From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RVyts-0003WZ-PQ for garchives@archives.gentoo.org; Thu, 01 Dec 2011 05:09:37 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D513A21C0A4; Thu, 1 Dec 2011 05:09:21 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id A665121C038 for ; Thu, 1 Dec 2011 05:08:08 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 321FB1B400F for ; Thu, 1 Dec 2011 05:08:08 +0000 (UTC) X-Virus-Scanned: by amavisd-new using ClamAV at gentoo.org X-Spam-Flag: NO X-Spam-Score: -5.015 X-Spam-Level: X-Spam-Status: No, score=-5.015 tagged_above=-999 required=5.5 tests=[AWL=-0.514, BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.201, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham Received: from smtp.gentoo.org ([127.0.0.1]) by localhost (smtp.gentoo.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x6y2CqBb-POb for ; Thu, 1 Dec 2011 05:08:00 +0000 (UTC) Received: from lo.gmane.org (lo.gmane.org [80.91.229.12]) by smtp.gentoo.org (Postfix) with ESMTP id 12F711B400A for ; Thu, 1 Dec 2011 05:07:58 +0000 (UTC) Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1RVysA-0001zk-5M for gentoo-user@gentoo.org; Thu, 01 Dec 2011 06:07:50 +0100 Received: from cpe-76-183-217-112.tx.res.rr.com ([76.183.217.112]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 01 Dec 2011 06:07:50 +0100 Received: from ftn768 by cpe-76-183-217-112.tx.res.rr.com with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 01 Dec 2011 06:07:50 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-user@lists.gentoo.org From: Jack Byer Subject: [gentoo-user] Re: Re: Re: Full disk encryption Date: Wed, 30 Nov 2011 23:07:36 -0600 Message-ID: References: <20111130152753.176a9a08@hactar.digimed.co.uk> <4ED67664.1060302@gmail.com> <4ED700AC.5060400@gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7Bit X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: cpe-76-183-217-112.tx.res.rr.com User-Agent: KNode/4.7.3 X-Archives-Salt: 4ecc61f1-11cb-4efd-83c3-2c8ede910456 X-Archives-Hash: 311d0cd0a8b003c0b8be3b5a1f0fe585 Dale wrote: > Jack Byer wrote: >> Dale wrote: >> >>> Did you use a howto for Dracut? If so, have a link you could post? I >>> tried making a init thingy and after about 20 failed reboots, I scraped >>> the idea. I was trying to follow the howto on the Gentoo wiki I think. >>> The unofficial wiki. >>> >> I had some difficulties because the way I was doing things before with my >> homebrew solution was... non-standard. >> >> The problem areas that I remember from the transition were: setting the >> USE flags correctly to build the modules I needed, initially confusing >> dracutmodules and add_dracutmodules in dracut.conf (actually you probably >> don't even need to edit that file at all), making sure to have a sane >> /etc/fstab line for the root file system and passing the right root= >> kernel command line. root=UUID=... works the best in my experience. >> >> >> > > > I did change the USE flags for the packages it said to. I think some > things have changed or something, maybe openrc?, and the script I was > copying and working with just didn't work. Maybe it needs updating or > something. I'm hoping to see a up-to-date howto or someone will post a > good up-to-date howto for dracut. Something even a idiot could follow. > I think it will work for me then. lol > > Dale > > :-) :-) > I can tell you how mine is set up. emerge -v dracut These are the packages that would be merged, in order: [ebuild R ~] sys-kernel/dracut-013-r2 USE="-debug (-selinux)" DRACUT_MODULES="btrfs crypt lvm -biosdevname -caps -crypt-gpg -dmraid - dmsquash-live -gensplash -iscsi -livenet -mdraid -multipath -nbd -nfs - plymouth -syslog -xen" 0 kB I don't use any of the other modules so all I enable are btrfs, crypt and lvm. /etc/dracut.conf has no changes from the default except for the line: add_dracutmodules+="crypt dm lvm" but I'm about 80% sure even that isn't necessary and you could just leave the default values alone. One of these days I'll get around to testing that. I make an initramfs with the following command: dracut --lzma .dracut.lzma (obviously change --lzma to whatever type of compression your kernel expects to use and name the file whatever you want. Make sure to include the kernel version just like it appears in your /lib/modules/ directory so that dracut includes the correct kernel modules) Then I make grub.conf look something like this: root (hd0,0) kernel / root=UUID=08b00d7f-b633-4c03-98fe-dd5942a8fb7e initrd /.dracut.lzma I like to name my kernels and initramfs files by the hostname of the computer since I have three that I manage but use whatever you want and just make sure you put the right filenames in grub.conf. You can obtain the UUID of your root filesystem by a number of methods, but the easiest is to use ls -l /dev/disks/by-uuid/ That's really all there is to it. Dracut will boot up and load the modules it is compiled with and search through the disks, logical volumes, and dmcrypt containers until it finds a filesystem with the UUID you specify. Once it finds the root filesystem it mounts it with whatever options you've specified in /etc/fstab and then hands control over to OpenRC. If it has the necessary modules (kernel and dracut) and you pass the right root= option then it Just Works.