LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 08-24-2009, 03:20 PM   #1
chopp
Member
 
Registered: Sep 2003
Location: AB. Canada
Distribution: Slackware
Posts: 126

Rep: Reputation: 16
slackware64 lvm/luks and mkinitrd for custom kernel


Hello all.
I'm not sure how to proceed from here with making an initrd for my custom kernel. I built ext3 fs support, DM, and also Crypt into 2.6.30.5
Code:
 CONFIG_BLK_DEV_DM=y   CONFIG_DM_CRYPT=y     CONFIG_EXT3_FS=Y
I tried to make the initrd with the following:
Code:
mkinitrd -k 2.6.30.5 -m ext3 -f ext3 -r /dev/cryptvg/root/ -C /dev/hda2 -L
My lilo.conf looks like so:
Code:
# Linux bootable partition config begins
image = /boot/vmlinuz-2.6.30.5
  initrd = /boot/initrd.gz
  root = /dev/cryptvg/root
  label = 2.6.30.5
  read-only

image = /boot/vmlinuz-generic-smp-2.6.29.6-smp
  initrd = /boot/initrd.gz
  root = /dev/cryptvg/root
  label = Linux
  read-only
# Linux bootable partition config ends
Booting errors out with a few, this being the first:
Code:
Using /lib/modules/2.6.29.6-smp/kernel/fs/mbcache.ko
mbcache: version magic '2.6.29.6-smp SMP mod_unload 686 ' should be '2.6.30.5 preempt mod_unload PENTIUM 4KSTACKS '
insmod: cannot insert '/lib/modules/2.6.29.6-smp/kernel/fs/mbcache.ko' : Invalid module format
I've also tried making seperate initrd's, with no luck also:
Code:
mkinitrd -c -k 2.6.30.5 -m ext3 -f ext3 -r crypt -C /dev/sda2 -o initrd-2.6.30.5.gz
also the contents of my /boot dir.:
Code:
root@x41:~# ls -l /boot/
total 24986
lrwxrwxrwx  1 root root      37 2009-08-22 19:41 README.initrd -> /usr/doc/mkinitrd-1.3.4/README.initrd
lrwxrwxrwx  1 root root      25 2009-08-24 05:23 System.map -> /boot/System.map-2.6.30.5
-rw-r--r--  1 root root  925305 2009-08-24 05:22 System.map-2.6.30.5
-rw-r--r--  1 root root  993960 2009-08-17 00:18 System.map-generic-2.6.29.6
-rw-r--r--  1 root root 1021936 2009-08-16 23:20 System.map-generic-smp-2.6.29.6-smp
-rw-r--r--  1 root root 1463026 2009-08-17 00:32 System.map-huge-2.6.29.6
-rw-r--r--  1 root root 1495429 2009-08-16 23:53 System.map-huge-smp-2.6.29.6-smp
-rw-r--r--  1 root root     512 2009-08-22 20:00 boot.0800
-rw-r--r--  1 root root     168 2009-08-22 20:00 boot_message.txt
lrwxrwxrwx  1 root root      28 2009-08-22 19:41 config -> config-huge-smp-2.6.29.6-smp
-rw-r--r--  1 root root   96042 2009-08-17 00:18 config-generic-2.6.29.6
-rw-r--r--  1 root root   96218 2009-08-16 23:20 config-generic-smp-2.6.29.6-smp
-rw-r--r--  1 root root   96158 2009-08-17 00:32 config-huge-2.6.29.6
-rw-r--r--  1 root root   96246 2009-08-16 23:53 config-huge-smp-2.6.29.6-smp
-rw-r--r--  1 root root    5040 2008-11-29 11:43 diag1.img
drwxr-xr-x 11 root root    1024 2009-08-23 20:12 initrd-tree/
-rw-r--r--  1 root root 2258481 2009-08-24 05:26 initrd.gz
drwx------  2 root root   12288 2009-08-22 19:38 lost+found/
-rw-------  1 root root  123392 2009-08-24 05:29 map
-rw-r--r--  1 root root   15754 2008-02-21 17:08 slack.bmp
lrwxrwxrwx  1 root root      29 2009-08-22 19:41 vmlinuz -> vmlinuz-huge-smp-2.6.29.6-smp
-rw-r--r--  1 root root 2166624 2009-08-24 05:24 vmlinuz-2.6.30.5
-rw-r--r--  1 root root 2386000 2009-08-17 00:18 vmlinuz-generic-2.6.29.6
-rw-r--r--  1 root root 2495952 2009-08-16 23:20 vmlinuz-generic-smp-2.6.29.6-smp
-rw-r--r--  1 root root 4768048 2009-08-17 00:32 vmlinuz-huge-2.6.29.6
-rw-r--r--  1 root root 4940304 2009-08-16 23:53 vmlinuz-huge-smp-2.6.29.6-smp
Where exactly am I going wrong here?

