-
Notifications
You must be signed in to change notification settings - Fork 0
11HARDWARE_HDD FS
nk-slack15.0-x86_64 edited this page Dec 28, 2024
·
11 revisions
# smartctl -x /dev/sdb
Device Model: Samsung SSD 860 EVO 2TB
User Capacity: 2,000,398,934,016 bytes [2.00 TB]
SATA Version is: SATA 3.1, 6.0 Gb/s (current: 3.0 Gb/s)
# lsblk -o name,maj:min,type,fstype,label /dev/sdb
NAME MAJ:MIN TYPE FSTYPE LABEL
sdb 8:16 disk crypto_LUKS
└─luks2_860EVO-2TB 252:0 crypt xfs
# dd bs=4M status=progress if=/dev/zero of=/dev/sdb
# cryptsetup -v --type luks2 luksFormat /dev/sdb
# cryptsetup -v --type luks2 luksChangeKey /dev/sdb
# cryptsetup -v --type luks2 luksDump /dev/sdb
# cryptsetup -v --type luks2 --allow-discards luksOpen /dev/sdb luks2_sdb
# cryptsetup -v status luks2_sdb
/dev/mapper/luks2_sdb is active.
type: LUKS2
cipher: aes-xts-plain64
keysize: 512 bits
key location: keyring
device: /dev/sdb
sector size: 512
offset: 32768 sectors
size: 3906996400 sectors
mode: read/write
flags: discards
Command successful.
# dd bs=1M status=progress if=/dev/zero of=/dev/mapper/luks2_sdb
2000355852288 bytes (2.0 TB, 1.8 TiB) copied, 16527 s, 121 MB/s
dd: error writing '/dev/mapper/luks2_sdb': No space left on device
1907714+0 records in
1907713+0 records out
2000382156800 bytes (2.0 TB, 1.8 TiB) copied, 16541.6 s, 121 MB/s
# mkfs.xfs /dev/mapper/luks2_sdb
meta-data=/dev/mapper/luks2_sdb isize=512 agcount=4, agsize=122093638 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=1, sparse=1, rmapbt=0
= reflink=1 bigtime=0 inobtcount=0
data = bsize=4096 blocks=488374550, imaxpct=5
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0, ftype=1
log =internal log bsize=4096 blocks=238464, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
Discarding blocks...Done.
# lsblk -o NAME,SIZE,TYPE,FSTYPE,FSVER,PTTYPE,MODEL,TRAN,VENDOR,STATE,ALIGNMENT /dev/sdb
# hdparm -t /dev/sdb
# fdisk -l /dev/sdb
# parted -s /dev/sdb print free
# hdparm -t /dev/mapper/luks2_sdb
# fdisk -l /dev/mapper/luks2_sdb
# parted -s /dev/mapper/luks2_sdb print free
# dd bs=4M status=progress if=/dev/zero of=/dev/mapper/luks2_sdb
# cryptsetup -v luksClose luks2_sdb
# cryptsetup -v luksErase /dev/sdb
# wipefs --offset 0x1fe /dev/sdb
# wipefs --all --force /dev/sdb
# sgdisk -v --zap --zap-all /dev/sdb
# dd bs=4M status=progress if=/dev/zero of=/dev/sdb
2000162914304 bytes (2.0 TB, 1.8 TiB) copied, 7378 s, 271 MB/s
dd: error writing '/dev/sdb': No space left on device
476933+0 records in
476932+0 records out
2000398934016 bytes (2.0 TB, 1.8 TiB) copied, 7379.92 s, 271 MB/s
# lsblk -o name,maj:min,type,fstype,label /dev/sdb
NAME MAJ:MIN TYPE FSTYPE LABEL
sdb 8:16 disk crypto_LUKS
└─HDD_luks2 252:0 crypt LVM2_member
├─HDD_luks2_lvm2-lv1 252:1 lvm xfs HDDLLVM1-xfs
└─HDD_luks2_lvm2-lv2 252:2 lvm xfs HDDLLVM2-xfs
# cryptsetup -v --type luks2 luksFormat /dev/sdb
# cryptsetup -v luksOpen /dev/sdb HDD_luks2
# pvcreate -v --zero y --metadatatype lvm2 --force /dev/mapper/HDD_luks2
# vgcreate -v --zero y --force HDD_luks2_lvm2 /dev/mapper/HDD_luks2
# lvcreate -v --zero y -l 80%FREE -n lv1 HDD_luks2_lvm2
# lvcreate -v --zero y -l 100%FREE -n lv2 HDD_luks2_lvm2
# mkfs.xfs -L HDDLL-L1_xfs -f /dev/mapper/HDD_luks2_lvm2-lv1
# mkfs.xfs -L HDDLL-L2_xfs -f /dev/mapper/HDD_luks2_lvm2-lv2
# pvdisplay -m && vgdisplay && lvdisplay -m && blkid /dev/mapper/*
# hdparm -t /dev/mapper/HDD_luks2*
# cryptsetup -v --type luks2 --allow-discards luksOpen /dev/sda luks2_sda
No usable token is available.
