On 10/10/2020 5:10 PM, Charles Curley wrote:
On Sat, 10 Oct 2020 08:06:16 +0200 john doe <johndoe65534@mail.com> wrote:No, I'm not even getting the grub bootloader.If you aren't even getting to to GRUB, then your problem isn't an encrypted /boot partition, it's something else. Possibly something you did in the process of encrypting /boot. Possibly a limitation in libvirt.
Okay, I have installed Debian Buster encrypted lvm using virt-install, done the commands to encrypt the boot partition. If I boot the VM with qemu directly, it works as I would expected to but as long as I use Libvirt it does not. With apparmor disabled, I as you conclude that the issue is libvirt related. I'm not seeing anything in the log that would indicate where the issue lies.
Is it working for you?No. I have looked at the process but not tried it yet. I will probably experiment with a Bullseye installation.
Installing the VM with encrypted lvm is straight forward making the root partition encrypted and working well. -- John Doe