LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   dm-crypted root with filesystem checking (http://www.linuxquestions.org/questions/slackware-14/dm-crypted-root-with-filesystem-checking-618180/)

/y0shi 02-02-2008 10:40 AM

dm-crypted root with filesystem checking
 
To be more specific I followed http://wiki.linuxquestions.org/wiki/...t_partition.3F
to install Slackware Linux 12.0 onto my thinkpad, its not so detailed but worked pretty well with hints from http://de.gentoo-wiki.com/DM-Crypt#R...chl.C3.BCsseln for building init.

Now booting into an encrypted system works until and beyond one error message:

[...]
*** ERROR: Root partition has already been mounted read-write. Cannot check! [...]

(this comes from /etc/rc.d/rc.S line 208 - 227)

If I boot my ram0 with read-only then booting fails because he needs to create stuff for cryptsetup and so one (I dont really know, but trial and error ...).

After luksOpen my init mounts /dev/mapper/root to /mnt I tried to put a -o ro flag in there but thats not what it wants ...

Has some one out there experience with stuff like that - any help is much appreciated!

Thanks --y0shi

Alien Bob 02-02-2008 06:07 PM

Maybe you should read http://slackware.osuosl.org/slackwar...ADME_CRYPT.TXT first.
It's on your Slackware 12.0 install CD too.

Eric

/y0shi 02-03-2008 11:31 AM

I have to admit, I was not aware of that file (-:

Thank you I will see what I understand ...

/y0shi 02-16-2008 06:55 AM

Thats nice! I think it is remarkable how good encrypted root filesystem support in Slackware 12.0 is.

I used the the mentioned file README_CRYPT.TXT and I think everyone should read http://alien.slackbook.org/dokuwiki/...lackware:setup for actually changes.

Everything works now really nicely but I was confused by the hints for your lilo.conf in Row 246. I think there is a typo in here:

Quote:

* We have one additional change to make, and that is almost at the top
of the file. Look up the line that says "boot = /dev/mapper/cryptroot"
and which was the reason for lilo to fail installing itself. Change the
boot device to name of the small *unencrypted* partition you've created
and which is mounted under '/boot'. Assuming the name of that partition is
'/dev/sda4', the "boot =" line must become like this:

boot = /dev/sda4
Because at the top of the lilo.conf file where it says "boot =" I put the the device not a partition. In my case it is "boot = /dev/hda" and the bootpartition (in my case /dev/hda1) is called in the line with "root = /dev/hda1". So my lilo.conf looks like that and works perfectly:

Code:

# LILO configuration file
# generated by 'liloconfig'
#
# Start LILO global section
lba32 # Allow booting past 1024th cylinder with a recent BIOS
boot = /dev/hda
compact # faster, but won't work on all systems.
#prompt
#timeout = 5
# VESA framebuffer console @ 1024x768x256
vga = 773
# Normal VGA console
# vga = normal
# VESA framebuffer console @ 1024x768x64k
# vga=791
# VESA framebuffer console @ 1024x768x32k
# vga=790
# VESA framebuffer console @ 1024x768x256
# vga=773
# VESA framebuffer console @ 800x600x64k
# vga=788
# VESA framebuffer console @ 800x600x32k
# vga=787
# VESA framebuffer console @ 800x600x256
# vga=771
# VESA framebuffer console @ 640x480x64k
# vga=785
# VESA framebuffer console @ 640x480x32k
# vga=784
# VESA framebuffer console @ 640x480x256
# vga=769
# ramdisk = 0 # paranoia setting
# End LILO global section
# Linux bootable partition config begins
image = /boot/vmlinuz-generic-smp-2.6.21.5-smp
initrd = /boot/initrd.gz
root = /dev/hda1
label = nemesis
read-only # Partitions should be mounted read-only for checking
# Linux bootable partition config ends

So I'm not sure what the best lilo.conf would be, but I think the lilo.conf in README_CRYPT.TXT is not working as far as I'm concerned.


All times are GMT -5. The time now is 02:13 AM.