<div dir="ltr"><div><div><div><div><div>That seems overly complicated to me.<br><br></div>Just write random noise to all the drives then do a basic Fedora install with a manual partition. Be sure to check the box "Encrypt filesystem"<br>
<br></div>Now used sda1 for unencrypted boot. Use all the remaining space on the drives to make a physical volume with. Then join all 3 to make a single logical volume. That get encrypted. Split that volume into swap, /, and /home and your done.<br>
<br></div>Or create a 3-way mirror of /boot across all 3 drives (assuming all 3 drives are the same size this makes sense) then bond the three into a PV, then encrypted VG and finally swap, /, and /home partitions.<br><br>
</div>Check fedora bugzilla for anaconda bugs related to 3 drives. There may be a problem.<br><br></div>Anaconda on RHEL6 has an issue with ext4 in that it has a total filesize limit around 40TB. sucks when your making a 52TB filesystem :-(. fortunately, XFS does NOT have that limitation so the big partition is XFS.<br>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Mon, May 13, 2013 at 11:01 PM, Scott Castaline <span dir="ltr"><<a href="mailto:skotchman@gmail.com" target="_blank">skotchman@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA1<br>
<br>
So I recently lost a drive due to hits from my wife slamming the door<br>
to the garage. How does that happen? Let's just say that my computer<br>
is in the bonus room and was on a spot on the floor that turned out to<br>
be right above the door that for some reason my wife felt she had to<br>
slam in order for it to close. On windy days if the back windows are<br>
open and the garage door is open this door has slammed shut so hard<br>
that my monitor has jumped. Actually a total of 3 drives had to be<br>
replaced. When I go the new drive I decided to run badblocks on the<br>
rest of the drives to verify that they were okay.<br>
<br>
Now on to the on topic part. I like to encrypt the drives at the<br>
device level and all drives are encrypted. So after running badblocks<br>
on the new and old working drives I did the writing of random bits to<br>
the drives (dd if=/dev/urandom of=/dev/sd?) My boot drive was setup as<br>
the boot drive so using gdisk the first 2 partitions are clear (GUID<br>
2MB Part. and 498MB /boot). The balance of the drive is encrypted. On<br>
the LVM part I currently have 1 physical volume (PV) for each Volume<br>
Group (VG) and each VG has at least 2 Logical Volumes (LV).<br>
<br>
The steps I used to go from after doing the random pattern writen to<br>
device are as follows:<br>
<br>
1. cryptsetup luksFormat /dev/sd? (sda3 in the case of the boot drive<br>
otherwise it was with no partition specified.)<br>
<br>
2. cryptsetup luksOpen /dev/sd? VG_name (being somewhat uncreative I<br>
used the same for the LUKS volume as the VG name, I couldn't find<br>
anything that said that I couldn't or shouldn't).<br>
<br>
3. pvcreate /dev/mapper/LUKS-name (which as noted above is VG_0?<br>
<br>
4. vgcreate VG_0? /dev/mapper/VG_0?<br>
<br>
5. lvcreate -C y -L ?G /dev/mapper/VG_0? (I break up total swap and<br>
spread it over all drives so there is a swap LV on each VG)<br>
<br>
6. lvcreate -L ???G (or -l +100%FREE when I was using the rest of the<br>
VG for that LV) VG_0? -n (the LV name is essetially what it is being<br>
used for ie: /root = root)<br>
<br>
7. Formatting:<br>
mkswap /dev/mapper/VG_0?-swap0?<br>
mkfs.ext4 /dev/mapper/VG_0?-LVname -L same as LVname<br>
<br>
8. mounting:<br>
swapon /dev/mapper/VG_0?-swap0?<br>
mount /dev/mapper/VG_0?-LVname /path/of/mount<br>
<br>
9. Added the UUID (from blkid /dev/sd?) to crypttab mirroring the<br>
previous entries for entry format for each UUID.<br>
<br>
