat" PARTLABEL="EFI System Partition" PARTUUID="87261dd5-86b7-4bd2-84d3-b1fd79d513e7"
/dev/sda2: UUID="7e03329b-c82a-4ca8-aedf-b26eca2b275d" TYPE="ext4" PARTUUID="ff1ea1f4-ed70-4244-9e61-0056bb93cef0"
/dev/sda3: UUID="614ff70a-3041-4ddf-b7a7-2a0d7af8ca87" TYPE="crypto_LUKS" PARTUUID="1a9f3fd5-5fae-44fa-91d7-798b128788d2"
/dev/mapper/mint--vg-swap_1: UUID="f46741ba-7454-4354-8d1e-6481cf22f188" TYPE="swap"Now I want to replace grub2 with systemd-boot.
I used: Code:sudo bootctl installNow,
Code:$ efibootmgr
BootCurrent: 0000
Timeout: 1 seconds
BootOrder: 0000,0001
Boot0000* ubuntu
Boot0001* Linux Boot ManagerNow I Think I have to modify /boot/efi/loader/loader.conf
The current content of /boot/efi/loader/loader.conf is
Code:#timeout 3
default aaa642a1efb049fba8d6ca0c8d22ff0a-*What else do I need to put on /boot/efi/loader/loader.conf
I think I have to put something like:
Code:title Linux Mint
linux /vmlinuz-linux
initrd /intel-ucode.img
initrd /initramfs-linux.img
options root=UUID=<uuid-of-root-partition> rd.luks.uuid=<uuid-of-luks-partition>Or may be:
Code:options cryptdevice=UUID=8b6c3F41-cde5-468e-a503-324b081713d8:lvm root=/dev/mapper/MyVol-root quiet rwI got a script for generating this file for Fedora. But, nothing for Mint.
Code:#!/bin/bash
# write-ostree-boot-config.sh
# --- configure this -------------------------------------------------------
MAX_DEPLOY=1 # works only with 1 at the moment
LUKS_UUID='6cf16b77-a720-48ef-b734-47f4ffe4c288'
# -------------------------------------------------------------------------
ARCH=$(uname -m)
ID=$(cat /etc/machine-id)
if [[ ! ${ID:0:1} =~ [0-9,a-z] ]]
then
echo 'machine-id not correct'
exit 1
fi
if [[ ! -d /boot/efi/${ID} ]]
then
mkdir /boot/efi/${ID}
fi
# find current boot number
BOOT=$(find /ostree/ -maxdepth 1 -type l | grep boot)
BOOT_NUM_ORG=${BOOT##*.}
# find latest deployment and corresponding ostree boot
# currently we take only the latest deployment
DEPLOY_LIST=''
DEPLOY_BASE_DIR='/ostree/deploy/fedora/deploy'
DEPLOY_LIST_FILES=$(ls -t ${DEPLOY_BASE_DIR}/*.origin)
for d_elt_tmp in ${DEPLOY_LIST_FILES}
do
d_elt_tmp2=${d_elt_tmp%.origin}
d_elt=${d_elt_tmp2##*/}
DEPLOY_LIST="${DEPLOY_LIST} $d_elt"
done
deploy_counter=0;
for dp in ${DEPLOY_LIST}
do
deploy_counter=$((deploy_counter+1))
if [[ $deploy_counter -gt ${MAX_DEPLOY} ]]
then
break
fi
KERNEL_DP=$(ls ${DEPLOY_BASE_DIR}/${dp}/usr/lib/ostree-boot/vmlinuz*)
INITRD_DP=$(ls ${DEPLOY_BASE_DIR}/${dp}/usr/lib/ostree-boot/initramfs*)
done
KERNEL_DP_BASE=$(basename ${KERNEL_DP})
OSTREE_CURRENT=${KERNEL_DP_BASE##*-}
FEDORA_KERNEL_DIR=/boot/ostree/fedora-${OSTREE_CURRENT}
k_tmp=${KERNEL_DP_BASE##*vmlinuz-}
VER_LIST=${k_tmp%-${OSTREE_CURRENT}}
VER=${VER_LIST}
# swap boot number after new deployment
if [[ -d $FEDORA_KERNEL_DIR ]]
then
BOOT_NUM=${BOOT_NUM_ORG}
else
if [[ ${BOOT_NUM_ORG} -eq 0 ]]
then
BOOT_NUM=1
elif [[ ${BOOT_NUM_ORG} -eq 1 ]]
then
BOOT_NUM=0
else
BOOT_NUM=${BOOT_NUM_ORG}
echo "WARNING: ${BOOT_NUM} is neither 0 or 1. \
This is unexpected and will probably go wrong."
