Reinstall Grub Through Chroot an LUKS Partition in Fedora

As I mentioned before, I'm currently triple-boot my laptop with three different operating systems consists of Windows 7, Fedora 22, and Ubuntu 15.04. One of the issue faced when dealing with dual-booting Fedora and Ubuntu is that each distro will update and overwrite the existing Grub boot loader if there are new kernel upgrade. One major problem is that Ubuntu Grub update does not recognizes LUKS partition and always corrupted the Grub boot loader.

To temporary resolve this, we have to boot the machine using the Fedora Live CD, mount the encrypted partition, chroot to it, update Grub from Fedora itself, umount the partition, and lastly reboot the machine. Details as follows.

First, once you've boot the Fedora Live CD, check the device name of your LUKS partition.
$ lsblk | grep -B 2 luks
├─sda5                                          8:5    0     1G  0 part  /boot
├─sda6                                          8:6    0   204G  0 part  
│ └─luks-e927b9ed-a83a-453f-8ef7-4983a3d68589 253:0    0   204G  0 crypt /

As we have obtained the device name, which is /dev/sda6, we shall proceed to decrypt the partition. Before that, let's verify that the partition is a LUKS partition again. If the Bash return exist code of zero, then we can safely confirm that /dev/sda6 is indeeed a LUKS partition.
$ sudo cryptsetup isLuks /dev/sda6 && echo $?
0

We can also verify it by checking the LUKS header of that parition.
$ sudo cryptsetup luksDump /dev/sda6 | head -n 8
LUKS header information for /dev/sda6

Version:        1
Cipher name:    aes
Cipher mode:    xts-plain64
Hash spec:      sha1
Payload offset: 4096
MK bits:        512

Next, we're going to decrypt the LUKS partition and type in your password.
$ sudo cryptsetup luksOpen /dev/sda6 fedora-root

After we've decrypted the partition, we'll need to mount all necessary partitions before we can chroot it.
$ sudo udisks --mount /dev/mapper/fedora-root
$ sudo mount -t proc proc /mnt/proc
$ sudo mount -t sysfs sys /mnt/sys
$ sudo mount -o bind /dev /mnt/dev

Note that we're using udisks to automount our fedora-root in the /media folder. Equivalent steps are:
$ sudo mkdir /media/fedora-root
$ sudo mount /dev/mapper/fedora-root /media/fedora-root

Since my /boot partition is located in another partition, we'll need to mount this as well so we can update the Grub boot loader.
$ sudo mkdir /media/fedora-boot
$ sudo mount /dev/sda5 /media/fedora-boot

Next, chroot to the root partition and update our Grub.
$ chroot /media/fedora-boot
$ grub2-install /dev/sda
$ grub2-mkconfig -o /boot/grub/grub.cfg

Lastly, exit from chroot, unmount our LUKS partition, and reboot our machine. The correct Grub boot loader with correct boot parameters will be installed and loaded properly.
$ exit
$ sudo umount /media/fedora-root
$ sudo cryptsetup luksClose fedora-root
$ sudo reboot

No comments:

Post a Comment