Partman recipe with LVM and crypto swap

To: debian-boot@lists.debian.org
Subject: Partman recipe with LVM and crypto swap
From: Daniel Dehennin <daniel.dehennin@baby-gnu.org>
Date: Mon, 02 Jan 2012 16:01:01 +0100
Message-id: <[🔎] 87ty4egnde.fsf@hati.baby-gnu.org>

Hello,

I'm trying to setup a partman recipe with a random keyed cypto swap.

Here is a working lvm recipe:

#+begin_src
partman-auto/text/boot_lvm ::

128 2048 256 ext4
    $defaultignore{ }
    $primary{ }
    $bootable{ }
    method{ format }
    format{ }
    use_filesystem{ }
    filesystem{ ext4 }
    label{ /boot }
    mountpoint{ /boot }
    options/nodev{ nodev }
    options/noexec{ noexec }
    options/nosuid{ nosuid }
    options/nosuid{ noatime }
.

1024 1024 -1 ext4
    $defaultignore{ }
    $primary{ }
    method{ lvm }
.

512 1024 200% linux-swap
    $lvmok{ }
    lv_name{ swap }
    method{ swap }
    format{ }
.

1024 2048 2048 ext4
    $lvmok{ }
    lv_name{ root }
    method{ format }
    format{  }
    use_filesystem{ }
    filesystem{ ext4 }
    label{ / }
    mountpoint{ / }
    options/nosuid{ noatime }
.

512 4096 1024 ext4
    $lvmok{ }
    lv_name{ tmp }
    method{ format }
    format{ }
    use_filesystem{ }
    filesystem{ ext4 }
    label{ /tmp }
    mountpoint{ /tmp }
    options/nosuid{ nosuid }
    options/nodev{ nodev }
    options/noexec{ noexec }
    options/nosuid{ noatime }
.

1024 3072 2048 ext4
    $lvmok{ }
    lv_name{ usr }
    method{ format }
    format{  }
    use_filesystem{ }
    filesystem{ ext4 }
    label{ /usr }
    mountpoint{ /usr }
    options/nosuid{ noatime }
.

1024 1024 1024 ext4
    $lvmok{ }
    lv_name{ var }
    method{ format }
    format{  }
    use_filesystem{ }
    filesystem{ ext4 }
    label{ /var }
    mountpoint{ /var }
    options/nosuid{ noatime }
.

512 2048 1024 ext4
    $lvmok{ }
    lv_name{ var+log }
    method{ format }
    format{  }
    use_filesystem{ }
    filesystem{ ext4 }
    label{ /var/log }
    mountpoint{ /var/log }
    options/nosuid{ nosuid }
    options/nodev{ nodev }
    options/noexec{ noexec }
    options/nosuid{ noatime }
.

3096 2048 5120 ext4
    $lvmok{ }
    lv_name{ var+cache }
    method{ format }
    format{  }
    use_filesystem{ }
    filesystem{ ext4 }
    label{ /var/cache }
    mountpoint{ /var/cache }
    options/nosuid{ noatime }
.

500 100 -1 ext4
    $lvmok{ }
    lv_name{ toremove }
    method{ keep }
.
#+end_src

Now, I replace the swap bloc with the following:

#+begin_src
512 1024 200% linux-swap
    $lvmok{ }
    lv_name{ cswap }
    method{ crypto }
    crypto_type{ dm-crypt }
    cipher{ aes }
    keyhash{ sha256 }
    keytype{ random }
    keysize{ 256 }
    ivalgorithm{ xts-essiv:sha256 }
.
#+end_src

I only get an inactive crypt volume, I don't find any documentation on
how to use it, for swap in the present case, or /tmp.

Regards.
-- 
Daniel Dehennin
Récupérer ma clef GPG:
gpg --keyserver pgp.mit.edu --recv-keys 0x6A2540D1

Attachment: pgp1jkK5TFMem.pgp
Description: PGP signature

Reply to:

Prev by Date: Bug#653921: [debootstrap] installed chroot has wrong arch (amd64 instead of i386)
Next by Date: Bug#653921: marked as done ([debootstrap] installed chroot has wrong arch (amd64 instead of i386))
Previous by thread: Spam cleaning effort: December 2011
Next by thread: Bug#654280: installation-reports
Index(es):
- Date
- Thread