]> Installing a Debian operating system on an individually structured, encrypted LVM disk

Installing a Debian operating system on an individually structured, encrypted LVM disk

by Stephan K.H. Seidl

Version 2, Wed, 24 Jul 2019 19:05:46 +0200

Problems

The disk setup for a Debian 9 system by means of the installer's partition manager appears cluttered and tedious if an individually structured hard drive is envisaged, whereat, apart from early loaders and the kernel, all data, including the root partition, need be encrypted. While the Debian installer is in general easy to use, this is less true for its partition manager. Most likely, that is because of the complexity of the matter. In other words, the structure of the partition manager menus does not reflect the situation unmistakably. A last issue arises from the fact that the keyboard must be made fully available right from the beginning to successfully obtain the passphrase before the root partition is present.

Solution

Every time the layout of any menus misrepresents the situation, the first way making sense is the one back to the command line interface (CLI). On the other hand, it would be a bad idea to perform the machine setup without the Debian installer at all, as most of its components do their job well. So the solution here will be the following hybrid. Those parts of the installation, that can clearer and faster be done with the help of the CLI, are actually done using the CLI, and everything else is done with the help of the installer menus. The presented files should be understood here as a reminder. They show how the CLI can be made available and how it applies to reach the goal.

Between the installation procedure menu items Detect disks and Partition disks, a CLI step is inserted which enables the running kernel to provide the partition manager with a fully configured hard disk exhibiting unencrypted partitions. Such a way the partition manager does only have to carry out elementary activities that do not provoke difficulties. Furthermore, between the menu items Install the GRUB boot loader on an hard disk and Finish the installation, another CLI step is inserted that executes the missing activities, which the partition manager now omits because it is no longer confronted with encrypted data. Finally, this second step also stores the necessary modules for a fully functional USB keyboard in the kernel RAM disk.

The file
debinsteeepc1000h.txt (click here for download)
sketches the resulting procedure to install a Debian 9 operating system on an ASUS EeePC 1000H netbook, the file
debinstsystemx3650m3.txt (click here for download)
the one to install a Debian 9 operating system on an IBM System x3650 M3 server, and the file
debinstvaiovgnbz11en.txt (click here for download)
the one to install a Debian 9 on a SONY VAIO VGN-BZ11EN notebook.

Sometimes there is also an interest in having the GRUB configuration file more readable. Below are the examples belonging to the different installation cases. The kernel images and ramdisks are hard links associated with the appropriate files in /boot. By evaluating the file /proc/cmdline, certain distinctive information can be forwarded from the GRUB menu to the running operating system, for example to setup the network in different ways. The shown method is a method of today, while older kernels allowed the definition of environment variables on the command line that were pulled through and installed accordingly.

The file
grubeeepc1000h.cfg (click here for download)
is the GRUB configuration used on the EeePC 1000H, the file
grubsystemx3650m3.cfg (click here for download)
is the one used on the System x3650 M3, and the file
grubvaiovgnbz11en.cfg (click here for download)
is the one used on the VAIO VGN-BZ11EN.

Thus, the file /boot/grub/grub.cfg immediately becomes a candidate of the set of all those handcrafted files, which need be monitored by some piece of software to see that they have not been altered by any Debian update mechanism.

That's it.


Wed, 24 Jul 2019 19:05:46 +0200

Stephan K.H. Seidl