Table of Contents
The Slackware installer
Install to Logical Volumes (LVM)
Encrypted partitions
Installation to encrypted partitions works well with the stock Slackware kernels.
If you want to compile your own custom kernel to work with LUKS encrypted partitions you need to enable at least the following two options in your kernel configuration:
Multiple devices driver support (RAID and LVM) ---> <*> Device mapper support <*> Crypt target support
This is equivalent to the following options in your .config
file:
CONFIG_BLK_DEV_DM=y CONFIG_DM_CRYPT=y
Do not compile these as module! They are required in your kernel.
Using an initrd with a big kernel
When you use an initrd file for your box(a requirement for installing Slackware to LVM or LUKS partitions) you will notice that there is a maximum to the size of the kernel you use with it. If the kernel grows to big (like with the 'huge' kernels of Slackware > 12.0) you will see the following lilo error message:
Warning: The initial RAM disk is too big to fit between the kernel and the 15M-16M memory hole. It will be loaded in the highest memory as though the configuration file specified "large-memory" and it will be assumed that the BIOS supports memory moves above 16M.
As far as I know there is no remedy against this message - you need to shrink your kernel until there is room for the initrd image. A Slackware 'generic' kernel is small enough. The recommendation for 'huge' kernels is that they are not meant for daily use anyway. Either you compile your own custom kernel, or use one of the generic kernels with an initrd.
Errata
README_CRYPT.TXT
I'd like to correct two things omitted in the README_CRYPT.TXT file for Slackware 12.0. They relate to setting up an encrypted root partition in Slackware.
- First issue:
When you finish the installation and the README prompts you toperform a chroot into the new installation
, there is one command missing. As a result, there will not be a/dev/mapper/cryptroot
available inside the chroot and therefore the attempt to install LILO will fail with the errorFatal: Illegal 'root' specification: /dev/mapper/cryptroot
Please change the list of commands that goes like
mount -o bind /proc /mnt/proc mount -o bind /sys /mnt/sys chroot /mnt
to
mount -o bind /proc /mnt/proc mount -o bind /sys /mnt/sys mount -o bind /dev /mnt/dev chroot /mnt
and then proceed with the remainder of the README.
IF for whatever reason you get something like this error after running “mount -o bind /dev/mnt/dev
”:mount: wrong fs type, bad option, bad superblock on /dev, missing codepage or other error In some cases useful info is found in syslog - try dmesg | tail
then please run this command instead:
cp -a /dev/mapper /mnt/dev/
which will add the required files intto the installed system so that lilo will install successfully. I have had reports from several people who experienced the above error, and I have seen it happen myself too, for reasons unclear to me.
- Second:
The README_CRYPT.TXT mentionsChange the boot device to name of the small unencrypted partition you've created and which is mounted under /boot
- it should be clear that this advice should not be taken when you configured LILO to be installed in the MBR.
The example shown in README_CRYPT.TXT is for a Slackware setup when there is another OS bootloader (such as MS Windows) already installed in the MBR, and your encrypted Slackware installation is a secondary install for which LILO needs to be installed into the root sector of a partition instead.
If you are installing Slackware as the first and only Operating System on the computer, please configure/etc/lilo.conf
so that LILO installs into the MBR. You still need that small unencrypted partition for/boot
of course… LILO can only load the kernel and initrd if they are found on an unencrypted medium.
- Third:
When you run thelilo
command and you are using LVM and/or LUKS-encrypted partitions, lilo will show the following warning message (or something very similar):Warning: "/proc/partitions' does not match '/dev' directory structure. Name change: '/dev/dm-0' -> '/dev/mapper/cryptroot' Warning: Name change: ... etc.
These messages are harmless and you can safely ignore them.
I hope this clarifies the issues some people reported to me after Slackware 12.0 was released.
– Eric 03-july-2007