Install Linux Mint Debian Edition (LMDE 6) with custom LVM on LUKS
I like to create storage space to hold the contents of my home directory that is separate from the space that contains the root filesystem. This makes it easier if I decide to re-install Linux on the target system while preserving user data.
Using a combination of Linux Unified Key Setup (LUKS) and Logical Volume Manager (LVM), I encrypt the storage space and create “virtual partitions” (Logical Volumes or LVs) for separate root and home file systems. Installing LVM on top of the encrypted partition allows the creation of multiple LVs protected by a single passphrase, and the ability to create and resize LVs as needed.
Let's go!
During an install of LMDE 6 "Faye" - if you select the option to automatically erase and partition the disk using LUKS and LVM - the installer creates a single encrypted partition with two LVs: a swap LV, and a root LV that uses all remaining disk storage. There is no option to add a home LV to the automatic schema.
My setup
LMDE is installed as the sole OS on the device. I use the LMDE installer to erase, partition, and encrypt the storage space, and configure LVM.
After the installer finishes - but before rebooting - I shrink the root LV to free up storage, then create a new home LV.
This is how I do it ...
1. During the install: Installation type
Choose Automated Installation which will Erase a disk and install LMDE on it.
Select Use LVM (Logical Volume Management) and Encrypt the operating system.
A password to secure the storage is entered and confirmed.
Proceed with the rest of the install as per usual.
2. After the install: Do not restart (yet)
When the Mint installer finishes, select No to continue with system configuration.
3. Switch to root
Open a terminal. Switch to root:
mint@mint:~$ sudo -i
root@mint:~#
Run mount | grep /dev/mapper/lvmlmde and ensure nothing is returned (LVs need to be unmounted).
4. View layout
Run lsblk -f and view the partition layout generated by the LMDE installer.
Example: In my install, the partition used for encryption is vda3 and the encrypted LUKS device is lvmlmde.
List physical volumes (PV) with the command vgs. There is a single PV (also) labelled lvmlmde.
List the LVs with lvs. There are two: root LV, and swap LV.
Note: Only LVs with ext2, ext3, ext4, ReiserFS, and XFS file systems are supported for resizing.
5. Resize root
Shrink the root LV to free up space for a new home LV.
Set the desired size of root (example: 40G) and resize its file system all at once:
root@mint:~# lvresize -L 40G --resizefs lvmlmde/root
6. Create home
Create the new home LV.
Option 1: Use fixed amount of storage (example: 300GB)
root@mint:~# lvcreate -L 300G lvmlmde -n home
Option 2: Use percentage of free capacity (example: 80%)
root@mint:~# lvcreate -l +80%FREE lvmlmde -n home
7. Format home
The new LV will appear as /dev/lvmlmde/home.
Format the LV with an appropriate file system (example: ext4):
root@mint:~# mkfs.ext4 /dev/lvmlmde/home
8. Move home
Mount the LVs:
root@mint:~# mkdir /mnt/{root,home}
root@mint:~# mount /dev/lvmlmde/root /mnt/root/
root@mint:~# mount /dev/lvmlmde/home /mnt/home/
Move the contents of /home from the root LV to the new home LV:
root@mint:~# mv /mnt/root/home/* /mnt/home/
9. Fstab
Create an entry for home in /mnt/root/etc/fstab:
root@mint:~# echo "/dev/mapper/lvmlmde-home /home ext4 defaults 0 2" >> /mnt/root/etc/fstab
10. Finish
Unmount LVs:
root@mint:~# umount /mnt/home
root@mint:~# umount /mnt/root
Deactivate swap and volume group:
root@mint:~# swapoff -a
root@mint:~# lvchange -an lvmlmde
Remove the encrypted device mapping:
root@mint:~# cryptsetup close lvmlmde
Done! Reboot and enjoy.
» Next: How to create a LAN subnet using OpenWrt
« Previous: Where is the Earth?