extending LVM inside an LUKS partition

DasRohr · 2018-06-21 23:05:57

Hi folks!

I just began my first steps with Arch in a VM and everyhting is fine so far. The Wiki and Forums covered all things that have come up till now.

But I came across a situation that I had multiple times in the past, but never thought about it. Is more a general thing rather than specific to Arch. But I found some resources about similar things here. So i think it is ok to drop that here.

My root partition ran out of space. But as I set it up as an LVM - no problem of expanding it. Added new disk (/dev/sdb) to the VM, pvcreate, vgextend, etc etc ...
That was fine and it is working - BUT:

The Partition /dev/sda2 where the LVM lives in is an LUKS encrypted device, which is not a problem, just the point of my question. Because what I can not get sorted by myself is: Is the data on the new /dev/sdb1 stored crypted or not!?

this is my disk-layout:

NAME           MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
sda              8:0    0    8G  0 disk  
|-sda1           8:1    0    1G  0 part  /boot
`-sda2           8:2    0    7G  0 part  
  `-vg0        254:0    0    7G  0 crypt 
    |-vg0-swap 254:1    0  512M  0 lvm   [SWAP]
    |-vg0-root 254:2    0    7G  0 lvm   /
    `-vg0-home 254:3    0  4.5G  0 lvm   /home
sdb              8:16   0    5G  0 disk  
`-sdb1           8:17   0    5G  0 part  
  `-vg0-root   254:2    0    7G  0 lvm   /

and the luks-partition:

[root@arch ~]# cryptsetup status /dev/mapper/vg0
/dev/mapper/vg0 is active and is in use.
  type:    LUKS1
  cipher:  aes-xts-plain64
  keysize: 256 bits
  key location: dm-crypt
  device:  /dev/sda2
  sector size:  512
  offset:  4096 sectors
  size:    14673887 sectors
  mode:    read/write

lvm pvdisplay:

[root@arch ~]# pvdisplay 
  --- Physical volume ---
  PV Name               /dev/mapper/vg0
  VG Name               vg0
  PV Size               <7.00 GiB / not usable 4.98 MiB
  Allocatable           yes (but full)
  PE Size               4.00 MiB
  Total PE              1790
  Free PE               0
  Allocated PE          1790
  PV UUID               bAhrrZ-42cW-b6td-1kgP-LtZQ-y6Z1-utjivB
   
  --- Physical volume ---
  PV Name               /dev/sdb1
  VG Name               vg0
  PV Size               <5.00 GiB / not usable 3.00 MiB
  Allocatable           yes (but full)
  PE Size               4.00 MiB
  Total PE              1279
  Free PE               0
  Allocated PE          1279
  PV UUID               tIj7ca-Pcc2-M1TV-KsaU-ItoM-Gfhq-p2U5fb

and the encryt stuff for the efi boot:

[root@arch ~]# cat /boot/loader/entries/arch.conf 
[...>8...]
options cryptdevice=UUID=1c76ecc8-7697-4bad-8267-e0b3b8c5f6ba:vg0 root=/dev/vg0/root quiet rw

I am pretty sure I am missing something essential here.

jasonwryan · 2018-06-21 23:08:32

Not if you didn't encrypt it before adding it to the volume.

Moving to Kernel andHarware...

DasRohr · 2018-06-21 23:27:44

Thanks for you quick response! and for moving me to the right place .. sorry about that.

So ok, that makes sense of course.

but this would imply that if I crypt /dev/sdb1 as well, I have to enter a password for every crypted partition right? (so 2 in this case)
and do something like

options cryptdevice=UUID=1c76ecc8-7697-4bad-8267-e0b3b8c5f6ba:vg0 
crytdevice=UUID=[dev/sdb1-uuid]:crypt_sdb1 root=/dev/vg0/root quiet rw

and add /dev/mapper/crypt_sdb1 to my LVM?

jasonwryan · 2018-06-21 23:37:02

Hmm, that's an interesting question. With / split across the devices, will you be able unlock the second with a keyfile? May as well give it a shot...

Arch Linux

#1 2018-06-21 23:05:57

extending LVM inside an LUKS partition

#2 2018-06-21 23:08:32

Re: extending LVM inside an LUKS partition

#3 2018-06-21 23:27:44

Re: extending LVM inside an LUKS partition

#4 2018-06-21 23:37:02

Re: extending LVM inside an LUKS partition

Board footer