From 11.1 to 11.4 With Luks encryption.

English Install/Boot/Login
#1

Hi,

Notice 1:

This is by no way a “How To” for everybody to follow.
This is a How I did It in a very specific migration scenario. :slight_smile: sorry folks no time for a big dissertation about migrations.

Scenario:

I have a old laptop with openSuSE 11.1 64 bits that I used for a project that needs maintenance now. I used mainly KDE 3.5 as my preferred Desktop.

Before any comments, Yes I am a Proud User of the Evergreen project:) , and I also would like to thanks the folks that work on that project. Very useful for many people.

My idea is to give try an upgrade from 11.1 to 11.4 (64 bits) and try not to loose a lot of the configs I had on the laptop.

The laptop has 4 filesystems

/dev/sda1 swap
/dev/sda2 / ext3 encrypted with Luks
/dev/sda3 /home ext3 encrypted with Luks
/dev/sda4 /var ext3 un-encrypted filesystem

And boots from flash usb /dev/sdc1

My idea was : If something would go wrong … what the heck … install clean

Otherwhise lets give it a try and see how things go …

To be more precise, I will install a 11.4 Clean install but without mounting the luks encrypted filesystem of /home.
After installation I would mount and proceed like in:

SDB:Encrypted root file system (deprecated) - openSUSE

http://en.opensuse.org/SDB:Encrypted_root_file_system_(deprecated)

To make sure the system with openSuSE 11.4 boots with the encrypted swap, and /home partitions.

In this matter maybe some setups can be maintained therefore the migration work would be far less simple and straightforward. Every setup is already in my user /home/user directory.
Of course as the software versions are very different things can go very bad :slight_smile:
And some stuff will simply not work. But a major clean install would have the same result.
so no loss there.

Ok, things actually went very well!
And although I did not have time to check for a lot of things the desktop seems to work very well !
Old Desktop app links are all there.
Firefox bookmarks work ok! and even the last firefox session opens with all tabs.
Calendar and contact have been migrated with no problems (I do not use them a lot also … )
And also the older konqueror windows open are also now open with all the docs i had on the previous desktop opening at boot!
Kate text documents are also opened. Although kate works in a different manner now …
Well … things look ok …

Here is how I done it …

First …install openSuSE 11.4 64 bits from DVD.

Install normally, boot, choose install, insert usb flash boot disk (in my specific case), but when you reach the disk selection choose Cancel when prompted for the partitions password.

When asked about password for the encrypted filesystems I canceled.

Options I choose was Create Partition setup.

Make Custom Partitions.

and them … I used Only the last un-encrypted filesystem to install 11.4. (no swap need) and boot from usb flash /dev/sdc1 (the old boot device).
Both /dev/sda4 (now /) and /dev/sdc1 (/boot) where formated and both receive their respective mount points.
I have always an un_encrypted filesystems for the case of trouble … if someone makes a search on this fora it saved me a couple of times :slight_smile:
I believe this could also be done with an External usb drive in case someone has all the hdd partitions encrypted.

After this is a simple install, choose software and go for it.

After the install completed I had

/boot on /dev/sdc1
/ on /dev/sda1

I go to the prompt and as root and:

load modules necessary for encryption:


modprobe dm-mod
modprobe dm-crypt
modprobe aes
modprobe sha256
modprobe sha1

mount old swap


cryptsetup -v luksOpen /dev/sda1 swap

activate swap


mkswap /dev/mapper/swap
swapon /dev/mapper/swap

Root filesystem:

Activate old root partitions:


cryptsetup -v luksOpen /dev/sda2 root

mount old /


mkdir /mnt/root
mount -t ext3 /dev/mapper/root /mnt/root

erase all data from old /
whent to mc and erased everything on /mnt/root/*

copy everything from current root to the old filesystem:


cd /
rsync -AHSXax / /mnt/root/

and then i simply change the /mnt/root/etc/fstab in acordance with the pretended new setup:

added


/dev/mapper/root     /      ext3    acl,user_xattr        1 1
/dev/mapper/swap   swap     swap    defaults              0 0
/dev/mapper/home   /home    ext3    acl,user_xattr        1 2

made the new mkinitrd


mkinitrd -d /dev/mapper/root -f "dm luks"

mounted the /dev/sdc1 on /boot and change the boot options with:


title "New TITLE"
root (hd0,0)
   kernel /vmlinuz-VER-default root=/dev/mapper/root luks_root=/dev/sda2 luks_swap=/dev/sda1 luks_home=/dev/sda3 luks="root swap home" vga=0x317 resume=/dev/mapper/swap splash=silent showopts
   initrd /initrd-VER-default

rebooted and … it worked !

things to do next:

-check for up-dates and specially kernel up-dates.
-Install nvidia graphics driver

  • See if everything else works …

I will report if some major problem happens with this setup … I think this will be ok thought … so for the folks with the setup as the one I have this is a possible up-grade scenario.

Best Regards