Install LVM LUKS on UEFI GPT
This guide describes how to install Void Linux on a UEFI system with root over encrypted LVM.
Introduction
To follow this guide, first you need to boot from a Linux live CD/USB of your choice in UEFI mode.
For UEFI boot, the disk needs to be GPT partitioned and an EFI System Partition (ESP) must be present. The size of the ESP must be at least 260M or more, type EF00, and formatted with FAT32.
This partition will serve as your /boot filesystem as well as the partition that the UEFI firmware can read to load the bootloader.
From now on, /dev/sda1 will be the ESP (/boot) and /dev/sda2 will be the encrypted partition with LVM.
Installation
Preparing the disk
The first step is to use gdisk (or cgdisk) to create the GPT partitions:
# gdisk /dev/sda
fdisk or cfdisk (needs util-linux 2.25 or newer)Encrypting the partition
We will encrypt the entire /dev/sda2 partition and then unlock the container to start setting up LVM:
# cryptsetup luksFormat /dev/sda2 # cryptsetup luksOpen /dev/sda2 crypt
The decrypted container will be now available at /dev/mapper/crypt.
You can view the dm-crypt documentation on the Arch Wiki for more settings when using luksFormat.
us. If you enter the passphrase using a different keymap, you likely won't be able to unlock your crypted volume.Creating logical volumes
First, we will create a physical volume on top of the opened LUKS container and a volume group, named void. Then, we will setup the logical volumes on the volume group. The partition scheme is defined as follows:
| swap | 2G (optional) |
| / | 20G |
| /home | the remaining free space |
# pvcreate /dev/mapper/crypt # vgcreate void /dev/mapper/crypt # lvcreate -C y -L 2G -n swap void (optional) # lvcreate -L 20G -n root void # lvcreate -l 100%FREE -n home void
Creating filesystems and mounting the partitions
The ESP must be formatted in FAT32. The root and home partitions are formatted using the ext4 filesystem.
The root partition is mounted on /mnt, while the ESP is on /mnt/boot.
# mkfs.fat -F32 /dev/sda1 # mkfs.ext4 /dev/mapper/void-root # mkfs.ext4 /dev/mapper/void-home # mount /dev/mapper/void-root /mnt # mkdir /mnt/boot # mount /dev/sda1 /mnt/boot
If you have created a swap partition, then you have to format and activate it:
# mkswap /dev/mapper/void-swap # swapon /dev/mapper/void-swap
If doing this from a Void live CD or any Void system
# xbps-install -S --repository=https://alpha.de.repo.voidlinux.org/current -r /mnt base-system lvm2 cryptsetup grub-x86_64-efi
You may also wish to install any other packages here that you want to use during installation, like nano, if you'd rather not use vi to edit files.
From any other Linux
# wget https://alpha.de.repo.voidlinux.org/static/xbps-static-latest.x86_64-musl.tar.xz # tar xf xbps-static-latest.x86_64-musl.tar.xz -C /mnt # /mnt/usr/bin/xbps-install -S --repository=https://alpha.de.repo.voidlinux.org/current -r /mnt base-system lvm2 cryptsetup grub-x86_64-efi
Chroot into Void
Now that the base system is installed, it's time to enter our new Void Linux environment by chrooting into it:
# mkdir /mnt/{dev,proc,sys}
# mount -t proc /proc /mnt/proc
# mount --rbind /dev /mnt/dev
# mount --rbind /sys /mnt/sys
# chroot /mnt /bin/bash
Configure the base system
1. Set the root password:
# passwd root
2. Make sure files have proper ownership and permissions:
# chown root:root / # chmod 755 /
3. Edit the Void system configuration file:
# vi /etc/rc.conf
4. Tell your system where its partitions are:
First, get the UUID of your boot partition with the command
# lsblk -f
Here is an example output of the previous command:
NAME FSTYPE LABEL UUID FSAVAIL FSUSE% MOUNTPOINT
sda
├─sda1 vfat 6EF3-45A2
└─sda2 crypto_LUKS 01a173cc-f5aa-4e27-92cd-367804916283
└─luks-01a173cc-f5aa-4e27-92cd-367804916283
LVM2_member dNp93t-tOSD-EYI3-2Tuc-elLn-XSf3-XcJfl5
├─void-swap swap 8521b8ce-5471-408c-9850-f53e74f4481f
├─void-root ext4 7fb48cd9-2f72-41e4-a841-c66f27c508fc
└─void-home ext4 c7c0ff55-6b8e-4fdd-b05f-ccbae4c54227
The UUID of your boot partition should be 9 characters long in the format XXXX-XXXX with X being random characters. The boot UUID in this example is "6EF3-45A2". If you're still having difficulty discerning which partition is boot, it's probably the UUID for 'sda1'.
Then, edit your /etc/fstab file to look like this:
# # See fstab(5). # # <file system> <dir> <type> <options> <dump> <pass> UUID=XXXX-XXXX /boot vfat defaults 0 2 /dev/mapper/void-root / ext4 defaults 0 1 /dev/mapper/void-home /home ext4 defaults 0 2 /dev/mapper/void-swap none swap defaults 0 1 tmpfs /tmp tmpfs defaults,nosuid,nodev 0 0
Replace XXXX-XXXX with your boot partition's UUID. If you didn't add a swap partition earlier, omit the "/dev/mapper/void-swap" line.
Note that pretty spacing isn't necessary; the example is just formatted that way for easy readability on this page.
5. Update hostname:
# echo myhostname > /etc/hostname
6.Install GRUB:
# grub-mkconfig -o /boot/grub/grub.cfg # grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id="Void Linux [GRUB]" --recheck
hostonly=yes in /etc/dracut.conf.d/hostonly.conf. Also, in /etc/default/grub you must add rd.auto=1 to the line GRUB_CMDLINE_LINUX_DEFAULT="...".Configure glibc locale
Uncomment your preferred locales in /etc/default/libc-locales.
# xbps-reconfigure -f glibc-locales
Then, configure dracut and finally force update of dracut with:
# xbps-reconfigure -f linuxY.xx
Where Y.xx corresponds to your installed kernel version (e.g. linux4.19). You can check which version is installed with the command
# xbps-query -s "linux-"
Exit chroot, unmount the partitions and reboot
# exit # umount -R /mnt # reboot
If this fails to boot, see this note about UEFI.
Note that we used /boot and not /boot/efi, so you need to drop the ../efi/.. and then run:
# mkdir /boot/EFI/BOOT # cp -p /boot/EFI/GRUB/grubx64.efi /boot/EFI/BOOT/bootx64.efi
Enjoy, and welcome to the Void!
You may now wish to view the Post Installation page.