[dm-crypt] help mounting partitions in an encrypted disk after first reboot

Arno Wagner arno at wagner.name
Sun Jun 18 17:51:32 CEST 2017

On Sun, Jun 18, 2017 at 17:25:41 CEST, Carl-Daniel Hailfinger wrote:
> On 18.06.2017 09:25, Michael Kjörling wrote:
> That (LVM inside a LUKS container) is the standard scheme proposed by
> Ubuntu for an encrypted installation. It works out of the box (needs
> just a single click in the Ubuntu installer), is well-tested and
> supports resizing the encrypted logical volumes at a later date.

But keep in mind that it makes things a lot more complicated,
hence violating KISS. It is easier for doing fully automated 
stuff, like a distro-installer would do, but as soon as you 
do things manually, LVM is more of a problem than a solution.

We have had many people here on the list that killed their
LUKS containers by overwriting the headers with LVM or
as a result of LVM misconfiguration and we had others that
managed to change the LVM setup and then were unable to
find their LUKS containers afterwards.
My advice would be to stay away from LVM. In this scenario
it does not do more than a "partprobe" would do and it has
no advantages. It is a case of something that looks simple,
but is not, and that is the worst kind. If the ritual fails
(and complex things that look simple are usually done by
ritual, not by understanding), you are screwed.

Of course, in the Windows-world, that approach is standard
and it has been creeping into Linux for a while now (see,
e.g. systemd, LVM, udev, etc.). This is probably due to people
comming into the Linux community that never understood what
the problem with the Windows-approach is.

Sorry for the rant, I just ran into a problem with udev 
(again) an hour ago that makes me want to rip this whole
crappy "automess" stuff out. 