Thanks,
chopp
 
Old 08-24-2009, 03:27 PM   #2
rob.rice
Member
 
Registered: Apr 2004
Distribution: slack what ever
Posts: 784

Rep: Reputation: 104Reputation: 104
If your making a custom kernel you don't need an initrd file
just build the mobo HDD vedio controllers drivers the file system support executable format keyboard mouse
in to the kernel
a quick way to get a basic configuration is to do "make i386_defconfig"or for a 64bit kernel "make x86_64_defconfig"
you will still need to run "make menuconfig" to add file systems usb modules
and turn off kernel debugging
you might want to move every thing not needed to boot up out to modules like sound card and alsa modules

Last edited by rob.rice; 08-24-2009 at 03:41 PM.
 
Old 08-24-2009, 03:40 PM   #3
chopp
Member
 
Registered: Sep 2003
Location: AB. Canada
Distribution: Slackware
Posts: 126

Original Poster
Rep: Reputation: 16
I've tried that also, which results in kernel panic. I've been using slack quite a few years, and this is my first experience with initrd's.
Before going with lvm/luks on this laptop, I would always build a custom kernel right after install.

I was under the impression that an initrd was required to unlock the luks prior to booting the kernel?

Code:
Please append a correct "root=" boot option; here are the available partitions: Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(253,1)
 
Old 08-24-2009, 03:49 PM   #4
gegechris99
Member
 
Registered: Oct 2005
Location: France
Distribution: Slackware 14.1 32bit
Posts: 719
Blog Entries: 3

Rep: Reputation: 76
I'm not sure what is your plan but did you read the README_CRYPT.TXT and especially the last section "Combining LUKS and LVM"?

Also, if you want to use an initrd file for both of your lilo entries, they should definitely have different names and the "initrd" line in lilo.conf should reflect that (which is not the case in your lilo.conf example)
 
Old 08-24-2009, 03:52 PM   #5
rob.rice
Member
 
Registered: Apr 2004
Distribution: slack what ever
Posts: 784

Rep: Reputation: 104Reputation: 104
Quote:
Originally Posted by chopp View Post
I've tried that also, which results in kernel panic. I've been using slack quite a few years, and this is my first experience with initrd's.
Before going with lvm/luks on this laptop, I would always build a custom kernel right after install.

I was under the impression that an initrd was required to unlock the luks prior to booting the kernel?

Code:
Please append a correct "root=" boot option; here are the available partitions: Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(253,1)
why encrypt the whole root file system that's like running a foot race up wind with an open parachute on
all you would really need to encrypt would be is /home/username at the most and /home/username/data-to-protect at the least
check your /etc/mtab file for where the root file system is mounted and how it's mounted
 
Old 08-24-2009, 04:04 PM   #6
chopp
Member
 
Registered: Sep 2003
Location: AB. Canada
Distribution: Slackware
Posts: 126

Original Poster
Rep: Reputation: 16
I just followed README_CRYPT.TXT Combining LUKS and LVM

If encrypting just /home is a better plan, hey I'm all for it. As it stands with / also encrypted, it seems to work great. I'm not sure where the uphill with a parachute comes in. :-)

Code:
root@x41:/etc# cat /etc/mtab
/dev/cryptvg/root / ext3 rw,errors=continue,data=ordered 0 0
proc /proc proc rw 0 0
sysfs /sys sysfs rw 0 0
usbfs /proc/bus/usb usbfs rw 0 0
/dev/mapper/cryptvg-home /home ext3 rw 0 0
/dev/sda1 /boot ext3 rw 0 0
tmpfs /dev/shm tmpfs rw 0 0
 
Old 08-24-2009, 04:13 PM   #7
titopoquito
Senior Member
 
Registered: Jul 2004
Location: Ruhr Area, Germany
Distribution: Slackware64 14.0
Posts: 1,517

Rep: Reputation: 90
Quote:
Originally Posted by rob.rice View Post
why encrypt the whole root file system that's like running a foot race up wind with an open parachute on
all you would really need to encrypt would be is /home/username at the most and /home/username/data-to-protect at the least
check your /etc/mtab file for where the root file system is mounted and how it's mounted
[LITTLE BIT OFFTOPIC THOUGHTS]
One reason for encrypting root, or at least my reason: If you have sensible data on your computer, say a laptop, you get some stuff outside of /home: root user's bash history giving an indication what files you have opened, eventually some stuff in /tmp and eventually also in /var/spool/cups. If you try to give your documents meaningful names, sometimes that's enough info to hide it, let's say a client's name etc.

That is way too much paranoia for most people, but for some it may be needed. If a harddisk of mine is damaged I couldn't claim for warranty if it wasn't encrypted. Totally encrypted, even the file names, I don't have to care which technician gets his hands on the harddrive, they won't get any data that I'm by law obliged to keep confidential.

One other reason might be to mount several partitions with a keyfile that is saved on the root partition. That way you only have to input a keyphrase once and not for every single encrypted partition.
[/LITTLE BIT OFFTOPIC THOUGHTS]
 
Old 08-24-2009, 04:14 PM   #8
BCarey
Senior Member
 
Registered: Oct 2005
Location: New Mexico
Distribution: Slackware
Posts: 1,455

Rep: Reputation: Disabled
One problem is that you build ext3 into your kernel, which means there is no module to add to your initrd.

