Gentoo Archives: gentoo-user

From: Alex Schuster <wonko@×××××××××.org>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] LVM on LUKS
Date: Sat, 07 Aug 2010 11:12:25
Message-Id: 201008071311.09375.wonko@wonkology.org
In Reply to: [gentoo-user] LVM on LUKS by Florian Philipp
1 Florian Philipp writes:
2
3 > I'm building a new Gentoo system (notebook) and want to rearrange a few
4 > things. I thought it would be good to have the following layout:
5 >
6 > - boot on a normal partition
7 > - root on a normal partition
8 > - one big encrypted partition (dmcrypt / LUKS)
9 > - on that partition an LVM volume group
10 > - on that volume group all stuff not necessary for booting: home, var,
11 > tmp, etc.
12 >
13 > AFAIK, the Gentoo boot process is organized so that LVM gets stated
14 > before dmcrypt is started. I would need it vice versa.
15 >
16 > Is that possible with baselayout-1? Do I need to switch to
17 > baselayout-2?
18
19 I don't know yet if this is possible with baselayout-2. I am using both
20 methods, but the way you like it had to be hacked a little. Look for the
21 thread "Self created initramfs cannot work" from June 2009, Dirk Heinrichs
22 talks about his initfs approach. It's similar to an initramfs, but all the
23 stuff is simply on the boot partition. It did not work out of the box (for
24 me), and I never got around to really debug this, but it's sort of
25 working, and has support for opening LUKS partitions. I think it's a cool
26 idea, simpler than an initramfs and no need for cpio and its options I
27 always have to look up. Having the root partition encrypted is also not
28 problem with this setup.
29
30 The advantage is that only one LUKS partiton has to be opened. My desktop
31 system does it the Gentoo way, but it has 23 encrypted LVMs (nicluding
32 root), which takes quite a while to open. I made it a lot faster by
33 opening them all in parallel (addig a & at the right location in
34 /lib/rcscripts/addons/dm-crypt-start.sh), still it's much longer than with
35 a single LUKS partition. I don't care much about it as the PC is running
36 all the time, or uses tuxonice, so I seldomly reboot.
37
38 But apart from the longer boot time, I find this approach simpler. Why do
39 you like it the other way around?
40
41 Wonko