From Fedora Project Wiki

Revision as of 13:16, 11 August 2008 by Mganisin (talk | contribs) (New page: == Description == Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Description

Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated support in mkinitrd and initscripts (others?). Currently we are only pursuing support for encrypted devices using cryptsetup/LUKS.

When using encrypted file systems/block devices, the functionality should continue to work as expected, and not create situations where the encryption leads to undesired errors.

References:

  1. Anaconda/Features/EncryptedBlockDevices
  2. Releases/FeatureEncryptedFilesystems

Steps To Reproduce

  • start the installer
  • enter the disk druid paritioning screen
  • Create a new LV filesystem (such as device /dev/LogVol00) on a new or existing LVM PV group
  • select the "encrypt" checkbox for the partition using the new device
  • enter a passphrase for the partition
  • create one or more filesystems using the LV filesystem
  • select the "encrypt" checkbox for each filesystem that resides on the LV filesystem
  • continue the installation

Expected Results

in post-install system, verify:

  • a passphrase for the LV LV device is required to access it
  • an entry for the filesystem using the LVM LV device exists in /etc/crypttab
  • a passphrase for the each of the filesystems using the LVG is required to access it
  • an entry for the block devices and filesystems using the LVM LV devices exist in /etc/crypttab