02-08-2020, 10:09 AM
(02-07-2020, 07:47 PM)Jeremiah Cornelius Wrote:(02-07-2020, 04:55 PM)Solra Bizna Wrote: The setup I've used for my encrypted disks on all my recent systems, including my PBP, is to create a single LUKS partition and both root and swap on LVM inside that. Setup is annoying (LVM's documentation is slightly worse than nonexistent in some places) but then it all works with no extra pain, including restoring a hibernate* image from the encryped swap. This would also seamlessly work with separate /home as well. I'm not sure why this isn't the norm in the various "encrypted everything" guides.This was, if not any longer, the default partitioning done by Ubuntu, when selecting "Whole Disk" in the installer.
*(not that I've successfully hibernated my PBP yet)
LVM plus encryption simplified my movement of an installation to a larger block device, but made the expansion of the LUKS, the LVM and then the Ext4 FS an unwieldy, complicated sequence.
Those are the kinds of things that were solved by Sun and Veritas with high-level abstraction in management utilities, 20 years ago! Well, we do have... gparted!
To be fair, without LVM you can't do things like shutdown your laptop, replace your HDD/SSD, connect the old one with USB adapter, start your laptop from the old drive over USB, start migration, keep working as usual while migration is going on, then once it is finished just unplug the old drive in the middle of some build job or whatnot and shortly afterwards just suspend your laptop, throw it into backpack and get on your way. Without LVM even if the sequence is much simpler you're kinda stuck with either a lengthy downtime while the old drive is being cloned to a new one or with multiple rounds of rsync runs and shorter but still an extra downtime.