Enter passphrase for /dev/sda:
Key slot 0 unlocked.
Command successful.
# lsblk -o +fstype /dev/sda
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS FSTYPE
sda 8:0 0 9,1T 0 disk crypto_LUKS
└─luks2_sda 253:0 0 9,1T 0 crypt LVM2_member
├─HDD_luks2_lvm2-lv1 253:1 0 7,3T 0 lvm xfs
└─HDD_luks2_lvm2-lv2 253:2 0 1,8T 0 lvm xfs
# dmsetup ls
HDD_luks2_lvm2-lv1 (253:1)
HDD_luks2_lvm2-lv2 (253:2)
luks2_sda (253:0)
# pvs && pvscan
PV VG Fmt Attr PSize PFree
/dev/mapper/luks2_sda HDD_luks2_lvm2 lvm2 a-- <9,10t 0
# vgscan
Found volume group "HDD_luks2_lvm2" using metadata type lvm2
# lvscan && lvs && lvdisplay -m
ACTIVE '/dev/HDD_luks2_lvm2/lv1' [<7,28 TiB] inherit
ACTIVE '/dev/HDD_luks2_lvm2/lv2' [<1,82 TiB] inherit
# wipefs --offset 0x1fe /dev/HDD_luks2_lvm2/lv*
wipefs: /dev/HDD_luks2_lvm2/lv1: offset 0x1fe not found
wipefs: /dev/HDD_luks2_lvm2/lv2: offset 0x1fe not found
# wipefs --all --force /dev/HDD_luks2_lvm2/lv*
/dev/HDD_luks2_lvm2/lv1: 4 bytes were erased at offset 0x00000000 (xfs): 58 46 53 42
/dev/HDD_luks2_lvm2/lv2: 4 bytes were erased at offset 0x00000000 (xfs): 58 46 53 42
# vgchange -an
0 logical volume(s) in volume group "HDD_luks2_lvm2" now active
# lvremove -v HDD_luks2_lvm2
Do you really want to remove and DISCARD logical volume HDD_luks2_lvm2/lv1? [y/n]: y
Accepted input: [y]
Archiving volume group "HDD_luks2_lvm2" metadata (seqno 3).
Releasing logical volume "lv1"
Creating volume group backup "/etc/lvm/backup/HDD_luks2_lvm2" (seqno 4).
Logical volume "lv1" successfully removed
Do you really want to remove and DISCARD logical volume HDD_luks2_lvm2/lv2? [y/n]: y
Accepted input: [y]
Releasing logical volume "lv2"
Creating volume group backup "/etc/lvm/backup/HDD_luks2_lvm2" (seqno 5).
Logical volume "lv2" successfully removed
# vgremove -v HDD_luks2_lvm2
Archiving volume group "HDD_luks2_lvm2" metadata (seqno 5).
