How to copy the root partition? - Setup

This is a discussion on How to copy the root partition? - Setup ; Hi, I wanna encrypt my root partition on sda5 with dm_crypt. Therefor I wanna copy sda5 (~6GB) to sda3 (~21GB, an empty just at the moment unused partition ) change in the fstab the root partition to sda3, reboot, encrypt ...

+ Reply to Thread
Results 1 to 8 of 8

Thread: How to copy the root partition?

  1. How to copy the root partition?

    Hi,
    I wanna encrypt my root partition on sda5 with dm_crypt. Therefor I
    wanna copy sda5 (~6GB) to sda3 (~21GB, an empty just at the moment
    unused partition ) change in the fstab the root partition to sda3,
    reboot, encrypt sda5, copy the data from sda3 back to the now encrypted
    sda5, change fstab again and everything should be fine

    But my problem is: how do I best copy the root partition for this need?
    I mean simply copying / won't work because there are many things like
    /home,etc... which will be copied with it than... -ax won't help much...
    So can you tell me what is the best way to copy the root partition in a
    way it can be run again?

    greets

  2. Re: How to copy the root partition?

    mrpink writes:

    >Hi,
    >I wanna encrypt my root partition on sda5 with dm_crypt. Therefor I
    >wanna copy sda5 (~6GB) to sda3 (~21GB, an empty just at the moment
    >unused partition ) change in the fstab the root partition to sda3,
    >reboot, encrypt sda5, copy the data from sda3 back to the now encrypted
    >sda5, change fstab again and everything should be fine


    >But my problem is: how do I best copy the root partition for this need?
    >I mean simply copying / won't work because there are many things like
    >/home,etc... which will be copied with it than... -ax won't help much...
    >So can you tell me what is the best way to copy the root partition in a
    >way it can be run again?


    mount /dev/sda5 /mnt/hd
    rsync -ax / /mnt/hd

    Note that encrypting / is probably a bad idea, since if anything goes
    wrong, nothing works. Why would you want to encrypt a partition which
    contains just stuff that comes in the original distro (well /etc/ may
    contain some additional stuff, but again it is all setup info which surely
    is not very secret.)


    >greets


  3. Re: How to copy the root partition?

    In article ,
    mrpink writes:
    > Hi,
    > I wanna encrypt my root partition on sda5 with dm_crypt. Therefor I
    > wanna copy sda5 (~6GB) to sda3 (~21GB, an empty just at the moment
    > unused partition ) change in the fstab the root partition to sda3,
    > reboot, encrypt sda5, copy the data from sda3 back to the now encrypted
    > sda5, change fstab again and everything should be fine
    >
    > But my problem is: how do I best copy the root partition for this need?
    > I mean simply copying / won't work because there are many things like
    > /home,etc... which will be copied with it than... -ax won't help much...
    > So can you tell me what is the best way to copy the root partition in a
    > way it can be run again?
    >

    cd /
    find . -mount|cpio -p /path_to_empty_new_mounted_device

    --
    MFG Gernot

  4. Re: How to copy the root partition?

    Unruh wrote:
    > mount /dev/sda5 /mnt/hd
    > rsync -ax / /mnt/hd
    >
    > Note that encrypting / is probably a bad idea, since if anything goes
    > wrong, nothing works. Why would you want to encrypt a partition which
    > contains just stuff that comes in the original distro (well /etc/ may
    > contain some additional stuff, but again it is all setup info which surely
    > is not very secret.)


    hi thanks for your tips but are you sure with this? Well I encrypted my
    home partition and I think encrypting the swap partition might also be
    quite necessary but what about root? Aren't there things stored in /tmp
    and things like that which can contain secret userdata? Or usersettings
    and hashes.. Can't they be saved on the root partition or is it really
    like you say that root contain NO interesting data which is worth to
    encrypt.

    greets

  5. Re: How to copy the root partition?

    On Sun, 01 Apr 2007 00:21:13 +0200, mrpink wrote:

    > Hi,
    > I wanna encrypt my root partition on sda5 with dm_crypt. Therefor I
    > wanna copy sda5 (~6GB) to sda3 (~21GB, an empty just at the moment
    > unused partition ) change in the fstab the root partition to sda3,
    > reboot, encrypt sda5, copy the data from sda3 back to the now encrypted
    > sda5, change fstab again and everything should be fine
    >
    > But my problem is: how do I best copy the root partition for this need?
    > I mean simply copying / won't work because there are many things like
    > /home,etc... which will be copied with it than... -ax won't help much...
    > So can you tell me what is the best way to copy the root partition in a
    > way it can be run again?
    >
    > greets
    >

    Below I explain one way to proceed. This is _one_ way, not the _only_ way.

