How to create a Shared Folder for an encrypted LUKS partition?

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • How to create a Shared Folder for an encrypted LUKS partition?

      Hello,

      I'm running OMV on a RockPro64 with one disk splitted in 2 partitions: one formatted in ext4 and one crypted with LUKS.
      I want this last one to only be available and decrypted when needed (and key available) but can't find how to define a Shared Folder with it.

      I have done my setup with the LUKS key on an USB stick and using autofs to automount a special path like /mnt/crypted/private. It works. I can have my crypted path automatically decrypted, and also mounted on the define path.

      But when I want to define a Shared Folder on the mounted path, or using the device /dev/mapper/sda2 I can't select it, only sda1 which is already used.

      I tried with the luksencryption plugin, and without it (I don't really need it), and rebooted, but the device still doesn't appear.
      I also tried with the device decrypted and mounted, or decrypted and not mounted.

      I'm not sure I'm using the right technique to do what I want, but I think it could be. If only I could see the device...

      Does anyone knows what can be wrong with my setup, or how to solve this problem?

      OMV 4.1.22-1
    • I have tested another way using luksencryption plugin to unlock my crypted partition and in fact this way I can mount the FS and create a Shared Folder.

      But I don't want to have the partition always uncrypted, and also I don't want to need the WebUI to unlock it.
      So this is not a perfect solution for me, I'll search for another way.

      I have the following setup : LUKS partition decrypted -> FS mounted -> Shared folder created.
      If I want to lock the LUKS partition, I need to delete the Shared Folder then unmount the FS.

      Same problem the other way around: if I find a way to decrypt the partition outside of OMV, I still need a way to inform OMV about it, then mount the FS inside OMV, and then recreate the Share Folder.
      Hum... not exactly simple, or maybe even possible...

      The post was edited 1 time, last by Njuilpo ().

    • New

      Njuilpo wrote:

      But I don't want to have the partition always uncrypted, and also I don't want to need the WebUI to unlock it.
      You only need to decrypt after boot. So once decrypted stays like that until reboot or poweroff or manual lock

      Njuilpo wrote:

      If I want to lock the LUKS partition, I need to delete the Shared Folder then unmount the FS.
      no so like that. This is a limitation on device mapper, you cannot detach a mapped device if still in use, and device mapper is used by default by cryptsetup, no other option.
      You can force unmount in CLI(the webui doesn't allow that), then close the luks device, you don't need to delete shared folders.

      Once again omv is not designed to deal with mobile hard drives if that is what you're looking for. Maybe you need to deal with a standard plain server and handle the devices on your own.
      New wiki
      chat support at #openmediavault@freenode IRC | Spanish & English | GMT+10
      telegram.me/openmediavault broadcast channel
      openmediavault discord server