kernel update fails claiming /boot not mounted

I am by no means an expert but reading this and recalling other folks writing about a messed up /boot/grub/menu.lst (I saw this myself once on a kernel update). I would guess you need to take a look there first, so if you could post a copy of menu.lst it might help. cat /boot/grub/menu.lst
Also post your /etc/fstab and the results of fdisk -l

Init 1 does not have networking capability so I do not think you can run a update from there.

results of fdisk is difficult because the machine now is screwed, does not boot anymore as it should (only maintainance mode, but I can try if that helps).

the whole thing follows the Suse howto on encrypted root partitions (for 10.3) but is substantially the same. The procedure is the "summary procedure".
This is part of the modified howto I created up to now and that substantially as told would work. The fact is that menu.lst just does not work from the scratch...seems it now cannot load the kernel modules. In boot it tells: unknown file system type 'ext2', which would correspond because sdb1 IS an ext2.
ca /boot/grub/menu.lst says that boot is inaccessible and cannot be mounted.
mount -l /boot complains: modprobe: FATAL: Could not load /lib/modules/2.6.27.7-9 and at boo it tells me by the way that /var is not accessible. All this after! the kernel update gone wrong.
Grub menu list prior to this was as follows in the last point of this extract. (note that I don't give the credits here but that the whole thing is a try and error going on from encrypted boot partition howto:

MODIFIED:

# ------------------------------------------------------------------------------
# Install OpenSUSE 11.1 from DVD
# ------------------------------------------------------------------------------
- Create Partition Setup
  + Custom Partitioning (for experts)
    - Delete all existent partitions
    - Create primary partition (sdb1), ext3, 200 MB, mount point '/boot'
    - Create primary partition (sda1), swap, 4 GB, mount point '/swap'
    - Create primary partition (sda2), ext3, 20 GB, mount point '/home'
    - Create primary partition (sda3), ext3, <remaining>, mount point '/'
- add package 'emacs' and 'ddrescue'
# ------------------------------------------------------------------------------
# update the whole system via yast but do NOT update the kernel!!
# ------------------------------------------------------------------------------
Otherwise the installation failes not finding fstab and /dev/mapper/swap, /dev/mapper/root etc.
With the update it does go fine up to mkinitrd step below.

# ------------------------------------------------------------------------------
# load required kernel modules
# ------------------------------------------------------------------------------
First, one needs to load some kernel modules which may not have been loaded by default. (Later these will loaded by initrd.) 
modprobe dm-mod
modprobe dm-crypt
modprobe aes_generic
modprobe sha256_generic
modprobe sha1_generic
# ------------------------------------------------------------------------------
# backup boot files, i.e. initial ramdisk, etc.
# ------------------------------------------------------------------------------
mkdir /BACKUP
cp -ax /boot/* /BACKUP
mv /BACKUP /boot
# ------------------------------------------------------------------------------
# create an encrypted swap partition
# ------------------------------------------------------------------------------
swapoff /dev/sda1
dd_rescue /dev/urandom /dev/sda1
cryptsetup -v --key-size 256 luksFormat /dev/sda1
cryptsetup -v luksDump /dev/sda1
cryptsetup -v luksOpen /dev/sda1 swap
mkswap /dev/mapper/swap
swapon /dev/mapper/swap
# ------------------------------------------------------------------------------
# create an encrypted file system for the new root partition
# ------------------------------------------------------------------------------
umount /dev/sda2
dd_rescue /dev/urandom /dev/sda2
cryptsetup -v --key-size 256 luksFormat /dev/sda2
cryptsetup luksDump /dev/sda2
cryptsetup luksOpen /dev/sda2 root
/sbin/mkfs.ext3 -O dir_index,resize_inode /dev/mapper/root
mkdir /mnt/root
mount /dev/mapper/root /mnt/root
-------------------------------------------------------
# copy files from old to new root partition
# ------------------------------------------------------------------------------
cd /
find bin boot dev etc home lib* opt root sbin srv tmp usr var -depth -print0 | cpio -pmd --null /mnt/root
mkdir /mnt/root/proc
mkdir /mnt/root/sys
mkdir /mnt/root/media
mkdir /mnt/root/mnt
# ------------------------------------------------------------------------------
# update /etc/fstab
# ------------------------------------------------------------------------------
cp /etc/fstab /etc/fstab.ORIG 
emacs /etc/fstab 
---
/dev/mapper/swap     swap                 swap       defaults              0 0
/dev/mapper/root     /                    ext3       acl,user_xattr        1 1
/dev/sdab1            /boot                ext3       acl,user_xattr        1 2
/dev/sda3            /home                ext3       acl,user_xattr        1 2
proc                 /proc                proc       defaults              0 0
sysfs                /sys                 sysfs      noauto                0 0
debugfs              /sys/kernel/debug    debugfs    noauto                0 0
usbfs                /proc/bus/usb        usbfs      noauto                0 0
devpts               /dev/pts             devpts     mode=0620,gid=5       0 0
---
cp /etc/fstab /mnt/root/etc/



