[Like many of my blog entries, this is written as much for me as for you - if it's useful to you, great. I rarely deal with LUKS at the command line, and I rarely use LVM at all. Dealing with both simultaneously was somewhat daunting (but may seem unremarkable to someone familiar with both).]
I recently tried to boot an older machine, only to find the Debian installation caught in some sort of boot loop and never getting to a graphical install. The Debian installation had already been having difficulties - notably the laptop display would go to static and die after a few minutes, forcing me to use an external display ... although I had initially assumed this was a hardware problem but the Fedora Live media proved otherwise. So I decided to install Fedora. But I didn't want to wipe the HD without at least looking at it. Which is where things started to get weird.
I use unimportant laptops (like ones with bad displays) to play around, and I had definitely done something strange on this one: using Fedora Live media, lsblk
showed it had one primary partition of 256M on /dev/sda and one logical partition occupying the entire rest of the 640G drive. No OS partition, no swap, no /home/ - very unusual for me. gparted
showed that the big partition was LUKS-encrypted, so that helped ... but I still didn't understand why it was one big block.
At this point I ran sudo bash
as most of the commands I figured I'd need required root privilege. Starting with:
# cryptsetup luksOpen /dev/sda5 local
Enter passphrase for /dev/sda5:
Happily, I remembered that passphrase. 'local' was an entirely arbitrary name, I could have used anything. But now lsblk
showed a sub-entry under /dev/sda5 called 'local' and it had several sub-entries under it, each having a name starting with 'elitebook--vg-...'. The machine is an HP Elite Book, and I finally realized I was dealing with a fully encrypted LVM volume group. From a security point of view this is a good idea, but I haven't done it much (I usually encrypt partitions but don't use LVM). Encrypting everything like this requires a small unencrypted '/boot/' partition, thus the 256M primary partition.
I also found that I now had several devices under '/dev/elitebook-vg/':
- debianHome
- home
- root
- swap_1
These corresponded to the sub-entries under 'local' in the lsblk
output, although they're prefaced there with 'elitebook--vg-...'.
These devices can now be handled like any partition:
# mkdir /mnt/debianHome
# mkdir /mnt/home
# mount /dev/elitebook-vg/debianHome /mnt/debianHome
# mount /dev/elitebook-vg/home /mnt/home
So I found out that 'debianHome' is actually a badly named root partition for a Debian installation, and 'home' is ... well, /home/.
gparted
apparently still can't handle LVM, so I used the LVM command line to examine and juggle the logical volumes - deleting an empty partition/volume and adding another to create space for another OS installation.
With the LUKS partition decrypted (as shown above) it took a bit of poking, but the Fedora Live media "Install to Hard Drive" option was fairly easily persuaded to install to a logical volume within the Volume Group rather than having to repartition the whole drive.
Bibliography
(More of my own blog entries:)