Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save nyxz/7139bba3ba44988fa317e7a2413e4dc7 to your computer and use it in GitHub Desktop.
Save nyxz/7139bba3ba44988fa317e7a2413e4dc7 to your computer and use it in GitHub Desktop.
Install LMDE (Linux Mint Debian Edition) with LVM on LUKS (encryption) & hibernation support
# Title: Install LMDE (Linux Mint Debian Edition) 17 with LVM on LUKS (encryption) & hibernation support
#
# Description: These are very rough notes for installing LMDE with
# encryption via LVM on top of LUKS.
# - This includes SWAP being within LUKS
# - Includes fixing hibernation (which will also apply to Debian Jessie or greater)
########
# 1. Boot from LMDE DVD/USB/...
########
# 2. Wipe the target drive and create partitions
# - be careful since the primary disk may be detected at a different path than /dev/sda
# - the following will
# - create a traditional msdos (not GPT) MBR since my BIOS doesn't work with GPT
# - create a 300MB /boot partition
# - use the rest of disk for the LUKS encrypted volume
sudo - su # everything needs to be done as root
dd if=/dev/zero of=/dev/sda iflag=nocache oflag=direct bs=4096
apt-get install parted
parted -a optimal /dev/sda
print
mklabel msdos
unit mib
mkpart primary 1 300
set 1 boot on
mkpart primary 300 -1
print
quit
########
# 3. Encrypt, format, and mount
cryptsetup luksFormat -c aes-xts-plain64 -s 512 -h sha512 -i 5000 -y /dev/sda2
cryptsetup luksDump /dev/sda2 # check your work
cryptsetup luksOpen /dev/sda2 lvmlocal
pvcreate /dev/mapper/lvmlocal
vgcreate lvmlocal /dev/mapper/lvmlocal
lvcreate -L 16G -n swap lvmlocal
lvcreate -L 20G -n root lvmlocal
lvcreate -l 100%FREE -n home lvmlocal
lvs # check your work
mkfs.ext4 /dev/sda1
mkfs.ext4 /dev/mapper/lvmlocal-root
mkfs.ext4 /dev/mapper/lvmlocal-home
mkswap -f /dev/mapper/lvmlocal-swap
swapon /dev/mapper/lvmlocal-swap
mkdir /target
mount /dev/mapper/lvmlocal-root /target
mkdir /target/boot /target/home
mount /dev/mapper/lvmlocal-home /target/home
mount /dev/sda1 /target/boot
# 4. Start installer
# - Click: Menu -> Administration -> Install Linux Mint
# - For the partitioning choose: (Advanced) manually mount
# - After the 1st part of the installer process completes, continue with steps below
# 5. A few extra steps to make the system ready
LANG=C chroot /target /bin/bash
UUID_BOOT_PARTITION=$(blkid /dev/sda1 | sed -n 's/.*UUID=\"\([^\"]*\)\".*/\1/p')
UUID_SWAP_PARTITION=$(blkid /dev/mapper/lvmlocal-swap | sed -n 's/.*UUID=\"\([^\"]*\)\".*/\1/p')
UUID_ROOT_PARTITION=$(blkid /dev/mapper/lvmlocal-root | sed -n 's/.*UUID=\"\([^\"]*\)\".*/\1/p')
UUID_HOME_PARTITION=$(blkid /dev/mapper/lvmlocal-home | sed -n 's/.*UUID=\"\([^\"]*\)\".*/\1/p')
cat > /etc/fstab << "EOF"
# <fs> <mount point> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
none /dev/pts devpts gid=5,mode=620 0 0
#sys /sys sysfs nodev,noexec,nosuid 0 0
EOF
echo "#UUID=${UUID_ROOT_PARTITION} / ext4 defaults 0 0" >> /etc/fstab
echo "/dev/mapper/lvmlocal-root / ext4 defaults 0 1" >> /etc/fstab
echo "#UUID=${UUID_HOME_PARTITION} / ext4 defaults 0 0" >> /etc/fstab
echo "/dev/mapper/lvmlocal-home /home ext4 defaults 0 1" >> /etc/fstab
echo "UUID=${UUID_BOOT_PARTITION} /boot ext4 defaults 0 1" >> /etc/fstab
echo "#UUID=${UUID_SWAP_PARTITION} none swap sw 0 0" >> /etc/fstab
echo "/dev/mapper/lvmlocal-swap none swap sw 0 0" >> /etc/fstab
grep -v swap /etc/fstab >/etc/mtab
apt-get -y update
apt-get -y install tzdata lvm2 cryptsetup initramfs-tools python-software-properties
echo aes-i586 >> /etc/initramfs-tools/modules
echo aes_x86_64 >> /etc/initramfs-tools/modules
echo dm-crypt >> /etc/initramfs-tools/modules
echo dm-mod >> /etc/initramfs-tools/modules
echo xts >> /etc/initramfs-tools/modules
echo "lvmlocal /dev/sda2 none luks,tries=3" >> /etc/crypttab
vim /etc/default/grub
# update this line:
# GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda2:lvmlocal root=/dev/mapper/lvmlocal-root resume=/dev/mapper/lvmlocal-swap"
dpkg-reconfigure locales
# I chose en_US.UTF-8
# 6. finish installer
# - do not reboot
umount /target/boot
umount /target/home
umount /target
reboot
# 7. Fix hibernation
# - this took some time to discover
sudo su -
apt-get install sysfsutils
echo "power/disk = shutdown" >> /etc/sysfs.d/local.conf
cat /sys/power/disk
# output should look like this: platform [shutdown] reboot suspend
# 8. All done. Test hibernation if you like
sudo pm-hibernate
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment