From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RVzNb-00011C-5j for garchives@archives.gentoo.org; Thu, 01 Dec 2011 05:40:19 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A28A421C0B9; Thu, 1 Dec 2011 05:40:00 +0000 (UTC) Received: from mail-gy0-f181.google.com (mail-gy0-f181.google.com [209.85.160.181]) by pigeon.gentoo.org (Postfix) with ESMTP id 2563221C089 for ; Thu, 1 Dec 2011 05:38:47 +0000 (UTC) Received: by ghbg18 with SMTP id g18so1859767ghb.40 for ; Wed, 30 Nov 2011 21:38:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=rDe20RzBDHm0463ypktCEunj/iisQ0UonAcq/MBU6aE=; b=HSR+AdzF2QVOlRg90bEHR9pJ7aeqkud2XE+4nvrzza2pIZ/k1p7wDUiu2+YPbBuT7d il+HbtFKOdQjBQhmuy/r9S800HuphaL6QOjxQMACuURl79ZjRtNE+FNs+yGRkc12EAUL Fk4osoU/2Nd9hH3p9CZDWaPyyeLm9+bRjFsQE= Received: by 10.236.181.231 with SMTP id l67mr9469545yhm.8.1322717927607; Wed, 30 Nov 2011 21:38:47 -0800 (PST) Received: from [192.168.2.5] (adsl-98-95-128-85.jan.bellsouth.net. [98.95.128.85]) by mx.google.com with ESMTPS id m29sm7731735yhi.20.2011.11.30.21.38.46 (version=SSLv3 cipher=OTHER); Wed, 30 Nov 2011 21:38:46 -0800 (PST) Message-ID: <4ED712E5.9040107@gmail.com> Date: Wed, 30 Nov 2011 23:38:45 -0600 From: Dale User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:7.0.1) Gecko/20111022 Firefox/7.0.1 SeaMonkey/2.4.1 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Re: Re: Re: Full disk encryption References: <20111130152753.176a9a08@hactar.digimed.co.uk> <4ED67664.1060302@gmail.com> <4ED700AC.5060400@gmail.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: bc734045-a558-4eae-afbd-3c35414939b8 X-Archives-Hash: e8f6d001310b2c9c1bbd707be343d506 Jack Byer wrote: > I can tell you how mine is set up. > > emerge -v dracut > > These are the packages that would be merged, in order: > > [ebuild R ~] sys-kernel/dracut-013-r2 USE="-debug (-selinux)" > DRACUT_MODULES="btrfs crypt lvm -biosdevname -caps -crypt-gpg -dmraid - > dmsquash-live -gensplash -iscsi -livenet -mdraid -multipath -nbd -nfs - > plymouth -syslog -xen" 0 kB > > I don't use any of the other modules so all I enable are btrfs, crypt and > lvm. > > /etc/dracut.conf has no changes from the default except for the line: > > add_dracutmodules+="crypt dm lvm" > > but I'm about 80% sure even that isn't necessary and you could just leave > the default values alone. One of these days I'll get around to testing that. > > I make an initramfs with the following command: > > dracut --lzma.dracut.lzma > > (obviously change --lzma to whatever type of compression your kernel > expects > to use and name the file whatever you want. Make sure to include the kernel > version just like it appears in your /lib/modules/ directory so that dracut > includes the correct kernel modules) > > Then I make grub.conf look something like this: > > root (hd0,0) > kernel / root=UUID=08b00d7f-b633-4c03-98fe-dd5942a8fb7e > initrd /.dracut.lzma > > I like to name my kernels and initramfs files by the hostname of the > computer since I have three that I manage but use whatever you want and > just > make sure you put the right filenames in grub.conf. > > You can obtain the UUID of your root filesystem by a number of methods, but > the easiest is to use ls -l /dev/disks/by-uuid/ > > That's really all there is to it. Dracut will boot up and load the modules > it is compiled with and search through the disks, logical volumes, and > dmcrypt containers until it finds a filesystem with the UUID you specify. > Once it finds the root filesystem it mounts it with whatever options you've > specified in /etc/fstab and then hands control over to OpenRC. > > If it has the necessary modules (kernel and dracut) and you pass the right > root= option then it Just Works. > < Dale copies to his "Important" folder > I'm going to give this way a shot next time. I'm downloading a lot of TV shows right now so can't reboot very often. Thanks much for posting this tho. This helps me a LOT. With all the time I have on my hands, I really need to learn how to add things to all these wiki sites. Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!