[buildd-tools-devel] Bug#639105: Bug#639105: please consider adding support for lvm-snapshot on crypted LV
Marc Haber
mh+debian-bugs at zugschlus.de
Sat May 12 23:30:06 UTC 2012
Hi Roger,
sorry for not getting back to you any sooner.
On Wed, Aug 24, 2011 at 10:32:24AM +0100, Roger Leigh wrote:
> I'll be happy to add this to schroot. Currently the 05lvm setup
> script is simply doing an lvcreate when creating and lvremove
> when removing a session, respectively. Could you please provide
> an example of the commands you would need to run to do this for
> an encrypted PV/LV (I guess we should support both; is the PV
> method more transparent)?
Encrypted PV will work with current schroot setup, you can just take a
snapshot from the LV and directly use it.
Encrypted LV is a little bit harder.
I would suggest configuration like:
[sid_build64]
type=crypted-lvm-snapshot
device=/dev/salida/c_sid_build64
mapping-name=sid_build64
script-config=zg2-build/config
description=sid amd64 for building packages
users=mh
source-users=mh
personality=linux
lvm-snapshot-options=-L 4G
You could also auto-generate the mapping-name for the unlocked volume.
That way, things would just work without a new configuration key.
Optionally, you could implement this inside the normal lvm-snapshot
type by trying cryptsetup isLuks <device> which will indicate whether
the device is encrypted or not.
To enable this chroot, you would need:
lvcreate --snapshot <lvm-snapshot-options> --name <mapping-name> <device>
cryptdisks_start <mapping-name>
mount /dev/mapper/<mapping-name> <mountpoint>
This would need the crypttabl line for <device> to be repeated for
<mapping-name>, and the cryptdisks_start call will probably go
interactive, querying the user for the passphrase.
This is horribly untested.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 31958061
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062
More information about the Buildd-tools-devel
mailing list