The keyfile is for automatically unlocking LUKS encryption at startup without manually entering password when you enable it in /etc/crypttab.
If you do not want automatic decryption, you can remove this keyfile or not.
You should keep the keyfile for your second disk but ensure it isnāt being loaded into your initramfs.
Hm, how do I make sure that the keyfile wonāt end up in the initramfs.
Currently, as far as I can see, the keyfile is mentioned in the /etc/crypttab only.
Not as difficult as I expected. I would add, as a final step; Go into your motherboard boot settings and make sure āLinux Boot Managerā is selected as first option.
4 Likes
I decided to give it a try, Iām using the kernel-install method.
Followed all the steps, created a script file as per instructions /usr/bin/convert.sh, chmod +x to it, ./convert.sh and rebooted, its working perfectly.
Iām sorry if these questions were asked before, but what should I do when a kernel update happens?
Should I run convert.sh or kernel-install? Or everything will be set automatically?
Also, in case I need to arch-chroot to recover my system, should I change something? That is not clear to me.
My kernel cmd line is:
$ cat /efi/loader/entries/b6cebfd9c59b41a79dd137badc328377-5.19.4-arch1-1.conf
title EndeavourOS
version 5.19.4-arch1-1
machine-id b6cebfd9c59b41a79dd137badc328377
options root=UUID=b1a08508-812b-448c-9e8b-ae7903e02f76 rw rootflags=subvol=@ loglevel=3 nowatchdog nvme_load=YES amd_pstate.shared_mem=1
linux /b6cebfd9c59b41a79dd137badc328377/5.19.4-arch1-1/linux
initrd /b6cebfd9c59b41a79dd137badc328377/5.19.4-arch1-1/amd-ucode.img
initrd /b6cebfd9c59b41a79dd137badc328377/5.19.4-arch1-1/initrd
As long as you installed kernel-install-mkinitcpio, nothing special. It should run kernel-install automatically using hooks.
As long as you have /etc/kernel/cmdline populated, you shouldnāt have to do anything special when you chroot. If it isnāt populated now, it should be automatically the first time a kernel is installed updated with kernel-install-mkinitcpio. If you want to force it, you could always reinstall your current kernel.
2 Likes
Really thanks Dalto, really easy tutorial, I really appreciate 
If you donāt mind, one last question
Iām using BTRFS and since I donāt have grub and grub-btrfs anymore, to recover from a failed boot state, I would need to boot into the live USB and run the btrfs-assistant from there, right?
I tried that but its not working, is it safe to reinstall btrfs-assistant while in arch-chroot state?
[liveuser@eos-2022.08.05 ~]$ sudo mount -o subvol=@ /dev/sda2 /mnt
[liveuser@eos-2022.08.05 ~]$ sudo mount -o subvol=@log /dev/sda2 /mnt/var/log
[liveuser@eos-2022.08.05 ~]$ sudo mount -o subvol=@cache /dev/sda2 /mnt/var/cache
[liveuser@eos-2022.08.05 ~]$ sudo mount /dev/sda1 /mnt/efi
[liveuser@eos-2022.08.05 ~]$
[liveuser@eos-2022.08.05 ~]$
[liveuser@eos-2022.08.05 ~]$ sudo arch-chroot /mnt
[root@EndeavourOS /]#
[root@EndeavourOS /]# sudo btrfs-assistant -l
Authorization required, but no authorization protocol specified
qt.qpa.xcb: could not connect to display :0.0
qt.qpa.plugin: Could not load the Qt platform plugin "xcb" in "" even though it was found.
This application failed to start because no Qt platform plugin could be initialized. Reinstalling the application may fix this problem.
Available platform plugins are: eglfs, linuxfb, minimal, minimalegl, offscreen, vnc, xcb.
/usr/bin/btrfs-assistant: line 42: 8 Aborted (core dumped) btrfs-assistant-bin ${params}
Donāt run btrfs-assistant from within a chroot.
You can just install it while booted on the iso and run it.
The only thing you need to do is mount your btrfs partition. One of the subvols or the root of the partition itself.
1 Like
It worked, steps I took to restore a snapshot through live usb using btrfs-assistant and systemd-boot.
- Boot to live USB
- Update mirrors through Welcome app
# pacman -Syy
# pacman -S snapper
$ yay -S btrfs-assistant
# mount /dev/sda2 /mnt -o subvolid=5
# cp /mnt/@/etc/snapper/configs /etc/snapper/configs
# cp /mnt/@/etc/conf.d/snapper /etc/conf.d/snapper
Then, open btrfs-assistant and restore the snapshotā¦
1 Like
First of all, many thanks to @dalto for this tutorial. 
I believe in KISS, the simpler the better.
As far as I understand, systemd-boot will not allow me to boot to earlier snapshots (I am on BTRFS, Snapperā¦ etc), but can I say:
1- No matter what I will be able to boot.
2- Even if systemd-boot breaks it is much easier to fix.
3- Even if things break I still can boot and restore an earlier snapshot:
a- through command line
b- through a live session, install BTRFS Assitant, restore the earlier snapshot.
I hope I got it right this time!
Any feedback welcome.
Thank you.
1 Like
Does this mean we do not go with the first post and just do:
yay -Syu eos-systemd-boot
I just want to be sure and not to mess things up!
If Linux Kernel crashes or does not support your hardware, but you can not restore Linux Kernel when using systemd-boot, because Linux Kernel is in /efi using FAT32, not BTRFS. You need to install or fix Linux Kernel via arch-chroot in Live USB manually.
GRUB can help you to restore Linux Kernel because Kernel is in /boot using BTRFS, not FAT32, but you can not restore GRUB in /boot/efi using default FAT32.
That should be yay -S kernel-install-mkinitcpio instead eos-systemd-boot
@Zesko for the rescue again as usual.
