Hi!
With commit 5dae018, it’s possible to declared “mapped devices”. I use
it for my /home partition which is LUKS-encrypted:
--8<---------------cut here---------------start------------->8---
(operating-system
(host-name "pluto")
(timezone "Europe/Paris")
(locale "en_US.UTF-8")
(mapped-devices (list (mapped-device
(source "/dev/sda3")
(target "home")
(command luks-device-mapping))))
(file-systems (cons* (file-system
(device "root")
(title 'label)
(mount-point "/")
(type "ext3"))
(file-system
(device "/dev/mapper/home")
(mount-point "/home")
(type "ext3"))
%base-file-systems))
;;; ...
)
--8<---------------cut here---------------end--------------->8---
The effect is to run ‘cryptsetup open --type luks /dev/sda3 home’ before
/home is mounted, which prompts for a pass phrase.
I’ll add a section in the manual real soon.
(Conceptually “file systems” and “mapped devices” are about the same,
and the Hurd makes no difference, but I think we have to expose it
separately for the sake of Linux-based systems.)
Ludo’.
