#1 Le 23/06/2022, à 10:27
- malbo
Allure d'une installation Ubuntu 22.04 chiffrée avec zfs
Je réalise cette installation dans une machine virtuelle VirtualBox en suivant les indications qu'on peut voir sur cette image (que j'ai pompée dans cette doc) : https://doc.ubuntu-fr.org/_media/zfs/zf … tok=cf0494
C'est à dire : Type d'installation : "Effacer le disque et installer Ubuntu" > clic sur "Fonctions avancées" > case cochée : "Effacer le disque et utiliser zfs" > case cochée : "chiffrer la nouvelle installation de Ubuntu pour la sécurité"
Boot-repair réalisé depuis une session live de Ubuntu 22.04 :
boot-info-4ppa200 [20220623_0918]
============================== Boot Info Summary ===============================
=> No boot loader is installed in the MBR of /dev/sda.
sda1: __________________________________________________________________________
File system: vfat
Boot sector type: FAT32
Boot sector info: No errors found in the Boot Parameter Block.
Operating System:
Boot files: /grub/grub.cfg /efi/BOOT/fbx64.efi /efi/BOOT/mmx64.efi
/efi/ubuntu/grubx64.efi /efi/ubuntu/mmx64.efi
/efi/ubuntu/shimx64.efi /efi/ubuntu/grub.cfg
sda2: __________________________________________________________________________
File system: crypto_LUKS
Boot sector type: Unknown
Boot sector info:
sda3: __________________________________________________________________________
File system: zfs_member
Boot sector type: -
Boot sector info:
Operating System:
Boot files:
sda4: __________________________________________________________________________
File system: zfs_member
Boot sector type: -
Boot sector info:
Operating System:
Boot files:
================================ 0 OS detected =================================
================================ Host/Hardware =================================
CPU architecture: 64-bit
Video: SVGA II Adapter from VMware
Live-session OS is Ubuntu 64-bit (Ubuntu 22.04 LTS, jammy, x86_64)
===================================== UEFI =====================================
BIOS/UEFI firmware: VirtualBox from innotek GmbH
The firmware is EFI-compatible, and is set in EFI-mode for this live-session.
SecureBoot disabled - This system doesn't support Secure Boot.
BootCurrent: 0001
Timeout: 0 seconds
BootOrder: 0004,0000,0001,0002,0003
Boot0000* UiApp FvVol(7cb8bdc9-f8eb-4f34-aaea-3ee4af6516a1)/FvFile(462caa21-7614-4503-836e-8ab6f4662331)
Boot0001* UEFI VBOX CD-ROM VB2-01700376 PciRoot(0x0)/Pci(0x1,0x1)/Ata(1,0,0)N.....YM....R,Y.
Boot0002* UEFI VBOX HARDDISK VBcff2d6c0-dd4c513f PciRoot(0x0)/Pci(0xd,0x0)/Sata(0,65535,0)N.....YM....R,Y.
Boot0003* EFI Internal Shell FvVol(7cb8bdc9-f8eb-4f34-aaea-3ee4af6516a1)/FvFile(7c04a583-9e3e-4f1c-ad65-e05268d0b4d1)
Boot0004* ubuntu HD(1,GPT,a647548b-3ad7-4778-95d3-585616b004df,0x800,0x100000)/File(\EFI\ubuntu\shimx64.efi)
Boot0006* grubx64.efi PciRoot(0x0)/Pci(0xd,0x0)/Sata(0,65535,0)/HD(1,GPT,783b500a-3b5b-438f-b3a7-f6af343fb676,0x800,0x100000)/File(\EFI\ubuntu\grubx64.efi)
c152ec201c37b6e97bbc2207e49d1271 sda1/BOOT/fbx64.efi
fdafb5eece6caeccb788c946a28e6872 sda1/BOOT/mmx64.efi
f62c28d9b477b6a1a7b1c991b2b6637d sda1/ubuntu/grubx64.efi
fdafb5eece6caeccb788c946a28e6872 sda1/ubuntu/mmx64.efi
