I am in progress of resizing a LUKS encrypted partition that contains a single ext4 filesystem (no LVM or something). The cryptsetup FAQ recommends to remove the old partition and recreate it, but that sounds like wasting a lot time. Therefore I want to proceeed by manually, carefully resizing the partition.
So far, I think that I need to do:
- Create an (encrypted) backup of the filesystem. Important! You won't be the first to lose your data while performing the following tasks.
- Unmount the existing ext4 filesystem (e.g. by booting into a Live CD). If booting from a Live CD, mount the encrypted partition using
cryptsetup luksOpen /dev/sdXY ExistingExt4
- Resize the existing ext4 filesystem.
cryptsetup resize /dev/mapper/ExistingExt4 -b $SECTORS
- Close/ "unmount" the LUKS partition using
cryptsetup luksClose ExistingExt4
- Shrink the partition size.
Are the above steps correct?
In step 4, what should I choose for $SECTORS
? Is this step even necessary? The cryptsetup
manual page is not really descriptive on the resize
option:
resize <name>
resizes an active mapping <name>.
If --size (in sectors) is not specified, the size of the underlying
block device is used.
Finally, if I shrink the ext4 partition by 15 GiB, can I safely assume that 15 GiB can be removed from the existing partition using parted
? If yes, how to do so? My disk is GPT partitioned, if that matters.
Best Answer
After backing up (step 1) and unmounting (between 2 and 3), run
fsck
to ensure that the filesystem is healthy:Other than that, the steps are OK.
Purpose of the
cryptsetup resize
commandThis step is necessary, otherwise the partition would still show up at the old side. This is confirmed with Nautilus, even after resizing withThis step is not necessary. It only affects the current size status as shown in the file browser. After changing the size and closing/opening the partition again, the number is restored. So, when closing the LUKS partition as shown later will make this obsolete.resize2fs
, the LUKS partition showed up as the old size. After runningcryptsetup resize
, the correct number is shown.$SECTORS
can be determined by looking at the output ofcryptsetup status ExistingExt4
:(As of cryptsetup 2.0.0 (December 2017), the sector size may be larger than 512 bytes: see the
cryptsetup(8)
manpage and the--sector-size
option.)Thus, to subtract 15 GiB, use a sector size of
156049348 - 15 * 1024 * 1024 * 2 = 124592068
:Resizing the partition with
parted
As for resizing the partition,
parted
works fine with GPT partitions. Theresize
command does not work however, as a workaround (or solution), remove the partition information and create a new partition as inspired by http://ubuntuforums.org/showthread.php?p=8721017#post8721017:As 15 GiB has to be shaved off, the new end becomes
156301438 - 15 * 1024 * 1024 * 2 = 124844158
. Since I want to change partition 2, I first have to remove it and then recreate it with the label "Everything" (this could be changed if you like). Note: this disk has a GPT layout. For MBR, you should replaceEverything
byprimary
orextended
(untested, resizing a partition on MBR has not been tested and is not recommended because it is untested).WARNING: the following commands has destroyed data. Do not copy it without understanding what is happening. The sector dimensions must be changed, otherwise you WILL destroy your partition(s). I am in no way responsible for your stupidness, BACKUP BACKUP BACKUP your data to a second storage medium before risking your data.
In the above
parted
example, my sectors are not aligned which is a mistake from an earlier installation, do not pay too much attention to it.That is it! You can use
cryptsetup status
andfile -Ls /dev/...
to verify that everything is OK and then reboot.