Jimmy Wu wrote: > Since /var is a LVM2 logical volume, it won't get mounted until after > mountall.sh (I assume). Since cryptdisks comes before mountall.sh in the > dependency chain I (also assume that I) can't move it after mountall.sh > without creating some circular mess. > > I also checked for when swap is enabled (grep -Ri swapon /etc/init.d) > and the latest place where swapon gets run is in mountall.sh, so even if > I were able to move cryptdisks after mountall.sh somehow, the swap would > have to be enabled manually after the /dev/mapper file is set up.
It could be that there will need to be some splitting of functionality in order to get the bootstrapping all 100% correct. If you figure out a nice way to do this it would definitely be worth an enhancement bug request. The dependency based booting is new and I am sure it will take a little bit before all of the bugs get worked out. > My current kludge is to add the following line to /etc/rc.local: > services cryptdisks start && swapon -a. I almost suggested that you might have to add the swap yourself late in the boot process such as in rc.local but didn't. Now I wish that I had suggested it then. :-) > It makes my shutdown process (even more) unclean - I see some message > about being unable to stop the (sole) lvm volume group due to some > logical volumes still being in use but since the machine is shutting > down anyways, that is comparatively minor. Actually a freshly installed system will always have that message at shutdown time. That is just the way things are right now such as when root is on lvm. The scripts are not smart enough to know that and just try to shut everything down and see an error for the busy root and emit an error message about it. I don't think it is specific to your swap changes. Or at least I will say that if you were to test with a fresh install and put root on lvm that you would always see it at shutdown too. This is just an aside but have you considered just encrypting everything? Create one large partition, encrypt it, set it up with lvm, then partition out the lvm into whatever partitions, swap, whatever that you desire. That is a standard configuration for the debian-installer. I use it on laptops. It works great. But the advantage here would be that you wouldn't need a separate encrypted swap file. A normal swap file would be encrypted on the filesystem along with everything else on the filesystem. Bob
signature.asc
Description: Digital signature
