From unknown Fri Aug 15 15:55:39 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#72889: Support for root filesystem on btrfs raid1 on two LUKS devices
Resent-From: "amano.kenji" <amano.kenji@proton.me>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Fri, 30 Aug 2024 08:49:04 +0000
Resent-Message-ID: <handler.72889.B.172500768919863@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 72889
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: 72889@debbugs.gnu.org
X-Debbugs-Original-To: "bug-guix@gnu.org" <bug-guix@gnu.org>
Received: via spool by submit@debbugs.gnu.org id=B.172500768919863
          (code B ref -1); Fri, 30 Aug 2024 08:49:04 +0000
Received: (at submit) by debbugs.gnu.org; 30 Aug 2024 08:48:09 +0000
Received: from localhost ([127.0.0.1]:52485 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sjxIe-0005AD-MB
	for submit@debbugs.gnu.org; Fri, 30 Aug 2024 04:48:09 -0400
Received: from lists.gnu.org ([209.51.188.17]:37060)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <amano.kenji@proton.me>) id 1sjvko-0002Lw-3I
 for submit@debbugs.gnu.org; Fri, 30 Aug 2024 03:09:07 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <amano.kenji@proton.me>)
 id 1sjvjt-0006CM-FC
 for bug-guix@gnu.org; Fri, 30 Aug 2024 03:08:09 -0400
Received: from mail-40132.protonmail.ch ([185.70.40.132])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <amano.kenji@proton.me>)
 id 1sjvjp-00068X-Eg
 for bug-guix@gnu.org; Fri, 30 Aug 2024 03:08:09 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proton.me;
 s=4owgybmdc5d4voqbf7woobxgjq.protonmail; t=1725001680; x=1725260880;
 bh=yu+oUMurj72+9ZyyLVKcw0cQPoiP7yUo9XZRejkvAbg=;
 h=Date:To:From:Subject:Message-ID:Feedback-ID:From:To:Cc:Date:
 Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector;
 b=HqDtGKI4B93FhSO/Dloxkkqcb+yOIGlFh6sOJgIqVoWOQpuw/6KV8H9O1oViKuQQa
 Jignn1TYp/cfnWp4ZCXbCxwv7aAMyJc02S/6tTuxv91FHJRouW+3rMce+Ua5M5ilft
 hBckFVcr0Oa/yIhyzDE0uhMf8v5160GkEBAEin+w0dGYxfrBXUP1yrgUIo8PiH7POZ
 QT6DPoppWl9Id3Kg0ch0W7eVfTbhxaSJjFwJnNaPWzCWQ0HJm4x9MjJ/8qhBJ35T9e
 defDwGtYurXgB8sAcAL/CXyFLNe/FhlI9x0UnhBXcT8V/OUY4Mai1YHQMf3Sq5i3by
 bDLW68eT0P8Kg==
Date: Fri, 30 Aug 2024 07:07:55 +0000
From: "amano.kenji" <amano.kenji@proton.me>
Message-ID: <-0PYKHO0ibVEYpJmDoSQAxcjyCsrp6q43lhdJeWrLK-axts_Oe8bd25m8I-URuDnpv6eBPBbmz5wb0WOqx3wonFOMYXzX9uqgpGgyc8jlYk=@proton.me>
Feedback-ID: 48725158:user:proton
X-Pm-Message-ID: c5c1d6b5ecaa067117b8d570d9e09e54dc6abfe7
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass client-ip=185.70.40.132; envelope-from=amano.kenji@proton.me;
 helo=mail-40132.protonmail.ch
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.3 (-)
X-Mailman-Approved-At: Fri, 30 Aug 2024 04:48:04 -0400
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.3 (--)

Imagine that root filesystem is btrfs raid1 on two LUKS devices.

To mount it on initial ram disk, guix has to first unlock two LUKS devices =
with one password.




