Some were taken from Mint's Live Installer:
- A new user picture button.
- Offline Broadcom dkms installation.
- Minor graphical improvements
- Select the device for Grub installation in the partition overview by means of a selectable check box. This resulted in a complete partition overview: Live Installer checks where Grub was installed to show that in the overview and I could now drop the last "Advanced ontions" screen. Leaving just four screens to configure before installation.
- Right-click on a partition to select the "Advanced..." menu to encrypt the selected partition. It will ask for your encryption password if there already is an encrypted partition present. The Live Installer does recognize it as being encrypted and can extract the information from it only with that password.
- Labels can now be written to the partitions.
If that's too much but you still would like to test the new Live Installer on an older ISO you can download the debs here:
Then boot live and install that deb before running the Live Installer. You cannot test the Broadcom driver installation this way: the needed package is only available on the aforementioned ISOs.
Before you start testing you need to run live-installer from a terminal and save the output when you're done.
Do this in VirtualBox and not on metal! You'll need at least two drives with several partitions each.
- Grub on /dev/sda, / on /dev/sda1, /home on /dev/sdb1
- Grub on /dev/sda, / on /dev/sda1, /home on /dev/sdb1 encrypted
- Grub on /dev/sda, / on /dev/sda1 encrypted (this should warn you to mount /boot on a separate, non-encrypted partition), /home on /dev/sdb1 encrypted
- Grub on /dev/sdb, / on /dev/sda1, /home on /dev/sdb1
- Grub on /dev/sda1, / on /dev/sda1, /home on /dev/sdb1
- Grub on /dev/sda1, / on /dev/sda1 encrypted, /home on /dev/sdb1 encrypted
- Grub on /dev/sda, / on /dev/sda1, /tmp on /dev/sda2 encrypted, /home on /dev/sdb1 encrypted
- Check if swap is detected correctly and written to fstab
- Try a multi-boot setup
- Do not reboot!
- Save the entire output from the terminal and post that back here.
- Check if the boot flag has been set correctly (on /boot partition if it exists or on / partition):
sudo fdisk -l
- Check disk or partition for "GRUB" in output (e.g.: /dev/sda):
Code: Select all
sudo dd bs=512 count=1 if=/dev/sda 2>/dev/null | strings
- In the terminal output: check the UUIDs of fstab and crypttab with the output of blkid (above fstab).
- fstab: /dev/mapper/sdXY UUIDs
- crypttab: /dev/sdXY UUIDs
- Does broadcom-sta-dkms install?
Search for "Supported Broadcom deviceid found" in the terminal output.
- Has the blacklist file been created:
Code: Select all
Provide the encryption password when asked for.
- [DONE] Grub on partition instead of disk is not listed in the partition overview.
- [DONE] Grub menu has no background image when root partition is encrypted.
It's obvious: /boot hasn't been mounted yet. So, it cannot find the background image.
I don't think I can do something about that.
- [DONE] Encrypted partition has no color of its own in the graphical overview bar.
- [DONE] No warnings (and default selections) when selecting for encryption.
- [DONE] boot flag is not set when switching Grub partition.
- [DONE] boot flag is not removed when moving boot flag to another disk.
- [DONE] swap is being listed as "Operating system".
- [DONE] "Mount as" is not automatically done for existing swap partition.
- [DONE] Swap partition is not configured in fstab.
- [DONE] You cannot right-click on a swap partition but you can double-click. Double-click must be disabled.
- [DONE] Cannot gather information of already encrypted partitions (need to ask for passphrase).
- [DONE] Already encrypted /home is always being formatted if mounted as /home.
- [DONE] Already encrypted partition is not being saved correctly in fstab.
- [DONE] Cannot write label to partition.
- Can create a fat32 /boot partition but system is not bootable.
- [DONE] update-grub does not include an already encrypted root system (with separate /boot partition).
- [DONE/NOT CONFIRMED] When USB is inserted, Live Installer crashes on getFlagAsString(): http://forums.solydxk.nl/viewtopic.php?p=56889#p56889
- [DONE]Formatting an already encrypted partition to anything but LUKS creates an unbootable system
Code: Select all
su onenssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt < /dev/zero > /dev/sda2 printf "my_passphrase" | cryptsetup luksFormat --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 --use-random /dev/sda2 printf "my_passphrase" | cryptsetup luksOpen /dev/sda2 sda2 mkfs.ext4 -F -q /dev/mapper/sda2 UUID=$(blkid -o value -s UUID /dev/mapper/sda2) echo -e "UUID=$UUID\t/home\text4\trw,errors=remount-ro\t0\t1" >> /etc/fstab UUID=$(blkid -o value -s UUID /dev/sda2) echo -e "sda2\tUUID=$UUID\tnone\tluks" >> /etc/crypttab
Manual mount of an encrypted partition:
Code: Select all
mkdir /mnt/sda2 cryptsetup luksOpen /dev/sda2 sda2 mount /dev/mapper/sda2 /mnt/sda2 ls /mnt/sda2