fi
fi
OSTREE_BOOT_DIR=/ostree/boot.${BOOT_NUM}/fedora/${OSTREE_CURRENT}/0
cd /boot/efi/${ID}
if [[ $? -ne 0 ]]
then
echo "cannot enter /boot/efi/${ID}";
exit 1
fi
# check which version we have in the EFI partition
# remove those we don't have in /boot/ostree
EXISTING_VERSIONS=$(ls)
for EXISTING_VERSION in ${EXISTING_VERSIONS}
do
version_found=0
for VER in ${VER_LIST}
do
if [[ "${EXISTING_VERSION}" == "${VER}" ]]
then
version_found=1
fi
done
if [[ $version_found == 0 ]]
then
echo "removing ${EXISTING_VERSION}"
rm -rf ${EXISTING_VERSION}
fi
done
KERNEL_DIRS=fedora-${OSTREE_CURRENT}
for KERNEL_DIR in ${KERNEL_DIRS}
do
OPTIONS="resume=/dev/mapper/fedora-swap \
rd.lvm.lv=fedora/root \
rd.lvm.lv=fedora/swap \
rd.luks.uuid=luks-${LUKS_UUID} \
root=/dev/mapper/fedora-root \
ostree=${OSTREE_BOOT_DIR} \
rhgb quiet"
cd /boot/efi
if [[ $? -ne 0 ]]
then
echo "cannot enter /boot/efi"
exit 1
fi
rm -f loader/entries/${ID}-[1-9]*.conf
ENTRY=loader/entries/${ID}-${VER}.conf
mkdir -p ${ID}/${VER}
KERNEL_TARGET=${ID}/${VER}/linux
INITRD_TARGET=${ID}/${VER}/initrd
if [[ -f ${KERNEL_TARGET} ]]
then
echo "${KERNEL_TARGET} already exists"
else
cp ${KERNEL_DP} ${KERNEL_TARGET}
fi
if [[ -f ${INITRD_TARGET} ]]
then
echo "${INITRD_TARGET} already exists"
else
cp ${INITRD_DP} ${INITRD_TARGET}
fi
cat <<EOF > ${ENTRY}
title ${VER}
version ${VER}
machine-id ${ID}
options ${OPTIONS}
linux /${KERNEL_TARGET}
initrd /${INITRD_TARGET}
EOF
done
Code:System: Host: My-PC Kernel: 5.0.0-32-generic x86_64 bits: 64 compiler: gcc v: 7.4.0 Desktop: Cinnamon 4.4.5
Distro: Linux Mint 19.3 Tricia base: Ubuntu 18.04 bionic
Machine: Type: Desktop Mobo: ASUSTeK model: PRIME H370-PLUS v: Rev 1.xx serial: <filter> UEFI: American Megatrends v: 0904
date: 09/14/2018
CPU: Topology: 6-Core model: Intel Core i5-8600K bits: 64 type: MCP arch: Kaby Lake rev: A L2 cache: 9216 KiB
flags: lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 43200
Speed: 800 MHz min/max: 800/4300 MHz Core speeds (MHz): 1: 800 2: 800 3: 801 4: 800 5: 800 6: 800
Graphics: Device-1: Intel vendor: ASUSTeK driver: i915 v: kernel bus ID: 00:02.0
Display: x11 server: X.Org 1.20.4 driver: modesetting unloaded: fbdev,vesa
resolution: 1920x1080~60Hz, 1920x1080~60Hz
OpenGL: renderer: Mesa DRI Intel UHD Graphics 630 (Coffeelake 3x8 GT2) v: 4.5 Mesa 19.0.8 direct render: Yes
Audio: Device-1: Intel Cannon Lake PCH cAVS vendor: ASUSTeK driver: snd_hda_intel v: kernel bus ID: 00:1f.3
