for long time, i want to encrypt partitions on my disk. recently i have found an article[@1] with screenshots and actually made some sense to my stupid mind. i have successfully, created encrypted lvm using the [@1]. however, i have some issues :


[1] i will set aside atleast a gb for future, should i create it as a primary partition and set as "do not use".

[2] the swap partition is starting with priority : -1, i assume it is correct because the writes are immediately effected in encrypted partitions. is there any issue with swap partition starting with -1 priority ?


[3] "volume group "volume group name" not found". eventhough i am able to access the partitions, at the boot time it is showing the above message. can i assume the partition scheme is correct ?



[@1] : http://backports.wordpress.com/2010/10/03/how-create-encrypted-lvm-logical-volume-manager-manual-partition-disk-debian-gnu-linux/


thank you

vishnu vardhan wrote:
> for long time, i want to encrypt partitions on my disk. recently i have
> found an article[@1] with screenshots and actually made some sense to my
> stupid mind. i have successfully, created encrypted lvm using the [@1].

Looks good to me. The only change I would make in that walk through
is to shorten the LVM's volume group name. They use DEBLVM in the
referenced guide. That is fine. But if the name is too long then
'df' will always wrap. That is okay too but annoying. (In the future
upstream is talking about making those columns more dynamically sized
while still trying to maintain backward compatibility.)

But to avoid the wrapping I find that if I use two letter volume group
names and four letters or less with the physical volume name then I
can avoid wrapping. Example:

$ df -lh
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/v1-root 11G 6.5G 3.5G 66% /
tmpfs 1.9G 0 1.9G 0% /lib/init/rw
udev 1.9G 332K 1.9G 1% /dev
tmpfs 1.9G 748K 1.9G 1% /dev/shm
/dev/md0 456M 32M 400M 8% /boot
/dev/mapper/v1-var 5.5G 3.5G 1.8G 67% /var
/dev/mapper/v1-srv 19G 5.1G 13G 30% /srv
/dev/mapper/v1-lcl 92G 189M 87G 1% /usr/local
/dev/mapper/v1-home 200G 167G 23G 89% /home

If the volume group is longer then lines will be broken onto two lines
unless the -P option is given. My personal preference is just to make
sure that I use short names so that the field overflow and subsequent
line breaks are avoided.

[It would be nicer if the volumes were mounted by the names /dev/v1/var
intead of /dev/mapper/v1-var but so it goes.]

> however, i have some issues :
>
> [1] i will set aside atleast a gb for future, should i create it as a
> primary partition and set as "do not use".

It doesn't really matter if you create a partition for it now or
later. It is up to you. You can always create the partition later.

> [2] the swap partition is starting with priority : -1, i assume it is
> correct because the writes are immediately effected in encrypted partitions.
> is there any issue with swap partition starting with -1 priority ?

Priority -1 is normal. I am assuming that you are seeing this at boot
time? Such as from dmesg? That is normal.

$ dmesg | grep swap
[ 11.158484] Adding 7811064k swap on /dev/mapper/v1-swap. Priority:-1 extents:1 across:7811064k

> [3] "volume group "volume group name" not found". eventhough i am able to
> access the partitions, at the boot time it is showing the above message. can
> i assume the partition scheme is correct ?

That isn't normal. Something isn't right. You should dig deeper on
this problem.

Bob

On Wed, 06 Oct 2010 09:20:09 +0300
ΓιώÏ�γος Î*άλλας <gpall@ccf.auth.gr> wrote:

> On 10/06/2010 08:17 AM, vishnu vardhan wrote:
> >
> > [3] "volume group "volume group name" not found". eventhough i am able
> > to access the partitions, at the boot time it is showing the above
> > message. can i assume the partition scheme is correct ?
>
> You mean that you see that as the very first message after grub? That
> is, you see this message before you are asked for the passphrase? If
> yes, it is normal. For some reason debian looks for the volume groups
> even before unlocking the LUKS partition and of course fails. After
> entering the passphrase, it looks again.
>
> I have once entered a bug report for this, as well as for the red letter
> fail when such a machine shuts down because it cannot close the logical
> volume which contains the root filesystem. Both were answered that's the
> way its supposed to work...

Yep. I, too, have noticed both these things, and find them a bit
annoying, especially the latter, which is an issue with any root FS on
LVM, even if it's not encrypted.

Celejar
--
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20101006093317.5b8a937b.celejar@gmail.com">http://lists.debian.org/20101006093317.5b8a937b.celejar@gmail.com