# ------------------------------------------------------------------------------
# update scripts for creating a new initial ram disk 
# ------------------------------------------------------------------------------
# back up original files
cp /lib/mkinitrd/scripts/boot-luks.sh     boot-luks.sh.ORIG
cp /lib/mkinitrd/scripts/setup-luks.sh    setup-luks.sh.ORIG
cp /lib/mkinitrd/scripts/setup-storage.sh setup-storage.sh.ORIG
cp /sbin/mkinitrd                         mkinitrd.ORIG
# update mkinitrd scripts (phase 1 --- w/o encrypted 'home' partition)
tar -xvzf mkinitrd-ut.tar.gz
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_boot-luks.sh            /mnt/root/lib/mkinitrd/scripts/boot-luks.sh
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_setup-luks.sh           /mnt/root/lib/mkinitrd/scripts/setup-luks.sh
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_setup-storage-phase1.sh /mnt/root/lib/mkinitrd/scripts/setup-storage.sh
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut                                 /mnt/root/sbin/mkinitrd
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_boot-luks.sh            /lib/mkinitrd/scripts/boot-luks.sh
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_setup-luks.sh           /lib/mkinitrd/scripts/setup-luks.sh
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_setup-storage-phase1.sh /lib/mkinitrd/scripts/setup-storage.sh
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut                                 /sbin/mkinitrd
# ------------------------------------------------------------------------------
# edit script boot-luks.sh with emacs 
# ------------------------------------------------------------------------------
uncomment the following lines in  /mnt/root/lib/mkinitrd/scripts/boot-luks.sh and /lib/mkinitrd/scripts/boot-luks.sh:

luks=”root swap”
luks_root=”/dev/sda3” and change it into luks_root=”/dev/sda2”
luks_swap=”/dev/sda2” and change it into luks_swap=”/dev/sda1”
Otherwise the external usb-key is not recognized.

# ------------------------------------------------------------------------------
# create a new initial ram disk
# ------------------------------------------------------------------------------
mkinitrd -v -d /dev/mapper/root -f "dm luks"
# ------------------------------------------------------------------------------
# edit '/boot/grub/menu.lst'
# ------------------------------------------------------------------------------
emacs /boot/grub/menu.lst
# add new entry to '/boot/grub/menu.lst':
###Encrypted root###
title openSUSE 11.1 - encrypted
   root (hd1,0)
   kernel /vmlinuz-2.6.27.7-9-pae root=/dev/mapper/root luks_root=/dev/sda2 luks_swap=/dev/sda1 luks=root,swap vga=0x317 resume=/dev/mapper/swap splash=silent showopts
   initrd /initrd-2.6.27.7-9-pae
# ------------------------------------------------------------------------------
# reboot
# ------------------------------------------------------------------------------
# check that everything is working ... 
# free --> swap space
# suspend-to-disk
# …
FIXME:
when trying to do suspend to disk – error message that kernel modules not available searches for 2.6.27.23-0.1-pae although kernel was not updated.
Updating kernel via yast – error: says that /boot is not mounted
trying to mount /dev/sdb1 with mount /dev/sdb1 /boot
complains that ext2 is an unknown file system
Up to the error with suspend and then with the kernel update it worked fine. Now the system is gone.

Ok. Until one of the heavyweights like hcvv show up We will try some ideas out. Starting with the BIOS what does it list for Boot preference and is the USB drive recognized during POST?

Using a live disk like Parted Magic to boot do you have the Partitions recognized? If using Parted Magic can you mount the root partition and than read the menu.lst and fstab?

And you know what they say about the blind leading the blind...

Mmm I'm completely confused to where you actually are..