Sound Server: ALSA v: k5.0.0-32-generic
Network: Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: ASUSTeK driver: r8169 v: kernel port: 3000
bus ID: 05:00.0
IF: enp5s0 state: up speed: 100 Mbps duplex: full mac: <filter>
Drives: Local Storage: total: 7.50 TiB used: 1.44 TiB (19.2%)
ID-1: /dev/sda vendor: Samsung model: SSD 860 EVO 250GB size: 232.89 GiB
Partition: ID-1: / size: 226.04 GiB used: 5.62 GiB (2.5%) fs: ext4 dev: /dev/dm-1
ID-2: /boot size: 704.5 MiB used: 84.9 MiB (12.0%) fs: ext4 dev: /dev/sda2
ID-3: swap-1 size: 976.0 MiB used: 0 KiB (0.0%) fs: swap dev: /dev/dm-2
Sensors: System Temperatures: cpu: 35.0 C mobo: N/A
Fan Speeds (RPM): cpu: 0
Info: Processes: 242 Uptime: 40m Memory: 15.51 GiB used: 1.53 GiB (9.9%) Init: systemd runlevel: 5 Compilers: gcc: 7.4.0
Shell: bash v: 4.4.20 inxi: 3.0.32I am using Full Disk Encryption. My system HDD looks something like:
Code:$ blkid
/dev/mapper/sda3_crypt: UUID="p6K7w9-XJqD-HBvG-VceV-Xd4T-yVP4-YuKvu8" TYPE="LVM2_member"
/dev/mapper/mint--vg-root: UUID="1960c343-9e51-4e7b-8ef8-758589ce91ce" TYPE="ext4"
/dev/sda1: UUID="60F9-5B14" TYPE="vfat" PARTLABEL="EFI System Partition" PARTUUID="87261dd5-86b7-4bd2-84d3-b1fd79d513e7"
/dev/sda2: UUID="7e03329b-c82a-4ca8-aedf-b26eca2b275d" TYPE="ext4" PARTUUID="ff1ea1f4-ed70-4244-9e61-0056bb93cef0"
/dev/sda3: UUID="614ff70a-3041-4ddf-b7a7-2a0d7af8ca87" TYPE="crypto_LUKS" PARTUUID="1a9f3fd5-5fae-44fa-91d7-798b128788d2"
/dev/mapper/mint--vg-swap_1: UUID="f46741ba-7454-4354-8d1e-6481cf22f188" TYPE="swap"Now I want to replace grub2 with systemd-boot.
I used: Code:sudo bootctl installNow,
Code:$ efibootmgr
BootCurrent: 0000
Timeout: 1 seconds
BootOrder: 0000,0001
Boot0000* ubuntu
Boot0001* Linux Boot ManagerNow I Think I have to modify /boot/efi/loader/loader.conf
The current content of /boot/efi/loader/loader.conf is
Code:#timeout 3
default aaa642a1efb049fba8d6ca0c8d22ff0a-*What else do I need to put on /boot/efi/loader/loader.conf
I think I have to put something like:
Code:title Linux Mint
linux /vmlinuz-linux
initrd /intel-ucode.img
initrd /initramfs-linux.img
options root=UUID=<uuid-of-root-partition> rd.luks.uuid=<uuid-of-luks-partition>Or may be:
Code:options cryptdevice=UUID=8b6c3F41-cde5-468e-a503-324b081713d8:lvm root=/dev/mapper/MyVol-root quiet rwI got a script for generating this file for Fedora. But, nothing for Mint.
