The officially official Devuan Forum!

You are not logged in.

#1 2017-06-04 16:53:23

cjm
Member
Registered: 2017-06-01
Posts: 2

Installing devuan to lvm partitions within dm-crypt container

Hello all

I am trying to replace my Slackware 14.1 installation with Devuan Jessie on my existing setup which includes lvm partitions within a dm-crypt container. I have installed lvm2 from my live CD and activated all of my required partitions. My setup is as follows:

/dev/sda
--/dev/sda1 - ext4 (/boot)
--/dev/sda2 - dm-crypt (/dev/crypt)
----/dev/crypt/root - ext4 (/)
----/dev/crypt/home - ext4 (/home)
----/dev/crypt/swap - swap

I achieved this using the following commands:

cryptsetup luksOpen /dev/sda2 crypt
vgscan --mknodes
vgchange -a y crypt

My problem arises when i attempt to run the installer; only /dev/sda1 and /dev/sda2 show up for selection. Here are the options i selected on the installer:

dOouHM.png

Is there a way I can get the Devuan installer to recognise the lvm volumes or do I need to create them from scratch? (I haven't actually seen the option to create lvm volumes in the installer as of yet. Does it have the functionality?)

Thanks in advance!

Edit: After a second look at the forum I found https://dev1galaxy.org/viewtopic.php?id=559, which mentions using the standard installer - https://mirror.leaseweb.com/devuan/devu … aller-iso/. I will try this now.

Last edited by cjm (2017-06-04 17:07:24)

Offline

#2 2017-06-04 17:20:32

fsmithred
Administrator
Registered: 2016-11-25
Posts: 665

Re: Installing devuan to lvm partitions within dm-crypt container

Which live-CD and installer are you using? Your screenshot is not a link.

The devuan desktop-live isos don't contain the standard installer. You might be able to do it with the cli version of refractainstaller, but you would have to edit the script so that it did not format your partitions.

The thread you linked is for a full-disk encryption that includes encrypted /boot. That's different from what you have. Here's an account of someone doing it with a debian-live iso: http://forums.debian.net/viewtopic.php? … 3e#p571829
You might be able to do this with one of the regular devuan installer isos (e.g. netinstall). Choose expert install from the advanced options, before you get to partitioning, go to another virtual terminal and mount your partitions, then go back to installer and choose manual partitioning. You should be able to select partitions and use them without formatting them.

I have never tried either of these things. Be careful you do not lose your data. There are probably some config files you want to save from the old setup (fstab, crypttab, maybe others.)

The debian-installer/devuan-installer will allow you to create encrypted lvm from scratch, if you can figure it out. It's not intuitive at all.

Last edited by fsmithred (2017-06-04 17:22:59)

Offline

#3 2017-06-04 18:57:04

cjm
Member
Registered: 2017-06-01
Posts: 2

Re: Installing devuan to lvm partitions within dm-crypt container

fsmithred wrote:

Which live-CD and installer are you using? Your screenshot is not a link.

I was using devuan_jessie_1.0.0_amd64_desktop-live.iso but now i've switched to devuan_jessie_1.0.0_amd64_CD.iso

fsmithred wrote:

The devuan desktop-live isos don't contain the standard installer. You might be able to do it with the cli version of refractainstaller, but you would have to edit the script so that it did not format your partitions.

I will take a look at this.

fsmithred wrote:

The thread you linked is for a full-disk encryption that includes encrypted /boot. That's different from what you have. Here's an account of someone doing it with a debian-live iso: http://forums.debian.net/viewtopic.php? … 3e#p571829
You might be able to do this with one of the regular devuan installer isos (e.g. netinstall). Choose expert install from the advanced options, before you get to partitioning, go to another virtual terminal and mount your partitions, then go back to installer and choose manual partitioning. You should be able to select partitions and use them without formatting them.

I have just tried this with the regular non-live Devuan installer CD but it uses ash shell and I can't seem to use or install dm-crypt or lvm2 from it

fsmithred wrote:

The debian-installer/devuan-installer will allow you to create encrypted lvm from scratch, if you can figure it out. It's not intuitive at all.

Failing all else I will try this. I have already backed up my /home to an external drive but would like to avoid having to transfer it back if possible as it contains over 700GB of files and i will have to transfer it via USB 2 sad

Thank you for your help!

Offline

#4 2017-06-06 07:42:25

Simplicio
Member
Registered: 2017-04-21
Posts: 18

Re: Installing devuan to lvm partitions within dm-crypt container

I confirm what fsmithred is saying. It is possible to achieve what you want with the Devuan installer: in my case, I know it can be done with the net installer, but I also confirm it is non-intuitive.

Once you get to the partition manager part of the install (partman), there is a list of options which, in order from the top down, places dealing with encryption after setting up lvm. The key to understanding this is that you don't have to follow the order of the menu.

What you do is create the partitions (/dev/sda1 and /dev/sda2) /dev/sda1 is your non-encrypted boot. Set up /dev/sda2 as encrypted, then once you have done that, you can set up lvm inside/on top of the encrypted partition, and having done that, create the filesystems (or swap) on the lvm volumes you have created. You might, at one point, need to ignore a dialogue that says you can't make further changes to the partitioning setup and use the <Go Back> function of the setup process.

