[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#489544: installation-reports

On Sun, Jul 06, 2008 at 01:21:00PM -0700, David L. Emerson wrote:
> Image version: debian-40r3-i386-netinst.iso
> […]
> This computer supports booting from USB, so I decided to install debian 
> on a USB Flash drive. I wanted an encrypted root partition.
> PROBLEM 1. I first tried the "automatic" encrypted LVM setup. It 
> insisted upon making a swap partition, and I was unable to delete that 
> partition. Of course I don't want a swap partition on a flash based 
> drive. I ultimately had to back up several steps and do a manual setup.

The automatic encrypted LVM setup create the swap partition as a Logical
Volume.  The easiest (but not obvious) way to get rid of it would have
been to:
 * go to "Configure the Logical Volume Manager",
 * remove both Logical Volumes (swap_1 and root),
 * create a new Logical Volume (root),
 * apply those changes,
 * configure the newly created Logical Volume (root) as /

We could probably manage to detect that we are partitioning a Solid
State Device, and skip the creation of a swap partition, but this would
require a fair amount of changes in partman.  I doubt anyone will be
working on that in the d-i team, but patches are more than welcome.

> PROBLEM 2. Before I started the install, I used dd if=/dev/urandom 
> of=/dev/sda to write random data to the drive, which makes cracking an 
> encrypted partition/drive much more difficult. However, the debian 
> installer insisted on writing (zeros?) to the to-be-encrypted partition 
> before formatting. This was very time consuming, wasteful/redundant, 
> and perhaps a security liability as well. In fact, the installer did 
> this several times due to problem 1 ;)
> I should be able to skip that writing since I already did it myself.

The installer is not writing zeros.  It is actually doing a similar
process than the one you did by yourself! :)

It can be avoided though when using manual partitioning, by switching
"Erase data" to "no" while configuring the partition used as "physical
volume for encryption".

> PROBLEM 3. System would not boot!!  .....
> It brought up the grub menu just fine, and began loading the kernel and 
> initramfs. The problem occured when it tried to configure lvm 
> (/usr/share/initramfs-tools/scripts/local-top/lvm) -- the kernel had 
> not yet detected the presence of the USB Flash drive! Thus the call to 
> activate_vg "$ROOT" was doomed to failure, since udev had not yet 
> discovered the root device. A few seconds after the failure messages, 
> udev discovered the device -- udev had "settled" before running 
> local-top, but the USB event came later.
> […] 

AFAIK, a lot of related issues have been fixed for Lenny.  If you could
give it a try, it would be great.

Jérémy Bobbio                        .''`. 
lunar@debian.org                    : :Ⓐ  :  # apt-get install anarchism
                                    `. `'` 

Attachment: signature.asc
Description: Digital signature

Reply to: