LUKS on RAID 5

Hey guys. I'm trying to encrypt a 2TB RAID 5. I run the command:
cryptsetup -c aes-xts-plain -y -s 512 luksFormat /dev/md0
After I've entered and confirmed my password, it seems to go for a few moments, and then the whole computer locks up. It cannot be accessed directly or through ssh. My first though was that the drives might be pulling too much power, but I think the entire computer would die. Also, I seem to be able to create and ext4 partition and mount it. My though was that maybe 2TB is too big, but I couldn't find any information about that online.
I tried to see if my computer was just using all the resources and would unlock after time. After 30 minutes or so, nothing has happened, I'll assume the issue is not that the cpu is maxed et cetera.
After waiting, its still locked up... I also tried creating and LVM and then encrypting it... I successfully created the LVM, but the system still locked up...
There isn't really any debug to output, but I have loaded dm-crypt and aes-i586 modules.
Last edited by wsduvall (2009-03-23 12:21:22)

I had the same problem.
What I did was to download finnix live cd. burn the iso. run it and then run finnix-thumbdrive to have it install on a usb drive instead, took about 5mins until it was ready. inserted the usb drive into my server, loaded the modules, started up the array and then the lvm, then run cryptsetup and it worked much better this time

Similar Messages

  • Can't mount LUKS on RAID with single click

    Hello
    I use KDE and I want to create encrypted volume on software raid 1, which I could mount from time to time as simple as just with one click in dolphin +  entering the password.
    I tried with single drive, and It works. I mean I click on drive then I'm asked about password and I can see another unencrypted volume.
    When it comes to RAID ... I'm asked about password, but unencrypted volume doesn't appear (can't see any error on bottom bar because of window refresh). Mapper device is created under /dev/mapper/luks_crypto_.... which I can mount manually.
    Anybody have experience with such configuration ? Any ideas what's wrong ? Where to start ?
    Any help would be greatly appreciated.
    Kind Regards,
    osazon

    Viper_Scull wrote:
    In Thunar Preferences -Advanced. Do you have enable volume management checked?
    If so, configure it, and mark the two first options in Removable storage.
    Didn't work. I still get Not Authorized message. Also I logged out and in.
    And here is the everything.log about USB drive connecting:
    Jul 21 09:23:33 lynx kernel: [ 2239.496516] usb 2-1: new high speed USB device number 6 using ehci_hcd
    Jul 21 09:23:33 lynx mtp-probe: checking bus 2, device 6: "/sys/devices/pci0000:00/0000:00:1d.7/usb2/2-1"
    Jul 21 09:23:33 lynx kernel: [ 2239.624659] scsi8 : usb-storage 2-1:1.0
    Jul 21 09:23:33 lynx mtp-probe: bus: 2, device: 6 was not an MTP device
    Jul 21 09:23:34 lynx kernel: [ 2241.054851] scsi 8:0:0:0: Direct-Access     takeMS   Mem-drive EasyII 1100 PQ: 0 ANSI: 0 CCS
    Jul 21 09:23:34 lynx kernel: [ 2241.055144] sd 8:0:0:0: Attached scsi generic sg2 type 0
    Jul 21 09:23:34 lynx kernel: [ 2241.057409] sd 8:0:0:0: [sdb] 8028160 512-byte logical blocks: (4.11 GB/3.82 GiB)
    Jul 21 09:23:34 lynx kernel: [ 2241.058419] sd 8:0:0:0: [sdb] Write Protect is off
    Jul 21 09:23:34 lynx kernel: [ 2241.058423] sd 8:0:0:0: [sdb] Mode Sense: 43 00 00 00
    Jul 21 09:23:34 lynx kernel: [ 2241.058425] sd 8:0:0:0: [sdb] Assuming drive cache: write through
    Jul 21 09:23:34 lynx kernel: [ 2241.061294] sd 8:0:0:0: [sdb] Assuming drive cache: write through
    Jul 21 09:23:34 lynx kernel: [ 2241.062306]  sdb: sdb1
    Jul 21 09:23:34 lynx kernel: [ 2241.063904] sd 8:0:0:0: [sdb] Assuming drive cache: write through
    Jul 21 09:23:34 lynx kernel: [ 2241.063909] sd 8:0:0:0: [sdb] Attached SCSI removable disk
    Last edited by freyr (2011-07-21 07:28:57)

