[Bug 1786688] Re: Add support for partition table inside LUKS on boot

Nazar Mokrynskyi nazar at mokrynskyi.com
Sat Jan 26 15:39:13 UTC 2019 

The first step is fixed in cryptsetup, would be nice if second part
about partprobe was also built-in

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1786688

Title:
  Add support for partition table inside LUKS on boot

Status in cryptsetup:
  New
Status in cryptsetup package in Ubuntu:
  New

Bug description:
  I'd like to have GPT partition table inside LUKS encrypted disk (not
  partition).

  It looks like this:
  vda       252:0    0   100G  0 disk
  └─test    253:0    0   100G  0 crypt
    ├─test1 253:1    0    20G  0 part
    └─test2 253:2    0    80G  0 part 

  However, I'm having difficulties achieving this on Ubuntu because of
  its boot scripts.

  2 steps that I needed to make this work.

  First is to remove file system type check, since partition table is
  not a filesystem, so I've edited /usr/share/initramfs-tools/scripts
  /local-top/cryptroot and commented-out a few lines like this (snippet
  from 18.04, 18.10 is a bit different but not much):

  #               if [ -z "$FSTYPE" ]; then
  #                       message "cryptsetup ($crypttarget): unknown fstype, bad password or options?"
  #                       udev_settle
  #                       $cryptremove
  #                       continue
  #               fi

  Second step was to add partprobe to recognize partitions from LUKS container, so that I can mount them in /etc/fstab.
  For this I've created a hook:

  root at fs-experiments:~# cat /etc/initramfs-tools/hooks/partprobe
  #!/bin/sh

  cp /sbin/partprobe $DESTDIR/sbin
  cp -L /lib/x86_64-linux-gnu/libparted.so.2 $DESTDIR/lib/x86_64-linux-gnu

  And a script:

  root at fs-experiments:~# cat /etc/initramfs-tools/scripts/local-premount/partprobe 
  #!/bin/sh

  case $1 in
  prereqs)
  	exit 0
  	;;
  esac

  partprobe


  I'd like to see partitions being supported out-of-the-box so that
  there is no need to edit system files for such use case.

  P.S. I know about LVM and the fact that is it supported out-of-the-
  box, but I found it extremely painful to use for this use case
  unfortunately.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cryptsetup/+bug/1786688/+subscriptions

More information about the foundations-bugs mailing list