Red Hat Bugzilla – Bug 438955
Installer doesn't encrypt partitions
Last modified: 2008-03-29 08:36:32 EDT
The Fedora 9 Beta installer offers an "enrypt" option for partitions:
- It "forgets" if you select this option, i.e. when you edit the partition
again the setting is lost
- If you have selected it and proceed with the installation it doesn't ask for
passwords nor encrypt the partitions
I was unable to replicate the behavior you described. Can you please provide a
detailed description of the process so I might make another attempt?
I downloaded the Fedora 9 Beta DVD .iso, mounted & exported that on my HTTP
server, copied the PXE boot images onto my existing /boot partition and rebooted
to that kernel via GRUB, I chose "custom partition layout" in the installer so
that I could reuse the existing Fedora 8 harddisk setup:
Paritions on sda:
sda1 ext3, /boot
sda2 LVM VG 0
LVM VG 0:
VolGroup00-LogVol00 LUKS encrypted, ext3, /root
VolGroup00-LogVol01 LUKS encrypted, swap
VolGroup00-LogVol02 LUKS encrypted, ext3, /home
As the installer didn't recognize the existing LUKS encrypted partitions (see
also bug #438954), I decided to only reuse some partitions and selected the
sda1 ext3, do not format, /boot
VolGroup00-LogVol03 ext3, format, encrypt, /root
VolGroup00-LogVol01 swap, format, encrypt
Every time I went back into the edit dialog for LV1 or LV3 the encrypt option
was deselected. When I went ahead to continue the installation the partitions
were only formatted but not encrypted.
I can't loose the current Fedora 8 setup so I can't do a fresh install.
Sorry for the confusion. The checkbutton in the dialog to edit the LV is
non-functional. F9-Beta does not support encrypting logical volumes. It does,
however, support encrypting PVs, partitions, and RAID devices (not RAID members,
though). Support for encrypted LVs is now in rawhide, so it will likely be in F9.
Confirmed. With todays rawhide I was able to select encryption for the root and
swap LVM partitions and was asked for the password. The installer then encrypted
and formatted them correctly.
Unfortunately the install later aborted due to a package missing error so I was
unable to really test the encryption support in Fedora 9 after all :-(