728124f6ec8e22fbdbe7034812c81b95 sda1/ubuntu/shimx64.efi
728124f6ec8e22fbdbe7034812c81b95 sda1/BOOT/BOOTX64.efi
============================= Drive/Partition Info =============================
Disks info: ____________________________________________________________________
sda : is-GPT, no-BIOSboot, has---ESP, not-usb, not-mmc, no-os, no-wind, 2048 sectors * 512 bytes
Partitions info (1/3): _________________________________________________________
sda1 : no-os, 32, nopakmgr, no-docgrub, nogrub, nogrubinstall, grubenv-ng, noupdategrub, not-far
sda3 : no-os, 32, nopakmgr, no-docgrub, nogrub, nogrubinstall, no-grubenv, noupdategrub, not-far
sda4 : no-os, 32, nopakmgr, no-docgrub, nogrub, nogrubinstall, no-grubenv, noupdategrub, not-far
Partitions info (2/3): _________________________________________________________
sda1 : is---ESP, part-has-no-fstab, no-nt, no-winload, no-recov-nor-hid, no-bmgr, notwinboot
sda3 : isnotESP, part-has-no-fstab, no-nt, no-winload, no-recov-nor-hid, no-bmgr, notwinboot
sda4 : isnotESP, part-has-no-fstab, no-nt, no-winload, no-recov-nor-hid, no-bmgr, notwinboot
Partitions info (3/3): _________________________________________________________
sda1 : not--sepboot, no---boot, part-has-no-fstab, not-sep-usr, no---usr, part-has-no-fstab, no--grub.d, sda
sda3 : is--zfs-boot, no---boot, part-has-no-fstab, not-sep-usr, no---usr, part-has-no-fstab, no--grub.d, sda
sda4 : maybesepboot, with-boot, part-has-no-fstab, not-sep-usr, no---usr, part-has-no-fstab, no--grub.d, sda
fdisk -l (filtered): ___________________________________________________________
Disk sda: 50.29 GiB, 53993865216 bytes, 105456768 sectors
Disk identifier: 178FC4E5-BE47-46A3-A194-6A33C1C2BEDF
Start End Sectors Size Type
sda1 2048 1050623 1048576 512M EFI System
sda2 1050624 5244927 4194304 2G Linux swap
sda3 5244928 9439231 4194304 2G Solaris boot
sda4 9439232 105456734 96017503 45.8G Solaris root
Disk zd0: 500 MiB, 524288000 bytes, 1024000 sectors
parted -lm (filtered): _________________________________________________________
sda:54.0GB:scsi:512:512:gpt:ATA VBOX HARDDISK:;
1:1049kB:538MB:537MB:fat32:EFI System Partition:boot, esp;
2:538MB:2685MB:2147MB:::swap;
3:2685MB:4833MB:2147MB:zfs::;
4:4833MB:54.0GB:49.2GB:zfs::;
zd0:524MB:unknown:512:8192:unknown:Unknown:;
blkid (filtered): ______________________________________________________________
NAME FSTYPE UUID PARTUUID LABEL PARTLABEL
sda
├─sda1 vfat 4D12-27DC a647548b-3ad7-4778-95d3-585616b004df EFI System Partition
├─sda2 crypto_LUKS 617175bc-d60e-4590-a5a0-0b897857a9ae 3d274412-8211-fd45-9a13-cce408b20fdd
├─sda3 zfs_member 2875644558202094654 10e6b0d3-66d9-2640-a589-c67ebc866c45 bpool
└─sda4 zfs_member 17838524395649947002 5f438203-9a5a-3c47-9d1b-24a9a4079209 rpool
zd0 crypto_LUKS aa7a7943-7b5f-46cb-b25d-faea177ac57b
Mount points (filtered): _______________________________________________________
Avail Use% Mounted on
bpool/BOOT/ubuntu_4z7tde 1.5G 13% /mnt/boot-sav/zfs/boot
/dev/sda1 497.5M 3% /mnt/boot-sav/sda1
Mount options (filtered): ______________________________________________________
bpool/BOOT/ubuntu_4z7tde zfs rw,nodev,relatime,xattr,posixacl
