subiquity

Enable LUKS encryption on RAID

Bug #1857925 reported by Johan Ehnberg on 2019-12-30

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	subiquity	New	Undecided	Unassigned

Bug Description

There is currently no alternative that replaces "physical volume for encryption" as was present in d-i.

Revision history for this message

Michael Hudson-Doyle (mwhudson) wrote on 2020-01-21:

We currently only support encrypted LVM. So you can create a VG containing your raid and encrypt that. Is there some reason this doesn't work for you?

Revision history for this message

Johan Ehnberg (johan-ehnberg) wrote on 2020-01-22:

In our case, we simply do not need LVM, so using that would be an artificial workaround to get encryption with this installer.

It could also be argued from a UX perspective that it is not intuitive to look for encryption as a feature of LVM. Doing so perhaps unnecessarily also loses the flexibility of abstraction provided by d-i.

Revision history for this message

Johan Ehnberg (johan-ehnberg) wrote on 2020-05-03:

As a workaround, the autoinstaller supports skipping LVM by using curtin actions directly.

Two caveats though:
1) subiquity requires byte-sizes in the config when using raid, see #1876605
2) spare_devices is required by subiquity although not by curtin, so just add 'spare_devices: []'

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.