slackware64 lvm/luks and mkinitrd for custom kernel
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If your making a custom kernel you don't need an initrd file
just build the mobo HDD vedio controllers drivers the file system support executable format keyboard mouse
in to the kernel
a quick way to get a basic configuration is to do "make i386_defconfig"or for a 64bit kernel "make x86_64_defconfig"
you will still need to run "make menuconfig" to add file systems usb modules
and turn off kernel debugging
you might want to move every thing not needed to boot up out to modules like sound card and alsa modules
I've tried that also, which results in kernel panic. I've been using slack quite a few years, and this is my first experience with initrd's.
Before going with lvm/luks on this laptop, I would always build a custom kernel right after install.
I was under the impression that an initrd was required to unlock the luks prior to booting the kernel?
Code:
Please append a correct "root=" boot option; here are the available partitions: Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(253,1)
I'm not sure what is your plan but did you read the README_CRYPT.TXT and especially the last section "Combining LUKS and LVM"?
Also, if you want to use an initrd file for both of your lilo entries, they should definitely have different names and the "initrd" line in lilo.conf should reflect that (which is not the case in your lilo.conf example)
I've tried that also, which results in kernel panic. I've been using slack quite a few years, and this is my first experience with initrd's.
Before going with lvm/luks on this laptop, I would always build a custom kernel right after install.
I was under the impression that an initrd was required to unlock the luks prior to booting the kernel?
Code:
Please append a correct "root=" boot option; here are the available partitions: Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(253,1)
why encrypt the whole root file system that's like running a foot race up wind with an open parachute on
all you would really need to encrypt would be is /home/username at the most and /home/username/data-to-protect at the least
check your /etc/mtab file for where the root file system is mounted and how it's mounted
I just followed README_CRYPT.TXT Combining LUKS and LVM
If encrypting just /home is a better plan, hey I'm all for it. As it stands with / also encrypted, it seems to work great. I'm not sure where the uphill with a parachute comes in. :-)
Distribution: Slackware64 14.2 and current, SlackwareARM current
Posts: 1,644
Rep:
Quote:
Originally Posted by rob.rice
why encrypt the whole root file system that's like running a foot race up wind with an open parachute on
all you would really need to encrypt would be is /home/username at the most and /home/username/data-to-protect at the least
check your /etc/mtab file for where the root file system is mounted and how it's mounted
[LITTLE BIT OFFTOPIC THOUGHTS]
One reason for encrypting root, or at least my reason: If you have sensible data on your computer, say a laptop, you get some stuff outside of /home: root user's bash history giving an indication what files you have opened, eventually some stuff in /tmp and eventually also in /var/spool/cups. If you try to give your documents meaningful names, sometimes that's enough info to hide it, let's say a client's name etc.
That is way too much paranoia for most people, but for some it may be needed. If a harddisk of mine is damaged I couldn't claim for warranty if it wasn't encrypted. Totally encrypted, even the file names, I don't have to care which technician gets his hands on the harddrive, they won't get any data that I'm by law obliged to keep confidential.
One other reason might be to mount several partitions with a keyfile that is saved on the root partition. That way you only have to input a keyphrase once and not for every single encrypted partition.
[/LITTLE BIT OFFTOPIC THOUGHTS]
One problem is that you build ext3 into your kernel, which means there is no module to add to your initrd.
I would say encrypting your whole disk is more like running into the wind with an open napkin. Sure you are providing a slight amount of extra drag, but then you get to wipe your forhead, too.
Also, depending on your uses, you may find that you need to encrypt more than just /home, ie. database info, log info, etc., which may not be in /home. I find LVM on an encrypted partition to provide maximum simplicity and flexibility, and I sure did not notice a speed decrease with encrypted root disks.
BCarey,
so I have to use an initrd or no? I have decided to stick with both /, and /home encrypted. Without an initrd I got the kernel panic, and I had just removed the initrd = from lilo, and no luck there.
One problem is that you build ext3 into your kernel, which means there is no module to add to your initrd.
Brian
IF the kernel already has support for ext3 why dose it matter that there is no ext3 module in the initrd file
isn't the point of the initrd file to provide modules
needed to boot the system that are not in the kernel
in slackware it looks like the initrd file is being used as
a way around building custom kernel
BCarey,
so I have to use an initrd or no? I have decided to stick with both /, and /home encrypted. Without an initrd I got the kernel panic, and I had just removed the initrd = from lilo, and no luck there.
Thanks everyone for the help thus far.
As far as I know you need an initrd if you want this setup. Did you make sure to put /boot on a small, unencrypted partition? Your kernel panic could be due to that.
IF the kernel already has support for ext3 why dose it matter that there is no ext3 module in the initrd file
isn't the point of the initrd file to provide modules
needed to boot the system that are not in the kernel
in slackware it looks like the initrd file is being used as
a way around building custom kernel
It would just try to insert the module and then let you know that it couldn't because it is not there, similar to the reported error. Probably not fatal. However, the OP seems to have another problem, why is it trying to insert modules from the wrong kernel version?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.