  • MD randomly dropping partition from array

    Hello, folks! I am having some trouble with MD randomly removing a partition from one of my RAID-1 arrays. So far this has happened three times over the past couple weeks, but it only happens on boot.
    I have two 3TB WD SATA hard disks containing two RAID-1 volumes set up as follows:
    /dev/sda1 FAT32 EFI System Partition (250MiB)
    /dev/sdb1 Reserved Space (250MiB)
    /dev/sda2 Disk 0 of /dev/md0 with v0.90 metadata (250MiB)
    /dev/sdb2 Disk 1 of /dev/md0 with v0.90 metadata (250MiB)
    /dev/sda3 swap partition 0 encrypted with dm-crypt mapped to /dev/mapper/swapA (8GiB)
    /dev/sdb3 swap partition 1 encrypted with dm-crypt mapped to /dev/mapper/swapB (8GiB)
    /dev/sda4 Disk 0 of /dev/md1 with v1.2 metadata (2750GiB)
    /dev/sdb4 Disk 1 of /dev/md1 with v1.2 metadata (2750GiB)
    /dev/md1 is encrypted with LUKS and mapped to /dev/mapper/root
    /dev/mapper/root is the only volume in the LVM volume group rootvg
    the volume group rootvg currently has three logical volumes
    logical volume root is mapped to /dev/mapper/rootvg-root and is the file system root
    logical volume home is mapped to /dev/mapper/rootvg-home and is mounted /home
    logical volume var is mapped to /dev/mapper/rootvg-var and is mounted /var
    I also wrote this initcpio hook (I call it 'secdec'), with a bit of help from the Arch Wiki, which decrypts /dev/mapper/root, optionally with a openssl encrypted key file on a USB memory stick:
    run_hook ()
    local keyCopyDec keyCopyEnc keyMountPoint maxTries retryDelay \
    shutdownOnFail
    # customizable ############################################################
    keyCopyDec="/crypto_keyfile.bin" # temp storage for decrypted key data
    keyCopyEnc="/crypto_keyfile.enc" # temp storage for encrypted key data
    keyMountPoint="/ckey" # key storage device mount point
    maxTries=3 # max number of decrypt attempts
    retryDelay=2 # delay in seconds between retries
    shutdownOnFail=0 # shut down computer if decrypt fails
    #+0=yes, 1=no
    # /customizable ###########################################################
    local abortMsg passPromptKey passPromptVol passWrong secdecFormat \
    shutdownMsg
    local E_NOFILE
    local KEY NOKEY SSLKEY
    local CSQUIET OIFS
    local cryptDev cryptName keyDev keyFile keyFs keyType pass passPrompt \
    success tries
    abortMsg="Aborting..."
    passPromptKey="Key passphrase: "
    passPromptVol="LUKS passphrase: "
    passWrong="Invalid passphrase."
    secdecFormat="secdec=cryptdev:dmname:keydev:keyfs:keyfile"
    shutdownMsg="Shutting down computer. You may try again later."
    E_NOFILE=66
    KEY=1
    NOKEY=0
    SSLKEY=2
    OIFS=$IFS
    [ "$(echo "${quiet}" | awk '{print tolower($0)}')" == "y" ] && \
    CSQUIET=">/dev/null 2>&1"
    askForBooleanInput ()
    # Ask the user for boolean input.
    # $1: The question to pose.
    # $2: A string containing single characters, separated by spaces, which are
    #+keys pressed that would return boolean true (0).
    # $3: A string containing single characters, separated by spaces, which are
    #+keys pressed that would return a boolean false (1).
    # Returns 0 if the user presses a key that generates a character found in
    #+$2.
    # Returns 1 if the user presses a key that generates a character found in
    #+$3.
    # Returns 2 if an incorrect number of parameters was provided.
    local keyin
    [ ${#} -ne 3 ] && return 2
    echo -n "$1"
    while true; do
    read -sn1 keyin
    case "$keyin" in
    [$2]) echo "$keyin"; keyin=0; break;;
    [$3]) echo "$keyin"; keyin=1; break;;
    *) echo -n -e "\a";;
    esac
    done
    return $keyin
    askForPass ()
    # Ask the user to enter a pass{word|phrase}.
    # $1: The prompt to display.
