This gist enumerates a process which worked for me to repair an installation of EndeavourOS with full-disk encryption when it is unable to boot. It is also available as a blog post on my website.
Specifically, this set of steps fixed the boot process on a HP-Envy laptop running EndeavourOS with an ext4 file system. The issue normally occurs after an interrupted update using pacman -Syu
, which then causes the system to be unable to boot after the next restart (showing only "boot to firmware interface" in the boot menu).
You will need a live/bootable USB key with EndeavourOS installed on it. The EndeavourOS website lists a number of ways to do this 1.
Then, boot the computer from this live USB stick. This normally involves a process similar to:
- Turning off the computer
- Plugging in the USB stick
- Turning on computer, then repeatedly pressing the ESC key, until a boot menu shows up
- Navigate to select the boot device in the boot menu, then select the option to boot from the live USB
This should drop you into a working EndeavourOS operating system, from which you can run the steps to fix the broken one on the computer. All the next steps are commands to run in a terminal, which can be opened with ctrl+alt+t
.
Additionally, you should connect to a WiFi network on the live boot, as this make copy-pasting commands from the internet easier 😅, and allows downloading/completing updates to the computer.
First, identify your boot and encrypted partitions2:
lsblk -f
This will list the available devices, from which you need to identify your boot and encrypted partitions. For my particular laptop:
- Encrypted partition =
nvme0n1p2
- Boot partition =
nvme0n1p1
Next, use cryptsetup
to decrypt the LUKS encrypted drive3:
sudo cryptsetup open /dev/mapper/nvme0n1p2 luks_root
Then, mount the newly decrypted partition and then the boot drive into the /boot/
folder within it4:
sudo mount /dev/mapper/luks_root /mnt
sudo mount /dev/nvme0n1p1 /mnt/boot
Before this step, it is helpful to have connected to the WiFi on the live boot, as you would on any Linux computer5
Next, use arch-chroot
to root into the newly mounted broken system6:
arch-chroot /mnt
You can check whether WiFi is working inside arch-chroot
using the ping
command:
ping google.com
If the WiFi doesn't work inside arch-chroot
on the broken device, first check if it is working on the live boot. If it isn't, fix it there, then exit and rerun arch-chroot
.
If it still isn't working, the next most likely cause it DNS settings haven't been copied over. To fix this, exit the arch-chroot
to unlock the resolv.conf
file, add DNS settings, then rerun arch-chroot
7.
exit
echo "nameserver 8.8.8.8" >> /mnt/etc/resolv.conf
arch-chroot /mnt
The common issues I have found across two failures are as follows:
pacman
was interrupted during running, so the lock file is still present8pacman
needs to finish the interrupted upgrade- linux headers need to be re-installed
grub
needs to be re-built9
These can be resolved as follows (inside arch-chroot
on the broken device):
sudo rm /var/lib/pacman/db.lck
sudo pacman -Syu
sudo pacman -Syu linux-lts linux-lts-headers
grub install --target=x86_54-efi --efi-directory=/boot/efi --bootloader-id=GRUB
grub-mkconfig -o /boot/grub/grub.cfg
It is possible something else is wrong, but this time is when you should largely be running commands to fix it!
Then, disconnect from the arch-chroot
as follows:
exit
Before restarting, it is good practice to unmount both the boot and decrypted partitions, then close the decrypted partition10.
sudo umount /mnt/boot/
sudo umount /mnt
sudo cryptsetup close luks_root
Finally, restart the computer, and hope that it boots correctly!
reboot
Footnotes
-
https://discovery.endeavouros.com/installation/create-install-media-usb-key/2021/03/ ↩
-
https://linux.fernandocejas.com/docs/guides/mount-luks-partition-for-system-recovery#mount-luks-partitions-for-system-recovery ↩
-
https://linux.fernandocejas.com/docs/guides/mount-luks-partition-for-system-recovery#1---open-the-encrypted-disk ↩
-
https://linux.fernandocejas.com/docs/guides/mount-luks-partition-for-system-recovery#2---mount-all-the-partitions ↩
-
It doesn't break anything if you don't connect to WiFi. However, if you later need WiFi access on the broken boot device you'll need to exit out, connect to WiFi, and
arch-chroot
back in if you haven't. ↩ -
https://linux.fernandocejas.com/docs/guides/mount-luks-partition-for-system-recovery#3---root-into-the-new-system ↩
-
https://forum.endeavouros.com/t/update-problem-var-lib-pacman-db-lck/5239/2 ↩
-
https://linux.fernandocejas.com/docs/guides/mount-luks-partition-for-system-recovery#4---unmount-and-exit ↩