Changes

Jump to: navigation, search

Talk:Rootfs over encrypted lvm

2,945 bytes removed, 2 months ago
purge debian enc && cent enc helpful notes. she works now =D
probably need to setup /etc/conf.d/dmcrypt
 
from debian 10 vm known working config:
mkultra@debian:~$ cat /etc/crypttab
sda3_crypt UUID=6c0c8520-4caf-4189-be01-9e94b020959f none luks,discard
mkultra@debian:~$ sudo lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 30G 0 disk
├─sda1 8:1 0 512M 0 part /boot/efi
├─sda2 8:2 0 244M 0 part /boot
└─sda3 8:3 0 29.3G 0 part
└─sda3_crypt 254:0 0 29.2G 0 crypt
├─debian--vg-root 254:1 0 25.2G 0 lvm /
└─debian--vg-swap_1 254:2 0 4G 0 lvm [SWAP]
 
mkultra@debian:~$ sudo blkid
[sudo] password for mkultra:
/dev/sda1: UUID="CFA9-ECD1" BLOCK_SIZE="512" TYPE="vfat" PARTUUID="e0187031-4396-43e5-9fe0-a5dbf640792a"
/dev/sda2: UUID="c8055dcc-11b8-400a-99ec-f6bdf9deb065" BLOCK_SIZE="1024" TYPE="ext2" PARTUUID="587f27f6-0ef7-4074-bc84-9444c4ff8515"
/dev/sda3: UUID="6c0c8520-4caf-4189-be01-9e94b020959f" TYPE="crypto_LUKS" PARTUUID="4778e186-a613-4216-82a9-954b329e9446"
/dev/mapper/sda3_crypt: UUID="FAYY8S-Ozqi-YDbD-cSIG-PG7B-XNzv-ukCbeA" TYPE="LVM2_member"
/dev/mapper/debian--vg-root: UUID="437c29f6-d5a6-40cd-b845-8f8ad59cd917" BLOCK_SIZE="4096" TYPE="ext4"
/dev/mapper/debian--vg-swap_1: UUID="ec44168e-e517-4284-bb9c-d8dff4c2a38a" TYPE="swap"
 
cat /boot/grub/grub.cfg
menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-437c29f6-d5a6-40cd-b845-8f8ad59cd917' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2 c8055dcc-11b8-400a-99ec-f6bdf9deb065
else
search --no-floppy --fs-uuid --set=root c8055dcc-11b8-400a-99ec-f6bdf9deb065
fi
echo 'Loading Linux 5.9.0-3-amd64 ...'
linux /vmlinuz-5.9.0-3-amd64 root=/dev/mapper/debian--vg-root ro quiet
echo 'Loading initial ramdisk ...'
initrd /initrd.img-5.9.0-3-amd64
}
 
from centos virtual machine known working config:
 
lsblk says:
sda1 type:part /boot/efi
sda2 type:part /boot
sda3 type:part
luks-28c13 type:crypt
cl-root type:lvm /
cl-swap type:lvm [swap]
 
grub.cfg
set default_kernelopts="root=/dev/mapper/cl-root ro crashkernel=auto resume=/dev/mapper/cl-swap rd.lvm.lv=cl/root rd.luks.uuid=luks-28c13191-etc-f4 rd.lvm.lv=cl/swap rhgb "
 
/etc/crypttab
luks-28c13191-etc-f4 UUID=28c13191-etc-f4 none discard
 
/etc/fstab says
/dev/mapper/cl-root / xfs
uuid=omitted /boot
uuid=omitted /boot/efi
/dev/mapper/cl-swap swap swap
 
blkid says
/dev/mapper/cl-root: type="xfs"
/dev/mapper/luks-28c13191 TYPE="LVM2_member"
/dev/sda3 TYPE="crypto_LUKS"
/dev/sda1 type vfat
/dev/sda2
/dev/mapper/cl-swap: TYPE="swap"
625
edits

Navigation menu