Re: Why can I view my encrypted lvm logical volumes without opening them with my passphrase?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Well I have good news and bad news.

Bad news is I can't give you the output of "lsblk -f" because I had to destroy that partition since I was testing before filing this bug:

https://bugzilla.redhat.com/show_bug.cgi?id=1820912 

Good news is that by complete accident I have solved my own problem, you can find the details here:

https://ask.fedoraproject.org/t/ananconda-cant-handle-lvm-on-luks-setup/6112/5?u=sreyan32

The question now is that can this information be added in the Wiki or docs somewhere so other new users won't have to suffer.

Let me know.

Thanks. 

On Sat, Apr 4, 2020 at 11:06 PM Robert Nichols <rnicholsNOSPAM@xxxxxxxxxxx> wrote:
On 4/4/20 10:41 AM, Sreyan Chakravarty wrote:
> I know how to do that.
>
> The question is why I can view them when I shouldn't be able to.
>
> On Sat, Apr 4, 2020 at 7:06 PM Robert Nichols <rnicholsNOSPAM@xxxxxxxxxxx <mailto:rnicholsNOSPAM@xxxxxxxxxxx>> wrote:
>
>     On 4/3/20 4:48 AM, Sreyan Chakravarty wrote:
>      > I just installed Fedora 31 on my laptop. I had created a volume group and logical volumes from the Anaconda installer itself. I had marked the checkbox for encrypting my fedora partition , and when booting I am asked my passphrase, so I thought everything was fine.
>      >
>      > But when I am booting into a live environment and do an `lsblk` . This is my output:
>      >
>      > ```
>      > NAME                              MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
>      > sda                                 8:0    0 931.5G  0 disk
>      > ├─sda1                              8:1    0   512M  0 part
>      > ├─sda2                              8:2    0   512M  0 part
>      > └─sda3                              8:3    0 930.5G  0 part
>      >    ├─vgfedora-root-real            253:0    0   700G  0 lvm
>      >    │ ├─vgfedora-root               253:1    0   700G  0 lvm
>      >    │ └─vgfedora-before_hibernate   253:3    0   700G  0 lvm
>      >    └─vgfedora-before_hibernate-cow 253:2    0    50G  0 lvm
>      >      └─vgfedora-before_hibernate   253:3    0   700G  0 lvm
>      > ```
>      >
>      > 1. **How on earth are my Volume Groups visible from the live environment?** I did not even open up with `cryptsetup open --type luks2 /dev/sda3` . What is going on here ?
>      > 2. As you can see **I have created a snapshot, is that even encrypted ?** Or is it only my root ? **I need everything to be encrypted even snapshots.**
>      > 3. I can even do a `vgchange -a y` and select all my logical volumes. **This really should not happen as it should not even be visible from the live environment** . Again what is going on ?
>      > 4. **How can I verify what is encrypted and what is not ?**
>
>     Run "lsblk" with the "-f" option to get more type information.
>
>     --
>     Bob Nichols     "NOSPAM" is really part of my email address.
>                       Do NOT delete it.

If you want to answer the question about what is encrypted and what is not,
post the output from "lsblk -f". Without that, you are not going to get an
answer to your questions.

--
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx


--
Regards,
Sreyan Chakravarty
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux