On Mon, Feb 16, 2015 at 22:28:54 CET, Jay Sullivan wrote: > So, > > I must have been doing some step in the wrong order before, because, after > cleaning up my notes for others to read, it now seems to work fine. I'm > still sort of confused why I was running into that error consistently, but > clearly I'm doing something differently this time. Attached steps for > creating full disk encryption with btrfs with Ubuntu 14.10, which worked > successfully for me. Interesting. Thanks for reporting the success and the details! Arno > ---- > ---- Start of steps to reproduce > ---- > > I'm using Ubuntu Desktop 14.10 LiveCD, with only one hard drive in my > computer: a 32GB flash drive. (Note: I tried this on a 500GB hard drive as > well, same results.) I'm doing all of this offline (as in not connected to > Internet.) > > I use GParted to partition the flash drive as follows (GPT): > > /dev/sda1 1MiB bios_grub ( < I make sure to set the > bios_grub flag here ) > /dev/sda2 256MiB btrfs ( /boot ) > /dev/sda3 6.84GiB crypt-luks ( encrypted swap ) > /dev/sda4 22.82GiB crypt-luks ( encrypted / ) > > I then format/open the LUKS partitons: > > cryptsetup luksFormat /dev/sda3 > cryptsetup luksFormat /dev/sda4 > cryptsetup luksOpen /dev/sda3 neoswap > cryptsetup luksOpen /dev/sda4 neoroot > > I then format all my boot, swap, and root partitions: > > mkfs.btrfs -f -L neoboot /dev/sda2 > mkswap -L neoswap /dev/mapper/neoswap > mkfs.btrfs -f -L neoroot /dev/mapper/neoroot > > I then run the graphical "Install Ubuntu 14.10" installer from the > desktop. When it asks how I want to install, I choose "Something else", > and tell it to use the following partitioning scheme, instructing it NOT to > format any partitions (since we already did): > > /dev/sda2 btrfs /boot > /dev/mapper/neoswap swap > /dev/mapper/neoroot btrfs / > > (Note: It will insist on formatting the swap partiton, that's fine. It > will insist on installing a bootloader to /dev/sda, that's fine, although > we will override this step in a second.) I continue with the installation, > waiting until the installation is finished. > > At this point, it's possible for me to list all of the partition GUIDs, > which I'll need for crypttab and fstab: > > /dev/sda1 1MiB bios_grub > /dev/sda2 256MiB btrfs ( /boot ) > UUID=23fa61d2-0b74-465a-be83-e026ebb373bc > /dev/sda3 6.84GiB crypt-luks > UUID=5d60aeca-6e5d-4a0c-9d28-b31c79213589 > /dev/mapper/neoswap ( swap ) > UUID=ee13478f-b310-4c3c-b14a-579dea9ee25c > /dev/sda4 22.82GiB crypt-luks > UUID=badb304c-38de-4d04-9456-e9759c3150ab > /dev/mapper/neoroot ( / ) > UUID=aa67f7ba-08cc-4760-aa30-fa5bc10b88cc > > Once installation is done, and before I restart, I open a root shell and > chroot into the newly-installed setup: > > # mount /dev/mapper/neoroot /mnt -o subvol=@ > # mount /dev/mapper/neoroot /mnt/home -o subvol=@home > # mount /dev/sda2 /mnt/boot > # mount --bind /dev /mnt/dev > # mount --bind /proc /mnt/proc > # mount --bind /sys /mnt/sys > # mount --bind /etc/resolv.conf /mnt/etc/resolv.conf > # chroot /mnt > > Now that I'm in, I update /etc/crypttab as follows: > > neoswap UUID=5d60aeca-6e5d-4a0c-9d28-b31c79213589 none luks > neoroot UUID=badb304c-38de-4d04-9456-e9759c3150ab none luks > > I then update /etc/fstab: > > UUID=23fa61d2-0b74-465a-be83-e026ebb373bc /boot btrfs > defaults,noatime 0 2 > UUID=ee13478f-b310-4c3c-b14a-579dea9ee25c none swap > sw 0 0 > UUID=aa67f7ba-08cc-4760-aa30-fa5bc10b88cc / btrfs > defaults,noatime,subvol=@ 0 1 > UUID=aa67f7ba-08cc-4760-aa30-fa5bc10b88cc /home btrfs > defaults,noatime,subvol=@home 0 2 > > Almost done. Still chroot'ed, I run: > > update-initramfs -k all -c > update-grub > grub-install /dev/sda > > I restart my computer, boot into GRUB, and boot with the following: > > insmod gzio > insmod part_gpt > insmod btrfs > search --no-floppy --fs-uuid --set=root > 23fa61d2-0b74-465a-be83-e026ebb373bc > linux /vmlinuz-3.16.0-23-generic > root=UUID=aa67f7ba-08cc-4760-aa30-fa5bc10b88cc rootflags=noatime,subvol=@ > initrd /initrd.img-3.16.0-23-generic > > ---- > ---- End of steps to reproduce > ---- > > I just did this and it booted successfully 15 times in a row. > > Thanks, > Jay > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
