Dear friends,
I wanted to provide an update with my experience on this (last week).
Recall that I had a few machines with separate /home partitions which needed to
be encrypted without erasing them and writing them from backup. I was not that
concerned about reinstalling because it takes me a f
On Wed, 2015-12-02 at 14:42 -0800, Gordon Messmer wrote:
> I'm not calling you names. I said that you made a dishonest
> argument, but attacking an argument is not the same as attacking the
> person making that argument.
Sophistry. An honest person can make a mistaken argument but not a
dishonest
On 12/02/2015 01:50 PM, Patrick O'Callaghan wrote:
I made a suggestion based on my own perception. Do you do something
different?
No, I don't. That's why I'm not supporting my argument with claims
about what the "average" user knows or wants.
If you have data on the Fedora user community t
On 12/02/2015 08:31 AM, Patrick O'Callaghan wrote:
On Tue, 2015-12-01 at 19:07 -0600, Chris Adams wrote:
Once upon a time, Patrick O'Callaghan said:
On Tue, 2015-12-01 at 15:31 -0600, Chris Adams wrote:
With LVM, I still get /dev/vg_foo/lv_bar, and
don't care what raw device the underlying pa
On Wed, 2015-12-02 at 12:00 -0800, Gordon Messmer wrote:
> On 12/02/2015 11:42 AM, Joe Zeff wrote:
> > Read what Patrick wrote as referring to the average *professional*
> > Linux admin and remember that there are many of us out here who
> > only
> > use Fedora on our home machines.
>
> I did.
On Wed, 2015-12-02 at 12:14 -0800, Joe Zeff wrote:
> On 12/02/2015 12:00 PM, Gordon Messmer wrote:
> > On 12/02/2015 11:42 AM, Joe Zeff wrote:
> > > Read what Patrick wrote as referring to the average
> > > *professional*
> > > Linux admin and remember that there are many of us out here who
> > > o
atrick O'Callaghan
To: users@lists.fedoraproject.org
Sent: Wednesday, December 2, 2015 11:31 AM
Subject: Re: encrypting /home partition post-install
On Tue, 2015-12-01 at 19:07 -0600, Chris Adams wrote:
> Once upon a time, Patrick O'Callaghan said:
> > On Tue, 2015-12-01 at 15:31 -060
On 12/02/2015 12:00 PM, Gordon Messmer wrote:
On 12/02/2015 11:42 AM, Joe Zeff wrote:
Read what Patrick wrote as referring to the average *professional*
Linux admin and remember that there are many of us out here who only
use Fedora on our home machines.
I did. He made a claim about what "ave
On 12/02/2015 11:42 AM, Joe Zeff wrote:
Read what Patrick wrote as referring to the average *professional*
Linux admin and remember that there are many of us out here who only
use Fedora on our home machines.
I did. He made a claim about what "average" admins know, without any
evidence to b
On 12/02/2015 11:41 AM, Gordon Messmer wrote:
I would think that's an unusual operation. The simplest answer would
be: access your volumes from live media rather than moving your storage
to another similar system. Also, as Chris mentioned, Anaconda will
attempt to generate unique (or at least,
On 12/02/2015 11:32 AM, Gordon Messmer wrote:
On 12/01/2015 04:26 PM, Patrick O'Callaghan wrote:
I guess my point is that the average Linux admin is going to have a
working knowledge of disk partitioning, whereas LVM is an*additional*
layer of expertise that may pay dividends in certain use case
On 12/02/2015 04:35 AM, Tim wrote:
Actually, that'd be related to one of my issues with LVM, it gives every
install the same default volume names, so plugging a broken PCs drive
into a working PC, to work on it, requires quite a bit of mucking around
to mount the second drive with the same volume
On 12/01/2015 04:26 PM, Patrick O'Callaghan wrote:
I guess my point is that the average Linux admin is going to have a
working knowledge of disk partitioning, whereas LVM is an*additional*
layer of expertise that may pay dividends in certain use cases, but for
most people is just irrelevant.
Yo
On Tue, 2015-12-01 at 19:07 -0600, Chris Adams wrote:
> Once upon a time, Patrick O'Callaghan said:
> > On Tue, 2015-12-01 at 15:31 -0600, Chris Adams wrote:
> > > With LVM, I still get /dev/vg_foo/lv_bar, and
> > > don't care what raw device the underlying partition is, how it is
> > > connected,
Once upon a time, Tim said:
> Actually, that'd be related to one of my issues with LVM, it gives every
> install the same default volume names, so plugging a broken PCs drive
> into a working PC, to work on it, requires quite a bit of mucking around
> to mount the second drive with the same volume
Allegedly, on or about 01 December 2015, Joe Zeff sent:
> This is why you mount them either by UUID or Label.
