I'm looking for a way to make the following setup happen in Gentoo:
/dev/sda1 -> /boot (ext2)
/dev/sda2 -> Luks encrypted
|
+-lvm-vg1
|
+- /dev/mapper/root-fs -> / (ext4)
+- /dev/mapper/swap -> (swap)
It's basically the same setup as Ubuntu would do when doing a graphical install.
I do know how to manually setup LUKS and even the LVM setup but I get stuck when bringing it together at boot. How do I tell the kernel and grub to unlock the LUKS partition and mount the right LVM partitions?
Best Answer
So I did figure it out:
I partitioned the disk partialy following the handbook:
The only change I made was not to make a swap and root partition but instead make a single partition and named it lvm (the name doesn't matter). Next I've setup LUKS:
After that setup the actual volumes:
For the rest we basically follow the handbook except where you would normaly do stuff for
/dev/sda3
(swap) or/dev/sda4
(root) you would now use/dev/mapper/vg0-lvol0
(swap) and/dev/mapper/vg0-lvol1
.Important is, when generating the kernel (I used
genkernel
for this) to first install cryptsetup usingemerge -av cryptsetup
. and then rungenkernel
with the following parameters:Be sure to setup the kernel to support LVM and the chosen hashing and encrypting algorithms (in my case
aes
andsha256
). Then continue following the handbook until you start thegrub
-config.Before you run
grub2-mkconfig
you should edit the file/etc/defaults/grub
. (I should state, for the record that I', not sure if this is the best solution but it works for me).In that file I've put the following (find and uncomment the parameter):
You can find the correct UUID by using
ls -l /dev/disk/by-uuid
. After thatgrub2-mkconfig
should find bother the kernel and the initramfs in/boot
. Again, follow the handbook and after the reboot you should get a password prompt.Hope this helps anyone else.