Talk:Rootfs over encrypted lvm

From Funtoo
Revision as of 20:55, November 29, 2020 by Pnoecker (talk | contribs)
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

probably need to setup /etc/conf.d/dmcrypt


from debian 10 vm known working config: mkultra@debian:~$ cat /etc/crypttab sda3_crypt UUID=6c0c8520-4caf-4189-be01-9e94b020959f none luks,discard mkultra@debian:~$ sudo lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 30G 0 disk ├─sda1 8:1 0 512M 0 part /boot/efi ├─sda2 8:2 0 244M 0 part /boot └─sda3 8:3 0 29.3G 0 part 

 └─sda3_crypt          254:0    0 29.2G  0 crypt 
   ├─debian--vg-root   254:1    0 25.2G  0 lvm   /
   └─debian--vg-swap_1 254:2    0    4G  0 lvm   [SWAP]

mkultra@debian:~$ sudo blkid [sudo] password for mkultra: /dev/sda1: UUID="CFA9-ECD1" BLOCK_SIZE="512" TYPE="vfat" PARTUUID="e0187031-4396-43e5-9fe0-a5dbf640792a" /dev/sda2: UUID="c8055dcc-11b8-400a-99ec-f6bdf9deb065" BLOCK_SIZE="1024" TYPE="ext2" PARTUUID="587f27f6-0ef7-4074-bc84-9444c4ff8515" /dev/sda3: UUID="6c0c8520-4caf-4189-be01-9e94b020959f" TYPE="crypto_LUKS" PARTUUID="4778e186-a613-4216-82a9-954b329e9446" /dev/mapper/sda3_crypt: UUID="FAYY8S-Ozqi-YDbD-cSIG-PG7B-XNzv-ukCbeA" TYPE="LVM2_member" /dev/mapper/debian--vg-root: UUID="437c29f6-d5a6-40cd-b845-8f8ad59cd917" BLOCK_SIZE="4096" TYPE="ext4" /dev/mapper/debian--vg-swap_1: UUID="ec44168e-e517-4284-bb9c-d8dff4c2a38a" TYPE="swap"

cat /boot/grub/grub.cfg menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-437c29f6-d5a6-40cd-b845-8f8ad59cd917' { load_video insmod gzio if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi insmod part_gpt insmod ext2 set root='hd0,gpt2' if [ x$feature_platform_search_hint = xy ]; then search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2 c8055dcc-11b8-400a-99ec-f6bdf9deb065 else search --no-floppy --fs-uuid --set=root c8055dcc-11b8-400a-99ec-f6bdf9deb065 fi echo 'Loading Linux 5.9.0-3-amd64 ...' linux /vmlinuz-5.9.0-3-amd64 root=/dev/mapper/debian--vg-root ro quiet echo 'Loading initial ramdisk ...' initrd /initrd.img-5.9.0-3-amd64 }

from centos virtual machine known working config:

lsblk says: sda1 type:part /boot/efi sda2 type:part /boot sda3 type:part 

  luks-28c13 type:crypt
     cl-root type:lvm /
     cl-swap type:lvm [swap]

grub.cfg set default_kernelopts="root=/dev/mapper/cl-root ro crashkernel=auto resume=/dev/mapper/cl-swap rd.lvm.lv=cl/root rd.luks.uuid=luks-28c13191-etc-f4 rd.lvm.lv=cl/swap rhgb "

/etc/crypttab luks-28c13191-etc-f4 UUID=28c13191-etc-f4 none discard

/etc/fstab says /dev/mapper/cl-root / xfs uuid=omitted /boot uuid=omitted /boot/efi /dev/mapper/cl-swap swap swap

blkid says /dev/mapper/cl-root: type="xfs" /dev/mapper/luks-28c13191 TYPE="LVM2_member" /dev/sda3 TYPE="crypto_LUKS" /dev/sda1 type vfat /dev/sda2 /dev/mapper/cl-swap: TYPE="swap"

Retrieved from "https://www.funtoo.org/index.php?title=Talk:Rootfs_over_encrypted_lvm&oldid=34509"