10.Added mounting info for each LV in the fstab using defaults for<br>
eack LV type (data or swap)<br>
<br>
The first drive I could not get past the disk partitioning part of<br>
anaconda on the Fedora 18 install, so I finally gave up and redid it<br>
with the installer. I then had 2 more drives ready so I did the above<br>
steps to those drives, but again I could not boot, so I reinstalled<br>
again. This time I only had to format the system LVs and not the data<br>
LVs like home etc. And all was happier than pigs eatin' $**t. Things<br>
remained happy until the last 2 drives were ready to be added.<br>
<br>
I went through the same procedure as before, but this time I noticed<br>
that it was actually hanging on the reboot after having added them<br>
back in and restored from my backup what belonged on each LV. It would<br>
hang after listing mounting all LVs except for one. I then rebooted<br>
into safe mode from the DVD and commented out the one LV that hadn't<br>
gotten mounted. All would boot fine and then I was able to manually<br>
mount the one LV. I have not tried to uncomment it out yet and reboot<br>
to see if it still hangs, but thinking back it seemed that it was<br>
hanging before in the same area on the last LV to be mounted.<br>
<br>
Previously I had noticed that it was listing that it was "Starting<br>
Monitoring of LVM2 mirroring, snapshots etc" (I didn't get the rest).<br>
I also didn't do anything to it the previous time when I had also<br>
rebooted into safe mode from DVD, so I'm not sure how it booted that<br>
time. I did notice that the last LV from the last VG did not get<br>
mounted. That VG had 3 LVs and in both cases the swap LV did get added<br>
to total swap and in the case of the first time the first LV on that<br>
VG did get mounted.<br>
<br>
So, does anyone have any ideas as to what I missed on this setup. Once<br>
I'm up and running and all mounted, everybody seems to be happy and<br>
having a party.<br>
<br>
So for the long dissertation, I hope I didn't put anyone to sleep. If<br>
I did maybe Jim K. might have some extra java (the drinkable type).<br>
<br>
Scott C.<br>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v1.4.13 (GNU/Linux)<br>
Comment: Using GnuPG with Thunderbird - <a href="http://www.enigmail.net/" target="_blank">http://www.enigmail.net/</a><br>
<br>
iQIcBAEBAgAGBQJRkajwAAoJEIefqZ0kni1d7n4P/j4S5FvrPqpAcLy606Jjtmpp<br>
Dc9awf6rOM/ZGuP7iMmPijv7sa/ZtHtZrBCcqzDCSp4zvpjevpDPuHRn/4GQBxyK<br>
Wx3qHBOu8PkyPqpabIS+3+2HGMVeI0Ee/9f8wsPMLI2sRuSh9GJSepw+vHQhXTad<br>
Q06PHrqZnBSCAB91J1WoNXX9irxUJ4qLIGzAmQDWf5vWo4BaWAJq9zkXmqBI+rzR<br>
yyqlxydrG8SO5mY7MMyGt4jVQqDPMp14cLx8nz2XjrxyYohxCGHwBf3OCuNh67GM<br>
yQI5Gn/E9x4DSWuM+0NydAdluv6Ua3RmkF0e+YtkhA9chEjNlI7gteEZNcDSaiTh<br>
swWxVugcTCFLNxYpv7upNkL/L1O3ZORHb/qVHDhoob8qy3K5TJyrRHFeYLrPaFlw<br>
2UKDjqUyvRf4ik4UMXnwPdj7I4PIOFszTtONcgB/aoY0TpfqNbDcb2enbsXHGC3D<br>
fSefVwP3H3iJFhsph5S7SstoNjDMMTie/n65sgzsv1tZO04XZU7pfntE31N2Xj0M<br>
Ux1k6RYH0oILwEctPb/ARNEK0mTS4AkT33Dn8E3cy/a7utSawEFGGt+TVERafDKn<br>
d3Lu32NXRRkdx+Z9qvosYPgyQpZqomxvpvGAWFs9tKqhWnSxNSVkGvmUDo2Qtqo/<br>
ZrO9r4o29hNgMYHkiFui<br>
=kPzo<br>
-----END PGP SIGNATURE-----<br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</blockquote></div><br><br clear="all"><br>-- <br>-- <br>James P. Kinney III<br><i><i><i><i><br></i></i></i></i>Every time you stop a school, you will have to build a jail. What you
gain at one end you lose at the other. It's like feeding a dog on his
own tail. It won't fatten the dog.<br>
- Speech 11/23/1900 Mark Twain<br><i><i><i><i><br><a href="http://electjimkinney.org" target="_blank">http://electjimkinney.org</a><br><a href="http://heretothereideas.blogspot.com/" target="_blank">http://heretothereideas.blogspot.com/</a><br>
</i></i></i></i>
</div>