    # $2: The name of the variable to assign the input pass{word|phrase} to.
    #+For example, to assign to $pass, $2 should be "pass".
    # Returns 0 on success or 1 if there is a parameter error.
    [ ${#} -ne 2 ] || [ -z "${1}" ] || [ -z "${2}" ] && return 1
    read -rsp "$1" "$2"
    echo
    isSsl ()
    # Examine a file for indications that it is SSL encrypted.
    # $1: Path to the key file to examine.
    # Returns 0 if the file appears to be SSL encrypted, 1 if the file does not
    #+appear to be SSL encrypted and $E_NOFILE if $1 is not a regular file.
    [ ! -f "${1}" ] && return $E_NOFILE
    [ "$(dd if="${1}" bs=1 count=8 2>/dev/null | \
    awk '{print tolower($0)}')" == "salted__" ]
    getKey ()
    # Attempt to find and copy a key from $keyDev to $keyCopyEnc.
    # $1: Path to the device containing the key data.
    # $2: Name of file system containing the key file.
    # $3: Path to the key file, relative to $4.
    # $4: Mount point of partition containing key file.
    # $5: Path to temporary copy of key file.
    # $6: Boolean value indicating whether to allow user the opportunity to
    #+switch key devices before attempting to find a key. This is useful if
    #+a key has already been tried and failed. The user could switch memory
    #+devices before trying again. 0=true, 1=false; default is false.
    # Returns one of $KEY, $NOKEY or $SSLKEY depending on what was found.
    local result wait
    if [ -z "${6}" ] || [ ${6} -eq 1 ]; then wait=1; else wait=0; fi
    mkdir -p "$4" >/dev/null 2>&1
    while true; do
    if [ ${wait} -eq 0 ]; then
    askForBooleanInput \
    "(S)earch for key or (R)evert to LUKS passphrase? " "s S" "r R"
    if [ ${?} -eq 0 ]; then result=$KEY; else result=$NOKEY; fi
    wait=1
    else
    result=$KEY
    fi
    if [ ${result} -eq ${KEY} ]; then
    if poll_device "${1}" ${rootdelay}; then
    mount -r -t "$2" "$1" "$4" >/dev/null 2>&1
    dd if="$4/$3" of="$5" >/dev/null 2>&1
    umount "$4" >/dev/null 2>&1
    if [ -f "${5}" ]; then
    isSsl "${5}" && result=$SSLKEY
    else
    err "Key $3 not found."
    unset result
    wait=0
    fi
    else
    err "Key device $1 not found."
    unset result
    wait=0
    fi
    fi
    [ -n "${result}" ] && break
    done
    return $result
    # If the secdec kernel parameter was not specified, inform the user, but
    #+allow init to continue in case another hook will work.
    if [ -z "${secdec}" ]; then
    echo "Missing parameter: $secdecFormat"
    return 0
    fi
    # Make sure required kernel modules are available.
    if ! /sbin/modprobe -a -q dm-crypt >/dev/null 2>&1 || \
    [ ! -e "/sys/class/misc/device-mapper" ]; then
    err "Required kernel modules not available."
    err "$abortMsg"
    exit 1
    fi
    if [ ! -e "/dev/mapper/control" ]; then
    mkdir -p "/dev/mapper" >/dev/null 2>&1
    mknod "/dev/mapper/control" c \
    $(cat /sys/class/misc/device-mapper/dev | sed 's|:| |') >/dev/null 2>&1
    fi
    # Parse the secdec kernel parameter, check it's format, make sure $cryptDev
    #+is available, and that it contains a LUKS volume.
    IFS=:
    read cryptDev cryptName keyDev keyFs keyFile <<EOF
    $secdec
    EOF
    IFS=$OIFS
    if [ $(echo "${secdec}" | awk -F: '{print NF}') -ne 5 ] || \
    [ -z "${cryptDev}" ] || [ -z "${cryptName}" ]; then
    err "Verify parameter format: $secdecFormat"
    err "$abortMsg"
    exit 1
    fi
    if ! poll_device "${cryptDev}" ${rootdelay}; then
    err "Device $cryptDev not available."
    err "$abortMsg"
    exit 1
    fi
    # Inform the user that $cryptDev doesn't contain a LUKS volume, but allow
    #+init to continue, in case another hook can handle this.
    if ! /sbin/cryptsetup isLuks "${cryptDev}" >/dev/null 2>&1; then
    echo "Device $cryptDev does not contain a LUKS volume."
    return 0
    fi
    # Attempt to open the LUKS volume.