Removing physical volume "/dev/mapper/luks2_sda" from volume group "HDD_luks2_lvm2"
Volume group "HDD_luks2_lvm2" successfully removed
# pvremove -v /dev/mapper/luks2_sda
Labels on physical volume "/dev/mapper/luks2_sda" successfully wiped.
# wipefs --offset 0x1fe /dev/mapper/luks2_sda
# wipefs --all --force /dev/mapper/luks2_sda
# sgdisk -v --zap --zap-all /dev/mapper/luks2_sda
# cryptsetup -v luksClose luks2_sda
# cryptsetup -v luksErase /dev/sda
# wipefs --offset 0x1fe /dev/sda
# wipefs --all --force /dev/sda
/dev/sda: 6 bytes were erased at offset 0x00000000 (crypto_LUKS): 4c 55 4b 53 ba be
/dev/sda: 6 bytes were erased at offset 0x00004000 (crypto_LUKS): 53 4b 55 4c ba be
# sgdisk -v --zap --zap-all /dev/sda
Creating new GPT entries in memory.
No problems found. 19532873661 free sectors (9.1 TiB) available in 1
segments, the largest of which is 19532873661 (9.1 TiB) in size.
GPT data structures destroyed! You may now partition the disk using fdisk or other utilities.
GPT data structures destroyed! You may now partition the disk using fdisk or other utilities.
# fdisk -l /dev/sda
Disk /dev/sda: 9,1 TiB, 10000831348736 bytes, 19532873728 sectors
Disk model: WDC WD101KFBX-68
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
# dd bs=4M status=progress if=/dev/zero of=/dev/sda
9357492224 bytes (9,4 GB, 8,7 GiB) copied, 7 s, 1,3 GB/s
11119099904 bytes ( 11 GB, 10 GiB) copied, 12 s, 926 MB/s
34368126976 bytes ( 34 GB, 32 GiB) copied, 103 s, 334 MB/s
109165150208 bytes (109 GB, 102 GiB) copied, 406 s, 269 MB/s
319383666688 bytes (319 GB, 297 GiB) copied, 1256 s, 254 MB/s
1303598071808 bytes (1,3 TB, 1,2 TiB) copied, 5313 s, 245 MB/s
2149324947456 bytes (2,1 TB, 2,0 TiB) copied, 8909 s, 241 MB/s
2431349948416 bytes (2,4 TB, 2,2 TiB) copied, 10131 s, 240 MB/s
5444445667328 bytes (5,4 TB, 5,0 TiB) copied, 24099 s, 226 MB/s
6575200665600 bytes (6,6 TB, 6,0 TiB) copied, 29938 s, 220 MB/s
8138073833472 bytes (8,1 TB, 7,4 TiB) copied, 38940 s, 209 MB/s
8751826337792 bytes (8,8 TB, 8,0 TiB) copied, 42899 s, 204 MB/s
9999149432832 bytes ( 10 TB, 9,1 TiB) copied, 52172 s, 192 MB/s
10000831348736 bytes ( 10 TB, 9,1 TiB) copied, 52186 s, 192 MB/s
dd: error writing '/dev/sda': No space left on device
2384385+0 records in
2384384+0 records out
10000831348736 bytes (10 TB, 9,1 TiB) copied, 52328,5 s, 191 MB/s
На диске/устройстве /dev/sdb создадим таблицу GPT и в ней
- Раздел_1 в LUKS2 c ФС
btrfs - Раздел_2 в LUKS2 c таблицей разделов LVM
- и lv1 - ext4,
- и lv2 - xfs
# lsblk -o +fstype,label /dev/sdb
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS FSTYPE LABEL
sdb 8:16 0 9,1T 0 disk
