On Thu, Mar 01, 2007 at 11:21:08PM +0100, David Härdeman wrote: > >I am trying to create a customized installation disk with the ability > >to create encrypted root filesystem. In my test installations, I noticed > >that the filesystem type is not set properly when I choose to reformat > >filesystems in debian installer. > > > >This is what I am doing: > > > >1. While doing a test install, I use "cryptsetup luksFormat /dev/hdaX" > > to create an encrypted filesystem. > > So you did not use the crypto support in partman to set up the encrypted > filesystem but did it manually in VT2?
partman (from ubuntu edgy eft) don't offer me to create crypto support. I install to an unencrypted partition and run cryptsetup from a script installed by preseed/late_command. My procedure is basically like the one described in https://help.ubuntu.com/community/EncryptedFilesystemHowto with the most notable exception that I'm trying to get it all preceeded in a custom CD. So, to answer your question: "cryptsetup luksFormat /dev/blah" is run on the second[1] reboot from a script in /etc/rcS.d which is istalled by preseed/late_command. The script deletes itself after running. [1]: On the first reboot an other script is run which updates to a current kernel which is needed to support crypto. This script also installs some necessary tools. So, as an overview, this custom-CD installs in three phases: 1. Basic install with d-i. At the end of this phase preseed/late_command installs /etc/rcS.d/S98postinstall and /etc/rcS.d/S99cryptsetup. after that, the system is rebooted. 2. At first reboot, S98postinstall updates/upgrades and apt-get all packages (e.g initramfs-tools) which are needed in the third phase. Then the system is rebooted again into a kernel with crypto capabilities. 3. At second reboot S99cryptsetup is run. This script runs cryptsetup and mkfs. Then it copies the system to the freshly created filesystems and configures the sytem to actually use the new filesystems (setting up crypttab/fstab/initramfs/etc/pp). > >2. In the next test install, I choose to reformat /dev/hdaX with ext3. > > Using the partitioner in the installer? Yes. > >3. When the system reboots after installation, I get the error message > > that the filesystem could not be mounted causing the boot process to > > abort, and my preseed/late_command (which runs cryptsetup and copies > > the system to encrypted partition) is not run. > > I don't get it...preseed/late_command is run just before the reboot (and > before file systems are unmounted), what does it have to do with > post-reboot? > > Could you please provide the exact error messages that you get? Ough, I messed up this paragraph! Sorry! This is how it should have been spelled: 3. When the system (first) reboots after installation, I get the error message that the filesystem could not be mounted causing the boot process to abort, and my /etc/rcS.d/S98postinstall (which is installed by preseed/late_command) is not run. (I described above what this script should do) > >4. When I try to mount the filesystem manually, I get the error message > > that filesystem type cyrpto_LUKS in not known. > > Manually mount, as in doing "mount /dev/something /mnt" from the > initramfs shell? Yes. > The "crypto_LUKS" text is (as far as I know) an > identification string provided by vol_id (i.e. libvolumeid) from udev, > it is used in the initramfs image but not by the regular mount > binary...so could you please provide more details on how and under which > circumstances you tried to mount the filesystem? The error occures on the first reboot (before any of my scripts mentioned above come into the game). fsck.ext3: Unable to resolve 'UUID=xxxxxxxxx' fsck died with exit status 8 Then I get dropped into the initramfs shell: # mount /dev/hda7 /mnt mount: unknown filesystem type 'crypto_LUKS' # mount -t ext3 /dev/hda7 /mnt # -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
