Note

The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.

Difference between revisions of "Talk:Rootfs over encrypted lvm"

From Funtoo
Jump to navigation Jump to search
m (add debian known working configs.)
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
from debian 10 vm known working config:
{{console|body=
mkultra@debian:~$ cat /etc/crypttab
###i## echo 'KERNEL=="sdc*", SYMLINK+="funtoo%n"' > /etc/udev/rules.d/01-funtoo.rules
sda3_crypt UUID=6c0c8520-4caf-4189-be01-9e94b020959f none luks,discard
###i## rc-service udev restart
mkultra@debian:~$ sudo lsblk
}}
NAME                    MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
sda                      8:0    0  30G  0 disk 
├─sda1                    8:1    0  512M  0 part  /boot/efi
├─sda2                    8:2    0  244M  0 part  /boot
└─sda3                    8:3    0 29.3G  0 part 
  └─sda3_crypt          254:0    0 29.2G  0 crypt
    ├─debian--vg-root  254:1    0 25.2G  0 lvm  /
    └─debian--vg-swap_1 254:2    0    4G  0 lvm  [SWAP]
 
mkultra@debian:~$ sudo blkid
[sudo] password for mkultra:
/dev/sda1: UUID="CFA9-ECD1" BLOCK_SIZE="512" TYPE="vfat" PARTUUID="e0187031-4396-43e5-9fe0-a5dbf640792a"
/dev/sda2: UUID="c8055dcc-11b8-400a-99ec-f6bdf9deb065" BLOCK_SIZE="1024" TYPE="ext2" PARTUUID="587f27f6-0ef7-4074-bc84-9444c4ff8515"
/dev/sda3: UUID="6c0c8520-4caf-4189-be01-9e94b020959f" TYPE="crypto_LUKS" PARTUUID="4778e186-a613-4216-82a9-954b329e9446"
/dev/mapper/sda3_crypt: UUID="FAYY8S-Ozqi-YDbD-cSIG-PG7B-XNzv-ukCbeA" TYPE="LVM2_member"
/dev/mapper/debian--vg-root: UUID="437c29f6-d5a6-40cd-b845-8f8ad59cd917" BLOCK_SIZE="4096" TYPE="ext4"
/dev/mapper/debian--vg-swap_1: UUID="ec44168e-e517-4284-bb9c-d8dff4c2a38a" TYPE="swap"
 
cat /boot/grub/grub.cfg
menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-437c29f6-d5a6-40cd-b845-8f8ad59cd917' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2  c8055dcc-11b8-400a-99ec-f6bdf9deb065
else
  search --no-floppy --fs-uuid --set=root c8055dcc-11b8-400a-99ec-f6bdf9deb065
fi
echo 'Loading Linux 5.9.0-3-amd64 ...'
linux /vmlinuz-5.9.0-3-amd64 root=/dev/mapper/debian--vg-root ro  quiet
echo 'Loading initial ramdisk ...'
initrd /initrd.img-5.9.0-3-amd64
}
 
 
 
 
 
from centos virtual machine known working config:
 
lsblk says:
sda1 type:part /boot/efi
sda2 type:part /boot
sda3 type:part
  luks-28c13 type:crypt
      cl-root type:lvm /
      cl-swap type:lvm [swap]
 
grub.cfg
strange set=root pointing to uuid of efi partition and set boot as uuid of boot partition....
&
set default_kernelopts="root=/dev/mapper/cl-root ro crashkernel=auto resume=/dev/mapper/cl-swap rd.lvm.lv=cl/root rd.luks.uuid=luks-28c13191-etc-f4 rd.lvm.lv=cl/swap rhgb "
 
/etc/crypttab
luks-28c13191-etc-f4 UUID=28c13191-etc-f4 none discard
 
/etc/fstab says
/dev/mapper/cl-root / xfs
uuid=omitted /boot
uuid=omitted /boot/efi
/dev/mapper/cl-swap swap swap
 
blkid says
/dev/mapper/cl-root: type="xfs"
/dev/mapper/luks-28c13191 TYPE="LVM2_member"
/dev/sda3 TYPE="crypto_LUKS"
/dev/sda1 type vfat
/dev/sda2
/dev/mapper/cl-swap: TYPE="swap"

Latest revision as of 01:10, December 4, 2020

root # echo 'KERNEL=="sdc*", SYMLINK+="funtoo%n"' > /etc/udev/rules.d/01-funtoo.rules
root # rc-service udev restart