You are not logged in.
- Topics: Active | Unanswered
#1 2016-02-23 15:51:09
- uid_65536
- Member
- From: localhost
- Registered: 2016-02-23
- Posts: 3
- Website
Chicken/Egg problem - mounting disk image as '/'
Hi
Hope this is the right forum - my apologies if not (it's my first post and I wasn't sure but this looked like the most likely one).
Coming from a Windows background, I've only been playing around with linux* for about fourteen months, so I've reached the limit of my ability to resolve issues with only the aid of blog-posts, online howtos and the answers to others' questions on forums, sorry.
I need to mount a plain dm-crypt volume with multiple partitions on which Arch has been installed.
Not difficult: configure dm-crypt, install Arch, mkinintcpio, reboot, job's a good'un.
However: I need it to contain an LVM schema.
Still not difficult: configure dm-crypt, configure LVM, install Arch, mkinintcpio, reboot, job's another good'un.
But: the LVM cannot be expanded beyond the original schema and the job's not such a good'un.
Okay, so, configure LVM, install Arch, mkinintcpio, reboot, create an image of the drive, repartition, configure dm-crypt, configure LVM, mkinitcpio, copy the image to one of the LVs and
and
and how on earth do I mount the image as the root filesystem?
After the initramfs is done decrypting and mounting the system the switch_root switches to the underlying hardware and I can't mount the image as '/' - I can loop mount it anywhere else as a (virtual) block-device, just not to '/'.
So, I figure I need to play around with two switch_roots across three inits - the initramfs decrypts the volume and mounts the LVM then does a switch_root to the image which switch_roots itself to the underlying HDDs and then hands over to the init belonging to the Arch installation found there.
The chicken/egg problem shouldn't be insurmountable, so long as I can switch_root from the hardware based LVM to the image it contains, but I can't figure out how to do it.
Perhaps I can include the image in the initramfs? It's only 64MB, but I'd rather not have it taking up the extra RAM, if possible, so this wouldn't be my first choice.
Or would 'User Mode Linux' be a suitable solution? I suspect there'd be a performance hit though and (believe it or not) the idea here is to maximise performance as much as security and expandability. It's a horribly overengineered solution, I know, but it seems to be the only way to get genuine/full LVM on top of encryption.***
Or a Colinux parallelisation?
Or could I do something in the fstab in the initramfs?
Any help/pointers would be gratefully received.
Thanks in advance.
__________________
* Arch because it's more up-to-date than Slackware, less hassle than Gentoo** and I'm not /quite/ ready for LFS yet.
** I'm not convinced by Gentoo anyway: I may just be too ignorant to appreciate the subtleties but setting a few flags (that I'll probably almost never change afterwards) and typing 'emerge <file>' is not DIY linux any more than is 'makepkg -s <something from the ABS/AUR>' - at least not to my mind.
*** The LVM schema is hidden by the encryption thanks to being inside the image, but isn't directly encrpted itself, so it can use a dm-crypt on LVM approach afterwards, making it fully expandable.
Last edited by uid_65536 (2016-02-24 01:07:22)
No signature currently stored in profile.
Offline