Actually, that'd be related to one of my issues with LVM, it gives every
install the same default volume names, so plugging a broken PCs drive
into a working PC, to work on it, requires qu
On 12/01/2015 05:02 PM, Chris Adams wrote:
In the context of moving drives from computer to computer, I doubt
you're going to type a UUID in by hand. Label works if you remember to
set one.
You get the UUID before moving the drive, and put it in a text file on a
flash drive. Then, when you e
Once upon a time, Patrick O'Callaghan said:
> On Tue, 2015-12-01 at 15:31 -0600, Chris Adams wrote:
> > With LVM, I still get /dev/vg_foo/lv_bar, and
> > don't care what raw device the underlying partition is, how it is
> > connected, etc. (very useful for example when taking an internal
> > drive
Once upon a time, Joe Zeff said:
> On 12/01/2015 01:31 PM, Chris Adams wrote:
> >I find quite the opposite: without LVM, I have to know that the drive I
> >just moved from computer to computer changed from sdb to sdc, and edit
> >fstab and such manually.
>
> This is why you mount them either by U
On Tue, 2015-12-01 at 15:31 -0600, Chris Adams wrote:
> Once upon a time, Patrick O'Callaghan said:
> > Because I know what physical disks I have in my machine and I want
> > to
> > relate that to what I see in the output of df. I might even want to
> > move a device to another machine and be able
On 12/01/2015 01:31 PM, Chris Adams wrote:
I find quite the opposite: without LVM, I have to know that the drive I
just moved from computer to computer changed from sdb to sdc, and edit
fstab and such manually.
This is why you mount them either by UUID or Label.
--
users mailing list
users@list
Once upon a time, Patrick O'Callaghan said:
> Because I know what physical disks I have in my machine and I want to
> relate that to what I see in the output of df. I might even want to
> move a device to another machine and be able to mount the right
> partitions in the right places. With "normal
On Tue, 2015-12-01 at 09:29 -0800, Gordon Messmer wrote:
> > Not so. If you have LVM you have to*know* you have LVM, otherwise
> your
> > disk partition names won't make any sense. Just doing a "df"
> requires you to know this and understand what it means.
>
> Why is understanding the device name
On 12/01/2015 06:35 PM, Gordon Messmer wrote:
> On 12/01/2015 06:43 AM, Roberto Ragusa wrote:
>>> ... should note that you'll have to shrink at least one of your volumes,
>>> though. The encrypted PV that you create will be slightly smaller than it
>>> was, before encryption. As a result, there
On 12/01/2015 06:29 PM, Gordon Messmer wrote:
> On 12/01/2015 03:37 AM, Patrick O'Callaghan wrote:
>> Not so. If you have LVM you have to*know* you have LVM, otherwise your
>> disk partition names won't make any sense. Just doing a "df" requires
>> you to know this and understand what it means.
>
On 11/30/2015 11:11 PM, Joe Zeff wrote:
It's one more layer of abstraction to confuse newer users when things
go wrong.
In the context of a conversation where LVM provides a means of
addressing the OP's requirement (encrypting a system after-the-fact),
and where I've outlined numerous concre
On 12/01/2015 02:57 AM, Tim wrote:
Do we have file system recovery tools for it, yet? (Assuming that a
problem might occur with LVM, itself, rather than an EXT3 filesystem
within it.)
pvck and vgck. I believe the answer is "yes". vgck is present in tag
v1_00_03, so it's at least 12 years ol
On 12/01/2015 06:43 AM, Roberto Ragusa wrote:
... should note that you'll have to shrink at least one of your volumes,
though. The encrypted PV that you create will be slightly smaller than it was,
before encryption. As a result, there won't be enough extents to move all of
the volumes off a
On 12/01/2015 03:37 AM, Patrick O'Callaghan wrote:
Not so. If you have LVM you have to*know* you have LVM, otherwise your
disk partition names won't make any sense. Just doing a "df" requires
you to know this and understand what it means.
Why is understanding the device names, as opposed to un
On 12/01/2015 04:27 PM, Ranjan Maitra wrote:
> On Tue, 1 Dec 2015 16:12:07 +0100 Roberto Ragusa
> wrote:
> No problem. Thank you. this is very helpful. Btw, isn't the recommended way
> to edit grub by changing /etc/defaults/grub and then running grub-mkconfig or
> is that for something else?