We have
"Through try and error I did find out that it actually works if you update the system completely. " <=either it works or it doesn't I'm going for it doesn't. Also this bit

Otherwise the installation fails <= note why it fails mkinitrd uses fstab from my brief googling are you doing this in order fstab shouldn't even have /dev/mapper/swap in it.
(After each mkinitrd reboot make sure it works)

Next you have ext3 in fstab yet you tell us => which would correspond because sdb1 IS an ext2.

You need to step through this in baby steps.

Your main problems seem to be getting mkinitrd to work for you
Could not load /lib/modules <= this would imply that it isn't being unencrypted or mounted which would imply you're missing some modules in your initrd.

You kind of confirmed this when you tried mounting boot, so it couldn't find either the cryptology modules or the fs modules. Look into understanding mkinitrd a bit more I suspect it will help a lot more.

I can't give any specific help as one I'm not trying it two I'm far from understanding exactly the boot process with initrd. (My limited understanding is it will attempt to load modules from filesystems in use and declared elsewhere in /etc/something.. when using mkinitrd to make it)

Hm, being called upon a problem by the Chief himself ....

I am back from my holidays, but apparently still not in good shape. I did read the whole story, but it seems to be out of my knowledge range. The booting process of Linux is quite different from the several Unix ones I know (they differ between each other, all being very hardware dependent).

I am following this in the hope to learn from it. Sorry Chief.

Glad to see you back Henk. Hope your Vacation went great. Since your nice right up how drives were detected/labeled, I lacking any other thoughts, wondered if Stakanov's issue concerned how and when the drives are detected in the boot sequence. His posting concerning

Updating kernel via yast – error: says that /boot is not mounted
trying to mount /dev/sdb1 with mount /dev/sdb1 /boot
complains that ext2 is an unknown file system 

tends to make me think that the kernel update is looking for /boot and not finding it where it expects which
normally would be on the beginning of sda. -And this is just conjecture- needing to write to the MBR where to find the
proper /boot files. Giving the command to mount /dev/sdb1 fails since there is nothing loaded yet.

I also hope to learn a bit though I am well beyond my Linux proficiency area, which is mostly confined to knowing how to spell Lunix correctly.

Have to go with what feathermonkey says. It seems to be the right direction.
By the way welcome back Henk, we've missed you!

Thanks for all the "welcome back". I was a month in Tibet, so a culture shock being back is logical (to me at least).

As Matt refers to a page the OP maybe does not know I first will provide the link.

And back to the OPs problem: it "might" be that sda/sdb are not persistent. I recommend not to use /dev/sda, etc. in /etc/fstab, but to choose one of the /dev/disk/by-... entries udev makes. This will at least give us an error message that uniquely identifies which partition is the culprit. So, stakanov, either give your USB-stick a nice label (when it hasn't one), or use its id or uuid, Doing likewise for the harddisk does not harm, openSUSE does it likewise nowadays.

Hello hcvv and thanks to everybody.

A few things to understand the whole story. As I told, I am trying to set up a system with
/boot (unencrypted with ext2) on a usb-key /dev/sdb1

The rest on the system on the hdd encrypted (with complete luks encryption of /, /home and swap.
The  howto I do follow is the one I indicated( link). On what about the fstab typo - it was a transcription error (copy and paste) since it was taken from the original how-to. This time however I decided to do everything from the scratch and to document every step.

My first problem was, that when updating the fresh install on the notebook with /boot on usb-key, the kernel update won't install giving an error. This morning I retried and did a complete new setup.

I installed as of the howto on
/dev/sdb1  as /boot with ext 2 - 200 mb partition on usb-key
The swap is on what will be the final swap partition /dev/sda1.
The / partition is in what will be the future /home partition (that is on the bigger one /dev/sda3
The /home partition is where will be the future / partition.

***Note:***
The rational of the procedure is that you

a) encrypt with luks the swap and you create in /dev/mapper a an entry (luksOpen) that corrisponds to swap:
  

cryptsetup -v --key-size 256 luksFormat /dev/sda1
cryptsetup -v luksDump /dev/sda1
cryptsetup -v luksOpen /dev/sda1 swap
mkswap /dev/mapper/swap
swapon /dev/mapper/swap

b) You then umount the current /home (future root) and do the same creating in /dev/mapper
what will the the future / partiton:

cryptsetup -v --key-size 256 luksFormat /dev/sda2
cryptsetup luksDump /dev/sda2
cryptsetup luksOpen /dev/sda2 root
/sbin/mkfs.ext3 -O dir_index,resize_inode /dev/mapper/root
mkdir /mnt/root
mount /dev/mapper/root /mnt/root

