From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from v1.tansi.org (mail.tansi.org [84.19.178.47]) by mail.server123.net (Postfix) with ESMTP for ; Sun, 18 Jun 2017 17:51:32 +0200 (CEST) Received: from gatewagner.dyndns.org (77-56-144-126.dclient.hispeed.ch [77.56.144.126]) by v1.tansi.org (Postfix) with ESMTPA id D4988140152 for ; Sun, 18 Jun 2017 17:51:16 +0200 (CEST) Date: Sun, 18 Jun 2017 17:51:32 +0200 From: Arno Wagner Message-ID: <20170618155131.GA10207@tansi.org> References: <15cb9f6bc21.e7fcdcb9152844.6693124782086296883@metempsy.com> <20170618072528.GA20747@yeono.kjorling.se> <30e43ff9-211d-d486-bf98-8faf91dfdb69@gmx.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In-Reply-To: <30e43ff9-211d-d486-bf98-8faf91dfdb69@gmx.net> Subject: Re: [dm-crypt] help mounting partitions in an encrypted disk after first reboot List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On Sun, Jun 18, 2017 at 17:25:41 CEST, Carl-Daniel Hailfinger wrote: > On 18.06.2017 09:25, Michael Kj=F6rling wrote: [...] > That (LVM inside a LUKS container) is the standard scheme proposed by > Ubuntu for an encrypted installation. It works out of the box (needs > just a single click in the Ubuntu installer), is well-tested and > supports resizing the encrypted logical volumes at a later date. But keep in mind that it makes things a lot more complicated, hence violating KISS. It is easier for doing fully automated=20 stuff, like a distro-installer would do, but as soon as you=20 do things manually, LVM is more of a problem than a solution. We have had many people here on the list that killed their LUKS containers by overwriting the headers with LVM or as a result of LVM misconfiguration and we had others that managed to change the LVM setup and then were unable to find their LUKS containers afterwards. =20 My advice would be to stay away from LVM. In this scenario it does not do more than a "partprobe" would do and it has no advantages. It is a case of something that looks simple, but is not, and that is the worst kind. If the ritual fails (and complex things that look simple are usually done by ritual, not by understanding), you are screwed. Of course, in the Windows-world, that approach is standard and it has been creeping into Linux for a while now (see, e.g. systemd, LVM, udev, etc.). This is probably due to people comming into the Linux community that never understood what the problem with the Windows-approach is. Sorry for the rant, I just ran into a problem with udev=20 (again) an hour ago that makes me want to rip this whole crappy "automess" stuff out.=20 Regards, Arno --=20 Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of=20 "news" is "something that hardly ever happens." -- Bruce Schneier