View previous topic :: View next topic |
Author |
Message |
Wizumwalt Guru
Joined: 20 Aug 2006 Posts: 547
|
Posted: Thu Aug 29, 2013 1:23 am Post subject: LUKS+LVM2, building cryptsetup as static and a separate /usr |
|
|
I'm not sure how best to handle this problem, and was hoping anyone could comment on how I could do this better, and what I've go so far.
I have LUKS over LVM and have a /init within my own initramfs to boot. The problem is, after /init switch_root's over to /newroot and /etc/conf.d/dmcrypt starts to mount separate volumes (i.e. /usr, /var/, etc...), cryptsetup doesn't work unless I build it as static (/usr is separate).
Here is the /init ...
Code: |
#!/bin/busybox sh
init=/sbin/init
rescue_shell() {
echo "Failed to switch_root, dropping to a shell"
busybox --install -s
exec /bin/sh
}
mount -t proc none /proc
mount -t sysfs none /sys
mount -t devtmpfs none /dev
/sbin/lvm.static vgscan --mknodes
/sbin/lvm.static vgchange -a y
/sbin/cryptsetup luksOpen /dev/mapper/vg1-root crypt-root
mount -o ro /dev/mapper/crypt-root /mnt/root || rescue_shell
umount /proc
umount /sys
umount /dev
exec switch_root /mnt/root "${init}" || rescue_shell
|
I had to build cryptsetup as static so that /etc/conf.d/dmcrypt would be able to decrypts LUKS when I enter passwds. But now, if I decide to emerge world, cryptsetup will get rebuilt and break because it will build shared libs onto /usr (which *I think* is what I really want anyways because I've read many posts about no longer supporting static builds). Thats my biggest worry is having to build udev as static.
Code: |
$ emerge -uDNp world
These are the packages that would be merged, in order:
Calculating dependencies ... done!
[ebuild R ] sys-apps/util-linux-2.22.2 USE="-static-libs*"
[ebuild R ] dev-libs/popt-1.16-r1 USE="-static-libs*"
[ebuild R ] dev-libs/libgpg-error-1.10 USE="-static-libs*"
[ebuild R ] sys-libs/e2fsprogs-libs-1.42.7 USE="-static-libs*"
[ebuild R ] dev-libs/libgcrypt-1.5.3 USE="-static-libs*"
[ebuild R ] sys-fs/udev-204 USE="-static-libs*"
[ebuild R ] virtual/udev-200 USE="-static-libs*"
[ebuild R ] sys-fs/lvm2-2.02.97-r1 USE="-static* -static-libs*"
[ebuild R ] sys-fs/cryptsetup-1.4.3 USE="-static* -static-libs*"
* IMPORTANT: 9 news items need reading for repository 'gentoo'.
* Use eselect news to read news items.
|
I'm just wondering if I'm going about this correctly and how other people are handling this. Should I maybe just mount /usr within the /init and not have /etc/fstab do it? I just tried that and it seems to work.
Any advice much appreciated. |
|
Back to top |
|
|
SamuliSuominen Retired Dev
Joined: 30 Sep 2005 Posts: 2133 Location: Finland
|
Posted: Thu Aug 29, 2013 6:46 am Post subject: |
|
|
The point of having initramfs with separate /usr is that you don't need static anything, but the initramfs contains all the tools to mount /usr.
This is supported by both genkernel and dracut, so surely you can wrap that in custom initramfs too.
As in, USE="static static-libs" in sys-fs/cryptsetup and sys-fs/lvm2 are for people with NO initramfs and separate /usr, for people willing to deal with problems of not having /usr available in early boot. This is more or less unsupported configuration. |
|
Back to top |
|
|
Wizumwalt Guru
Joined: 20 Aug 2006 Posts: 547
|
Posted: Thu Aug 29, 2013 5:28 pm Post subject: |
|
|
Thanks for clarifying that. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|