From unknown Fri Aug 15 15:55:39 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#72889: A new insight
References: <-0PYKHO0ibVEYpJmDoSQAxcjyCsrp6q43lhdJeWrLK-axts_Oe8bd25m8I-URuDnpv6eBPBbmz5wb0WOqx3wonFOMYXzX9uqgpGgyc8jlYk=@proton.me>
In-Reply-To: <-0PYKHO0ibVEYpJmDoSQAxcjyCsrp6q43lhdJeWrLK-axts_Oe8bd25m8I-URuDnpv6eBPBbmz5wb0WOqx3wonFOMYXzX9uqgpGgyc8jlYk=@proton.me>
Resent-From: "amano.kenji" <amano.kenji@proton.me>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Thu, 05 Sep 2024 01:58:02 +0000
Resent-Message-ID: <handler.72889.B72889.172550146626610@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 72889
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: "72889@debbugs.gnu.org" <72889@debbugs.gnu.org>
Received: via spool by 72889-submit@debbugs.gnu.org id=B72889.172550146626610
          (code B ref 72889); Thu, 05 Sep 2024 01:58:02 +0000
Received: (at 72889) by debbugs.gnu.org; 5 Sep 2024 01:57:46 +0000
Received: from localhost ([127.0.0.1]:35799 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sm1kn-0006v8-Ni
	for submit@debbugs.gnu.org; Wed, 04 Sep 2024 21:57:45 -0400
Received: from mail-43167.protonmail.ch ([185.70.43.167]:28289)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <amano.kenji@proton.me>) id 1sm1kk-0006ur-H6
 for 72889@debbugs.gnu.org; Wed, 04 Sep 2024 21:57:43 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proton.me;
 s=protonmail; t=1725501391; x=1725760591;
 bh=pbfiidD928k/9JZCPZpVZrjEN8RLAByszc+TTYulMBQ=;
 h=Date:To:From:Subject:Message-ID:Feedback-ID:From:To:Cc:Date:
 Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector;
 b=KeKeYCF770RRjOUjyrkGsbChPjvrtfwzjXSme7jT7MYAy3dl5EzoGMyWgUxMPqLoi
 cbOCo5QxwsnzEqLi37ul+c/9qQWQOUHdbmDCxXpKESm6X54N7/6Vf6Kj3iV2hX4wrC
 pQXh+2YSYcjneq/Tfx+pLpY/YNaOg0jIMJeP7OAG5qFBo5zI01YeVH/YBz1QYtoLd0
 BBsbc02wERQBVjvt0zD12NsHxfqlt5gMTfG38OwXT0Uicee23O3cW0HzGJrzfK12Iw
 KI7DFBymshHoen2Vk/EBSVtFPnDK9UQkmQ1UV3Ii8Xn7t4LqzrzWN66wiOr2r3z2C2
 obGKpx5/Sfr8A==
Date: Thu, 05 Sep 2024 01:56:25 +0000
From: "amano.kenji" <amano.kenji@proton.me>
Message-ID: <A_TAuyeNIZ7YW8B-C1J0QAeOkZd2ZJFO7eybwej6N--mx3SMcWbp54afXfpr07zkyF5K3xCCT9QwCzTnvD1cl0rSS709W06f_8rzaRbPGvs=@proton.me>
Feedback-ID: 48725158:user:proton
X-Pm-Message-ID: d32c740c51664d7f1c277c87be76f5c452b30a57
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

I guess this is going to require passphrase reuse for mapped devices.