/dev/sda1 vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro
======================== sda1/grub/grub.cfg (filtered) =========================
Revert system only gnulinux-${root_dataset}-${kversion}
Revert system and user data gnulinux-${root_dataset}-${kversion}
Ubuntu 22.04 LTS gnulinux-rpool/ROOT/ubuntu_4z7tde-5.15.0-40-generic
Ubuntu 22.04 LTS, with Linux 5.15.0-40-generic gnulinux-rpool/ROOT/ubuntu_4z7tde-5.15.0-40-generic
Ubuntu 22.04 LTS, with Linux 5.15.0-25-generic gnulinux-rpool/ROOT/ubuntu_4z7tde-5.15.0-25-generic
### END /etc/grub.d/30_os-prober ###
### END /etc/grub.d/30_uefi-firmware ###
===================== sda1/efi/ubuntu/grub.cfg (filtered) ======================
search.fs_uuid 4D12-27DC root hd0,gpt1
set prefix=($root)'/grub'
configfile $prefix/grub.cfg
==================== sda1: Location of files loaded by Grub ====================
GiB - GB File Fragment(s)
?? = ?? grub/grub.cfg 1
==================== sda3: Location of files loaded by Grub ====================
GiB - GB File Fragment(s)
?? = ?? vmlinuz
?? = ?? vmlinuz-5.15.0-25-generic
?? = ?? vmlinuz-5.15.0-40-generic
?? = ?? vmlinuz.old
?? = ?? initrd.img
?? = ?? initrd.img-5.15.0-25-generic
?? = ?? initrd.img-5.15.0-40-generic
?? = ?? initrd.img.old
==================== sda4: Location of files loaded by Grub ====================
GiB - GB File Fragment(s)
?? = ?? boot/vmlinuz
?? = ?? boot/vmlinuz-5.15.0-25-generic
?? = ?? boot/vmlinuz-5.15.0-40-generic
?? = ?? boot/vmlinuz.old
?? = ?? boot/initrd.img
?? = ?? boot/initrd.img-5.15.0-25-generic
?? = ?? boot/initrd.img-5.15.0-40-generic
?? = ?? boot/initrd.img.old
======================== Unknown MBRs/Boot Sectors/etc =========================
Unknown BootLoader on sda2
00000000 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.|
00000010 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 00 |................|
00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000040 00 00 00 00 00 00 00 00 73 68 61 32 35 36 00 00 |........sha256..|
00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000060 00 00 00 00 00 00 00 00 00 8c a4 b5 6f 2f 37 55 |............o/7U|
00000070 a4 26 af 07 93 d9 8c 8a 10 f0 7f 76 61 3f 90 35 |.&.........va?.5|
00000080 18 a0 d9 47 bb 07 e9 c1 6f 62 24 08 92 eb c8 39 |...G....ob$....9|
00000090 fc 41 69 65 f3 fd 47 c2 90 58 dc e2 e6 2f 27 b1 |.Aie..G..X.../'.|
000000a0 ad 0d 8a 1d a6 72 10 ea 36 31 37 31 37 35 62 63 |.....r..617175bc|
000000b0 2d 64 36 30 65 2d 34 35 39 30 2d 61 35 61 30 2d |-d60e-4590-a5a0-|
000000c0 30 62 38 39 37 38 35 37 61 39 61 65 00 00 00 00 |0b897857a9ae....|
000000d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
000001c0 10 3c 4d f4 c8 64 7a 9c 03 6a ef 04 cf 4b bb f6 |.<M..dz..j...K..|
000001d0 a4 6a a9 8e d6 4b 41 cd 0f d4 da 19 76 4e ea 43 |.j...KA.....vN.C|
000001e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000200
================================ ZFS activation ================================
dpkg-query -W -f=${Version} zfsutils-linux : 2.1.2-1ubuntu3
zpool export -f -a
zpool import -N -f -R /mnt/boot-sav/zfs rpool
zpool import -N -f -R /mnt/boot-sav/zfs bpool
If needed, type 'sudo zfs load-key -a' in another terminal.
