On Wednesday, February 11th, 2026 at 2:17 AM, Mate Kukri <[email protected]> wrote:
> Can you provide more information about the system this runs on? `uname -a`: ``` Linux horsey-guy-debian-lenovo 6.19-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.19~rc8-1~exp1 (2026-02-02) x86_64 GNU/Linux ``` Secure boot was enabled the whole time. `lsblk -o NAME,FSTYPE,FSVER,LABEL,MOUNTPOINTS`: ``` NAME FSTYPE FSVER LABEL MOUNTPOINTS sda ├─sda1 exfat 1.0 Ventoy ├─sda2 vfat FAT16 VTOYEFI └─sda3 crypto_LUKS 2 zram0 swap 1 [SWAP] nvme0n1 ├─nvme0n1p1 vfat FAT32 SYSTEM_DRV /boot/efi ├─nvme0n1p2 crypto_LUKS 2 Debian │ └─debian_crypt btrfs debian /var/log │ /var/lib/libvirt │ /opt │ /home │ /boot │ / └─nvme0n1p3 crypto_LUKS 2 └─cryptswap swap 1 cryptswap [SWAP] ``` `/etc/default/grub` (UUID was replaced with angle brackets and their descriptions): ``` # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` #GRUB_CMDLINE_LINUX_DEFAULT="intel_iommu=on iommu=pt efi=runtime i915.enable_guc=2 xe.force_probe='a7a1' i915.force_probe='!a7a1' xe.max_vfs=7 i915.max_vfs=7" GRUB_CMDLINE_LINUX_DEFAULT="" GRUB_CMDLINE_LINUX="cryptdevice=UUID=<LUKS2 encrypted partition's UUID>:debian_crypt root=UUID=</dev/mapper/debian_crypt's UUID> rd.luks.name=</dev/mapper/debian_crypt's UUID>=debian_crypt rd.luks.options=</dev/mapper/debian_crypt's UUID>=tpm2-device=auto,password-echo=no,tries=1 rootflags=rw,subvol=@rootfs intel_iommu=on iommu=pt efi=runtime i915.enable_guc=2 zswap.enabled=0" # If your computer has multiple operating systems installed, then you # probably want to run os-prober. However, if your computer is a host # for guest OSes installed via LVM or raw disk devices, running # os-prober can cause damage to those guest OSes as it mounts # filesystems to look for things. #GRUB_DISABLE_OS_PROBER=false # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' GRUB_GFXMODE=1920x1080,auto # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" # Specify theme directory GRUB_THEME="/boot/grub/themes/vimix/theme.txt" # Enable cryptodisk in case it is needed GRUB_ENABLE_CRYPTODISK=y GRUB_PRELOAD_MODULES="part_gpt btrfs cryptodisk luks2" ``` > Additionally what image was this installation derived from? And how > did you install the GRUB2 binary? What image do you mean? The Linux kernel is version 6.19. The command to install GRUB2 was `grub-install --uefi-secure-boot --boot-directory=/boot --efi-directory=/boot/efi --directory=/usr/lib/grub/x86_64-efi --themes=vimix --modules="luks2 gcry_sha512 gcry_sha256 pbkdf2 cryptodisk argon2" --target=x86_64-efi --bootloader-id=debian /dev/nvme0n1p1 --recheck`
publickey - [email protected] - 0xEC8A06ED.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