>
On Tue, 1 Dec 2015 16:12:07 +0100 Roberto Ragusa wrote:
> On 11/30/2015 11:24 PM, Ranjan Maitra wrote:
> > On Mon, 30 Nov 2015 21:59:35 +0100 Roberto Ragusa
> > wrote:
> >
> >> All of this can be done while the system is running
> >> normally.
> >> Before rebooting, fix your /etc/crypttab and
On 11/30/2015 11:24 PM, Ranjan Maitra wrote:
> On Mon, 30 Nov 2015 21:59:35 +0100 Roberto Ragusa
> wrote:
>
>> All of this can be done while the system is running
>> normally.
>> Before rebooting, fix your /etc/crypttab and initramfs
>> so you will be asked the passphrase at next boot.
>
> Can
On 11/30/2015 10:07 PM, Gordon Messmer wrote:
> On 11/30/2015 01:06 PM, Gordon Messmer wrote:
>> You can add a PV to encrypt the system without rebooting.
>
> ... should note that you'll have to shrink at least one of your volumes,
> though. The encrypted PV that you create will be slightly smal
On Mon, 2015-11-30 at 19:01 -0800, Gordon Messmer wrote:
> Systems with simple, relatively static storage will, by the same
> token, not require users to interact with LVM.
> So where is the case for not using it, exactly?
Not so. If you have LVM you have to *know* you have LVM, otherwise your
di
Allegedly, on or about 30 November 2015, Gordon Messmer sent:
> Systems with simple, relatively static storage will, by the same
> token, not require users to interact with LVM. So where is the case
> for not using it, exactly?
Do we have file system recovery tools for it, yet? (Assuming that a
On 11/30/2015 07:01 PM, Gordon Messmer wrote:
So where is the case for not using it, exactly?
It's one more layer of abstraction to confuse newer users when things go
wrong.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedo
On 11/30/2015 05:05 PM, Sam Varshavchik wrote:
Such as during the grub -> grub2 transition, when a larger spare chunk
of space was needed, after the MBR, to accomodate the larger bootloader.
Yes, but only for systems that had /boot on md RAID1. In the context of
a discussion about "95% of use
Heinz Diehl writes:
Automatically introducing complexity into 95% of the users systems just
because it could
be useful some day is, quite frankly, embarassing. It makes sense the
other way 'round: complexity adds to the diffculties when
having to handle data operations (backup, encryption, tra
Ranjan Maitra writes:
On Mon, 30 Nov 2015 08:38:50 -0500 Sam Varshavchik
wrote:
> In this case, this is not possible. /boot cannot be encrypted. If you have
> one / partition, and /boot lives on it, it cannot be encrypted.
Thanks! But I was talking about encrypting the /home partition which
On 11/30/2015 03:07 PM, Gordon Messmer wrote:
On 11/30/2015 01:06 PM, Gordon Messmer wrote:
You can add a PV to encrypt the system without rebooting.
... should note that you'll have to shrink at least one of your volumes,
though. The encrypted PV that you create will be slightly smaller than
On Mon, 30 Nov 2015 21:59:35 +0100 Roberto Ragusa wrote:
> On 11/30/2015 08:44 PM, Gordon Messmer wrote:
> > On 11/30/2015 03:44 AM, Roberto Ragusa wrote:
> >> This thread is about someone wanting to encrypt an existing
> >> system: LVM makes it possible to do this, without a reboot,
> >> without
On 11/30/2015 01:06 PM, Gordon Messmer wrote:
You can add a PV to encrypt the system without rebooting.
... should note that you'll have to shrink at least one of your volumes,
though. The encrypted PV that you create will be slightly smaller than
it was, before encryption. As a result, the
On 11/30/2015 12:59 PM, Roberto Ragusa wrote:
On 11/30/2015 08:44 PM, Gordon Messmer wrote:
As far as I'm aware, no it doesn't.
You can encrypt the system without even rebooting.
Connect an external temporary USB disk (dev/sdb).
Create a PV there (big enough for all your partitions).
...
Yes
On 11/30/2015 08:44 PM, Gordon Messmer wrote:
> On 11/30/2015 03:44 AM, Roberto Ragusa wrote:
>> This thread is about someone wanting to encrypt an existing
>> system: LVM makes it possible to do this, without a reboot,
>> without unmounting.