├─sdb1 8:17 0 4T 0 part crypto_LUKS
│ └─luks2_HDD_gpt1 253:0 0 4T 0 crypt /mnt/_fstab_HDDG1L-btrfs btrfs HDDG1L-btrfs
└─sdb2 8:18 0 5T 0 part crypto_LUKS
└─luks2_HDD_gpt2 253:1 0 5T 0 crypt LVM2_member
├─luks2_HDD_gpt2_pvvg-lv1 253:2 0 4T 0 lvm /mnt/_fstab_HDDG2LL1-ext4 ext4 HDDG2LL1-ext4
└─luks2_HDD_gpt2_pvvg-lv2 253:3 0 1024G 0 lvm /mnt/_fstab_HDDG2LL2-xfs xfs HDDG2LL2-xfs
# dd bs=1M status=progress if=/dev/zero of=/dev/sdb
# lsblk -o +uuid,partuuid,ptuuid /dev/sdb
# wipefs --all --force /dev/sdb
# ( echo g ; echo w ) | fdisk -w always -W always /dev/sdb
# ( echo n ; echo '1' ; echo '' ; echo '+4T' ; echo w ) | fdisk -w always -W always /dev/sdb
# cryptsetup -v --type luks2 luksFormat /dev/sdb1
# cryptsetup -v luksOpen /dev/sdb1 luks2_HDD_gpt1
# mkfs.btrfs -L HDDG1L-btrfs -f /dev/mapper/luks2_HDD_gpt1
# parted -s /dev/sdb print free && lsblk -o +fstype,label /dev/sdb
# parted /dev/mapper/luks2_HDD_gpt1 align-check opt 1
# cryptsetup -v luksClose luks2_HDD_gpt1
# cryptsetup -v luksChangeKey /dev/sdb1
# cryptsetup -v status luks2_HDD_gpt1
# cryptsetup -v luksDump /dev/sdb1
# ( echo n ; echo '2' ; echo '' ; echo '+5T' ; echo w ) | fdisk -w always -W always /dev/sdb
# cryptsetup -v --type luks2 luksFormat /dev/sdb2
# cryptsetup -v luksOpen /dev/sdb2 luks2_HDD_gpt2
# pvcreate -v -ff /dev/mapper/luks2_HDD_gpt2
# vgcreate -v luks2_HDD_gpt2_pvvg /dev/mapper/luks2_HDD_gpt2
# lvcreate -v -L 4T luks2_HDD_gpt2_pvvg -n lv1
# lvcreate -v -l +100%FREE luks2_HDD_gpt2_pvvg -n lv2
# pvs && echo -e && pvscan && echo -e && vgchange -an && lvscan && echo -e && vgchange -ay && lvscan && echo -e && lvs
# pvs -o fmt,pv_name,vg_name,lv_name,seg_pe_ranges,lv_size,attr,free,pv_size && lvs -o +devices,lv_health_status
# lvdisplay -m
# dmsetup ls
# dmsetup status && dmsetup info -C
# mkfs.ext4 -m 0 -L HDDG2LL1-ext4 -F /dev/mapper/luks2_HDD_gpt2_pvvg-lv1
# mkfs.xfs -L HDDG2LL2-xfs -f /dev/mapper/luks2_HDD_gpt2_pvvg-lv2
# parted -s /dev/mapper/luks2_HDD_gpt2_pvvg-lv1 print free
# parted -s /dev/mapper/luks2_HDD_gpt2_pvvg-lv2 print free
# dmsetup info -C && ls -l /dev/luks2_HDD_gpt2_pvvg/
# echo -n "PASS" > /root/crypttab_key
# echo "luks2_HDD_gpt1 UUID=$( blkid -s UUID -o value /dev/sdb1 ) /root/crypttab_key discard,timeout=10" >> /etc/crypttab
# echo "luks2_HDD_gpt2 UUID=$( blkid -s UUID -o value /dev/sdb2 ) /root/crypttab_key discard,timeout=10" >> /etc/crypttab
# echo -e >> /etc/fstab
# install -m 777 -d /mnt/_fstab_$( blkid -s LABEL -o value /dev/mapper/luks2_HDD_gpt1 )
# echo -e "LABEL="$( blkid -s LABEL -o value /dev/mapper/luks2_HDD_gpt1 )" /mnt/_fstab_$( blkid -s LABEL -o value /dev/mapper/luks2_HDD_gpt1 ) btrfs