Anonymous
×
Create a new article
Write your page title here:
We currently have 12 articles on NixSec. Type your article name above or click on one of the titles below and start writing!



    NixSec

    Difference between revisions of "Vps lvm postinstall"

    Line 53: Line 53:
     
    <h2>Repartition stuff (In rescue mode!!)</h2>
     
    <h2>Repartition stuff (In rescue mode!!)</h2>
     
    <pre>
     
    <pre>
     +
    # Activate lvm
     +
    vgchange -a y
     +
    # Mount root and boot
     
    mount /dev/sda2 /mnt/
     
    mount /dev/sda2 /mnt/
     
    mount /dev/sda1 /mnt/boot
     
    mount /dev/sda1 /mnt/boot
    Line 76: Line 79:
     
    rm -rf /mnt/var2
     
    rm -rf /mnt/var2
     
    </pre>
     
    </pre>
     +
     +
     +
    <h3>Congratulations! You can now reboot</h3>
      
      

    Revision as of 20:36, 11 January 2021

    Steps for partitioning

    Resize the parttion /dev/sda2 in rescue mode with gparted to minimum size

    Install lvm2 (In OS)

    yum install -y lvm2
    

    Change this line in /etc/default/grub (In OS)

    GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=vg0/usr rd.lvm.lv=vg0/swap biosdevname=0 net.ifnames=0 rhgb quiet fips=0 nousb audit=1"
    

    Make grub and initrd lvm aware (In OS)

    dracut -f -a lvm
    
    grub2-mkconfig -o /boot/grub2/grub.cfg
    

    fdisk the new partition and make it lvm

    Create the volume group

    vgcreate vg0 /dev/sda3
    


    LVM stuff (In OS)

    lvcreate -n home -L +5G vg0
    lvcreate -n usr -L +6G vg0
    lvcreate -n var -L +2G vg0
    lvcreate -n var_log -L +2G vg0
    lvcreate -n var_log_audit -L +2G vg0
    lvcreate -n var_tmp -L +1G vg0
    lvcreate -n tmp -L +1G vg0
    lvcreate -n swap -L +2048M vg0
    lvcreate -n shm -L +2048M vg0
    
    mkfs.ext4 /dev/vg0/home
    mkfs.ext4 /dev/vg0/usr
    mkfs.ext4 /dev/vg0/var
    mkfs.ext4 /dev/vg0/var_tmp
    mkfs.ext4 /dev/vg0/var_log
    mkfs.ext4 /dev/vg0/var_log_audit
    mkfs.ext4 /dev/vg0/tmp
    mkfs.ext4 /dev/vg0/shm
    mkswap /dev/vg0/swap
    

    Repartition stuff (In rescue mode!!)

    # Activate lvm
    vgchange -a y
    # Mount root and boot
    mount /dev/sda2 /mnt/
    mount /dev/sda1 /mnt/boot
    # rename dirs
    mv /mnt/usr /mnt/usr2
    mkdir /mnt/usr
    mount /dev/vg0/usr /mnt/usr
    mv /mnt/usr2/* /mnt/usr
    mv /mnt/var /mnt/var2
    mkdir /mnt/var
    mount /dev/vg0/var /mnt/var
    mv /mnt/var2/* /mnt/var
    mv /mnt/var/log /mnt/var/log2
    mkdir /mnt/var/log
    mount /dev/vg0/var_log /mnt/var/log
    mv /mnt/var/log2/* /mnt/var/log
    mv /mnt/var/log/audit /mnt/var/log/audit2
    mkdir /mnt/var/log/audit
    mount /dev/vg0/var_log_audit /mnt/var/log/audit
    mv /mnt/var/log/audit2/* /mnt/var/log/audit
    rm -rf /mnt/var/log2
    rm -rf /mnt/usr2
    rm -rf /mnt/var2
    


    Congratulations! You can now reboot


    New fstab

    echo "/dev/mapper/vg0-shm /dev/shm                ext4     defaults,nosuid,nodev,noexec        0 0" >> /mnt/etc/fstab
    echo "/dev/mapper/vg0-home    /home                   ext4     defaults,nosuid,nodev        0 0" >> /mnt/etc/fstab
    echo "/dev/mapper/vg0-usr     /usr                    ext4     defaults        0 0" >> /mnt/etc/fstab
    echo "/dev/mapper/vg0-var     /var                    ext4     defaults,nosuid        0 0" >> /mnt/etc/fstab
    echo "/dev/mapper/vg0-var_log /var/log                ext4     defaults,nosuid,nodev,noexec        0 0" >> /mnt/etc/fstab
    echo "/dev/mapper/vg0-var_log_audit /var/log/audit          ext4     defaults,nosuid,nodev,noexec        0 0" >> /mnt/etc/fstab
    echo "/dev/mapper/vg0-var_tmp /var/tmp                ext4     defaults,nosuid,nodev,noexec        0 0" >> /mnt/etc/fstab
    echo "/dev/mapper/vg0-tmp     /tmp                    ext4     defaults,nosuid,nodev,noexec        0 0" >> /mnt/etc/fstab
    echo "/dev/mapper/vg0-swap    swap                    swap    defaults,nosuid,nodev,noexec        0 0" >> /mnt/etc/fstab
    


    Only needed for debugging when it doesn't boot

    mount /dev/sda2 /mnt
    mount /dev/sda1 /mnt/boot
    mount /dev/vg0/usr /mnt/usr
    mount /dev/vg0/home /mnt/home
    mount /dev/vg0/var /mnt/var
    mount /dev/vg0/var_log /mnt/var/log
    mount /dev/vg0/var_log_audit /mnt/var/log/audit
    mount /dev/vg0/tmp /mnt/tmp
    mount /dev/vg0/var_tmp /mnt/var/tmp
    mount -o bind /dev /mnt/dev
    mount -o bind /sys /mnt/sys
    mount -t proc /proc /mnt/proc
    chroot /mnt