Well, I got my new MacBook Pro 15″ in yesterday. I’ll write something about that shortly. The main OS for this machine is not Mac OS X, though, but Debian.
I decided that, being a laptop, I would like to run dm-crypt on here. Much to my delight, the etch installers support dm-crypt out of the box.
Not only that, but they supported this setup out of the box, too:
- Two partitions for Debian — one for /boot, everything else on the second one
- The second partition is completely encrypted
- Inside the encrypted container is an LVM physical volume
- Inside the LVM physical volume are logical volumes for /, /home, /usr, /var, and swap
- XFS is used for each filesystem
Not only that, but it set up proper boot sequence for all of this out of the box, too.
So I turn on the unit, enter the password for the encrypted partition, and then the system continues booting.
Nice. Very nice.
Kudos to the debian-installer and initramfs teams.