I've noticed two times already: during a big system update,
encrypt could disappear from HOOKS of
/etc/mkinitcpio.conf
despite that
resume - another manually inserted hook - doesn't disappear, so it's not like
mkinitcpio.conf simply resets.
If initramfs is regenerated without
encrypt hook, a Full Disk Encrypted Artix
(currently writing a wiki (https://wiki.artixlinux.org/Main/InstallationWithFullDiskEncryption)) - will refuse to boot:
instead of
A password is required to access the lvm-system volume:
Enter passphrase for /dev/sda2:
a user gets
ERROR: device '/dev/mapper/lvmSystem-volRoot' not found. Skipping fsck.
and drops to emergency console.
To fix it, I have to boot with a LiveUSB, mount the encrypted volumes with
sudo su
cryptsetup benchmark # To force loading the Linux kernel modules related to Serpent and other strong encryptions from your LiveCD/LiveUSB
cryptsetup luksOpen /dev/sdX2 lvm-system
mount /dev/lvmSystem/volRoot /mnt
mount /dev/sdX1 /mnt/boot
artools-chroot /mnt /bin/bash
, then
nano /etc/mkinitcpio.conf
to insert
encrypt manually
HOOKS="base udev autodetect modconf block encrypt keyboard keymap lvm2 resume filesystems fsck"
, and regenerate the initramfs with
mkinitcpio -p linux
Do you know why
encrypt sometimes disappears from
/etc/mkinitcpio.conf while
resume doesn't?
Something definitely isn't right here. /etc/mkinitcpio.conf is only owned by the mkinitcpio package. That file is, of course, in the backup array in the PKGBUILD (https://gitea.artixlinux.org/packagesM/mkinitcpio/src/branch/master/trunk/PKGBUILD) which means it never gets overwritten by pacman. If the package later changes the /etc/mkinitcpio.conf file, it should be installed as mkinitcpio.conf.pacnew or something similar.
Problem is reproduceable: repeated again when I re-tested this instruction from scratch - https://wiki.artixlinux.org/Main/InstallationWithFullDiskEncryption
(it's ready for use btw). After a full system upgrade from 20200506 ISO install,
encrypt disappeared from HOOKS of
mkinitcpio.conf while a
resume - another manually added hook - stayed there. And there is no mkinitcpio.conf.pacnew. Seeing that there are two spaces in place of encrypt:
HOOKS="base udev autodetect modconf block encrypt keyboard keymap lvm2 resume filesystems fsck"
changed to
HOOKS="base udev autodetect modconf block keyboard keymap lvm2 resume filesystems fsck"
- this disappearance seems to be an unfortunate case of
sed/
grep inside of some upgrade script.
I grep'd the packages I have cloned (technically not all of them, but it should be the majority of them) and there was nothing unusual pertaining to mkinitcpio. Not sure if anyone has any clues on what could be secretly modifying mkinitcpio.
I am constantly hitting by this also, at least 3x now. Exact same symptoms. Did you manage to find a workaround?
I have played a bit in an attempt to narrow down the problem, but downgrading / upgrading linux (kernel) or mkinitcpio does not reproduce it, the "encrypt" hook does not disappear. So probably not those packages are the cause. But what then?
People, is there a /etc/local.d/mkinitcpio.start in your systems?
[EDIT]: Let me rephrase that: "have you set up encryption manually?"