    tries=0
    unset keyType
    while true; do
    success=1
    # Attempt to copy a decryption key.
    if [ -z ${keyType} ]; then
    getKey "$keyDev" "$keyFs" "$keyFile" "$keyMountPoint" \
    "$keyCopyEnc" 1
    keyType=$?
    elif [ ${keyType} -eq ${KEY} ]; then
    getKey "$keyDev" "$keyFs" "$keyFile" "$keyMountPoint" \
    "$keyCopyEnc" 0
    keyType=$?
    elif [ ${keyType} -eq ${SSLKEY} ]; then
    if askForBooleanInput "(U)se a different key or (T)ry again? " \
    "u U" "t T"; then
    getKey "$keyDev" "$keyFs" "$keyFile" "$keyMountPoint" \
    "$keyCopyEnc" 0
    keyType=$?
    fi
    fi
    # Open the LUKS volume.
    if [ ${keyType} -eq ${NOKEY} ]; then
    askForPass "$passPromptVol" "pass"
    /sbin/cryptsetup luksOpen "$cryptDev" "$cryptName" "$CSQUIET" <<EOF
    $pass
    EOF
    success=$?
    [ ${success} -ne 0 ] && err "$passWrong"
    else
    if [ ${keyType} -eq ${SSLKEY} ]; then
    askForPass "$passPromptKey" "pass"
    /sbin/openssl aes256 -pass pass:"$pass" -d -in "$keyCopyEnc" \
    -out "$keyCopyDec" >/dev/null 2>&1
    if [ ${?} -ne 0 ]; then
    rm -f "$keyCopyDec" >/dev/null 2>&1
    err "$passWrong"
    fi
    else
    mv "$keyCopyEnc" "$keyCopyDec" >/dev/null 2>&1
    fi
    if [ -f "${keyCopyDec}" ]; then
    /sbin/cryptsetup --key-file "$keyCopyDec" \
    luksOpen "$cryptDev" "$cryptName" "$CSQUIET"
    success=$?
    fi
    fi
    [ ${success} -ne 0 ] && err "Failed to open LUKS volume."
    tries=$(( $tries + 1 ))
    [ ${tries} -ge ${maxTries} ] || [ ${success} -eq 0 ] && break
    sleep "$retryDelay"
    done
    if [ ${success} -eq 0 ]; then
    if [ ! -e "/dev/mapper/${cryptName}" ]; then
    err "LUKS volume was opened, but failed to map to $cryptName."
    err "$abortMsg"
    exit 1
    fi
    echo "LUKS volume opened."
    else
    if [ ${shutdownOnFail} -eq 0 ]; then
    echo "shutdownMsg"
    poweroff -f
    fi
    exit 1
    fi
    The failing array is /dev/md1 and mdadm is reporting the following:
    mdadm --detail /dev/md1
    /dev/md1:
    Version : 1.2
    Creation Time : Wed May 30 18:50:05 2012
    Raid Level : raid1
    Array Size : 2921467179 (2786.13 GiB 2991.58 GB)
    Used Dev Size : 2921467179 (2786.13 GiB 2991.58 GB)
    Raid Devices : 2
    Total Devices : 1
    Persistence : Superblock is persistent
    Update Time : Wed Sep 12 03:34:52 2012
    State : clean, degraded
    Active Devices : 1
    Working Devices : 1
    Failed Devices : 0
    Spare Devices : 0
    Name : archiso:1
    UUID : 8ad37e84:f7261906:da3d317e:24080362
    Events : 44661
    Number Major Minor RaidDevice State
    0 8 4 0 active sync /dev/sda4
    1 0 0 1 removed
    mdadm --examine /dev/sda4
    /dev/sda4:
    Magic : a92b4efc
    Version : 1.2
    Feature Map : 0x0
    Array UUID : 8ad37e84:f7261906:da3d317e:24080362
    Name : archiso:1
    Creation Time : Wed May 30 18:50:05 2012
    Raid Level : raid1
    Raid Devices : 2
    Avail Dev Size : 5842934631 (2786.13 GiB 2991.58 GB)
    Array Size : 2921467179 (2786.13 GiB 2991.58 GB)
    Used Dev Size : 5842934358 (2786.13 GiB 2991.58 GB)
    Data Offset : 2048 sectors
    Super Offset : 8 sectors
    State : clean
    Device UUID : abba1dc3:3fadf7a7:be452bb5:b8bbe97b
    Update Time : Wed Sep 12 03:37:48 2012
    Checksum : aad3e44b - correct
    Events : 44729
    Device Role : Active device 0
    Array State : A. ('A' == active, '.' == missing)
    mdadm --examine /dev/sdb4/dev/sdb4:
    Magic : a92b4efc
    Version : 1.2
    Feature Map : 0x0
    Array UUID : 8ad37e84:f7261906:da3d317e:24080362
    Name : archiso:1
    Creation Time : Wed May 30 18:50:05 2012
    Raid Level : raid1
    Raid Devices : 2
    Avail Dev Size : 5842934631 (2786.13 GiB 2991.58 GB)
    Array Size : 2921467179 (2786.13 GiB 2991.58 GB)
    Used Dev Size : 5842934358 (2786.13 GiB 2991.58 GB)
    Data Offset : 2048 sectors
    Super Offset : 8 sectors
    State : clean
    Device UUID : 09a09f49:b329feaa:3341111b:47b484fe
    Update Time : Wed Sep 12 01:50:34 2012
    Checksum : 1cdc19c0 - correct
    Events : 42869
    Device Role : Active device 1
    Array State : AA ('A' == active, '.' == missing)
    cat /proc/mdstat
    Personalities : [raid1]
    md0 : active raid1 sda2[0] sdb2[1]
    204736 blocks [2/2] [UU]
    md1 : active raid1 sda4[0]
    2921467179 blocks super 1.2 [2/1] [U_]
    unused devices: <none>
    This is md log info of the first reboot after my first recovery:
    Sep 9 20:18:03 localhost kernel: [ 1.784225] md: raid1 personality registered for level 1
    Sep 9 20:18:03 localhost kernel: [ 2.552971] md: md1 stopped.
    Sep 9 20:18:03 localhost kernel: [ 2.553418] md: bind<sdb4>
    Sep 9 20:18:03 localhost kernel: [ 2.553574] md: bind<sda4>
    Sep 9 20:18:03 localhost kernel: [ 2.554080] md/raid1:md1: active with 2 out of 2 mirrors
    Sep 9 20:18:03 localhost kernel: [ 2.554093] md1: detected capacity change from 0 to 2991582391296
    Sep 9 20:18:03 localhost kernel: [ 2.566266] md1: unknown partition table
    Sep 9 20:18:03 localhost kernel: [ 2.617922] md: md0 stopped.
    Sep 9 20:18:03 localhost kernel: [ 2.618382] md: bind<sdb2>
    Sep 9 20:18:03 localhost kernel: [ 2.618525] md: bind<sda2>
    Sep 9 20:18:03 localhost kernel: [ 2.619175] md/raid1:md0: active with 2 out of 2 mirrors
    Sep 9 20:18:03 localhost kernel: [ 2.619203] md0: detected capacity change from 0 to 209649664
    Sep 9 20:18:03 localhost kernel: [ 10.933334] md0: unknown partition table
    And this is the next time I rebooted:
    Sep 10 19:59:07 localhost kernel: [ 1.780481] md: raid1 personality registered for level 1
    Sep 10 19:59:07 localhost kernel: [ 2.806037] md: md1 stopped.
    Sep 10 19:59:07 localhost kernel: [ 2.806345] md: bind<sda4>
    Sep 10 19:59:07 localhost kernel: [ 2.806888] md/raid1:md1: active with 1 out of 2 mirrors
    Sep 10 19:59:07 localhost kernel: [ 2.806898] md1: detected capacity change from 0 to 2991582391296
    Sep 10 19:59:07 localhost kernel: [ 2.820308] md1: unknown partition table
    Sep 10 19:59:07 localhost kernel: [ 2.956599] md: md0 stopped.
    Sep 10 19:59:07 localhost kernel: [ 2.957149] md: bind<sdb2>
    Sep 10 19:59:07 localhost kernel: [ 2.957269] md: bind<sda2>
    Sep 10 19:59:07 localhost kernel: [ 2.958086] md/raid1:md0: active with 2 out of 2 mirrors
    Sep 10 19:59:07 localhost kernel: [ 2.958100] md0: detected capacity change from 0 to 209649664
    Sep 10 19:59:07 localhost kernel: [ 11.742281] md0: unknown partition table
    In between these two boots there are no reports of md failures. For some reason, its just dropping the second partition.
    I just did a restoration earlier today and on the very next boot, md refuses to use /dev/sdb4. Once I booted, I checked update times (not the ones listed) and /dev/sda4 and /dev/sdb4 were about 4 minutes apart. Since it takes only about a minute for Arch to reboot, including me typing my openssl key password, Arch was running for about 3 minutes without updating. I'm assuming this is of some significance since /dev/md0 reports perfect synchronization.
    All of this has been working very well for me for about 6 months now. Both hard drives, which I bought at the same time, are about 9 months old. I checked both drives using smartctl, and both report SMART enabled and passed. SMART attribute data doesn't make a lot of sense to me and I haven't looked up the format, but the reallocation event value is the same as the day I bought the drives, so I'm kind of assuming things are ok there, or at least bad sectors aren't being created.
    I hope I've provided all required details here. Any help would be appreciated.
    Last edited by cng1024 (2012-09-13 00:02:43)

