LVM

From Blue-IT.org Wiki

Revision as of 08:46, 20 June 2016 by Apos (talk | contribs) (Open encryted lvm partition)

HowTo - shrink and resize encrypted LUKS volumes

LVM and LUKS are often used together within a standard encrypted setup. The best HowTo I could find for Ubuntu which really sums up the essential tasks in a very good manner is on Ubuntu forums. Written in 2008 but the procedures are and will remain the same. The scenarios are to e.g. shrink an existing ubuntu installation to fit on another disk (move from bigger hdd to a smaller sdd) or vice versa.

Install necessary apps

E.g. on a rescue disc ...

apt-get install cryptsetup

Open encryted lvm partition

Be arefulat this step!

If this is the root device, you will need to use exactly the _ SAME NAME _ for the crypt (in our example: sda5_crypt for ${my_crpyt_name}) like in your destination Ubuntu environment. If not, you will not be able to boot your device, because the system will be configured using the wrong name for your mapper name which is written down in /etc/crypttab (don't change this!).

# Please edit acccording to your entry in /etc/crypttab (within the mounted vg-somename-root)
# It may be that you have to correct this ! 
my_crypt_name=sda5_crypt
cryptsetup luksOpen /dev/sda5 ${my_crpyt_name}

Again: if you are unsure about the name of ${my_crpyt_name}, decrypt your device, mount it and have a look into the /etc/crypttab for the name like this:

cryptsetup luksOpen /dev/sda5 test_crypt
mount /dev/mapper/vg-somename-root /mnt/test
nano /mnt/test/etc/crypttab
> sda5_crypt UUID=def346a0-6e33-4523-b99c-d7777b980b34 none luks,discard
umount /mnt/test
crpytsetup luksClose test_crypt

Mount existing volume groups

sudo apt-get install lvm2
sudo modprobe dm-mod
sudo vgchange -a y
> 2 logical volume(s) in volume group "vg-whatever" now active
ls /dev/mapper
> control sda5_crypt vg--whatever--root  vg--whatever--swap
# Please edit
my_root=/mnt/whatever_root
my_vg=vg--whatever--root
my_boot_device=/dev/sda1
# Mount /root and /boot
mkdir ${my_root}
mount /dev/mapper/${my_vg} ${my_root}
mount ${my_boot_device} ${my_root}/boot
# Chroot
mount -o bind /dev ${my_root}/dev; \
mount -o bind /run ${my_root}/run; \
mount -t proc /proc ${my_root}/proc; \
mount -t sysfs /sys ${my_root}/sys
chroot ${my_root}

Umount existing volume groups and close encrypted container

sudo umount ${my_root}/*
sudo umount /dev/mapper/${my_vg}
sudo vgchange -a n
sudo cryptsetup luksClose ${my_crpyt}