I trying to install Fedora 31 onto an encrypted partition with LVM setup. The Anaconda installer seems to be unable to handle this.
Steps to reproduce behaviour:
Create 2 partitions. One for boot and one root.
Format the boot partition and do
cryptsetup luksFormat --type luks2 on the second partition.
Open the Anaconda installer and select custom partitioning.
Open the mount point and try to assign the root mount point(/) to the partition.
You will see that you are not able to create any volume groups or logical volumes and also get some weird error about there no being enough space for thin pool.
How do I install Fedora in with LVM on LUKS ?
Is there any way to install via command line without Anaconda?
The documentation is fairly clear here:
Most types of block devices can be encrypted using LUKS. From anaconda you can encrypt partitions, LVM physical volumes, LVM logical volumes, and software RAID arrays.
Source: Fedora Disk Encryption User Guide
If that doesn’t work for you for some reason it is most likely a bug.
I already know how to create encrypted devices. The point is Anaconda does not know how to handle them for installation.
Where do I report the bugs for Anaconda?
And how do I install Fedora on LVM on LUKS setup.
I have found the solution by complete accident. My god, this should be in the Wiki.
So, depending on where you select the “Encrypt” option, Anaconda gives you either “LVM on LUKS” or “LUKS on LVM”
First “LUKS on LVM”
So basically if you select “Encrypt” right next to Device Type Anaconda infers that you want to create the LVM first then LUKS. Which means it will encrypt this logical volume ONLY and not the whole drive.
Second “LVM on LUKS”
To get the behavior that I want I have create a new Volume Group by clicking the dropdown from “Volume Group” and then selecting “Create a new Volume group” and then on that dialog check Encrypt.
Pro tip: If you want to leave some space of snapshots then on the Volume Creation dialog select “Size Policy” as “Large as possible” and then on the “Desired Capacity” on the main screen input a size than that of the total Volume Group. This leaves some free space for other logical Volumes like snapshots.
Is there anyway this can be added to the Wiki ?
Wow this was not obvious.
This can also be done using the “Advanced Custom (Blivet - GUI)” option.
Glad you figured it out. How about you mark your answer as solution of the thread?
There is a big problem with the solutions that I have described.
They all will default to LUKS version 1 and not LUKS version 2.
Fedora makes it so hard to get the best security.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.