From Fedora Project Wiki

(adding a comment)
(RHEL dropped BTRFS)
 
(3 intermediate revisions by 3 users not shown)
Line 1: Line 1:
Q1: How would encryption of /home and / sub volumes be implemented?
+
Q1: How would encryption of /home and / subvolumes be implemented?
  
 
A1: For the F33 timeline, we plan to stick with Btrfs-on-LUKS, so there will be one big LUKS partition, on top of which there will a Btrfs with multiple subvolumes (root and home). In future, once Btrfs implements native encryption (this is work in progress upstream), we will propose to make a switch, but this is definitely not going to happen in F33.
 
A1: For the F33 timeline, we plan to stick with Btrfs-on-LUKS, so there will be one big LUKS partition, on top of which there will a Btrfs with multiple subvolumes (root and home). In future, once Btrfs implements native encryption (this is work in progress upstream), we will propose to make a switch, but this is definitely not going to happen in F33.
  
 
Comment1: Sounds great. Thanks for the information.Should this be documented in https://fedoraproject.org/wiki/Changes/BtrfsByDefault#Detailed_Description or is the 'on-LUKS' not default?
 
Comment1: Sounds great. Thanks for the information.Should this be documented in https://fedoraproject.org/wiki/Changes/BtrfsByDefault#Detailed_Description or is the 'on-LUKS' not default?
 +
 +
Comment2: Well, technically it does not change from today's configuration. Today, if you select encryption, it will create LUKS. If not, it will just use ext4-on-LVM-without-LUKS. But I see the point, will make the update.
 +
 +
==== Are subvolumes really mostly like directories? ====
 +
 +
In this section, there is a phrase "But subvolumes share most of the other trees".  What does that mean?  What are trees in this context?
 +
 +
==== does Red Hat's dropping of BTRFS suggest problems? ====
 +
 +
We don't know.  Here's a thread of containing potentially useful comments, none official:
 +
https://access.redhat.com/discussions/3138231

Latest revision as of 13:25, 2 July 2020

Q1: How would encryption of /home and / subvolumes be implemented?

A1: For the F33 timeline, we plan to stick with Btrfs-on-LUKS, so there will be one big LUKS partition, on top of which there will a Btrfs with multiple subvolumes (root and home). In future, once Btrfs implements native encryption (this is work in progress upstream), we will propose to make a switch, but this is definitely not going to happen in F33.

Comment1: Sounds great. Thanks for the information.Should this be documented in https://fedoraproject.org/wiki/Changes/BtrfsByDefault#Detailed_Description or is the 'on-LUKS' not default?

Comment2: Well, technically it does not change from today's configuration. Today, if you select encryption, it will create LUKS. If not, it will just use ext4-on-LVM-without-LUKS. But I see the point, will make the update.

Are subvolumes really mostly like directories?

In this section, there is a phrase "But subvolumes share most of the other trees". What does that mean? What are trees in this context?

does Red Hat's dropping of BTRFS suggest problems?

We don't know. Here's a thread of containing potentially useful comments, none official: https://access.redhat.com/discussions/3138231