zfs mount rpool/ROOT/ubuntu_4z7tde
zfs mount -a
Error: could not activate ZFS. Veuillez indiquer ce message à boot.repair@gmail.com
zpool list after activation
NAME SIZE ALLOC FREE CKPOINT EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT
bpool 1.88G 242M 1.64G - - 0% 12% 1.00x ONLINE /mnt/boot-sav/zfs
rpool 45.5G 5.57G 39.9G - - 3% 12% 1.00x ONLINE /mnt/boot-sav/zfs
zfs list
NAME USED AVAIL REFER MOUNTPOINT
bpool 242M 1.51G 96K /mnt/boot-sav/zfs/boot
bpool/BOOT 241M 1.51G 96K none
bpool/BOOT/ubuntu_4z7tde 241M 1.51G 241M /mnt/boot-sav/zfs/boot
rpool 6.01G 38.1G 192K /mnt/boot-sav/zfs
rpool/ROOT 5.49G 38.1G 192K none
rpool/ROOT/ubuntu_4z7tde 5.49G 38.1G 4.07G /mnt/boot-sav/zfs
rpool/ROOT/ubuntu_4z7tde/srv 192K 38.1G 192K /mnt/boot-sav/zfs/srv
rpool/ROOT/ubuntu_4z7tde/usr 580K 38.1G 192K /mnt/boot-sav/zfs/usr
rpool/ROOT/ubuntu_4z7tde/usr/local 388K 38.1G 388K /mnt/boot-sav/zfs/usr/local
rpool/ROOT/ubuntu_4z7tde/var 1.42G 38.1G 192K /mnt/boot-sav/zfs/var
rpool/ROOT/ubuntu_4z7tde/var/games 192K 38.1G 192K /mnt/boot-sav/zfs/var/games
rpool/ROOT/ubuntu_4z7tde/var/lib 1.42G 38.1G 1.27G /mnt/boot-sav/zfs/var/lib
rpool/ROOT/ubuntu_4z7tde/var/lib/AccountsService 212K 38.1G 212K /mnt/boot-sav/zfs/var/lib/AccountsService
rpool/ROOT/ubuntu_4z7tde/var/lib/NetworkManager 292K 38.1G 292K /mnt/boot-sav/zfs/var/lib/NetworkManager
rpool/ROOT/ubuntu_4z7tde/var/lib/apt 94.7M 38.1G 94.7M /mnt/boot-sav/zfs/var/lib/apt
rpool/ROOT/ubuntu_4z7tde/var/lib/dpkg 53.7M 38.1G 53.7M /mnt/boot-sav/zfs/var/lib/dpkg
rpool/ROOT/ubuntu_4z7tde/var/log 2.80M 38.1G 2.80M /mnt/boot-sav/zfs/var/log
rpool/ROOT/ubuntu_4z7tde/var/mail 192K 38.1G 192K /mnt/boot-sav/zfs/var/mail
rpool/ROOT/ubuntu_4z7tde/var/snap 2.57M 38.1G 2.57M /mnt/boot-sav/zfs/var/snap
rpool/ROOT/ubuntu_4z7tde/var/spool 276K 38.1G 276K /mnt/boot-sav/zfs/var/spool
rpool/ROOT/ubuntu_4z7tde/var/www 192K 38.1G 192K /mnt/boot-sav/zfs/var/www
rpool/USERDATA 4.92M 38.1G 192K /mnt/boot-sav/zfs
rpool/USERDATA/malbo_or817u 4.42M 38.1G 4.42M /mnt/boot-sav/zfs/home/malbo
rpool/USERDATA/root_or817u 320K 38.1G 320K /mnt/boot-sav/zfs/root
rpool/keystore 518M 38.5G 63.4M -
=================== findmnt (filtered) after ZFS activation ====================
SOURCE FSTYPE SIZE USED AVAIL USE% TARGET
/dev/sr0 iso9660 3.4G 3.4G 0 100% /cdrom
bpool/BOOT/ubuntu_4z7tde zfs 1.7G 241.5M 1.5G 13% /mnt/boot-sav/zfs/boot
Suggested repair: ______________________________________________________________
The default repair of the Boot-Repair utility would not act on the boot.
Confirmation request before suggested repair: __________________________________
Warning: ZFS not activated correctly. Boot-info might be incomplete or inaccurate. Please report this message to boot.repair@gmail.com
Are you sure you want to continue anyway?On voit bien la mention "zfs_member" caractéristique du système de fichiers zfs. Et on voit la mention "crypto_LUKS" qui indique que c'est une installation chiffrée
Dernière modification par malbo (Le 23/06/2022, à 12:20)
Hors ligne