LVM and encrypted partitions

On Wednesday 28 November 2007 07:10, Andrew Henry wrote:
> I recently installed the latest Debian stable on a server and chose
> encrypted LVM using the guided partitioning option. I chose seperate
> partitions for /home, /var, /tmp, / and /usr.
>
> All works fine, but I have one query:
>
> the first partition was for /boot and is unencrypted. The second
> partition was ??? What was it? Was it LVM containing a bunch of
> dm-crypt partitions or was it one dm-crypt partition containing a bunch
> of LVM partitions?

The usual arrangement makes a single second partition, which is an
encrypted device which has been made a "physical volume" (in the LVM
sense) and has all of the logical volumes on it.

With the system booted, you can investigate this by doing
"lvdisplay" to show the logical volumes, which are probably all
on one physical volume, and "pvdisplay" to show the physical
volumes. The physical volume is likely on the device
"/dev/mapper/crypt" or something similar, which is a device-mapper
entry for the encrypted partition.

> If I assume that it is an encrypted partition containing a bunch of LVM
> partitions, does this mean I can still use LVM tools to resize my
> partitions? What tools are there for managing LVM within an encrypted
> partition?

The dm-crypt scheme makes the device encryption transparent, so
standard LVM tools will work just fine.

-- A.
--
Andrew Reid /

--