GNU bug report logs -
#51514
[PATCH 0/2] Add support for LUKS2 root partition
Previous Next
Reported by: Josselin Poiret <dev <at> jpoiret.xyz>
Date: Sat, 30 Oct 2021 15:57:01 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
Hi,
This patchset adds support for a LUKS2 root partition, leveraging its
Grub support since 2.06, and making sure that the Cryptsetup run-time
locking directory /var/cryptsetup/ exists before trying to unlock
devices (this is required for LUKS2): this used to fail in early
userspace because /var/ did not exist. I've also added some
documentation on the limited support: Grub only supports PKBDF2 and
not Argon2i which is the default key derivation function. The example
given in the Disk Partitioning section was updated as well to use
LUKS2.
My testing setup was: using a Guix VM, install onto a qcow2 disk which
is itself launched with QEMU. It felt a bit convoluted (especially
transferring the WIP guix to the VM, then building it), and I'll see if
I can simplify this workflow a bit, but everything worked fine with
those patches.
Best,
Josselin Poiret
Josselin Poiret (2):
gnu: system: Add LUKS2 support for the root file system.
doc: Document LUKS2 Grub support and shortcomings
doc/guix.texi | 19 ++++++++++++++-----
gnu/bootloader/grub.scm | 3 +--
gnu/system/mapped-devices.scm | 10 ++++++++--
3 files changed, 23 insertions(+), 9 deletions(-)
--
2.33.1
This bug report was last modified 3 years and 171 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.