Web lists-archives.com

Re: Won't boot if /, home, swap are encrypted

On Mon 22 Oct 2018 at 02:06:05 (+0000), D&P Dimov wrote:
> Dear Mathew,
> Thank you for looking into this further.
> I did not have to change anything in the BIOS - it was fine all along. Here are some differences from what you have and some of my issues:
> 1. I did not have a 1MB free space. I didn't know that I had to leave that free space. The Debian installation instructions regarding partitioning (https://www.debian.org/releases/stretch/amd64/ch06s03.html.en#di-partition) show a table at the end of " Guided Partitioning" (which was achieved with Manual Partitioning, as per the table caption below it) that has free space, but there is no indication that it is required. The next section on that same webpage covers manual partitioning and doesn't indicate that free space requirement either. At the end, I installed and booted successfully into Debian without this free space.

That's a diagram showing some fairly old disks. From the second
column, you can see that they're both MBR partitioned. The first
partition likely starts at sector 63 and they'll show no free space
in the installer.

> 2. The table from the debian instructions (referenced above) does not show a bootable EFI, only a bootable /boot. Though the text does specify "If you have booted in EFI mode then within the guided partitioningsetup there will be an additional partition, formatted as a FAT32bootable filesystem, for the EFI boot loader." I think that the instructions can be improved by showing an EFI partition like in the screenshot you sent. I think I also kept forcing the /boot to have a "Boot Flag: On". It seems counter intuitive, but apparently the /boot partition must not have a bootable flag - also something that maybe should be clarified in the instructions.

I don't know how an ESP is displayed on an MBR disk. I would assume
from the text that partition 2 on disk 2 is meant to represent one
as it has a FAT filesystem and is of a suitable size.

Without knowing more about the motherboard running the computer (yours
and the one in the manual), it's hard to be specific about exactly
what will successfully boot. The system shown could be booting in BIOS
mode, in which case MBR disk 1 has a bootable partition which some
BIOSes allegedly require. OTOH it could be booting in EFI mode in
which case the firmware might find the required ESP on disk 2.
But whi knows.

> 3. You keep referring to the EFI partition as being mounted on "/boot/efi", which I could do by manually typing this mount point, but this was not acceptable to the installer - it came back telling me that I don't have an EFI. So instead, the EFI needs to be selected from the menu, where it is listed under swap as "EFI System Partition". 

AIUI the ESP is normally mounted on /boot/efi when the installed
system is running, as that's where grub-install expects to find it.
But during installation, it's just a separate partition that you
either create yourself or let the installer create for you.
I thought the installer handles the ESP itself at the step
"Install the GRUB boot loader on a hard disk".

> Next time I install Debian on another machine (should be soon), I think I'll do graphic install so I can take screenshots along the way and make a set of instructions for less experienced users like me. Encrypting the /, home, and swap was also not straight forward to me from the instructions - two videos by Rex Kneisley is what helped me figure out how to do it. (Though the encryption part was not the cause of not being able to boot into the newly installed system.) So I'll be sure to include screenshots of these steps as well. Any ideas as to where may be a good place to post such instructions and screenshots? Do you think anyone would be interested in including them with the official installation guide?

Well, it certainly looks as if they could do with an update.