我在 lvm 下有一个未加密的 /boot 分区和一个加密的根目录,是在 kubuntu 安装期间创建的:
root# cat /etc/crypttab
nvme0n1p5_crypt UUID=562c3c2c-9ef4-4417-aff8-1912e3828175 none luks,discard
root# cat /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
/dev/mapper/kubuntu--vg-root / ext4 errors=remount-ro 0 1
# /boot was on /dev/nvme0n1p1 during installation
UUID=b42862d0-7e2e-4cd0-b55a-e1c9942a5031 /boot ext4 defaults 0 2
/dev/mapper/kubuntu--vg-swap_1 none swap sw,user 0 0
root# blkid | grep UUID
/dev/mapper/nvme0n1p5_crypt: UUID="mYTUiQ-iFPJ-BkoP-DhuI-9zCc-YDg1-fdWxd4" TYPE="LVM2_member"
/dev/mapper/kubuntu--vg-root: UUID="f79a3b71-4107-4702-93a2-ae15ee68aca5" TYPE="ext4"
/dev/nvme0n1p1: UUID="b42862d0-7e2e-4cd0-b55a-e1c9942a5031" TYPE="ext4" PARTUUID="8478cfa7-01"
/dev/nvme0n1p5: UUID="562c3c2c-9ef4-4417-aff8-1912e3828175" TYPE="crypto_LUKS" PARTUUID="8478cfa7-05"
/dev/mapper/kubuntu--vg-swap_1: UUID="d3ad648d-e0a5-4b34-94cf-95912dcd7116" TYPE="swap"
我最近将内核更新到 5.7,在 grub 加载 initramfs 后,它不会要求输入密码,而是停止抱怨:
Volume group "kubuntu-vg" not found.
如果我在 grub 中选择较旧的内核,它会要求输入密码,然后正常启动。
上面的配置有问题吗?这很奇怪,因为我没有触及这些文件中的任何内容。
答案1
该问题与这漏洞。我已经解决了
apt install cryptsetup cryptsetup-bin cryptsetup-initramfs cryptsetup-run dmeventd
和
update-initramfs -c -k 5.7.6-050706-generic