noatime,discard 0 0" >> /etc/fstab
# echo -e >> /etc/fstab
# install -m 777 -d /mnt/_fstab_$( blkid -s LABEL -o value /dev/mapper/luks2_HDD_gpt2_pvvg-lv1 )
# echo -e "LABEL="$( blkid -s LABEL -o value /dev/mapper/luks2_HDD_gpt2_pvvg-lv1 )" /mnt/_fstab_$( blkid -s LABEL -o value /dev/mapper/luks2_HDD_gpt2_pvvg-lv1 ) ext4 noatime,discard 0 2" >> /etc/fstab
# echo -e >> /etc/fstab
# install -m 777 -d /mnt/_fstab_$( blkid -s LABEL -o value /dev/mapper/luks2_HDD_gpt2_pvvg-lv2 )
# echo -e "LABEL="$( blkid -s LABEL -o value /dev/mapper/luks2_HDD_gpt2_pvvg-lv2 )" /mnt/_fstab_$( blkid -s LABEL -o value /dev/mapper/luks2_HDD_gpt2_pvvg-lv2 ) xfs noatime,discard 0 2" >> /etc/fstab
# hdparm -t /dev/sdb*
# hdparm -t /dev/mapper/luks2_HDD_gpt*
# dmsetup remove_all && dmsetup info -C
# wipefs --all --force /dev/PV_HDD_VG/lv*
# vgchange -an
# lvremove -v PV_HDD_VG
# vgremove -v PV_HDD_VG
# pvremove -v /dev/sdb
# ( echo v ) | fdisk -w always -W always /dev/sdb && parted -s /dev/sdb print free
# lsblk -o +fstype,label /dev/sdb
# wipefs --all --force /dev/sdb3
# ( echo d ; echo '3' ; echo w ) | fdisk -w always -W always /dev/sdb
# wipefs --all --force /dev/sdb2
# ( echo d ; echo '2' ; echo w ) | fdisk -w always -W always /dev/sdb
# wipefs --all --force /dev/sdb1
# ( echo d ; echo '1' ; echo w ) | fdisk -w always -W always /dev/sdb
# lsblk -o +fstype,label /dev/sdb
# wipefs --all --force /dev/sdb
# sgdisk -v --zap --zap-all /dev/sdb
First, you need to write zeros to /dev/mapper/backup2 encrypted device. This will allocate block data with zeros. This ensures that outside world will see this as random data i.e. it protect against disclosure of usage patterns. Run the following dd command:
dd if=/dev/zero of=/dev/mapper/backup2
Please note that there are several independent cryptsetup wrappers with their own crypttab format. This manpage covers Debian's implementation for initramfs scripts and SysVinit init scripts. systemd brings its own crypttab implementation. We try to cover the differences between the systemd and our implementation in this manpage, but if in doubt, better check the systemd crypttab(5) manpage, e.g. online at https://www.freedesktop.org/software/systemd/man/crypttab.html.
- _slack15.0/Installing Slackware on encrypted volumes
- _slack15.0/Installing Slackware on Logical volumes
- Installing Slackware with LVM/LUKS
- Btrfs: Working with multiple devices
07PKGS0PKGTOOLS.md 07PKGS1SLACKPKG+.md 07PKGS9RM.md
08BUILD.md 08BUILD1SBOPKG-14.2.md 08BUILD1SBOPKG.md
- KDE-4 в 14.x
- KDE-5 в 14.x
- MATE-1.X в 14.x
- VirtualBox и VBox Guest Additions
- VirtualBox и iTunes-windows
09PKGS3GAMES.md
10DISTUPGRADE