Requirements:
-
A good internet connection, we will be downloading around 2 GB.
-
A Linux system with xorriso or VirtualBox Linux installation with xorriso.
-
Fedora Server NetInstall Image (This is because Live Images don’t support Kickstart installs like Fedora-Workstation-Live)
-
Patience !!!
Problem Statement:
The current Anaconda installer allows the configuration of LVM on LUKS, but the LUKS version will be LUKS1, there is no way to instruct the graphical installer to use LUKS2. The only way to do this is via Kickstart, where you can specify the LUKS version to be 2. But the problem is that you will be downloading the whole installation, which is why a good internet connection is required.
Instructions:
-
First create you Kickstart file. My advise is not to write it from scratch but use the one in your own installation which is found under
/rootnamed anaconda-ks.cfg. This provides a good starting point. -
I will be mainly concentrating on the partitioning portion of the Kickstart file, where you can specify the LUKS version. This is what I had used for my laptop:
# Disk partitioning information
part pv.961 --fstype="lvmpv" --ondisk=sda --size=952332 --encrypted --luks-version=luks2 --passphrase=YOUR_PASSPHRASE
part /boot/efi --fstype="efi" --ondisk=sda --size=512 --fsoptions="umask=0077,shortname=winnt"
part /boot --fstype="ext4" --ondisk=sda --size=1024
volgroup vgfedora --pesize=4096 pv.961
logvol / --fstype="ext4" --size=716800 --name=fedora --vgname=vgfedora
So just a brief explanation of what this is doing is partitioning my 1TB HDD into 3 partitions
/dev/sda1 ` Mount Point /boot/efi`
/dev/sda2 ` Mount Point /boot`
/dev/sda3 ` Mount Point /`
/dev/sda1 = This is my EFI System Partition, where my bootloader will reside.
/dev/sda2 = This is my /boot partition where my kernels will reside. It needs to be unencrypted.
/dev/sda3 = This is my root partition. This is will fist be formatted as LUKS2 device. LUKS2 because notice we have specified LUKS2 in the above config. And then the create an LVM on top of with Volume Group vgfedora and logical volume fedora.
Note to MBR+BIOS users:
This partitioning style refers to an UEFI+GPT system, if you are using the older MBR+BIOS systems you do not need the /boot/efi partition, you just need the /boot and other partitions you might create.
You can create more complex partitions and that is upto you, you can find more information about Kickstart partitioning here: https://docs.fedoraproject.org/en-US/fedora/rawhide/install-guide/appendixes/Kickstart_Syntax_Reference/#sect-kickstart-commands-storage
You may note that there is no swap partition. that’s because I prefer using a SwapFile instead of a partition. But again that’s just my personal preference.
Next you may want to select the packages you want in your installation, but please note, adding more packages will just increase the download size.
This is what I used:
%packages
@^workstation-product-environment
@admin-tools
@authoring-and-publishing
@c-development
@container-management
@d-development
@development-tools
@editors
@headless-management
@libreoffice
@mate-applications
@network-server
@office
@rpm-development-tools
@sound-and-video
@system-tools
@window-managers
Lastly, this may not be good advice but if you find it difficult to create the Kickstart file, then you might try installing Fedora on VirtualBox and copy the Kickstart file from its installation. I know its inefficient but this is what I did when I was in doubt as to whether an option would work or not.
- So now you have finalized you Kickstart file and its time to add it to the Fedora Image. Sadly, most tutorials on Youtube or on the net do not describe in detail how to use the Kickstart file in a local install, without a NFS/Network install.
I don’t know if this is the best method but it worked for me. You need to add the kickstart file into the ISO image via multisession, this is were xorrison comes in:
The command to do this is:
xorriso -indev Fedora-Server-netinst-x86_64-31-1.9.iso \
-outdev test.iso \
-compliance no_emul_toc \
-map "kickstart_file" "/EFI/BOOT/ks.cfg" \
-boot_image any replay
A brief explanation of what this command does is open your original disk image add the kickstart file in the EFI/BOOT folder with the name ks.cfg, this is the -map command. The -compliance no_emul_toc removes all multisession history, and the command -boot_image any replay rebuilds the boot equipment to match the new disk. Lastly, -outdev test.iso just writes to a file called test.iso.
The credit for the above xorriso command goes to none other but the creator of xorriso itself - Thomas Schmitt. Thanks for all your help, could not have done this without your help.
So you should have a file called test.iso in your directory.
- Now you are almost done, just transfer your image to a USB using
ddor ImageWriter if you are Windows and boot into Fedora. Now the kickstart configiration needs to be specified at the boot time. Depending on whether you are using MBR or UEFI to boot you will be greeted with ISOLINUX for MBR and GRUB2 for UEFI.
The method is only slightly different for them:
ISOLINUX: At the bootscreen press Tab after selecting the Start Fedora option. Append the following line:
ks=hd:LABEL=Fedora-S-dvd-x86_64-31:/EFI/BOOT/ks.cfg
It will look something like:
All this is doing is pointing to the Kickstart file that we added. Press Enter to boot.
GRUB: Just select Start Fedora and press e then add in the same line to startup parameters. It will be something like:
Press Ctrl-x to boot.
If all goes well you should boot into a Kickstart installation, you might need to configure your network adapters as needed, but don’t touch the partitioning info as selecting it will break the LUKS2 config.
Final Thoughts:
I am new to Fedora and Linux in general so I hope if I have made any mistakes you will let me know in the comments rather than insulting me 
Having said that I would like to voice my criticisms of the Anaconda installer and its shortcomings.
Firstly, I don’t understand why a Kickstart file needs to be specified at the boot-time for Anaconda, why can’t there just be a simple command line switch ? Imagine if you had to specify your VIMRC at boot time.
Secondly, I really could not find any documentation of running Anaconda from the command line only, Arch variants like Manjaro have a much more sane install. Anaconda really gives you very little flexibility.
Thirdly, I don’t understand why this bug has not been fixed in the Anaconda installer, some people point out its because of booting problems from LUKS2, but I am on an UEFI+GPT system and I have not faced any such issues. Who knows, maybe I will be facing them in the future.
Hope this helps,
Thanks.