    1. Boot a live CD with cryptsetup tool.

    2. Mount and make a _backup_ your root partition to a temporary location
    (to network or to free partition, sda3 as you suggested). Caution: The
    intricacies of making good backups is not covered here.

    3. Unmount sda5
    4. Randomize sda5 (optional). I usually create a large block of random
    data, then write it repeatedly to the target. This saves time and is
    "good enough" for my purposes. YMMV.

    # dd if=/dev/urandom of=random.block bs=1024 count=100000
    # while true;do cat random.block;done >/dev/sda5

    5. Use cryptsetup to create your device mapper device. Not shown.
    I assume you will create a device named: /dev/mapper/sda5

    6. Format your device mapper device:

    # mkfs.xfs /dev/mapper/sda5

    7. Mount your encrypted device

    # mkdir /mnt/enc_sda5
    # mount /dev/mapper/sda5 /mnt/enc_sda5

    8. Restore your backup to the mounted partition. Not shown.

    Now, you have your root partition in encrypted form.

    9. Unmount and "tear down" your device mapper device.

    # umount /mnt/enc_sda5
    # dmsetup remove sda5

    9. Randomize source of backup (if local). In your case you would wipe out
    sda3. You might want to delay this step until you have successfully booted
    your encrypted root.

    Now, reboot with an appropriate media which includes the elements
    necessary to startup using device mapper encryption. I rate this step as
    "non-trivial" (but maybe that is just because I have a project designed to
    finalize startup to encrypted disk partitions.) My project is called
    erf-dm and this is its home page:

    http://www.xmission.com/~ddmayne2/erf-dm

    BTW, I am putting the final touches on an update to this project which
    allows users to specify the encryption parameters for their disc by
    decrypting a gpg message. This allows for multiple users on a computer to
    be able to start the system, without being told a common passphrase.

    --
    Douglas Mayne


  6. Re: How to copy the root partition?

    Hi I now tried to copy root with "sudo rsync -ax / /mnt/hd" but I got
    some errors:
    sudo rsync -ax / /mnt/hd" but I got
    file has vanished:
    "/var/lib/apt/lists/de.archive.ubuntu.com_ubuntu_dists_feisty_main_i18 n_Translation-de"
    file has vanished:
    "/var/lib/apt/lists/de.archive.ubuntu.com_ubuntu_dists_feisty_multiver se_i18n_Translation-de"
    file has vanished:
    "/var/lib/apt/lists/de.archive.ubuntu.com_ubuntu_dists_feisty_restrict ed_i18n_Translation-de"
    file has vanished:
    "/var/lib/apt/lists/de.archive.ubuntu.com_ubuntu_dists_feisty_universe _i18n_Translation-de"
    rsync warning: some files vanished before they could be transferred
    (code 24) at main.c(977) [sender=2.6.9]

    most files have been copied just the above not. Do I need to care about
    these errors or can I just proceed without them?

    greets

  7. Re: How to copy the root partition?

    On Tue, 03 Apr 2007, mrpink wrote:

    > Hi I now tried to copy root with "sudo rsync -ax / /mnt/hd" but I got
    > some errors:
    > sudo rsync -ax / /mnt/hd" but I got
    > file has vanished:


    Before starting, switch to runlevel 1 to turn off the daemons and prevent
    changes to the system:

    /sbin/telinit 1

    --
    Yves Bellefeuille



  8. Re: How to copy the root partition?

    On Fri, 06 Apr 2007 23:19:12 -0400, Yves Bellefeuille wrote:


    >On Tue, 03 Apr 2007, mrpink wrote:


    >> Hi I now tried to copy root with "sudo rsync -ax / /mnt/hd" but I got
    >> some errors:
    >> sudo rsync -ax / /mnt/hd" but I got
    >> file has vanished:


    >Before starting, switch to runlevel 1 to turn off the daemons and prevent
    >changes to the system:


    >/sbin/telinit 1


    Better yet, boot off a CD and then do the partition copy.

+ Reply to Thread