Linux Multiboot with BTRFS, LUKS and EFI (Part 1)
This article describes how to install multiple Linux distributions on a single BTRFS partition with LUKS encryption and UEFI boot.
It took me a lot of time to get this setup working. I’m noting it here for future reference, and for the benefit of anyone trying to create a similar setup.
I’m breaking this into 3 parts so that I can cover everything.
Part 1 (this article) is the overview. It describes basic concepts and what the final result looks like.
Part 2 contains the steps for creating this setup.
Part 3 contains some trips and tricks for managing the system, like creating/restoring snapshots, etc.
This is what the partition layout looks like.
- Disk is formatted with GPT partition table
- Single 100 MB ESP partition for EFI boot
- 400 MB boot partitions formatted as EXT4 for each distribution.
- One big LUKS+BTRFS partition to occupy remaining disk space.
- No swap partition since the laptop has 8 GB RAM
rEFInd Boot Manager
We will install the rEFInd boot manager (pronounced as “refined”). rEFInd detects multiple operating systems automatically at boot time, and is easier to configure than GRUB.
- rEFInd searches for Linux kernels and bootable .efi files on all partitions. It displays boot entries for each kernel and efi file that it finds.
- It is capable of booting the kernel file directly without the need of GRUB or .efi files
- It only works with EFI systems and cannot be used with BIOS or EFI’s BIOS compatibility mode
- It displays custom icons for different operating systems. You can hide boot options by selecting the icon and hitting Delete key.
We will install all distributions on a single partition formatted with BTRFS filesystem. This is more space-efficient than creating separate partitions, since free space is shared among distributions. It’s also easier to add and delete distributions, since it can be done without changing the partition layout.
The Linux distributions are installed on separate BTRFS subvolumes.
Subvolumes in BTRFS are like a mini-filesystem inside a filesystem. Each distribution will use one subvolume as its root filesystem. This allows us to create snapshots for each distribution, by creating a snapshot of the subvolume.
Snapshots in BTRFS are a very powerful feature. The entire state of the system (every byte) can be saved and restored with a single command in a few seconds.
Creating a snapshot takes up very little space. Common data blocks are shared between subvolumes. As the original files get modified with time, data gets written to new data blocks, but files in snapshot continue to point to the original data blocks.
Creating a snapshot is extremely fast and takes a few seconds. Only filesystem metadata is duplicated instead of duplicating files.
System partition is encrypted with LUKS which ensures that your data remains safe if your laptop is lost or stolen. The LUKS passphrase needs to be entered at boot time to decrypt data on the partition. Without the passphrase, the content of your hard-disk is just random data, that will be of no use to anyone if your laptop is stolen.
Laptops and desktops these days are shipped with UEFI firmware instead of BIOS. UEFI concepts can be confusing at first but it’s easy to set up once you understand the basics. I will be using UEFI booting, but will disable secure-boot, since I have no use for it and it complicates the setup unnecessarily.
Guid Partition Table (GPT)
UEFI requires the partition table to be in GPT format instead of MBR, in order to boot in UEFI mode. You can create a GPT partition table using GParted or any other disk partitioning tool.
- GPT supports creation of more than 128 partitions, instead of the 4 primary partitions supported by MBR.
- GPT provides a unique UUID (called PARTUUID) and a label (called PARTLABEL) for each partition. These are stored in partition table and are different from the normal UUID and LABEL that are stored in the filesystem.
- PARTUUID is always unique. PARTLABEL is empty and needs to be set manually. These are stored in partition table and do not change when partition is re-formatted.
- UUID and LABEL are stored in the file-system and change when the partition is re-formatted.
You can refer to devices with their PARTUUID and PARTLABEL to ensure that device references remain valid, even if the partition is re-formatted.
In Linux, the device files are referenced as:
/dev/disk/by-partlabel/<partlabel>. You can use these almost everywhere (in /etc/fstab, crypttab, etc) instead of using device names and UUIDs.
EFI System Partion (ESP)
UEFI requires every bootable disk to have a special partition called the EFI System Partion (ESP). This is nothing but a FAT16 partition with a special flag. Unlike BIOS systems where GRUB gets installed in the MBR; for UEFI systems, GRUB is installed in the ESP partition.
ESP partition is mandatory for booting in EFI mode. You can create one using gparted or any other partitioning tool. Create a 100 MB partition, format it as FAT16, and set the boot and esp flags.
If you find this artcle useful and wish to say thanks, you can buy me a coffee by making a donation with Paypal.