How Do I Keep DM-CRYPT Mapping on Partitioned RAID1 Device in Slack64 13.37
I can partition a LUKS enabled RAID device but the partitions are lost and not recreated after a reboot.
I can't keep/recreate /dev/mapper/crypt0p1 RAID partitions after a reboot. If I don't encrypt the partitions it works fine as the /dev/md* devices are available after a reboot.
I can also have the LUKS enabled RAID device available via /etc/crypttab but I can't manage to get partitions created from a RAID device to cooperate.
Any advice on how to accomplish this is appreciated. Perhaps it's not possible without complicating the boot process scripts.
The rest of this post is just the details summarizing how I've unsuccessfully attempted this.
What command did you use to create the necessary initrd?
I didn't know that initrd was necessary since I'm NOT doing this on the root partition.
I initially tried this on the root partition using:
mkinitrd -c -k 184.108.40.206 -m ext4:ehci-hcd:uhci-hcd:usbhid -f ext4 -C /dev/md2 -r cryptroot1 -R
... where md1 is an unencrypted boot RAID device and md2 is the RAID LUKS root partition.
But in this case I'm just experimenting with the HUGE kernel on a non-root partition.
I started out a few days ago trying to do this with the root partition (and mkinitrd) but found when it failed and I restarted the system from a DVD, that I couldn't mount the device & file system to explore/fix so I would have had to reinstall Slack with every trial. I backed off to a simpler set up just trying to mount something on /hd1 /hd2 until I can find out how to get the block devices to exist after reboot.
I'll try it using an initrd and the generic kernel that comes with 13.37.
Try running "/usr/share/mkinitrd/mkinitrd_command_generator.sh" and check the output of that command (it does not do anything, it just shows a working mkinitrd command). It may be of help.
I've been unable to use the partitions of LUKS enabled RAID device.
I used the mkinitrd command generator recommended and saw that I had not tried the "-u" option.
Whether using the huge kernel and no initrd or using the generic kernel with initrd I haven't been able to create the /dev/mapper/xxx devices needed for the partitions. I can create the raid device /dev/md0 and the LUKS opened device /dev/mapper/luksmd0. I just cannot have the system create (after a reboot) the subsequent devices needed for the partitions. /dev/mapper/luksmd0p1 & p2.
I used the following command to create the initrd resulting in the default named device luksmd0.
Neither entries in /etc/crypttab nor the multiple colon separated arguments I've tried to "-C" in the mkinitrd command have led to success. Since the whole idea is to use a single key to unlock a single LUKS enabled device, I didn't think they would work.
As I mentioned before, the RAID partitions work if dm-crypt is not used.
With the current boot/load process perhaps it's not (easily) possible to use partitions of a LUKS enabled RAID device.
Lack of partitioning LUKS enabled RAID devices isn't a show stopper as I can still use the method of partitioning the disk first to create the RAID devices which are then LUKS enabled and a file system created. It just involves multiple keys. And LVM still works fine with a single key on RAID with LUKS.
|All times are GMT -5. The time now is 12:58 PM.|