On Mon, Mar 23, 2020 at 1:16 PM Chris Murphy <lists@xxxxxxxxxxxxxxxxx> wrote: > > On Sun, Mar 22, 2020 at 11:04 PM Chris Murphy <lists@xxxxxxxxxxxxxxxxx> wrote: > > > > I think I understand what you want to do: You want a disk partition -> > > LUKS -> LVM PV -> LVM VG, and then /, /var, /home, swap to be XFS > > formatted LVs. > > > > I'm not certain it's actually possible to do this, > > OK, it is possible to do this in Custom partitioning. > > Do not check this encrypt box which is the per LV box: > > https://drive.google.com/open?id=1BE3gJpw9FJUaecXLBvLzgogxGsPvY6dO > > > Instead, click on the Modify button under the Volume Group drop-down > menu, and check this encrypt box which applies to the PV/VG. > > https://drive.google.com/open?id=1nEzQy-Z03ovE6Ay410lLeK5h4dJ1x-A7 I just did an installation doing it this way, and I think the UI is confusing. After choosing to encrypt the VG, and clicking OK to that modify VG dialog, each mount point (each LV) has its own encrypt checkbox also checked. However, they are no individually encrypted. vda 252:0 0 100G 0 disk ├─vda1 252:1 0 600M 0 part ├─vda2 252:2 0 1G 0 part └─vda3 252:3 0 98.4G 0 part └─f32luks 253:2 0 98.4G 0 crypt ├─f32-swap 253:3 0 3G 0 lvm ├─f32-root 253:4 0 64.1G 0 lvm └─f32-home 253:5 0 31.3G 0 lvm /dev/vda3 is LUKS encrypted, and the resulting volume 'f32luks' is the LVM PV. Each LV, swap, root, home, are plain LVs that are incidentally encrypted by the fact they're on an encrypted PV. There is no double encryption. Reproduce steps 1. custom partitioning 2. LVM preset, click here to create automatically 3. Volume Group -> Modify -> check encrypt --- unexpectedly, each LV now has encrypt option checked 4. Done, Begin installation -- Chris Murphy _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx