Difference between revisions of "Shrink An Encrypted LUKS Partition"
m |
m |
||
| (9 intermediate revisions by the same user not shown) | |||
| Line 6: | Line 6: | ||
/dev/sda2 409663 976773167 488181752 83 Linux | /dev/sda2 409663 976773167 488181752 83 Linux | ||
| − | /dev/sda1 contains "/boot" as a native ext3 partition | + | /dev/sda1 contains "/boot" as a native ext3 partition. |
| − | /dev/sda2 is a LUKS encrypted partition, home to a Logical Volume Group which contains a logical swap partition and a logical partition which contains my root ("/") ext3 filesystem. | + | <br />/dev/sda2 is a LUKS encrypted partition, home to a Logical Volume Group which contains a logical swap partition and a logical partition which contains my root ("/") ext3 filesystem. |
My steps were: | My steps were: | ||
| Line 20: | Line 20: | ||
My guidance for this came from http://ubuntuforums.org/showthread.php?p=4530641 | My guidance for this came from http://ubuntuforums.org/showthread.php?p=4530641 | ||
| − | Boot from Knoppix DVD, open a console and become root | + | Boot from [http://www.knoppix.net/ Knoppix DVD], open a console and become root. |
| − | <br />Make a clone backup of the entire disk, just in case | + | <br />Make a clone backup of the entire disk, just in case. (In my case /dev/sdb was a USB disk of the same size as /dev/sda.) |
dd_rescue /dev/sda /dev/sdb | dd_rescue /dev/sda /dev/sdb | ||
Decrypt the LUKS partition: | Decrypt the LUKS partition: | ||
| Line 32: | Line 32: | ||
resize2fs -p /dev/mapper/vg_dlkw500-lv_root -3255688s | resize2fs -p /dev/mapper/vg_dlkw500-lv_root -3255688s | ||
e2fsck -f /dev/mapper/vg_dlkw500-lv_root | e2fsck -f /dev/mapper/vg_dlkw500-lv_root | ||
| − | Shrink the volume group | + | Shrink the volume group: |
lvdisplay | lvdisplay | ||
lvreduce /dev/mapper/vg_dlkw500-lv_root -L -3255688s | lvreduce /dev/mapper/vg_dlkw500-lv_root -L -3255688s | ||
lvdisplay | lvdisplay | ||
| − | Shrink the LVM physical volume | + | Shrink the LVM physical volume: |
pvs # To see how much free space exists in the physical volume so that we can calculate the new size | pvs # To see how much free space exists in the physical volume so that we can calculate the new size | ||
pvresize -setphysicalvolumesize 464G /dev/mapper/crypt1 | pvresize -setphysicalvolumesize 464G /dev/mapper/crypt1 | ||
pvdisplay | pvdisplay | ||
| − | Shrink the encrypted disk area | + | Shrink the encrypted disk area: |
cryptsetup status crypt1 # Make note of the offset | cryptsetup status crypt1 # Make note of the offset | ||
cryptsetup -o 4040 -b 973107816 resize crypt1 # 4040 is the offset, values are in 512B sectors | cryptsetup -o 4040 -b 973107816 resize crypt1 # 4040 is the offset, values are in 512B sectors | ||
| − | Unmount the LVM and the encrypted area of the disk | + | Unmount the LVM and the encrypted area of the disk: |
vgchange -an | vgchange -an | ||
cryptsetup luksClose crypt1 | cryptsetup luksClose crypt1 | ||
| − | Move the /dev/sda2 partition data from where it is now to the end of the disk. Start the copy from the end of the partition space and copy in reverse, from back to front. | + | Move the /dev/sda2 partition data from where it is now to the end of the disk. Start the copy from the end of the partition space and copy in reverse, from back to front. This avoids overwriting the existing data until after we've copied it. You only get one shot to get this right. |
dd_rescue -s 973517479b -S 976773167b -m 973107816b -r /dev/sda /dev/sda | dd_rescue -s 973517479b -S 976773167b -m 973107816b -r /dev/sda /dev/sda | ||
| − | Use parted to redo the partition table to match the new /dev/sda2 start and end. Also change /dev/sda1 so that it uses the free space. (We don't use fdisk because it cannot handle partitions that start at the beginning of cylinder 1 / sector 63 as /dev/sda1 must) | + | Use parted to redo the partition table to match the new /dev/sda2 start and end. Also change /dev/sda1 so that it uses the free space. (We don't use fdisk because it cannot handle partitions that start at the beginning of cylinder 1 / sector 63 as /dev/sda1 must in order for the system to boot.) |
Device Boot Start End Blocks Id System | Device Boot Start End Blocks Id System | ||
/dev/sda1 * 63 3662109 1831023+ 83 Linux | /dev/sda1 * 63 3662109 1831023+ 83 Linux | ||
/dev/sda2 3665352 976773167 486553908 83 Linux | /dev/sda2 3665352 976773167 486553908 83 Linux | ||
| − | Reboot while praying (This is why you make that clone copy of the disk at the beginning. Use dd_rescue to put the disk back the way it was if you need to.) | + | Reboot while praying. (This is why you make that clone copy of the disk at the beginning. Use dd_rescue to put the disk back the way it was if you need to.) |
| − | + | ||
| + | Expand the /boot partition to fill the available space. This can be done on a live partition as long as it's ext3, otherwise you'd have to boot back into Knoppix: | ||
sudo resize2fs /dev/sda1 | sudo resize2fs /dev/sda1 | ||
| + | [[Category:Linux]] | ||
| + | [[Category:Disks & Storage]] | ||
Latest revision as of 14:05, 31 December 2019
I needed to shrink my root ("/") partition in order to make my "/boot" partition larger so that could run the preupgrade utility to update from F13 to F14. My disk geometry was:
Device Boot Start End Blocks Id System /dev/sda1 * 63 409662 204799+ 83 Linux /dev/sda2 409663 976773167 488181752 83 Linux
/dev/sda1 contains "/boot" as a native ext3 partition.
/dev/sda2 is a LUKS encrypted partition, home to a Logical Volume Group which contains a logical swap partition and a logical partition which contains my root ("/") ext3 filesystem.
My steps were:
- Shrink the root partition
- Shrink the volume group that contains it
- Shrink the LUKS encrypted partition
- Shrink /dev/sda2
- Move /dev/sda2 to the end of the physical disk
- Expand /dev/sda1
- Expand the /boot filesystem
My guidance for this came from http://ubuntuforums.org/showthread.php?p=4530641
Boot from Knoppix DVD, open a console and become root.
Make a clone backup of the entire disk, just in case. (In my case /dev/sdb was a USB disk of the same size as /dev/sda.)
dd_rescue /dev/sda /dev/sdb
Decrypt the LUKS partition:
cryptsetup luksOpen /dev/sda5 crypt1
Activate the LVM partitions:
vgscan --mknodes vgchange -ay
Shrink the root filesystem:
e2fsck -f /dev/mapper/vg_dlkw500-lv_root resize2fs -p /dev/mapper/vg_dlkw500-lv_root -3255688s e2fsck -f /dev/mapper/vg_dlkw500-lv_root
Shrink the volume group:
lvdisplay lvreduce /dev/mapper/vg_dlkw500-lv_root -L -3255688s lvdisplay
Shrink the LVM physical volume:
pvs # To see how much free space exists in the physical volume so that we can calculate the new size pvresize -setphysicalvolumesize 464G /dev/mapper/crypt1 pvdisplay
Shrink the encrypted disk area:
cryptsetup status crypt1 # Make note of the offset cryptsetup -o 4040 -b 973107816 resize crypt1 # 4040 is the offset, values are in 512B sectors
Unmount the LVM and the encrypted area of the disk:
vgchange -an cryptsetup luksClose crypt1
Move the /dev/sda2 partition data from where it is now to the end of the disk. Start the copy from the end of the partition space and copy in reverse, from back to front. This avoids overwriting the existing data until after we've copied it. You only get one shot to get this right.
dd_rescue -s 973517479b -S 976773167b -m 973107816b -r /dev/sda /dev/sda
Use parted to redo the partition table to match the new /dev/sda2 start and end. Also change /dev/sda1 so that it uses the free space. (We don't use fdisk because it cannot handle partitions that start at the beginning of cylinder 1 / sector 63 as /dev/sda1 must in order for the system to boot.)
Device Boot Start End Blocks Id System /dev/sda1 * 63 3662109 1831023+ 83 Linux /dev/sda2 3665352 976773167 486553908 83 Linux
Reboot while praying. (This is why you make that clone copy of the disk at the beginning. Use dd_rescue to put the disk back the way it was if you need to.)
Expand the /boot partition to fill the available space. This can be done on a live partition as long as it's ext3, otherwise you'd have to boot back into Knoppix:
sudo resize2fs /dev/sda1
