[Pacemaker] Pacemaker and LUKS partition
Georges-Etienne Legendre
legege at legege.com
Wed Nov 10 23:40:32 UTC 2010
Turns out eCryptFS is not very good when failover is done. We get this
strange error in syslog:
---
mount.ecryptfs: Error attempting to link the user session keyring into
the session keyring
lrmd: [2772]: info: RA output: (fs-ecryptfs:start:stdout) Unable to
link the KEY_SPEC_USER_KEYRING into the KEY_SPEC_SESSION_KEYRING; there
is something wrong with your kernel keyring. Did you build key retention
support into your kernel?
----
So, back to LUKS. We decided to write our own RA for opening LUKS
before mounting the filesystem and closing it after unmounting it. It
works fine!
--
Georges-Etienne
On Fri, 05 Nov 2010 15:59:11 -0400, Georges-Etienne Legendre
<legege at legege.com> wrote:
> For your information, I ended up using eCryptFS, which can be mounted
> like any other partition. The ocf:heartbeat:Filesystem can thus be used
> directly.
>
> Thanks,
> --
> Georges-Etienne
>
More information about the Pacemaker
mailing list