Difference between revisions of "Shrink An Encrypted LUKS Partition"
m |
m (Dlk moved page Shrink A Partition to Shrink An Encrypted LUKS Partition without leaving a redirect) |
(No difference)
|
Revision as of 13:00, 31 December 2019
I needed to shrink my root ("/") partition in order to make my "/boot" partition larger so that could run the preupgrade utility to update from F13 to F14. My disk geometry was:
Device Boot Start End Blocks Id System /dev/sda1 * 63 409662 204799+ 83 Linux /dev/sda2 409663 976773167 488181752 83 Linux
/dev/sda1 contains "/boot" as a native ext3 partition.
/dev/sda2 is a LUKS encrypted partition, home to a Logical Volume Group which contains a logical swap partition and a logical partition which contains my root ("/") ext3 filesystem.
My steps were:
- Shrink the root partition
- Shrink the volume group that contains it
- Shrink the LUKS encrypted partition
- Shrink /dev/sda2
- Move /dev/sda2 to the end of the physical disk
- Expand /dev/sda1
- Expand the /boot filesystem
My guidance for this came from http://ubuntuforums.org/showthread.php?p=4530641
Boot from Knoppix DVD, open a console and become root.
Make a clone backup of the entire disk, just in case. (In my case /dev/sdb was a USB disk of the same size as /dev/sda.)
dd_rescue /dev/sda /dev/sdb
Decrypt the LUKS partition:
cryptsetup luksOpen /dev/sda5 crypt1
Activate the LVM partitions:
vgscan --mknodes vgchange -ay
Shrink the root filesystem:
e2fsck -f /dev/mapper/vg_dlkw500-lv_root resize2fs -p /dev/mapper/vg_dlkw500-lv_root -3255688s e2fsck -f /dev/mapper/vg_dlkw500-lv_root
Shrink the volume group:
lvdisplay lvreduce /dev/mapper/vg_dlkw500-lv_root -L -3255688s lvdisplay
Shrink the LVM physical volume:
pvs # To see how much free space exists in the physical volume so that we can calculate the new size pvresize -setphysicalvolumesize 464G /dev/mapper/crypt1 pvdisplay
Shrink the encrypted disk area:
cryptsetup status crypt1 # Make note of the offset cryptsetup -o 4040 -b 973107816 resize crypt1 # 4040 is the offset, values are in 512B sectors
Unmount the LVM and the encrypted area of the disk:
vgchange -an cryptsetup luksClose crypt1
Move the /dev/sda2 partition data from where it is now to the end of the disk. Start the copy from the end of the partition space and copy in reverse, from back to front. This avoids overwriting the existing data until after we've copied it. You only get one shot to get this right.
dd_rescue -s 973517479b -S 976773167b -m 973107816b -r /dev/sda /dev/sda
Use parted to redo the partition table to match the new /dev/sda2 start and end. Also change /dev/sda1 so that it uses the free space. (We don't use fdisk because it cannot handle partitions that start at the beginning of cylinder 1 / sector 63 as /dev/sda1 must in order for the system to boot.)
Device Boot Start End Blocks Id System /dev/sda1 * 63 3662109 1831023+ 83 Linux /dev/sda2 3665352 976773167 486553908 83 Linux
Reboot while praying. (This is why you make that clone copy of the disk at the beginning. Use dd_rescue to put the disk back the way it was if you need to.)
Expand the /boot partition to fill the available space. This can be done on a live partition as long as it's ext3, otherwise you'd have to boot back into Knoppix:
sudo resize2fs /dev/sda1