Re: Why can I view my encrypted lvm logical volumes without opening them with my passphrase?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I know how to do that.

The question is why I can view them when I shouldn't be able to.

On Sat, Apr 4, 2020 at 7:06 PM Robert Nichols <rnicholsNOSPAM@xxxxxxxxxxx> wrote:
On 4/3/20 4:48 AM, Sreyan Chakravarty wrote:
> I just installed Fedora 31 on my laptop. I had created a volume group and logical volumes from the Anaconda installer itself. I had marked the checkbox for encrypting my fedora partition , and when booting I am asked my passphrase, so I thought everything was fine.
>
> But when I am booting into a live environment and do an `lsblk` . This is my output:
>
> ```
> NAME                              MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
> sda                                 8:0    0 931.5G  0 disk
> ├─sda1                              8:1    0   512M  0 part
> ├─sda2                              8:2    0   512M  0 part
> └─sda3                              8:3    0 930.5G  0 part
>    ├─vgfedora-root-real            253:0    0   700G  0 lvm
>    │ ├─vgfedora-root               253:1    0   700G  0 lvm
>    │ └─vgfedora-before_hibernate   253:3    0   700G  0 lvm
>    └─vgfedora-before_hibernate-cow 253:2    0    50G  0 lvm
>      └─vgfedora-before_hibernate   253:3    0   700G  0 lvm
> ```
>
> 1. **How on earth are my Volume Groups visible from the live environment?** I did not even open up with `cryptsetup open --type luks2 /dev/sda3` . What is going on here ?
> 2. As you can see **I have created a snapshot, is that even encrypted ?** Or is it only my root ? **I need everything to be encrypted even snapshots.**
> 3. I can even do a `vgchange -a y` and select all my logical volumes. **This really should not happen as it should not even be visible from the live environment** . Again what is going on ?
> 4. **How can I verify what is encrypted and what is not ?**

Run "lsblk" with the "-f" option to get more type information.

--
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx


--
Regards,
Sreyan Chakravarty
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux