It's impossible to chainload TrueCrypt boot loader or rescue image as it is with GRUB Legacy. When trying to do so "an invalid signature" pop up. I don't remember what the message error was for chainloading a rescue iso image (of TrueCrypt boot loader). I used to boot M$ W7 chainloadingg directly a rescue iso image from a removable media or from `/boot' even if I still have TrueCrypt boot loader on my main primary boot hard drive for a very long while. I simply planned to wipe out the boot loader someday because I use a GnuPG crypted key file to boot my Gentoo box, so there's always a removable media for booting. Anyway, to make a long story short, it seems booting M$ OS with or without TrueCrypt boot loader is more than problematic with GRUB2 with that "invalid signature". There's a bug report at https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/484102 for the same issue. That bug deal mainly for booting another disk/partition with TrueCrypt boot loader which is impossible with the current GRUB2. The solution or rather workaround is to set up `/boot' with GRUB2 and set up the main boot loader with TrueCrypt exploiting the "hidden OS" mechanism which will make TrueCrypt try to boot the following/newt partition after ESC[-aping] in the boot menu. I did not want that because I may wipe out the main boot disk boot loader, moreover, I wanted to benefit the fancy GRUB2 menu! So the workaround was to use GRUB4DOS which can chainload TrueCrypt boot loader or rescue iso image very close to what GRUB Legacy does. I wanted to threw away an issue which I was having with GRUB Legacy which explains why I tried GRUB4DOS route. The workaround is to put grub.exe along with grldr, grldr should be in root `/' of the booting device/partition, be it a removable media or `/boot', and add something like: menuentry "GUB4DOS" { linux /grub4dos-0.4.4/grub.exe --config-file=/menu.lst } as a GRUB2 menu entry and what follow in a menu.lst file, and everything is set up to chainload TrueCrypt boot loader: title W7 find --set-root /path/to/<TueCrypt rescue image>.raw[|iso] map --mem /path/to/<TueCrypt rescue image>.raw[|iso] (hd32) map (hd0) (hd1) map (hd1) (hd0) map --hook root (hd32) chainloader (hd32)
Well here you are slightly on your own. I don't really feel like starting to use truecrypt, so I can't test, or have any idea how to solve this.
Well, I opened a bug thinking that it could help others and added scarabeus to the CC list so he could give hints in his GRUB2 howto. That's being said, the "invalid singnature" error is pretty common for unencrypted W7 but I cannot be certain on that side because I use an encrypted "rootfs" for W7 and I don't have any unencrypted one. Finaly, as I boot rarely M$ W7, I couldn't possible boot every time with TrueCrypt and then chainload GRUB2! to boot my box. However, it'd be nice if upstream know some critical issues as this one, even if booting unencrypted M$ W7 should virtually be easy with GRUB2. All I ask is only be able to chainload iso image a la GRUB Legacy (with the new way to load kernel/initrd in iso, the GRUB Legacy way was problematic for that, if there weren't a rescue shell, booting failed after a failure to check physical cd/dvd).
To be a little, I'm going to add what I have with a few scenarios with GRUB2 when trying to chainload TrueCrypt boot loader or rescu image iso: menuentry "W7" { insmod chain loop /path/to/TC/rescue/image.iso chainloader (loop) } Result: "error: invalid file name `'." menuentry "W7" { insmod chain loop /path/to/TC/rescue/image.iso chainloader (loop)+1 } Result: "error: invalid signature." menuentry "W7" { insmod chain set root=(hd1,msdos1) chainloader ($root)+1 } Result: "error: invalid signature." menuentry "W7" { insmod chain set root=(hd1,msdos1) chainloader ($root) } Result: "error: invalid file name `'."
And here come the last scenario. Actually, I've tried it before when trying to solve this issue however I did not try anything but C-M-DEL to restart the machine. Well trying this: menuentry "W7" { insmod chain drivemap -s hd1 hd0 set root=(hd0,msdos1) chainloader ($root)+1 } give a "boot error" as I'm trying to boot from a removable media, as the primary boot device, pushing any button will boot from the second disk. And omitting the `+1' will give the same error as above. Is there anything else to try? This is no solution for those who use a single disk to boot!
I used truecrypt's contact form to make a feature request on the matter. I requested they provide a way to generate bootable images (like memtest86) that grub can load as an alternative to having the bootloader in the mbr. No idea if it'll get anywhere, but at least I've tried :).
@Roc: I wish your message was more precise about the image in question because... an image could mean an iso/img/raw image AND that image--TC rescue CD or the raw image of it--was working working with GRUB LEGACY, see above, which doesn't work with GRUB2 anymore. Similarly, one could ask GRUB2 devs to implement the ability to load raw/iso/img image ala GRUB LEGACY way.
(In reply to comment #6) > @Roc: I wish your message was more precise about the image in question > because... an image could mean an iso/img/raw image AND that image--TC rescue > CD or the raw image of it--was working working with GRUB LEGACY, see above, > which doesn't work with GRUB2 anymore. Similarly, one could ask GRUB2 devs to > implement the ability to load raw/iso/img image ala GRUB LEGACY way. I did use memtest86 as an example.
There's a semblance of a solution now, coming from a third party: https://github.com/attila-lendvai/grub2tc
Closing this as UPSTREAM since I doubt there is anything we can do to resolve it in Gentoo.