>
> As far as I'm aware, no it doesn't.
It does.
Supp
On 11/30/2015 06:08 AM, Ranjan Maitra wrote:
But there is only one filesystem (/dev/sda) and one HDD on these two
> >laptops. Therefore, I am not sure how to do this other than through going in
> >through a LiveCD.
Thanks! But I was talking about encrypting the /home partition which is
separate
On 11/30/2015 03:44 AM, Roberto Ragusa wrote:
This thread is about someone wanting to encrypt an existing
system: LVM makes it possible to do this, without a reboot,
without unmounting.
As far as I'm aware, no it doesn't.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or cha
On 11/29/2015 01:19 PM, Sam Varshavchik wrote:
I really don't understand why Fedora is still foisting all the
overhead of LVM on everyone, by default.
I would imagine that the simple answer is "consistency."
The slightly longer answer, IMO:
Would you like to make snapshots for consistent bac
On Mon, 2015-11-30 at 13:00 +, Patrick O'Callaghan wrote:
> It does if a) there is no overhead (which is being claimed for LVM)
> and b) it doesn't burden the user, which LVM does even if you never do
> anything with it. The burden being a cognitive one: that you have to
> know it's there and u
On Mon, 2015-11-30 at 15:58 +0100, Heinz Diehl wrote:
> On 30.11.2015, Roberto Ragusa wrote:
>
> > Seat belts are also useless for >99.9% of car passengers. :-) The
> > little inconvenience is accepted because
> > they may turn useful one day.
>
> LVM can not possibly be life-threatening, in opp
On 30.11.2015, Roberto Ragusa wrote:
> Seat belts are also useless for >99.9% of car passengers. :-) The little
> inconvenience is accepted because
> they may turn useful one day.
LVM can not possibly be life-threatening, in opposite to a non-used
seatbelt, which is why your argument is bogus ;
On 11/30/2015 01:01 PM, Sam Varshavchik wrote:
> Roberto Ragusa writes:
>
>> On 11/29/2015 10:19 PM, Sam Varshavchik wrote:
>>
>>> I really don't understand why Fedora is still foisting all the overhead of
>>> LVM on everyone, by default. I would tend to think that for typical use
>>> cases, LV
On Mon, 30 Nov 2015 08:38:50 -0500 Sam Varshavchik
wrote:
> Ranjan Maitra writes:
>
> > On Sun, 29 Nov 2015 20:29:09 -0800 Gordon Messmer
> >
> > wrote:
> >
> > > On 11/29/2015 05:59 PM, Ranjan Maitra wrote:
> > > > Thanks! I was wondering about this some more. Can I not put this tool
> > >
Ranjan Maitra writes:
On Sun, 29 Nov 2015 20:29:09 -0800 Gordon Messmer
wrote:
> On 11/29/2015 05:59 PM, Ranjan Maitra wrote:
> > Thanks! I was wondering about this some more. Can I not put this tool
> > luksipc on a LiveCD and then compile and run it from there? Then the
> > actual disks wo
On Sun, 29 Nov 2015 20:29:09 -0800 Gordon Messmer
wrote:
> On 11/29/2015 05:59 PM, Ranjan Maitra wrote:
> > Thanks! I was wondering about this some more. Can I not put this tool
> > luksipc on a LiveCD and then compile and run it from there? Then the
> > actual disks would be "offline", isn't th
On Mon, 2015-11-30 at 06:59 -0500, Sam Varshavchik wrote:
> > It's an issue that raises its head sporadically and has done for
> > several years. I'm also in the No camp and take care to disable LVM
> on
> > any new install, but I can't see the situation changing unless or
> until
> > something fun
Roberto Ragusa writes:
On 11/29/2015 10:19 PM, Sam Varshavchik wrote:
> I really don't understand why Fedora is still foisting all the overhead of
LVM on everyone, by default. I would tend to think that for typical use
cases, LVM brings absolutely nothing value-added. I would expect that, w
Patrick O'Callaghan writes:
On Mon, 2015-11-30 at 08:36 +0100, Heinz Diehl wrote:
> On 29.11.2015, Sam Varshavchik wrote:
>
> > I really don't understand why Fedora is still foisting all the
> > overhead of
> > LVM on everyone, by default. I would tend to think that for typical
> > use
> > cases
On 11/29/2015 10:19 PM, Sam Varshavchik wrote:
> I really don't understand why Fedora is still foisting all the overhead of
> LVM on everyone, by default. I would tend to think that for typical use
> cases, LVM brings absolutely nothing value-added. I would expect that, with
> most use cases, p
On Mon, 2015-11-30 at 08:36 +0100, Heinz Diehl wrote:
> On 29.11.2015, Sam Varshavchik wrote:
>
> > I really don't understand why Fedora is still foisting all the
> > overhead of
> > LVM on everyone, by default. I would tend to think that for typical
> > use
> > cases, LVM brings absolutely nothi
On 29.11.2015, Sam Varshavchik wrote:
> I really don't understand why Fedora is still foisting all the overhead of
> LVM on everyone, by default. I would tend to think that for typical use
> cases, LVM brings absolutely nothing value-added.
