From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gmazyland@gmail.com>
Received: from mail-ee0-x235.google.com (mail-ee0-x235.google.com
 [IPv6:2a00:1450:4013:c00::235])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (No client certificate requested)
 by mail.saout.de (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Mon, 28 Apr 2014 06:15:04 +0200 (CEST)
Received: by mail-ee0-f53.google.com with SMTP id b57so4391039eek.40
 for <dm-crypt@saout.de>; Sun, 27 Apr 2014 21:15:03 -0700 (PDT)
Message-ID: <535DD5C5.1080902@gmail.com>
Date: Mon, 28 Apr 2014 06:15:01 +0200
From: Milan Broz <gmazyland@gmail.com>
MIME-Version: 1.0
References: <CAJ0AGf_S7iA-0_9qwcxS8KLKVYv_48Ptz+Hs-Fjm=-eUCKt+uw@mail.gmail.com>
 <20140427203216.GA29997@tansi.org>
 <CAJ0AGf8KWmLt8FN1hVFALSSvHyL7E40qMebdoS1P5N2As_5zvg@mail.gmail.com>
In-Reply-To: <CAJ0AGf8KWmLt8FN1hVFALSSvHyL7E40qMebdoS1P5N2As_5zvg@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Subject: Re: [dm-crypt] Encrypted LVs /root, /home, and swap mount at boot,
 as does 'shared' data LV but without write access?
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: =?UTF-8?B?RMOhaXJlIEZhZ2Fu?= <dairefagan@gmail.com>, dm-crypt@saout.de

On 04/27/2014 11:20 PM, Dáire Fagan wrote:
> Hi
> 
> I have asked for support on the Ubuntu forums, and many non distro
> linux forums, I thought someone here might be able to help me as I am
> trying to mount a logical volume with write access that is part of a
> crypsetup encrypted physical volume - I figured people on this mailing
> list would have experience of this.

According to list of your devices, it is activated as read/write.
(Check it from the bottom to up - use lsblk to display volume stack
and then "dmsetup info", "cryptsetup status <dev>", lvs/lvdisplay, mount
should verify that all layers are activated properly.)

Anyway, it is distro specific how to properly update initramfs
to activate volume on boot...
(On Debian this works quite nice so I see no reason Ubuntu should differ here,
but really, this is not Ubuntu support forum.)

Check /etc/fstab and /etc/crypttab (crypt device must be there).
Also check access rights to device nodes and directory where are you mounting fs.

BTW you can probably change activated name in /etc/crypttab.

> Is the encryption method I used best practice?
...
>>> When I do this over I will run cryptsetup benchmark first to see which
>>> iteration and algorithm works best for my system.

Be sure you understand consequences of switching parameters
(it is not only about speed).
It is better to stick with defaults if you are not sure.

Milan