Categories
Uncategorized

CentOS – How to manage system services

Short note on how to manage system services using CentOS.

Categories
Uncategorized

How to modify squashfs image

You cannot modify squashfs image directly but you can uncompress it, apply changes and compress it again.

Categories
Uncategorized

Ubuntu – How to use persistent encrypted partition

Simple solution using Linux Unified Key Setup.

Categories
Uncategorized

Ubuntu – How to use encrypted tmp partition

The answer is to recreate encrypted tmp partition every boot with random key as you do not need to keep temporary data in memory.

Categories
Uncategorized

Ubuntu – How to encrypt swap partition

Create partition for swap (/dev/sdaX in this example). Prepare and enable it using mkswap and swapon commands. If you already use swap partition then omit these steps.

$ sudo mkswap /dev/sdaX
Setting up swapspace version 1, size = 4194300 KiB
no label, UUID=325d9718-8532-460d-afec-74e6aee9ae5f
$ sudo swapon /dev/sdaX

Execute ecryptfs-setup-swap script (it is part of ecryptfs-utils package):

$ sudo ecryptfs-setup-swap
WARNING:
An encrypted swap is required to help ensure that encrypted files are not leaked
to disk in an unencrypted format.
HOWEVER, THE SWAP ENCRYPTION CONFIGURATION PRODUCED BY THIS PROGRAM
WILL BREAK HIBERNATE/RESUME ON THIS SYSTEM!
NOTE: Your suspend/resume capabilities will not be affected.
Do you want to proceed with encrypting your swap? [y/N]: y
INFO: Setting up swap: [/dev/sdaX]
 * Stopping remaining crypto disks...
 * cryptswap1 (stopped)...                                                [ OK ]
 * Starting remaining crypto disks...
 * cryptswap1 (starting)..
 * cryptswap1 (started)...                                                [ OK ]
INFO: Successfully setup encrypted swap!

Changes are automatically applied to crypttab and fstab configuration files.

$ cat /etc/crypttab | grep /dev/sdaX
cryptswap1 /dev/sdaX /dev/urandom swap,cipher=aes-cbc-essiv:sha256
$ cat /etc/fstab | grep cryptswap1
/dev/mapper/cryptswap1 none swap sw 0 0
Categories
Uncategorized

How to backup DOS-type partition table/GPT and LVM metadata?

DOS partition table

We can use sfdisk to dump partition table in usable format and store it:

$ sudo sfdisk -d /dev/sda > sda_partitions

Partition table can be restored using stored backup:

$ sudo sfdisk /dev/sda < sda_partitions

Partition table can be easily cloned (from sda to sdz in this example):

$ sudo sfdisk -d /dev/sda | sfdisk /dev/sdz

GPT

To backup GUID partition table use sgdisk command (from gdisk package):

$ sudo sgdisk -b sda_gpt_backup /dev/sda

Restore it in similar way:

$ sudo sgdisk -l sda_gpt_backup /dev/sda

LVM

To backup LVM metadata for volume group vol_test to vol_test_backup file use command:

$ sudo lvm vgcfgbackup -f vol_test_backup vol_test

To restore volume group metadata use similar command:

$ sudo lvm vgcfgbackup -f vol_test_backup vol_test

To restore physical volume metadata (with specified UUID to /dev/sda1 device):

$ sudo pvcreate --restorefile vol_test_backup --uuid rRD... /dev/sda1

There is a little more work to be done in this case (beyond this short post) so jump directly to Red Hat – Logical Volume Manager Administration.

Categories
SysOps

How to get disk UUID

I recently needed to know the UUID (universally unique identifier) of my bootable USB root partition. It is a better way to distinguish storage devices because device names can change depending on the connection order.

How to mount software RAID1 member using mdadm

Just a moment ago I connected my old hard drive and realized that it was a RAID member.

Categories
SysOps

Boot to RAM notes

This post contains notes on this topic in the form of a concise guide.

How to add custom grub2 menu entry?

Edit /etc/grub.d/40_custom file to add a custom entry in grub2 menu.