From unknown Fri Aug 15 15:55:39 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#72889: I thought of a possible way to do this.
References: <-0PYKHO0ibVEYpJmDoSQAxcjyCsrp6q43lhdJeWrLK-axts_Oe8bd25m8I-URuDnpv6eBPBbmz5wb0WOqx3wonFOMYXzX9uqgpGgyc8jlYk=@proton.me>
In-Reply-To: <-0PYKHO0ibVEYpJmDoSQAxcjyCsrp6q43lhdJeWrLK-axts_Oe8bd25m8I-URuDnpv6eBPBbmz5wb0WOqx3wonFOMYXzX9uqgpGgyc8jlYk=@proton.me>
Resent-From: "amano.kenji" <amano.kenji@proton.me>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Tue, 10 Sep 2024 13:15:02 +0000
Resent-Message-ID: <handler.72889.B72889.172597409710312@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 72889
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: "72889@debbugs.gnu.org" <72889@debbugs.gnu.org>
Received: via spool by 72889-submit@debbugs.gnu.org id=B72889.172597409710312
          (code B ref 72889); Tue, 10 Sep 2024 13:15:02 +0000
Received: (at 72889) by debbugs.gnu.org; 10 Sep 2024 13:14:57 +0000
Received: from localhost ([127.0.0.1]:35045 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1so0ht-0002gF-Es
	for submit@debbugs.gnu.org; Tue, 10 Sep 2024 09:14:57 -0400
Received: from mail-4319.protonmail.ch ([185.70.43.19]:36815)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <amano.kenji@proton.me>) id 1so0hq-0002fz-8f
 for 72889@debbugs.gnu.org; Tue, 10 Sep 2024 09:14:56 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proton.me;
 s=dmj3fu6mwbfcdisxr4r7weqae4.protonmail; t=1725974082; x=1726233282;
 bh=aErXJncUtOy6n8zlgjvFC7HcusBauWi0a9vl+qsttSc=;
 h=Date:To:From:Subject:Message-ID:Feedback-ID:From:To:Cc:Date:
 Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector;
 b=jburpIBv2cV8hMJU/PCAJfZB6n5Z5G3wRR3oPYUU5FWtjJLkeLa2CmLtBqPpkxzZv
 gsDy9oAB2f6go2p7P0JKZmb2SpFAnThhf0oUI8fp4SS0Bzre/zEG2DhVYJrBA6X6Nr
 oPnaOZMwDA6Sb3qKW6P/NLswtDl9GM5O2VPmaUnCthYz4heKBKG2/dJXDC1exr+Q7T
 PHO5lCZhB8kZnfYUQ25IhuwNE0MUFooyXl+3pjjln64imJ0nLblqBT1oGXC2B76RIK
 5U5dTzT40Cb6EsMJfrHzy2wVlwp/8rmmePpNW/NljheCaW7I52BLOYSusO3GG4iI7N
 fNWFjk00s8Jrw==
Date: Tue, 10 Sep 2024 13:14:38 +0000
From: "amano.kenji" <amano.kenji@proton.me>
Message-ID: <EKx5__W2YAog5dIoQd-wnv5iQT-p1MULD8UZKuYlku7QckCkfV1mY7ke59qapK33KhxA8BSBpB2JxtE12BhDC-j8IUKf9dFObhNMiXCZr5A=@proton.me>
Feedback-ID: 48725158:user:proton
X-Pm-Message-ID: ee6b70ba3d03258525e9f28024bd016271be95b0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

- /dev/sda

/dev/sda1: A tiny LUKS partition that's filled with the content of a keyfil=
e without any filesystem format.
/dev/sda2: /boot for grub. It also serves as FAT32 EFI partition.

- /dev/sdb

/dev/sdb1: /gnu/store on btrfs raid1
/dev/sdb2: / on btrfs raid1 on LUKS

- /dev/sdc

/dev/sdc1: /gnu/store on btrfs raid1
/dev/sdc2: / on btrfs raid1 on LUKS

Open /dev/sda1 as a luke device, /dev/mapper/key, with one password. It con=
tains a keyfile without any filesystem format. Use /dev/mapper/key as a key=
file for all other LUKS devices in mapped devices.

This exposes /gnu/store, but /gnu/store is not supposed to have any sensiti=
ve data. This obviously makes it practically impossible to detect physical =
tempering of data, but if you store it at a secure location, you don't have=
 to worry too much about evil maid attack.

RAID1 for physically secure servers is enough to ensure some availability w=
hen a disk fails.

For laptops that you carry, you are not going to use btrfs raid1, and you c=
an just have unencrypted /boot on fat32 and / on btrfs on luks. extra-initr=
d contains a keyfile for / so that I don't have to type the password twice.

A desktop computer doesn't require server-level availability, but people wh=
o have money can still put root on encrypted btrfs raid1.

Perhaps, can this be documented in the cook book?