commit
c42675f121
2 changed files with 6 additions and 6 deletions
|
|
@ -89,7 +89,7 @@ To:
|
|||
And configure `/etc/kernel-hooks.d/secureboot.conf` for cmdline and secureboot.
|
||||
|
||||
```
|
||||
cmdline="rw rd.luks.name=<uuid>=root root=/dev/vg1/root{n} modules=ext4 quiet splash rd.lvm.vg=vg1"
|
||||
cmdline="rw rd.luks.name=<uuid>=luks root=/dev/vg1/root{n} modules=ext4 quiet splash rd.lvm.vg=vg1"
|
||||
|
||||
signing_cert="/usr/share/secureboot/keys/db/db.pem"
|
||||
signing_key="/usr/share/secureboot/keys/db/db.key"
|
||||
|
|
@ -102,7 +102,7 @@ output_name="alpine-linux-{flavor}.efi"
|
|||
Here `<uuid>` has to be replaced with the uuid of the partition which contains our volume group:
|
||||
|
||||
```
|
||||
# blkid -o value -s UUID /dev/<disk2> >> /etc/kernel-hooks.d/secureboot.conf
|
||||
# blkid /dev/<disk2> >> /etc/kernel-hooks.d/secureboot.conf
|
||||
```
|
||||
|
||||
All that's left for booting is secureboot which `sbctl` will be used for to create keys, and sign some executables with.
|
||||
|
|
|
|||
|
|
@ -31,14 +31,14 @@ Then to create the filesystem on the efi partition.
|
|||
And the encrypted filesystem on the root partition.
|
||||
|
||||
```
|
||||
# cryptsetup luksFormat /dev/<disk2> --type luks2 --label luks
|
||||
# cryptsetup open --type luks /dev/<disk2> pv1
|
||||
# cryptsetup luksFormat /dev/<disk2> --type luks2
|
||||
# cryptsetup open --type luks /dev/<disk2> luks
|
||||
```
|
||||
|
||||
Now to create a new LVM volume group:
|
||||
|
||||
```
|
||||
# vgcreate vg1 /dev/mapper/pv1
|
||||
# vgcreate vg1 /dev/mapper/luks
|
||||
```
|
||||
|
||||
To create partitions inside the volume group:
|
||||
|
|
@ -61,4 +61,4 @@ for i in root{n} var{n} tmp{n} nix{n} home{n}; do
|
|||
> done
|
||||
```
|
||||
|
||||
Other filesystems can also be used but `ext4` is the standard for most Linux distrobutions.
|
||||
Other filesystems can also be used but `ext4` is the standard for most Linux distrobutions.
|
||||
|
|
|
|||
Loading…
Reference in a new issue