Additional info: On Wed, May 22, 2024 at 08:49:56AM +0200, Marc SCHAEFER wrote: > Having /boot on a LVM non enabled dm-integrity logical volume does not > work either, as soon as there is ANY LVM dm-integrity enabled logical > volume anywhere (even not linked to booting), grub2 complains (at boot > time or at update-grub) about the rimage LV.
I found this [1], quoting: "I'd also like to share an issue I've discovered: if /boot's partition is a LV, then there must not be a raidintegrity LV anywhere before that LV inside the same VG. Otherwise, update-grub will show an error (disk `lvmid/.../...' not found) and GRUB cannot boot. So it's best if you put /boot into its own VG. (PS: Errors like unknown node '..._rimage_0 can be ignored.)" So, the work-around seems to be to simple have /boot not on a LVM VG where any LV has dm-integrity enabled. I will try this work-around and report back here. As I said, I can live with /boot on RAID without dm-integrity, as long as the rest can be dm-integrity+raid protected. [1] https://unix.stackexchange.com/questions/717763/lvm2-integrity-feature-breaks-lv-activation