At this step you have an encrypted swap and the encrypted partition with the future root.
You have now to copy all the files of the root file system to what you mounted as /mnt/root.
There are various possibilities, the one in the summary howto works well:
cd /
find bin boot dev etc home lib* opt root sbin srv tmp usr var -depth -print0 | cpio -pmd --null /mnt/root
mkdir /mnt/root/proc
mkdir /mnt/root/sys
mkdir /mnt/root/media
mkdir /mnt/root/mnt

Now you have to edit fstab.
***End of note***

Let us stop here and look at what I got. This morning I tried a new install and
tried especially to update the whole system. Prior to updating however I did the following command this time:

linux-cwhn:~ # mount /dev/sdb1 /boot
mount: /dev/sdb1 already mounted or /boot busy
mount: according to mtab, /dev/sdb1 is already mounted on /boot
linux-cwhn:~ #
Well, is it.....but although this in theory then made no difference, NOW the update (my first problem so far)
DID go well and I was able to update the entire system to the latest kernel (since I solved one major problem.
The update is very important because for reasons of probably some bug corrected, with the original
install when it come to mkinitrd later on, it will not see the partitons and the script would fail. With the kernel update it does.

Now my first question is maybe minor, but as we want to understand all steps and where errors arrise:
this is the current fstab:

/dev/disk/by-id/ata-WDC_WD3200BJKT-00F4T0_WD-WXE908A22475-part1     swap swap defaults 1 2

/dev/disk/by-id/ata-WDC_WD3200BJKT-00F4T0_WD-WXE908A22475-part3     / ext3 acl,user_xattr 1 1

/dev/disk/by-id/usb-Flash_Drive_SM_USB20_AA04012700009703-0:0-part1     /boot ext2 acl,user_xattr 1 2

/dev/disk/by-id/ata-WDC_WD3200BJKT-00F4T0_WD-WXE908A22475-part2     /home ext3 acl,user_xattr 1 2

proc               /proc proc defaults  0 0

sysfs               /sys sysfs noauto   0 0

debug              /sys/kernel/debug debugfs noauto 0 0

usbfs               /proc/bus/usb usbfs noauto 0 0

devpts              /dev/pts devpts mode=0620,gid=5 0 0
The first difference to the last time I installed is /boot.. Exactly the two numbers at the end, 1.2, Last time (when it failed) it was 00.
They are, as far as I know, the Dump and fsck options. What I don't understand is how they relate to the mount process.
I found about the Dump option in this HOW-TO:
The 5th column in /etc/fstab is the dump option. Dump
checks it and uses the number to decide if a filesystem should be
backed up. If it's zero, dump will ignore that filesystem. If you take
a look at the example fstab, you'll notice that the 5th column is zero in most cases

Following the original encryption how-to, I am closer to what would be expected.
But I do not understand how much importance these settings have.

The second is the fsck option. And I would like to understand what importance this option has
and especially what 2 means. I found only 0 and 1 as options.

So you could already help me if somebody knows the impact and meaning of these settings.
Then I will continue according to the proceedure.
Thanks.

Ps. Let's hope I have a good Karma.

OP is Original Poster (with the Original Problem )

The 0 0 or 1 2 is not much of importance in your case. The fsck option is for fsck actions at boot (when needed). These can be done in parallel, but should not always done so. In that case this priority number is used. According to man fstab (Howtos are nice, but do not forget to read man pages!):
The sixth field, (fs_passno), is used by the fsck(8) program to determine the order in which filesystem checks are done at reboot time. The root filesystem should be specified with a fs_passno of 1, and other filesystems should have a fs_passno of 2. Filesystems within a drive will be checked sequentially, but filesystems on different drives will be checked at the same time to utilize parallelism available in the hardware. If the sixth field is not present or zero, a value of zero is returned and fsck will assume that the filesystem does not need to be checked.

