Use this script via curl -L -O https://gist.github.com/dragon788/e777ba64d373210e4f6306ad40ee0e80/raw/a86f3d05fb56feb6ef01fc2d61a4feb2fd82b281/crypt-fix.sh and sudo bash ./crypt-fix.sh.
You may need to edit the DEVICE variable to reflect your disk and partition layout (this was created on an EFI system using LUKS and LVM).
It will prompt you for your disk password once to mount and discover the correct name for the encrypted volume mount and
then prompt again to mount with the correct name so that the update-initramfs command succeeds with the appropriate mapping,
if this wasn't done you would get a warning and your next boot would still fail.
Last active
June 16, 2024 21:51
-
-
Save dragon788/e777ba64d373210e4f6306ad40ee0e80 to your computer and use it in GitHub Desktop.
Repair "ubuntu--vg-root" not found with LUKS and LVM encryption
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Call with `sudo bash DEBUG=1 ./crypt-fix.sh` for verbose output | |
| [ -n "$DEBUG"] && set -x | |
| # Prompt user for device from /dev/sd* /dev/nvme* /dev/mmc* prefixes? | |
| # For /dev/sda probably sda1 is EFI and sda2 is boot and sda3 is encrypted | |
| DEVICE=/dev/nvme0n1 | |
| EFIPATH="${DEVICE}p1" | |
| BOOTPATH="${DEVICE}p2" | |
| CRYPTPATH="${DEVICE}p3" | |
| TARGETPATH=/mnt | |
| # Need root for mounting stuff | |
| if ! (( $EUID == 0 )); then echo "Please run with `sudo $0`"; fi | |
| clear_mounts () { | |
| # Clears mounts in case of interrupt or upon exit to allow running script multiple times | |
| umount $TARGETPATH/boot/efi | |
| umount $TARGETPATH/boot | |
| umount $TARGETPATH/proc | |
| umount $TARGETPATH/dev | |
| umount $TARGETPATH | |
| vgchange -an | |
| cryptsetup close temp_name | |
| cryptsetup close $CRYPTNAME | |
| set +x | |
| } | |
| trap clear_mounts INT EXIT | |
| cryptsetup open $CRYPTPATH temp_name | |
| vgchange -ay | |
| # Can't get this until LVM devices are scanned above | |
| ROOTPATH=$(ls /dev/mapper/* | grep root) | |
| # Make sure nothing else is mounted on our $TARGETPATH | |
| umount $TARGETPATH | |
| wait | |
| mount $ROOTPATH $TARGETPATH | |
| # Find the name that is required for `update-initramfs` to properly update things | |
| CRYPTNAME=$(cat $TARGETPATH/etc/crypttab | awk '/^[ ]*[^#]/ { print $1; exit }') | |
| umount $TARGETPATH | |
| vgchange -an | |
| cryptsetup close temp_name | |
| # This proper name is required for `update-initramfs` to properly update things | |
| cryptsetup open $CRYPTPATH $CRYPTNAME | |
| wait | |
| vgchange -ay | |
| ROOTPATH=$(ls /dev/mapper/* | grep root) | |
| mount $ROOTPATH $TARGETPATH | |
| mount $BOOTPATH $TARGETPATH/boot | |
| mount $EFIPATH $TARGETPATH/boot/efi | |
| mount -t proc proc $TARGETPATH/proc | |
| mount -o bind /dev $TARGETPATH/dev | |
| # Have also seen people mounting dev/pts and run and sys, they don't appear to be necessary | |
| chroot $TARGETPATH update-initramfs -c -k all | |
| echo "Completed crypt-fix, try rebooting and you should get prompted for your passphrase after grub" |
Thanks for this, it helped me figure out a solution to my problem. After an update my computer booted right into a broken GRUB console which was missing commands (e.g. ls didn't work).
I was following the Manual Full System Encryption guide when installing Ubuntu. As mentioned in the Troubleshooting chapter, there is a script refreshgrub which fixed my problem. I created a separate script which helps you run refreshgrub without diving into too many details. Maybe it will help others with the same issue - https://gist.github.com/lovromazgon/7d0a5b6ac8f7557059a8b97e8442720b.
I need to come back and revisit this as using the /dev/nvme* path instead of a uuid causes issues if you ever move it between systems where it might end up on a different port/path.
Thanks so much, this saved my laptop in a critical phase after an erroneous fwupd!
However, just running the script did not work for me and gave some errors, e.g., I had ROOTPATH= being empty.
It helped to run these steps manually.
I think one could solve my issues by adding sleep 5 after every call to vgchange, but this is just a wild guess.
Thanks again!
Thanks for the notes zawlazaw. I haven't run into the issues that required running this in a while but it might help someone else if they are seeing the same errors.
I still get "dev/mapper/ubuntu--vg-root does not exist" after successfully running this Script via a live USB Stick. Any additional advice? I edited the device to match my setup: sda , 1 ,2, 3.
Add
mount -o bind /sys $TARGETPATH/sys
My drives are backwards. So I had to modify the script for my main device. This is twice it's happened after an update.
I still get "dev/mapper/ubuntu--vg-root does not exist" after successfully running this Script via a live USB Stick. Any additional advice? I edited the device to match my setup: sda , 1 ,2, 3.
I know its an old problem, but had same issue just now. Script run successfully but it was still not seeing the dev/mapper/ubuntu--vg-root.
It can be that you are missing the packages: lvm2, cryptsetup-initramfs
In my case I was missing cryptsetup-initramfs package. Installing it was tricky because inside chroot I had problems with internet connection, so instead of playing with /etc/resolve.conf to get the internet working i downloaded the package inside live-cd linux, then copied it to a mounted filesystem, and with chroot installed it via dpkg(added these commands temporary to the script). If package was missing the initramfs should update automatically but I recommend running entire script again to update it for all kernel packages.
Also note that wget in current .crypt-fix.md points to outdated revision of the gist, make sure you are using the newest one to avoid issues(I learned that the hard way)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This was super useful - thanks for collecting it all together.
I somehow got myself into this situation by trying out different desktop managers. I ran
sudo tasksel, unselected KDE Desktop and selected Mate Desktop, and then found I was unable to boot due to missing cryptsetup and the errors described above.Once I was up and running again with a bootable Live USB stick, I wanted to revert to Ubuntu Desktop and fix initramfs. I first followed all of the steps in the above script up to update-initramfs to prepare /mnt. To revert the desktop manager on the encrypted drive, I had to:
After doing all of this, I still had to make sure that I had cryptsetup inside initramfs:
Which itself triggered update-initramfs, but warned:
To finally get cryptsetup into the initramfs I had to:
I was then able to reboot into gdm.