LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 11-14-2007, 05:43 AM   #16
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 5,194

Rep: Reputation: Disabled

Quote:
Originally Posted by FelixDzerzhinsk View Post
I am still getting the wrong date. In the chroot environment it is showing 15:08:xx ICT. In the installer it shows 08:08:xx UTC. My local time (when I write this) is actually 08:08:xx. I am choosing "Clock set to local time when I use the installer.
This is normal. The installer does not use any of the timezone settings you configure. This configuration is strictly for the system you are installing.

Quote:
I then chroot from installer disk and run lilo -M /dev/sda

I then get "No boot signature in partition" message

I check with fdisk and see that /dev/sda1 has * for boot.

see below my lilo.conf

# LILO configuration file
# generated by 'liloconfig'
#
# Start LILO global section
lba32 # Allow booting past 1024th cylinder with a recent BIOS
boot = /dev/sda
message = /boot/boot_message.txt
prompt
timeout = 1200
# Override dangerous defaults that rewrite the partition table:
change-rules
reset
# VESA framebuffer console @ 1024x768x256
vga = 773
# End LILO global section
# Linux bootable partition config begins
image = /boot/vmlinuz
initrd = /boot/initrd.gz
root = /dev/mapper/cryptroot
label = Slackware
read-only
# Linux bootable partition config ends
Why do you use the "change-rules"? After the chroot you should be able to just run "lilo" with that lilo.conf to let lilo install itself into the MBR of the hard disk.

Eric
 
Old 11-14-2007, 07:49 PM   #17
gluesniffmonkey
LQ Newbie
 
Registered: Dec 2002
Location: Phnom Penh, Cambodia
Distribution: Slackware, Debian, Ubuntu, CentOS
Posts: 27

Rep: Reputation: 15
Actually lilo did that not me.

Sounds like I should #change-rules
 
Old 12-06-2007, 11:21 PM   #18
bl0tt0
Member
 
Registered: Aug 2005
Posts: 145

Rep: Reputation: 21
Just thought I'd post a link to a decent gentoo wiki explaining the use of LVM and LUKS in tandem. It looks like it'll take a little more legwork than just running the stock mkinitrd script with the right flags, but hey, that's why we're using Slackware, right?

http://gentoo-wiki.com/SECURITY_LVM_...ryptsetup-LUKS
 
Old 12-13-2007, 11:55 AM   #19
bl0tt0
Member
 
Registered: Aug 2005
Posts: 145

Rep: Reputation: 21
Ok, so I've now gotten a slackware install with lvm on top of luks to work. It takes a little editing, but it can be done. Here's how:

First, you should follow Alien Bob's README for setting up luks, then go through setting up lvm on the mapped device from luks. For me, it was a little bit easier to use the luks device name as the vg name in setting everything up. Go through the rest of the setup and installation up until it's time to install lilo, and do the simple installation to the root device so that you get a basic lilo to edit later.

Now, create the chroot environment from the Alien Bob readmes, chroot into it, and run the mkinitrd command for setting up a luks encrypted device (with the -r pointing to the mapped device name). You'll also have to make sure to include -m dm_crypt, because for some reason that gets left out of the initrd-tree otherwise.

Now, you're going to have to do a little editing inside the initrd source tree. cd into /boot/initrd-tree, and edit the init script by cutting and pasting the portion that makes the encrypted partitions available above the part that initializes the LVM. You then need to edit the part of the luks script that says
Code:
ROOTDEV="/dev/mapper/${ROOTDEV}"
to point to wherever you configured the root device under lvm. For me, this was easy because I had configured my volume group to be named the same as my luks device, so all I had to do is edit the script like this:
Code:
ROOTDEV="/dev/${ROOTDEV}/root"
After you've made and saved the edit, run mkinitrd again without any flags. This will take the contents of /boot/initrd-tree and roll it up into a new initrd.gz. Now all you have to do is edit your /etc/lilo.conf and /etc/fstab to point to the right devices, run lilo, and you're good to go.