I would say encrypting your whole disk is more like running into the wind with an open napkin. Sure you are providing a slight amount of extra drag, but then you get to wipe your forhead, too.

Also, depending on your uses, you may find that you need to encrypt more than just /home, ie. database info, log info, etc., which may not be in /home. I find LVM on an encrypted partition to provide maximum simplicity and flexibility, and I sure did not notice a speed decrease with encrypted root disks.

Brian
 
Old 08-24-2009, 04:23 PM   #9
chopp
Member
 
Registered: Sep 2003
Location: AB. Canada
Distribution: Slackware
Posts: 126

Original Poster
Rep: Reputation: 16
BCarey,
so I have to use an initrd or no? I have decided to stick with both /, and /home encrypted. Without an initrd I got the kernel panic, and I had just removed the initrd = from lilo, and no luck there.

Thanks everyone for the help thus far.
 
Old 08-24-2009, 04:56 PM   #10
chopp
Member
 
Registered: Sep 2003
Location: AB. Canada
Distribution: Slackware
Posts: 126

Original Poster
Rep: Reputation: 16
well if nothing else, I'm now very confused. The install kernel has ext3 built into it also, and the initrd for it works great.
 
Old 08-24-2009, 04:58 PM   #11
rob.rice
Member
 
Registered: Apr 2004
Distribution: slack what ever
Posts: 784

Rep: Reputation: 104Reputation: 104
Quote:
Originally Posted by BCarey View Post
One problem is that you build ext3 into your kernel, which means there is no module to add to your initrd.


Brian
IF the kernel already has support for ext3 why dose it matter that there is no ext3 module in the initrd file
isn't the point of the initrd file to provide modules
needed to boot the system that are not in the kernel



in slackware it looks like the initrd file is being used as
a way around building custom kernel
 
Old 08-24-2009, 06:14 PM   #12
BCarey
Senior Member
 
Registered: Oct 2005
Location: New Mexico
Distribution: Slackware
Posts: 1,455

Rep: Reputation: Disabled
Quote:
Originally Posted by chopp View Post
BCarey,
so I have to use an initrd or no? I have decided to stick with both /, and /home encrypted. Without an initrd I got the kernel panic, and I had just removed the initrd = from lilo, and no luck there.

Thanks everyone for the help thus far.
As far as I know you need an initrd if you want this setup. Did you make sure to put /boot on a small, unencrypted partition? Your kernel panic could be due to that.

Brian
 
Old 08-24-2009, 06:18 PM   #13
BCarey
Senior Member
 
Registered: Oct 2005
Location: New Mexico
Distribution: Slackware
Posts: 1,455

Rep: Reputation: Disabled
Quote:
Originally Posted by rob.rice View Post
IF the kernel already has support for ext3 why dose it matter that there is no ext3 module in the initrd file
isn't the point of the initrd file to provide modules
needed to boot the system that are not in the kernel



in slackware it looks like the initrd file is being used as
a way around building custom kernel
It would just try to insert the module and then let you know that it couldn't because it is not there, similar to the reported error. Probably not fatal. However, the OP seems to have another problem, why is it trying to insert modules from the wrong kernel version?

Brian
 
Old 08-24-2009, 06:19 PM   #14
chopp
Member
 
Registered: Sep 2003
Location: AB. Canada
Distribution: Slackware
Posts: 126

Original Poster
Rep: Reputation: 16
yes I have /boot on a separate unencrypted partition.

Code:
root@x41:/etc# cat /etc/mtab
/dev/cryptvg/root / ext3 rw,errors=continue,data=ordered 0 0
proc /proc proc rw 0 0
sysfs /sys sysfs rw 0 0
usbfs /proc/bus/usb usbfs rw 0 0
/dev/mapper/cryptvg-home /home ext3 rw 0 0
/dev/sda1 /boot ext3 rw 0 0
tmpfs /dev/shm tmpfs rw 0 0
 
Old 08-24-2009, 06:35 PM   #15
BCarey
Senior Member
 
Registered: Oct 2005
Location: New Mexico
Distribution: Slackware
Posts: 1,455

Rep: Reputation: Disabled
In your lilo.conf you have both kernel versions pointing to the same initrd.gz. This cannot be right.

Brian
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Slackware64-current: Creation of LUKS encrypted partition segfaults titopoquito Slackware 16 08-16-2009 04:02 AM
Luks/Lvm after dd duplication brodo Slackware 10 03-12-2009 03:56 PM
New kernel and existing Luks/Lvm ? brodo Slackware 3 09-14-2008 09:44 AM
LVM + Encryption + Custom Kernel sparker Slackware 2 08-05-2008 04:47 PM
luks cryptsetup and lvm question ruzzed Linux - Software 3 09-16-2007 07:21 PM


All times are GMT -5. The time now is 03:37 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration