nix-community
encrypted swap gets weird /dev/mapper name
Sorry for the bad title, I'm not even sure if this is an error or intentional but it seems weird to me. I used the two sap definitions from this example and integrated it into my config. So far no issues the config works fine but for the encryptet swap I get the following /dev/mapper entry:
/dev/mapper/dev-disk-byx2dpartlabel-diskx2dmainx2dencryptedSwap
The naming is consistent so I also have a corresponding fstab entry. But is this intentional?
Here are the two definition blocks for regular and encryptet swap:
encryptedSwap = {
size = "500M";
content = {
type = "swap";
randomEncryption = true;
priority = 100; # prefer to encrypt as long as we have space for it
};
};
plainSwap = {
size = "100%";
content = {
type = "swap";
discardPolicy = "both";
resumeDevice = true; # resume from hiberation from this device
};
};
A bit difficult to change them now, because it would break existing installations.
Well it works, but it looks "weird". Thats it, I don't know if this could have further implications down the road. But would a fix for a swap drive, really destroy all the other defined partitions?
We are currently not running any code on boot, which we be needed to fix the label. Don't think it's that important, but wouldn't be opposed if someone has better idea how to change it. I think it was also possible to overwrite labels otherwise.
yes this is intentional, since it uniquely name the partition depending on which device it resides, so you can have multiple partitions with the same name on different devices. You can override the auto generated label by setting label = "myLabel"; on the partition
Thank you @Lassulus, if I would set the label in my config now and rerun disko with the new label in my config. Would this affect all partitions or would disko just change the affected swap partition?
You can try to use --mode format, which shouldn't destroy anything, but also is not able to apply all changes automatically. If you don't have important data yet, you can just run it and see what happens, but if you're using this system productively already, please also add --dry-run and inspect the script it outputs first!
Thank you @iFreilicht ! I changed my config for the swap files to this:
encryptedSwap = {
label = "CRYPTSWAP";
size = "500M";
content = {
type = "swap";
randomEncryption = true;
priority = 100; # prefer to encrypt as long as we have space for it
};
};
plainSwap = {
label = "SWAP";
size = "100%";
content = {
type = "swap";
discardPolicy = "both";
resumeDevice = true; # resume from hiberation from this device
};
};
Which creates the follwoing entries in /etc/fstab after I run disko with --mode format:
# Swap devices.
/dev/mapper/dev-disk-byx2dpartlabel-CRYPTSWAP none swap defaults,pri=100
/dev/disk/by-partlabel/SWAP none swap defaults,discard
So the regular swap looks fine, but the encrypted still has this weird /dev/mapper path. So I guess overwriting the random generated label is not working the way I thought it would, at least for the encrypted swap.
Am I missing a step or is this really how a path for an encrypted SWAP is intended to look like when created with disko?
@kagehisa From my small experience in the last few days trying to get a NixOS install with Disko, The mapper is because of the encryption. The partition itself is encrypted behind an encryption layer, which I think is LUKS. And so, when this partition gets mounted, in reality it gets mounted, decrypted on an intermediary "layer" and this layer which acts as a device is what actually can be used directly to read an write to normally. This is similar to what happens with encrypted partitions for home or root or other cases. The name of the label may differ but it needs to be "map"-ed first, the encryption must be decrypted and only the decrypted device will be used which in this case is mounted on /dev/mapper/(name).
