On 23/04/2015 7:51 PM, Craig Sanders wrote:
> On Thu, Apr 23, 2015 at 04:59:21AM +0000, Toby Corkindale wrote:
>> find -type f crypted -exec rewrite_file \{\} \;
>> where rewrite_file does something like
>> cp $FILE tmp_file
>> rm $FILE
>> mv tmp_file $FILE
>
> if you're going to do something like this then use 'cp -a' to preserve
> file ownership, group, permissions, and timestamps.
Yes, but rsync would be better.
I hate it when I see "cp" without at least "cp -p" ... ;-)
Having a 3 way RAID-1 disk set would be the way to go, take one disk out
of RAID and LUKS that disk, then add the LUKS volume back in as a RAID
component, let it sync; when done do the same for each other mirror disk
that you want to keep.
Oh and if you are going to LUKS encrypt the root file system, then
you'll need to consider other things. I use dropbear to enter pass
phrases at boot time via ssh with "cryptsetup luksOpen ...." for each
container and then LVM to provide all the required file systems
(including root).
A.
_______________________________________________
luv-main mailing list
[email protected]
http://lists.luv.asn.au/listinfo/luv-main
