SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Will initrd support an encrypted root partition in a volume group that spans across more than one LUKS volume?
Here's an example where all the PVs are part of one volume group, hence the root partition (logical volume) is part of the VG that spans multiple encyrpted volumes.
Code:
/dev/sda1 - SATA 100MB for non-LVM unencrypted /boot directory
/dev/sda5 - SATA 300GB LVM PV in VG group vg00, LUKS encrypted
/dev/sdb5 - SATA 300GB LVM PV in VG group vg00, LUKS encrypted
/dev/sdc5 - SATA 256GB LVM PV in VG group vg00, LUKS encrypted
cryptsetup -s 256 -y luksFormat /dev/sda5
cryptsetup -s 256 -y luksFormat /dev/sdb5
cryptsetup -s 256 -y luksFormat /dev/sdc5
cryptsetup luksOpen /dev/sda5 zero
cryptsetup luksOpen /dev/sdb5 one
cryptsetup luksOpen /dev/sdC5 two
pvcreate /dev/mapper/zero /dev/mapper/one /dev/mapper/two
vgcreate vg00 /dev/mapper/zero /dev/mapper/one /dev/mapper/two
lvcreate -L 2G -n swap0 vg00
lvcreate -L 18G -n root vg00
lvcreate -L 6G -n var vg00
lvcreate -L 450GB -n home vg00
lvcreate -L 2G -n swap1 vg00
This didn't work when I first tried it a few years ago. I haven't asked or tried recently, so I thought I'd check to see if anything has changed in this area.
If this is still not supported by initrd, I'll create a primary partition on the first drive for the root and var logical volumes and put them in a small single PV volume group, then put everything else in a second volume group that spans all the remaining partitions.
The -C option of mkinitrd can be used to specify multiple devices to luksOpen during the initrd. You will be prompted for the passphrase per device however.
The -C option of mkinitrd can be used to specify multiple devices to luksOpen during the initrd. You will be prompted for the passphrase per device however.
GazL, I've been adding multiple devices with the -C option of mkinitrd since release 13.1. I recall that I learned about the multiple device support from you in another thread. I get the password prompts during boot for all of the devices I specify. But the volume group that contains the root partition must have a single PV, or the boot fails after I get prompted for passwords. When I tried in the past to have multiple PVs in the volume group that contained the root partition, I got errors like these:
Code:
Reading all physical volumes. THis may take a while...
Couldn't find device with uuid 'H6TNIc-0rha-fk2i-cgUU-0EhR-hT03-23cvpD'.
Couldn't find all physical volumes for volume group vg00.
Couldn't find device with uuid 'H6TNIc-0rha-fk2i-cgUU-0EhR-hT03-23cvpD'.
Couldn't find all physical volumes for volume group vg00.
Volume group "vg00" not found
Couldn't find device with uuid 'H6TNIc-0rha-fk2i-cgUU-0EhR-hT03-23cvpD'.
Couldn't find all physical volumes for volume group vg00.
Couldn't find device with uuid 'H6TNIc-0rha-fk2i-cgUU-0EhR-hT03-23cvpD'.
Couldn't find all physical volumes for volume group vg00.
Volume group "vg00" not found
Couldn't find device with uuid 'H6TNIc-0rha-fk2i-cgUU-0EhR-hT03-23cvpD'.
Couldn't find all physical volumes for volume group vg00.
Couldn't find device with uuid 'H6TNIc-0rha-fk2i-cgUU-0EhR-hT03-23cvpD'.
Couldn't find all physical volumes for volume group vg00.
Volume group "vg00" not found
mount: mounting /dev/vg00/root on /mnt failed: No such file or directory
ERROR: No /sbin/init found on rootdev (or not mounted). Trouble ahead.
You can try to fix it. Type 'exit' when things are done.
Here is the thread where I originally discussed it with you and Alien Bob.
I've no idea then. if all the devices that contain the PVs that make up the volume group have been unlocked during the initrd then there is no reason why the vgscan should not find them.
Perhaps Eric will know. He was the one who confirmed that initrd didn't support that configuration back in 2008 and 2010.
Yes, but Eric's comment referred to the situation before the -C option was enhanced to support more than one device. The whole point of the changes we introduced was to support exactly this possibility. As I said above it should work and I have certainly run a rootvg consisting of 2 luks devices in the past (back around 12.2 or 13.0). If you're encountering this error now on a relatively recent version of slackware when using the -C option to unlock all your PVs then something must be going wrong.
Those error messages were from when I tried it back in 2008. I'm not getting them now because I haven't tried mulitple PVs in the root VG since then. I am having the initrd unlock multiple LUKS devices with the -C option during boot, but each device is in a different VG.
Now I'm preparing to go to a 64-bit 14.0 from a 32-bit 13.37, so I have to do a full install rather than an upgrade. I thought this would be a good time to give it another shot. You're saying it should work now, so I'll try it.
I don't know, I'm not using a RAID of any kind. I'm just using LVM and LUKS encrypted partitions.
Do you intent to span volume group across multiple hard drives to extend it's size? In that case you are using RAID 0 with linear stripping (also known as concatenation).
You can create RAID with LVM (like you did), but it might be better to separate LVM and RAID. Advantage of this approach is that you will have one RAID device consisting of as many physical hard drives as you want (lets say /dev/md0) and then you are building LVM and LUKS encrypted partition on exactly one (meta)device, not all of them. RAID array will take care of the low-level stuff. And in case of hard drive failure, you will just replace that hard drive, restore data from backup and re-assemble RAID array. No need to fiddle with LVM.
Disadvantage is that it adds another layer which needs to be taken care of in initrd.
Do you intent to span volume group across multiple hard drives to extend it's size? In that case you are using RAID 0 with linear stripping (also known as concatenation).
yenn, my intent is simply to be able to add space to the volume group easily so I can expand any of my LVM filesystems as needed. I am not striping the data (RAID 0), and I'm not interested in redundancy (RAID 1 or 5, etc) at the moment. Disk drives have gotten so cheap that I might well go with a RAID 5 setup in the future, but for now, I don't want to add the overhead of software RAID to my system.
Thanks for the info. The referenced articles were worth reading.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.