clevis icon indicating copy to clipboard operation
clevis copied to clipboard
verified publisher icon latchset

Missing manual

Open Ricky-Tigg opened this issue 6 years ago • 3 comments

OS: Fedora; Component: clevis.x86_64 11-6.fc31 @fedora

Attempt to bind a master key to a LUKS1 volume, as documented, failed.

# clevis luks bind -d /dev/sda6 tpm2 '{"pcr_ids":"7"}'
Command 'clevis-luks-bind' is invalid

Attempt to resolve by my own the correct syntax relying on current documentation failed; mentioned option is not available as its own manual.

$ man clevis 
[...] clevis-luks-bind(1)[...] 
07/24/2019
$ man 1 clevis-luks-bind
No manual entry for clevis-luks-bind in section 1

Ricky-Tigg avatar Sep 30 '19 14:09 Ricky-Tigg

It looks like you don't have the clevis-luks package. Would you please double check this?

sergio-correia avatar Sep 30 '19 14:09 sergio-correia

That was the case. For a reason Fedora has chosen not to install it along with clevis. Would then clevis-luks be the appropriated command for the purpose of my task? It seems to me it could due to the good manual description.

Ricky-Tigg avatar Sep 30 '19 15:09 Ricky-Tigg

I just run it:. I am attempting to bind a master key to a LUKS1 volume. Is that equivalent to initialize a LUKS device for metadata storag?

# clevis luks bind -d /dev/sda6 tpm2 '{"pcr_ids":"7"}'
You are about to initialize a LUKS device for metadata storage.
Attempting to initialize it may result in data loss if data was
already written into the LUKS header gap in a different format.
A backup is advised before initialization is performed.

Ricky-Tigg avatar Sep 30 '19 16:09 Ricky-Tigg