From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wg0-x229.google.com (mail-wg0-x229.google.com [IPv6:2a00:1450:400c:c00::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Sat, 5 Apr 2014 20:39:25 +0200 (CEST) Received: by mail-wg0-f41.google.com with SMTP id n12so4880630wgh.0 for ; Sat, 05 Apr 2014 11:39:23 -0700 (PDT) Message-ID: <53404DD9.2020101@gmail.com> Date: Sat, 05 Apr 2014 20:39:21 +0200 From: Milan Broz MIME-Version: 1.0 References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] verity setup on active device. List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Shiva , dm-crypt@saout.de On 04/04/2014 11:34 PM, Shiva wrote: ... > 5.Used the root hash in this command. > veritysetup --debug create nfs /dev/sdb /dev/sdc "root hash" > > Everything works well. > My problem is I am not able to perform step5 for a mounted partition. > > I require a mounted partition since nfs-share will use this partition. > (For addition and deletion) > > Is there a command switch that needs to be performed in order to achieve this? I am afraid this is not possible. Dm-verity was designed to provide verification of (read-only) device (to provide verified boot path), all IOs must go through dm-verity. (So it must be in the stack from the beginning). You cannot just add it later or run it parallel with mounted partition. And how this can work if some data are already in page/fs cache? Milan