It should also be noted that rc.S also activates logical volumes before opening luks encrypted devices, so you might have to edit that as well. I'm not certain about that.
 
Old 02-13-2008, 04:38 PM   #20
iiv
Member
 
Registered: Jun 2007
Location: Russia, Moscow Region
Distribution: Slackware
Posts: 167

Rep: Reputation: 30
Any moves on that? There are really no fixed points for it either in initrd script, or in init scripts, where LVM is the first and cryptsetup is the second.
 
Old 02-13-2008, 07:06 PM   #21
bl0tt0
Member
 
Registered: Aug 2005
Posts: 145

Rep: Reputation: 21
Actually, the way it's set up in 12.0 is under that assumption that you're either setting up one encrypted partition, or you're encrypting a logical volume. The way I set mine up, and the way I assumed the starter of this thread wanted theirs set up, was to encrypt a single partition, and then map the LVM on top of that encrypted partition. That takes a little more work, but it's really no more difficult than changing the order in the init script and then making sure your root device is put in correctly.
 
Old 02-14-2008, 12:17 AM   #22
Bruce Hill
HCL Maintainer
 
Registered: Jun 2003
Location: Tupelo, MS
Distribution: Gentoo
Posts: 6,926

Rep: Reputation: 124Reputation: 124
Okay, here's my Slack-LVM-LUKS tutorial if you're interested. I've done this with LUKS encrypted partitions only, and with LVM and LUKS. Without "changing the init script" (am I capable of that?), this works.

First, you must follow the README_LVM.TXT and setup your logical volume(s) first; then you can encrypt using README_CRYPT.TXT. (Until someone tells us how to do it the other way around).

Second, you must use the same kernel for your system as your install media. If not, when you reboot your initrd will not allow you to unlock your root filesystem. For example, yesterday I did a NFS install which I started with my -current CD-RW that had 2.6.23.15. But installing from my -current mirror on my server gave me 2.6.23.16 as the installed kernel. In my limited experience you must use the same kernel on the boot media as the one you install with the system.

Third, you must use a generic kernel rather than the huge kernels, because the initial RAM disk is too big to fit between the kernel and the 15M-16M memory hole with the huge ones.

Fourth, if you have an USB kbd and encrypt root, you won't be able to give the LUKS passphrase for root, because USB_HID will not have loaded at that time. The easiest option is to use a PS/2 kbd to enter the passphrase for root, after which the module will load and from then on you can use a USB kbd. Then before rebooting rebuild a kernel with USB_HID=m and put it in the new initrd.
 
Old 02-15-2008, 10:02 AM   #23
iiv
Member
 
Registered: Jun 2007
Location: Russia, Moscow Region
Distribution: Slackware
Posts: 167

Rep: Reputation: 30
bl0tt0's way of changing initrd's init script is not that hard, works for LVM created on previously encrypted partition and does not have so many limitations, which you have to remember.
And why do you think that huge kernel is not suitable? That warning, which LILO issues is for older computers, as far as I understand, so it is possible to forget about it.
What about USB-HID, you may also compile it into your kernel and not to insert it, regarding to as a module.
 
Old 02-15-2008, 10:09 AM   #24
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 5,194

Rep: Reputation: Disabled
Quote:
Originally Posted by iiv View Post
And why do you think that huge kernel is not suitable? That warning, which LILO issues is for older computers, as far as I understand, so it is possible to forget about it.
Try running lilo when you use a Slackware 'huge' kernel together with an initrd.
Lilo will refuse to install the loader. The kernel is just too big.

Eric
 
  


Reply

Tags
cryptsetup, encryption, lvm


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenBSD install on Encrypted disks? deNiro *BSD 0 09-17-2007 04:45 AM
drivers nvidia no install Slack12 afreitascs Slackware 9 09-09-2007 10:05 PM
Slack12 install cd doesn't work on old pc! linuxhippy Slackware 15 09-03-2007 01:14 PM
Encrypted LVM needs a initrd Zmyrgel Slackware 3 09-10-2006 09:46 AM


All times are GMT -5. The time now is 07:19 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration