Difference between revisions of "LVM"
From Blue-IT.org Wiki
(→Open encryted lvm partition) |
(→Open encryted lvm partition) |
||
| Line 14: | Line 14: | ||
Be arefulat this step! | Be arefulat this step! | ||
| − | If this is the root device, you will need to ''' | + | If this is the root device, you will need to '''use exactly the _ SAME NAME _ for the crypt''' (in our example: ''sda5_crypt'' for ''${my_crpyt_name}'') like in your destination Ubuntu environment. |
| − | If not, you will not be able to boot your device, because the system will be configured using the wrong name for your mapper name which is written down in ''/etc/crypttab''. | + | If not, you will not be able to boot your device, because the system will be configured using the wrong name for your mapper name which is written down in ''/etc/crypttab'' (don't change this!). |
# Please edit acccording to your entry in /etc/crypttab (within the mounted ''vg-somename-root'') | # Please edit acccording to your entry in /etc/crypttab (within the mounted ''vg-somename-root'') | ||
Revision as of 08:46, 20 June 2016
Contents
HowTo - shrink and resize encrypted LUKS volumes
LVM and LUKS are often used together within a standard encrypted setup. The best HowTo I could find for Ubuntu which really sums up the essential tasks in a very good manner is on Ubuntu forums. Written in 2008 but the procedures are and will remain the same. The scenarios are to e.g. shrink an existing ubuntu installation to fit on another disk (move from bigger hdd to a smaller sdd) or vice versa.
Install necessary apps
E.g. on a rescue disc ...
apt-get install cryptsetup
Open encryted lvm partition
Be arefulat this step!
If this is the root device, you will need to use exactly the _ SAME NAME _ for the crypt (in our example: sda5_crypt for ${my_crpyt_name}) like in your destination Ubuntu environment. If not, you will not be able to boot your device, because the system will be configured using the wrong name for your mapper name which is written down in /etc/crypttab (don't change this!).
# Please edit acccording to your entry in /etc/crypttab (within the mounted vg-somename-root) # It may be that you have to correct this ! my_crypt_name=sda5_crypt
cryptsetup luksOpen /dev/sda5 ${my_crpyt_name}
Again: if you are unsure about the name of ${my_crpyt_name}, decrypt your device, mount it and have a look into the /etc/crypttab for the name like this:
cryptsetup luksOpen /dev/sda5 test_crypt mount /dev/mapper/vg-somename-root /mnt/test
nano /mnt/test/etc/crypttab > sda5_crypt UUID=def346a0-6e33-4523-b99c-d7777b980b34 none luks,discard
umount /mnt/test crpytsetup luksClose test_crypt
Mount existing volume groups
sudo apt-get install lvm2 sudo modprobe dm-mod
sudo vgchange -a y > 2 logical volume(s) in volume group "vg-whatever" now active
ls /dev/mapper > control sda5_crypt vg--whatever--root vg--whatever--swap
# Please edit my_root=/mnt/whatever_root my_vg=vg--whatever--root my_boot_device=/dev/sda1
# Mount /root and /boot
mkdir ${my_root}
mount /dev/mapper/${my_vg} ${my_root}
mount ${my_boot_device} ${my_root}/boot
# Chroot
mount -o bind /dev ${my_root}/dev; \
mount -o bind /run ${my_root}/run; \
mount -t proc /proc ${my_root}/proc; \
mount -t sysfs /sys ${my_root}/sys
chroot ${my_root}
Umount existing volume groups and close encrypted container
sudo umount ${my_root}/*
sudo umount /dev/mapper/${my_vg}
sudo vgchange -a n
sudo cryptsetup luksClose ${my_crpyt}