Launchpad Entry: luks-management
Created: NicolasBarcet
Contributors:
Packages affected:
Summary
LUKS - Linux Unified Key Setup, is what is used to provide encrypted LVM partitions in Debian/Ubuntu.
Missing with LUKS on Debian is some management and maintenance utility. Debian encodes the location and parameters into the initramdisk, and it´s very hard for a user to change them there. It simply doesn´t boot if you change anything to the hardware. It´s easy to setup at the installation of lvm-crypt, but it´s hard to maintain it. (Moving harddisks from /dev/hda to /dev/hdc due to hardware changes or weird SATA controllers, ...)
Release Note
This section should include a paragraph describing the end-user impact of this change. It is meant to be included in the release notes of the first release in which it is implemented. (Not all of these will actually be included in the release notes, at the release manager's discretion; but writing them is a useful exercise.)
It is mandatory.
Rationale
Use Cases
Migrating the harddisk to a new computer
The old computer has physical problems, so you take the harddisk out of the old computer, buy a new computer, and put the harddisk into the new computer. The new computer has slightly different hardware (added SATA controller, or some virtual CD-Drives from SUN X4200 ILOs, or whatever), which changes the address of the harddisk from e.g. /dev/hda to /dev/hde or from /dev/sda to /dev/sdi Now the problem is that the device address if fix-coded generated into the initramdisk, and the initramdisk only tries to open the LUKS at that address.
Managing the LVM part of LUKS
The harddisk gets full, so you add a second harddisk, and install the second harddisk in the computer. Since the default setup of Ubuntu uses LVM when you want LUKS, you already get an LVM setup for free. Now it is possible to add the second harddisk to the LVM, and grow the partitions inside the LVM to the second harddisk. So that LUKS is spanned over both harddisk. It is possible, and I succeeded once to do it. But it isn´t documented, and it´s quite hard to do it manually.
Moving an LVM setup to a larger harddisk
You buy a new harddisk, you don´t have enough space to run both harddisks in parallel. So the idea is that you copy the whole LVM setup to the new harddisk, and then enlarge it on the new harddisk. I haven´t tried that yet.
Creating new LUKS setups
You want to store confidential data on a new external hardisk or USB-stick. How do you format it with LUKS enabled? How do you mount it?
high-security setup
(I guess you won´t need that for normal customers, so we´ll have to get that implemented in LUKS on our own, so I just mention it for completeness Combine LUKS with computer-case-opening sensors (some servers have them built-in already. Most laptops have opening sensors which are used to put the laptop into sleep mode when it´s closed, you just use them the opposite way), so that LUKS can be configured to sync the filesystems and wipe the keys in case of someone trying to open the computer
Assumptions
Design
Implementation
Migrating the harddisk to a new computer
Suggestion would be to first try to open LUKS at the fix-coded initramdisk address, and if that doesn´t work, then it should scan all harddisks for that LUKS partition. (Or it might be able to detect that it just booted from the boot partition on that harddisk, and that it changed this way)
TBC'
UI Changes
Should cover changes required to the UI, or specific UI that is required to implement this
Code Changes
Code changes should include an overview of what needs to change, and in some cases even the specific details.
Migration
Include:
- data migration, if any
- redirects from old URLs to new ones, if any
- how users will be pointed to the new way of doing things, if necessary.
Test/Demo Plan
It's important that we are able to test new features, and demonstrate them to users. Use this section to describe a short plan that anybody can follow that demonstrates the feature is working. This can then be used during testing, and to show off after release.
This need not be added or completed until the specification is nearing beta.
Outstanding Issues
This should highlight any issues that should be addressed in further specifications, and not problems with the specification itself; since any specification with problems cannot be approved.
BoF agenda and discussion
Use this section to take notes during the BoF; if you keep it in the approved spec, use it for summarising what was discussed and note any options that were rejected.