Code:#!/bin/bash
# write-ostree-boot-config.sh
# --- configure this -------------------------------------------------------
MAX_DEPLOY=1 # works only with 1 at the moment
LUKS_UUID='6cf16b77-a720-48ef-b734-47f4ffe4c288'
# -------------------------------------------------------------------------
ARCH=$(uname -m)
ID=$(cat /etc/machine-id)
if [[ ! ${ID:0:1} =~ [0-9,a-z] ]]
then
echo 'machine-id not correct'
exit 1
fi
if [[ ! -d /boot/efi/${ID} ]]
then
mkdir /boot/efi/${ID}
fi
# find current boot number
BOOT=$(find /ostree/ -maxdepth 1 -type l | grep boot)
BOOT_NUM_ORG=${BOOT##*.}
# find latest deployment and corresponding ostree boot
# currently we take only the latest deployment
DEPLOY_LIST=''
DEPLOY_BASE_DIR='/ostree/deploy/fedora/deploy'
DEPLOY_LIST_FILES=$(ls -t ${DEPLOY_BASE_DIR}/*.origin)
for d_elt_tmp in ${DEPLOY_LIST_FILES}
do
d_elt_tmp2=${d_elt_tmp%.origin}
d_elt=${d_elt_tmp2##*/}
DEPLOY_LIST="${DEPLOY_LIST} $d_elt"
done
deploy_counter=0;
for dp in ${DEPLOY_LIST}
do
deploy_counter=$((deploy_counter+1))
if [[ $deploy_counter -gt ${MAX_DEPLOY} ]]
then
break
fi
KERNEL_DP=$(ls ${DEPLOY_BASE_DIR}/${dp}/usr/lib/ostree-boot/vmlinuz*)
INITRD_DP=$(ls ${DEPLOY_BASE_DIR}/${dp}/usr/lib/ostree-boot/initramfs*)
done
KERNEL_DP_BASE=$(basename ${KERNEL_DP})
OSTREE_CURRENT=${KERNEL_DP_BASE##*-}
FEDORA_KERNEL_DIR=/boot/ostree/fedora-${OSTREE_CURRENT}
k_tmp=${KERNEL_DP_BASE##*vmlinuz-}
VER_LIST=${k_tmp%-${OSTREE_CURRENT}}
VER=${VER_LIST}
# swap boot number after new deployment
if [[ -d $FEDORA_KERNEL_DIR ]]
then
BOOT_NUM=${BOOT_NUM_ORG}
else
if [[ ${BOOT_NUM_ORG} -eq 0 ]]
then
BOOT_NUM=1
elif [[ ${BOOT_NUM_ORG} -eq 1 ]]
then
BOOT_NUM=0
else
BOOT_NUM=${BOOT_NUM_ORG}
echo "WARNING: ${BOOT_NUM} is neither 0 or 1. \
This is unexpected and will probably go wrong."
fi
fi
OSTREE_BOOT_DIR=/ostree/boot.${BOOT_NUM}/fedora/${OSTREE_CURRENT}/0
cd /boot/efi/${ID}
if [[ $? -ne 0 ]]
then
echo "cannot enter /boot/efi/${ID}";
exit 1
fi
# check which version we have in the EFI partition
# remove those we don't have in /boot/ostree
EXISTING_VERSIONS=$(ls)
for EXISTING_VERSION in ${EXISTING_VERSIONS}
do
version_found=0
for VER in ${VER_LIST}
do
if [[ "${EXISTING_VERSION}" == "${VER}" ]]
then
version_found=1
fi
done
if [[ $version_found == 0 ]]
then
echo "removing ${EXISTING_VERSION}"
rm -rf ${EXISTING_VERSION}
fi
done
KERNEL_DIRS=fedora-${OSTREE_CURRENT}
for KERNEL_DIR in ${KERNEL_DIRS}
do
OPTIONS="resume=/dev/mapper/fedora-swap \
rd.lvm.lv=fedora/root \
rd.lvm.lv=fedora/swap \
rd.luks.uuid=luks-${LUKS_UUID} \
root=/dev/mapper/fedora-root \
ostree=${OSTREE_BOOT_DIR} \
rhgb quiet"
cd /boot/efi
if [[ $? -ne 0 ]]
then
echo "cannot enter /boot/efi"
exit 1
fi
rm -f loader/entries/${ID}-[1-9]*.conf
ENTRY=loader/entries/${ID}-${VER}.conf
mkdir -p ${ID}/${VER}
KERNEL_TARGET=${ID}/${VER}/linux
INITRD_TARGET=${ID}/${VER}/initrd
if [[ -f ${KERNEL_TARGET} ]]
then
echo "${KERNEL_TARGET} already exists"
else
cp ${KERNEL_DP} ${KERNEL_TARGET}
fi
if [[ -f ${INITRD_TARGET} ]]
then
echo "${INITRD_TARGET} already exists"
else
cp ${INITRD_DP} ${INITRD_TARGET}
fi
cat <<EOF > ${ENTRY}
title ${VER}
version ${VER}
machine-id ${ID}
options ${OPTIONS}
linux /${KERNEL_TARGET}
initrd /${INITRD_TARGET}
EOF
done