I don't have the time to give step-by-step instructions, but I'm sure you can get there by experimenting with a minimal install. I've been aiming at a setup with encrypted boot, and using NILFS as the filesystem (not ext4), and while I've go the set-up of the encrypted root nailed, I need to work out and practice how to get everything onto NILFS. ext4 is supported by partman, but NILFS, unfortunately, isn't.

I hope that helps. Even knowing what you want to do is possible is useful, sometimes.

Offline

#5 2018-01-21 08:58:10

giorgiob
Member
Registered: 2017-04-30
Posts: 7

Re: Installing devuan to lvm partitions within dm-crypt container

I have performed an install with an encrypted disk yesterday using the text-based installer of the devuan jessie image (devuan_jessie_1.0.0_amd64_NETINST.iso) and I can confirm what Simplicio sketched.

In the partition manager I chose manual partitioning and then first set up the unencrypted partitions (/dev/sda1 for /boot, /dev/sda2 for all the rest). Then I used dm-crypt to encrypt /dev/sda2, which created a new device /dev/mapper/sda2_crypt.
Then I had to define an LVM group inside /dev/mapper/sda2_crypt and add logical volumes (partitions) to it. They got mapped to /dev/mapper/vg-rootfs and /dev/mapper/vg-swap. Finally I used the last two mapped devices to install Devuan.

Offline

#6 2018-02-21 13:18:01

giorgiob
Member
Registered: 2017-04-30
Posts: 7

Re: Installing devuan to lvm partitions within dm-crypt container

My encrypted partitions are working but I have a problem when shutting down the system: The console blocks and displays the message

Stopping remaining crypt disks...sda2_crypt(busy)

several times. After about one minute it displays an error message

stopping early crypto disks failed.

and the system is shut down.

It seems this is not a really issue and it has been known for ages (https://bugs.debian.org/cgi-bin/bugrepo … bug=575652) but
it is a bit annoying to see this happening each time I switch my computer off.
Also, I use this setup for most friends who want to install Linux on their laptops, so I see it pretty often.

Do you know if there is any plan to address this issue?

Last edited by giorgiob (2018-02-21 13:22:36)

Offline

#7 2018-02-25 08:46:43

rolfie
Member
Registered: 2017-11-25
Posts: 16

Re: Installing devuan to lvm partitions within dm-crypt container

Same issue, no solution for ASCII, see here:
https://dev1galaxy.org/viewtopic.php?id=1753

Regards, rolfie

Offline

#8 2018-04-09 15:08:49

emanym
Member
Registered: 2018-04-08
Posts: 3

Re: Installing devuan to lvm partitions within dm-crypt container

You can (kindof) ''f1x0r'' this by replacing lines 764-784 in /lib/cryptsetup/cryptdisk.functions with the old version from devuan jessie:

# Removes all mappings in crypttab
do_stop () {
	local dst src key opts opencount major minor

	dmsetup mknodes
	log_action_begin_msg "Stopping $INITSTATE crypto disks"

	egrep -v "^[[:space:]]*(#|$)" "$TABFILE" | while read dst src key opts; do
		for i in 1 2 4 8 16 32; do
			handle_crypttab_line_stop "$dst" "$src" "$key" "$opts" <&3 && break || ret=$?
			if [ $ret -eq 1 ] || [ $ret -eq 2 -a $i -gt 16 ]; then
				log_action_end_msg $ret
				break
			fi
			log_action_cont_msg "$dst busy..."
			sleep $i
		done 3<&1
	done

	log_action_end_msg 0
}

to:

# Removes all mappings in crypttab
do_stop () {
	local dst src key opts opencount major minor

	dmsetup mknodes
	log_action_begin_msg "Stopping $INITSTATE crypto disks"

	egrep -v "^[[:space:]]*(#|$)" "$TABFILE" | while read dst src key opts; do
		handle_crypttab_line_stop "$dst" "$src" "$key" "$opts" <&3 || log_action_end_msg $?
	done 3<&1

	log_action_end_msg 0
}

I'm not sure this is safe (or sane). It will still fail, but quickly...

Changing the timeouts (for i in 1 2 4 8 16 32) may be cleaner.

Offline

#9 2018-04-10 12:15:27

fsmithred
Administrator
Registered: 2016-11-25
Posts: 665

Re: Installing devuan to lvm partitions within dm-crypt container

I tried changing the timeouts to smaller numbers, but it didn't make a difference. Last group of numbers I tried was 1 2 3 4 5 6 and it still stalled for slightly more than 30 seconds.

Offline

#10 2018-04-10 12:43:05

emanym
Member
Registered: 2018-04-08
Posts: 3

Re: Installing devuan to lvm partitions within dm-crypt container

That would add up to a 21 second sleep, i guess (6+5+ etc).

However,

		for i in 1; do

should be valid shell syntax as well...

I do find having a pointless for loop rather offensive, though...

.. edit ..

Actually, just looked at the man page, and the gnu coreutils version of sleep handles floating point numbers:

me@sybilla:~$ time for i in 0.001 0.002 0.003; do sleep $i; done 

real	0m0.014s
user	0m0.000s
sys	0m0.000s

So using something like

		for i in 0.001; do

should be reasonably fast anyway...

Last edited by emanym (2018-04-10 13:15:21)

Offline

#11 2018-04-10 13:25:17

fsmithred
Administrator
Registered: 2016-11-25
Posts: 665

Re: Installing devuan to lvm partitions within dm-crypt container

for i in 1; do

Hey, that worked! Only took five seconds. Thanks!

Offline

Board footer