[bug#51514] [PATCH 0/2] Add support for LUKS2 root partition

From: Ludovic Courtès
Subject: [bug#51514] [PATCH 0/2] Add support for LUKS2 root partition
Date: Fri, 12 Nov 2021 23:32:02 +0100



I haven’t tested it, but the patches LGTM.  Nitpick:

Josselin Poiret <> skribis:

> * doc/guix.texi (Keyboard Layout, Networking, and Partitioning)[Disk
> Partitioning]: Document it.


> +@quotation Warning
> +Note that Grub can unlock LUKS2 devices since version 2.06, but only

s/Grub/GRUB/ :-)

> +supports the PBKDF2 key derivation function, which is not the default
> +for Cryptsetup on Guix.  You can check which key derivation function is
> +being used by a device by running @command{cryptsetup luksDump <dev>},

@var{device} rather than <dev>.

> +and looking for the PBKDF field of your keyslots.

Should we change “which is not the default for Cryptsetup on Guix” to
“but @command{cryptsetup luksFormat} does not use PBKDF2 by default”?

> +@end quotation
> +
> +Assuming you want to store the root partition on @file{/dev/sda2}, the
> +command sequence would be along these lines:
+ “to format it as a LUKS2 partition”

Could you send an updated version of this patch?

Besides, do you think we should change the installer to create LUKS2
partitions now in (gnu installer parted)?



