Here’s an explanation of your partition table, with particular attention to the /boot
configuration:
Overview of the Disk (/dev/sda
)
Your disk has three main partitions:
/dev/sda1
(EFI System Partition):- Size: 200 MB
- Type: EFI System Partition (FAT32)
- Mount Point:
/boot/efi
- Purpose: Holds the bootloader files required by UEFI firmware. Systemd-boot resides here and loads the kernel and initramfs.
/dev/sda2
(/boot
Partition):- Size: 1 GB
- Type: Linux extended boot
- Mount Point:
/boot
- Purpose: Stores Linux kernel images (
vmlinuz-linux
), initramfs files, and related boot data. This separation ensures the kernel and initramfs are accessible, even in cases where the root partition is encrypted.
/dev/sda3
(Encrypted Root Partition):- Size: 232.6 GB
- Type: Linux filesystem
- Purpose: The rest of the disk is encrypted with LUKS (
/dev/mapper/luks-*
) and is mounted as both/home
and/
. This is your main storage for the operating system and user data.
zram0
(Compressed Swap in RAM):- Size: 8 GB
- Type: SWAP
- Purpose: Acts as swap space, implemented using zram (compressed swap in RAM).
Focus on the /boot
Configuration
Why Separate /boot
and /boot/efi
?
/boot/efi
:- This is a small FAT32 partition required by UEFI.
- It stores the bootloader (e.g.,
systemd-boot
), its configuration files, and the EFI boot entries (/EFI/BOOT/BOOTX64.EFI
).
/boot
:- This partition is unencrypted to ensure that the UEFI firmware can access the kernel (
vmlinuz-linux
) and the initramfs during boot. - It contains Linux kernel images, initramfs files, and any additional boot-related data.
- This partition is unencrypted to ensure that the UEFI firmware can access the kernel (
Why Is This Setup Common?
- When using full disk encryption with LUKS:
- UEFI cannot directly read encrypted partitions.
- By creating an unencrypted
/boot
partition, the bootloader can access the kernel and initramfs required to unlock the encrypted root partition.
How the Boot Process Works in Your Setup:
- UEFI Firmware:
- Reads the bootloader (
systemd-boot
) from the EFI partition (/dev/sda1
).
- Reads the bootloader (
- Systemd-Boot:
- Loads the kernel and initramfs from the
/boot
partition (/dev/sda2
).
- Loads the kernel and initramfs from the
- Kernel:
- Uses the initramfs to decrypt
/dev/sda3
and mount it as the root filesystem (/
).
- Uses the initramfs to decrypt
Partition Size Considerations
- EFI Partition (
/dev/sda1
):- 200 MB is sufficient for systemd-boot and bootloaders.
- Boot Partition (
/dev/sda2
):- 1 GB is adequate for multiple kernels and initramfs files. A typical setup may use only a few hundred MB.
- Root Partition (
/dev/sda3
):- This partition has most of your storage, encrypted for security.