On Sunday, 27 March 2022 22:04:45 BST Dale wrote: > Wol wrote: > > My three 3TB partitions are raided, and /dev/md/home is my PV. I've > > only allocated the space to LVs that they need, so I could probably > > shrink the PV and remove a drive without needing to mess about with my > > LVs at all. I get the impression you may have allocated all your > > space, not a good idea. > > I did allocate all the space because at the time, I wasn't considering > encrypting any of that data or dividing it up. Things have changed and > I want to move things around. This is one of the good things about ext4 > and LVM. They can shrink in size fairly easy. Of course, backups are > always a good idea. > > > My attitude is my data is backed up, expanding an LV/FS is low risk, > > I'll just grow stuff as I need to ... my /home partition contains > > proper home drives, things like videos may be in /home/videos, but > > they're actually a separate partition, etc etc. > > That's sort of what I'm going to do. I'm going to divide things into > sections with some encrypted and some not.
I wonder if all you want to do is to encrypt some directories on your /home, then a different level of encryption would be more appropriate? Instead of encrypting a whole block device, you could just encrypt a directory tree or two, using ext4 encryption. e4crypt has been kicking around for a few years now and it is meant to be an improvement on eCryptfs. https://lwn.net/Articles/639427/ https://wiki.gentoo.org/wiki/Ext4_encryption WARNING: I'm not qualified to speak about this topic because my experience is limited, but I'm interested all the same in reading your approach and other contributors advice.
signature.asc
Description: This is a digitally signed message part.