"Howtos are nice, but do not forget to read man pages"

***blush***

OK, I will hold this in mind. Sometimes the problem is, to know "what" to read first. It is like at University with some exams: they are circular, so you need a physiological time period to get hold and orientation. But this is very good, so I will be able to proceed further. I will go on in the encryption how-to and will report again the first error presenting.
In the meanwhile I will try to find out about mkinitrd and menu.lst and the boot scripts. This is maybe the most confusing. Do I just "google" to find out about a place where I can find concentrated info about the boot scripts? I did read them in "kate" but it appears to me that their understanding supposes a bit more background (at least) and probably programming skills (which is OK, but again having trouble to understand where shoud I read first....). Suggestions and links are ALWAYS welcome.

Thanks a lot.

Curiousity: (if not too indiscreete) why is your nick hcvv and not hevv. With other words, what does the "C" stands for?

I did a little googling as I didn't know too much but these look like a good place to start from..

http://www.ibm.com/developerworks/linux/library/l-initrd.html

http://www.ibm.com/developerworks/linux/library/l-linuxboot/

Make sure you take into consideration the note at the end of this section http://en.opensuse.org/Encrypted_Root_File_System_with_SUSE_HOWTO#Create_a_new_initial_ram_disk_.28initrd.29_to_boot_the_system
Which kind of makes the need for the patched mkinitrd superflous if my understanding is correct.(I think the patched is trying to guess the modules but the note is declaring them)

Which I think is what the assistance from the other forum implied when saying they hadn't touched their mkinitrd., and just did it but I'm doing a lot of guessing. I just don't recompile kernels and have no need to make a new initrd beyond after a kernel install, which is normally automagically done.

My full name is Hendrik Cornelis van Velden (after my grandfather) . My fathers name was Hendrik van Velden. Both are shortened to Henk here. So My mother often refered to HC when she wanted to address me instead of my father. Taking the first letters I shortened it to HCvV or hcvv when need arose to choose a computer userid (back in the seventies).

That is the whole story. I still use hcvv as a uid on systems, forums and the like. But all my  friends (including those here on the Forum) may address me as Henk.

And on topic again. Do you still have a problem?
Like feathermonkey I do not think there is something peculiar in most what you are doing. I was e.g. forced to have a separate /boot on a system and never had any problems. Let us try not to think there are problems in areas when this is not proven. Let us just concentrate on what goes wrong.

Sounds like you guys are getting it worked out.

The one about hcvv, yes. But the real one .............................................

The real one we will see soon. I am on it. Up to makeinitrd there should be no problems. After we will see whether the scripts work and I am able to suspend. The last problem arose with the recognition of the encrypted home (the OS searched for the ID instead of looking for the /dev/mapper/ thing. The author of the scripts told me he had fixed recently a bug in boot-sh script. So I am still hopefull (especially after the success in updating the kernel....)

Ps. the ones in the other forum said they did it but not on a separate usb-key (and also "just ignore the errors......well....). Factually it works if I am using the hdd. But up to now I had problems to update the system with the new kernel when using the usb-key (and if you don't do it, the system does not find your partitions when running mkinitrd). I am very curious and i will update you. Feathermonkey: thanks for the link. Great.
Henk, I am impressed. Nice origin of your nick.

Made it up the encryption of /dev/sda2 and editing root. Now my problem is to understand if the statement of the howto does still hold:

For those using a USB flash disk, plug it in before booting the computer with the installation CD in the disc drive. openSUSE should recognize the USB flash along with the computer's other disks, displaying it in the list of disks from the “Expert partitioner” menu. The USB flash disk should be formatted using a Linux file system (ext2 will suffice) and it should be mounted at “/boot. Furthermore, in the “fstab Options” dialog, click the box “Do Not Mount at System Start-up”. This is necessary because the USB devices are created after the boot.localfs script tries to mount the entries listed in fstab. (You can always remount the USB flash disk later if you need it.)

(extracted of the how-to on disk encryption)http://http://en.opensuse.org/Encryp...ith_SUSE_HOWTO

I posted in the other forum too, just to see if there is an "official statement.

I would say yes as boot.localfs seems to be part of suse's sysv sytem and very early on, this won't be implemented otherwise.

Its back to the boot process, if I understand this correctly what happens is the kernel is found and does the root pivot stuff. But to find the kernel it will need mounting which is related to initrd rather than later on using the init.d bits(boot.localfs).

So by telling it not to mount it will create the correct bits in the initrd, I'm still doing a little bit of presumption I'm afraid as the boot up process/structure is where the distro's do vary wildly. Still presuming I think by doing this when the initrd is made it will realise that it needs the usb modules.

boot.localfs would be in the init stage of the earlier link, to late to do any booting I think.