Description
Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated support in mkinitrd and initscripts (others?). Currently we are only pursuing support for encrypted devices using cryptsetup/LUKS.
When using encrypted file systems/block devices, the functionality should continue to work as expected, and not create situations where the encryption leads to undesired errors.
References:
Steps To Reproduce
- start the installer
- enter the disk druid paritioning screen
- Create multiple new RAID partitions
- select the "encrypt" checkbox for each partition
- enter a passphrase for the partition
- create one or more encrypted md devices using the RAID partitions
- select the "encrypt" checkbox for each filesystem that is composed of RAID partitions
- create one or more non-encrypted md devices using the RAID partitions
- continue the installation
Expected Results
in post-install system, verify:
- a passphrase for each RAID partition is required to access it
- an entry for each RAID partition exists in /etc/crypttab
- a passphrase for each of the encrypted filesystems using the RAID partitions is required to access it
- an entry for the block devices and filesystems using the RAID partitions exist in /etc/crypttab