So, I just
yay -S kernel-install-mkinitcpio
and reboot?
Thatās all?
Sorry, this is a bit techie for me.
I installed LTS, and still have the default kernel as well.
I believe LTS kernel is safe enough, even though, there is another kernel to boot to! Right?!
Hey, you mean I can not live boot ā BTRFS Assitant ā Restore Snapshot?!
The problem now with Grubā¦ I lost trust! Just my simple point of view!
How many times has Grub crashed 2 years ago until now, I heard maybe only once.
Did you know many people have problems with Linux Kernels when using rolling releases?
No, you should read Daltoās instructions
Just copy exact the commands and follow ākernel-installā instead āmanualā
To me it is just a matter of principle!
systemd-boot is less prone to breaking and even if it breaks it is easier to fix (my humble knowledge till now), while Grub broke once in 30 years and was difficult to fix! So, better KISS, as a matter of principle! (sorry I might sound strange butā¦ this is how I amā¦ and maybe many of my age +60)
I know a rolling release is ātheoreticallyā problematic and less stable. But actually it is working fine!
I go for a rolling release because it is an install it and forget itā¦ (sort of), just update. I know there might be problemsā¦ but it is OK with meā¦
I believe an LTS and the standard/default kernelā¦ I am OK, or at least in a little bit better situation!
Still I hope you advise meā¦ is it just
yay -S kernel-install-mkinitcpio
and reboot?
P.S. Just thinking out loud with youā¦ Is it possible to make systemd-boot consider snapshots as āotherā operating systems and automatically point to them so you can boot to a snapshot?!
So one bad update/commit is bad principle?
2 Likes
OKā¦ I will go for it!
Oh noā¦ not exactlyā¦ the most important principle for me is the simplicity. Which is simpler and easier to fix! As long as there is software there are bugs!
So, breaking even a few times does not make any software ābadā.
Just simplicity, and wellā¦ it is serious and critical to have the boot loader breakā¦ better avoid itā¦ to something less prone to break and easier to fix though systemd-boot can break simply because it is a software!. This is the principle.
OK, just for the record I am following @Zesko advice to follow @dalto 's instructions (first post in this thread - important to read) using
Now, updating and rebooting! (Done)
du -sh /boot
127M /boot
I have a lot of space!
Next we need to remove grub:
sudo pacman -Rc grub
sudo mkdir /efi
efidevice=$(findmnt /boot/efi -no SOURCE) # save the efi partition location
sudo umount /boot/efi
sudo mount ${efidevice} /efi
To make the mount change permanent, edit /etc/fstab and change where it reads /boot/efi to /efi
<dump> <pass>
UUID=FDBB-97B1 /efi vfat defaults,noatime 0 2
[limo@lenovo ~]$ sudo bootctl install
Created "/efi/EFI/systemd".
Created "/efi/loader".
Created "/efi/loader/entries".
Created "/efi/EFI/Linux".
Copied "/usr/lib/systemd/boot/efi/systemd-bootx64.efi" to "/efi/EFI/systemd/systemd-bootx64.efi".
Copied "/usr/lib/systemd/boot/efi/systemd-bootx64.efi" to "/efi/EFI/BOOT/BOOTX64.EFI".
Random seed file /efi/loader/random-seed successfully written (32 bytes).
Successfully initialized system token in EFI variable with 32 bytes.
Created EFI boot entry "Linux Boot Manager".
# Edit the file `/efi/loader/loader.conf` and uncomment the "timeout" line.
timeout 3
#console-mode keep
Technically speaking, you have now successfully installed systemd-boot. Congrats!
> kernel-install:
yay -S kernel-install-mkinitcpio
> You can either save the below as a script (I wonder what should I name this script? Where to save it?)
Here is the text of the script which I called dalto.sh
#!/usr/bin/env bash
# Find the configured esp
esp=$(bootctl -p)
# Prepare the efi partition for kernel-install
machineid=$(cat /etc/machine-id)
if [[ ${machineid} ]]; then
mkdir ${esp}/${machineid}
else
echo "Failed to get the machine ID"
fi
# Run kernel install for all the installed kernels
while read -r kernel; do
kernelversion=$(basename "${kernel%/vmlinuz}")
echo "Installing kernel ${kernelversion}"
kernel-install add ${kernelversion} ${kernel}
done < <(find /usr/lib/modules -maxdepth 2 -type f -name vmlinuz)
Well I thought it can be just executed so I did:
[limo@lenovo MyScripts]$ sudo bash dalto.sh
and got lots of stuff With a few warnings about drivers and fontsā¦ I get occasionally, and it ended up with:
=> WARNING: Possibly missing firmware for module: wd719x
==> WARNING: Possibly missing firmware for module: xhci_pci
-> Running build hook: [keyboard]
-> Running build hook: [keymap]
-> Running build hook: [consolefont]
==> WARNING: consolefont: no font found in configuration
-> Running build hook: [filesystems]
/dev/stdin: line 22: grub-btrfs-overlayfs: command not found
==> Generating module dependencies
==> Creating zstd-compressed initcpio image: /efi/2ba377af56ef4fb0898b46fcc244bcb9/5.19.4-arch1-1/initrd-fallback
==> Image generation successful
Which I believe is OK as ā==> Image generation successfulā
Then
sudo rm -r /boot/efi /boot/grub /boot/initramfs* /boot/vmlinuz*
As @dalto said there
Now you can reboot into your new system. As you install/remove kernels, the whole process should be automated.
Rebootingā¦ hopefully I will be back soonā¦ alive!
i am backā¦ still alive and kicking! 
the greatest of the great distros, and the greatest fo the great community.
Billions of thanks and appreciation to @dalto and @Zesko
2 Likes