DiamantTh/installimage
1
0
Fork 0
Code Issues 16 Pull requests 2 Projects Releases Packages Wiki Activity Actions

Encrypts root despite config not specifying encryption #51

New issue
Open
opened 2022-06-20 19:49:46 +02:00 by jakubgs · 0 comments
jakubgs commented 2022-06-20 19:49:46 +02:00 (Migrated from github.com)
Copy link

I tried installing Ubuntu by encryptin a dedicated /data volume like so:

DRIVE1 /dev/nvme0n1
DRIVE2 /dev/nvme1n1
SWRAID 1
SWRAIDLEVEL 1
HOSTNAME Ubuntu-2004-focal-64-minimal
CRYPTPASSWORD <SECRET_PASSWORD>
PART swap swap 32G
PART /boot ext3 1024M
PART / ext4 50G
PART /data ext4 all crypt
IMAGE /root/.oldroot/nfs/install/../images/Ubuntu-2004-focal-64-minimal.tar.gz
Ubuntu-2004-focal-64-minimal-hwe.tar.gz

But when I mount the volume it looks like the installimage script encrypted both / and /data:

root@rescue ~ # mount /dev/dm-0 /mnt
root@rescue ~ # cat /mnt/etc/fstab 
proc /proc proc defaults 0 0
# /dev/md/0
UUID=388b8803-559a-4997-b980-5d95b8f9a0a6 none swap sw 0 0
# /dev/md/1
UUID=5f925bfa-1822-4a95-988f-52c0596d3a58 /boot ext3 defaults 0 0
/dev/mapper/luks-eb7cde07-90e6-4487-bca2-c6002e0cb9fc / ext4 defaults 0 0 # crypted
/dev/mapper/luks-b4f37da6-54bf-4a03-bb45-8a292af702b0 /data ext4 defaults 0 0 # crypted

Which is obviously wrong.

I tried installing Ubuntu by encryptin a dedicated `/data` volume like so: ``` DRIVE1 /dev/nvme0n1 DRIVE2 /dev/nvme1n1 SWRAID 1 SWRAIDLEVEL 1 HOSTNAME Ubuntu-2004-focal-64-minimal CRYPTPASSWORD <SECRET_PASSWORD> PART swap swap 32G PART /boot ext3 1024M PART / ext4 50G PART /data ext4 all crypt IMAGE /root/.oldroot/nfs/install/../images/Ubuntu-2004-focal-64-minimal.tar.gz Ubuntu-2004-focal-64-minimal-hwe.tar.gz ``` But when I mount the volume it looks like the `installimage` script encrypted both `/` and `/data`: ``` root@rescue ~ # mount /dev/dm-0 /mnt root@rescue ~ # cat /mnt/etc/fstab proc /proc proc defaults 0 0 # /dev/md/0 UUID=388b8803-559a-4997-b980-5d95b8f9a0a6 none swap sw 0 0 # /dev/md/1 UUID=5f925bfa-1822-4a95-988f-52c0596d3a58 /boot ext3 defaults 0 0 /dev/mapper/luks-eb7cde07-90e6-4487-bca2-c6002e0cb9fc / ext4 defaults 0 0 # crypted /dev/mapper/luks-b4f37da6-54bf-4a03-bb45-8a292af702b0 /data ext4 defaults 0 0 # crypted ``` Which is obviously wrong.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
duplicate

   
enhancement

   
help wanted

   
invalid

   
not a bug

   
question

   
wontfix
No labels
bug
duplicate
enhancement
help wanted
invalid
not a bug
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
DiamantTh/installimage#51
No description provided.