I'd like to second that!
Mentioned the same issue here
On 11/29/2015 05:59 PM, Ranjan Maitra wrote:
Thanks! I was wondering about this some more. Can I not put this tool
luksipc on a LiveCD and then compile and run it from there? Then the
actual disks would be "offline", isn't that correct?
Yes, but you don't really need to do that. You just need
On Sun, 29 Nov 2015 17:08:25 -0800 Gordon Messmer
wrote:
> On 11/29/2015 04:22 PM, Ranjan Maitra wrote:
> > I do have backups in place, but I don't really want to have to go
> > back to them (one of the partitions has 367 GB of data, the other has
> > 100 GB). At the least, it will be disruptive
On Sun, 29 Nov 2015 20:29:47 -0500 Sam Varshavchik
wrote:
> Ranjan Maitra writes:
>
> > Thanks! Btw, either way, is it possible to encrypt a non-LVM partition? As I
>
> Yes, and I mentioned the fact that I did just that, earlier in this thread.
>
Yes, you did. but I was not clear because the
Ranjan Maitra writes:
Thanks! Btw, either way, is it possible to encrypt a non-LVM partition? As I
Yes, and I mentioned the fact that I did just that, earlier in this thread.
pgpfdZl_6H1qb.pgp
Description: PGP signature
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or
On Sun, 29 Nov 2015 17:08:25 -0800 Gordon Messmer
wrote:
> On 11/29/2015 04:22 PM, Ranjan Maitra wrote:
> > I do have backups in place, but I don't really want to have to go
> > back to them (one of the partitions has 367 GB of data, the other has
> > 100 GB). At the least, it will be disruptive
On 11/29/2015 04:22 PM, Ranjan Maitra wrote:
I do have backups in place, but I don't really want to have to go
back to them (one of the partitions has 367 GB of data, the other has
100 GB). At the least, it will be disruptive.
Disruption is unavoidable. The tool I described earlier might be ab
On Sun, 29 Nov 2015 14:19:51 -0800 Joe Zeff wrote:
> On 11/29/2015 01:19 PM, Sam Varshavchik wrote:
> >
> > I really don't understand why Fedora is still foisting all the overhead
> > of LVM on everyone, by default. I would tend to think that for typical
> > use cases, LVM brings absolutely nothi
On 11/29/2015 01:19 PM, Sam Varshavchik wrote:
I really don't understand why Fedora is still foisting all the overhead
of LVM on everyone, by default. I would tend to think that for typical
use cases, LVM brings absolutely nothing value-added. I would expect
that, with most use cases, people ins
Please remember to make backups and more backups. Perhaps also a
second user account with a copy of your stuff in case this goes
really, really bad.
There's a caution at the top of the page that this page has been
marked 'old' so proceed with caution.
https://fedoraproject.org/wiki/Disk_Encryptio
Gordon Messmer writes:
On 11/29/2015 12:25 PM, Ranjan Maitra wrote:
Is it possible to encrypt a /home partition on F23 without losing the
data? If so, what is the recommended method?
Possible, yes. Supported? No.
http://www.johannes-bauer.com/linux/luksipc/
If you trust the author, you mi
On 11/29/2015 12:25 PM, Ranjan Maitra wrote:
Is it possible to encrypt a /home partition on F23 without losing the
data? If so, what is the recommended method?
Possible, yes. Supported? No.
http://www.johannes-bauer.com/linux/luksipc/
If you trust the author, you might be able to convert a
Hi,
Is it possible to encrypt a /home partition on F23 without losing the data? If
so, what is the recommended method?
Many thanks and best wishes,
Ranjan
--
Important Notice: This mailbox is ignored: e-mails are set to be deleted on
receipt. Please respond to the mailing list if appropriate
72 matches
Mail list logo