    It would seem that nobody has any ideas about why this may be happening. I've done a complete diagnostic of both hard disks and both passed. I then downloaded the latest iso, formatted and reinstalled, but that failed after one reboot.
    I have a theory as to why it may be happening, but I haven't tested it yet. Perhaps someone can tell me if I may be on the right track here. I got to wondering what happens during shutdown. The root fs remounts ro during shutdown, but it does remain mounted which means everything under that, my logical volumes, LUKS and RAID are all still open when the system halts. I saved my original configs before I reformatted and it turns out I forgot to add the shutdown hook to the initcpio image which means my RAID wasn't being stopped before halt.
    I'm going to try a few experiments to see if adding the shutdown hook makes a difference. Hopefully I'm right, and I'll update either way, but I'd still appreciate it if someone with a bit more experience could weigh in on this.

  • /boot/grub is not readable by GRUB?

    During mid installation of grub after completing everything else on the beginners tutorial, the error when trying to install grub using the "grub-install --target=i386-pc --recheck /dev/sda" it appears with the error "Path '/boot/grub' is not readable by GRUB on boot. Installation is impossible. Aborting." May be a noobish question or problem, but how can i make the grub installation possible?

    It doens't matter where you put that little partition.
    Maybe you should try syslinux instead.  It is stupid simple... I love it.  Grub2 is great if you need to have your boot partition on LVM2 or some other crazy crap.  But honestly, I think that 90% of the features are pretty much useless for a user like myself.  Though I use LVM2 on Luks on Raid-0, but I keep a separate /boot partition anyway which doubles as my EFI System Partition.
    Edit: During the month or so that I used Grub2, I actually upgraded computers during that time.  So I had the EF02 partition at the end of my old computer's drive and the beginning of the new one, and both worked no problem.
    Last edited by WonderWoofy (2012-12-22 18:16:36)

  • [solved] luks on lvm encryption keymap issue

    hi,
    i just installed arch on a new notebook of mine.
    i used a luks encrypted lvm installation, which works (guided by the wiki)
    but i am encoutering an issue with the keymap while decrypting at boot.
    i've installed using "de-latin1-nodeadkeys" as keymap, and my actual passwort has some special characters.
    at boot, i'v entered the passwort but it doesn't work.
    so i rebootet with the live image and checked, with the german keymap again, which worked.
    i checked for mispelling btw .
    for testing purposes i set a password like "///" and it seems that the keymap at boot is an english one.
    https://bugs.archlinux.org/task/36689 i found this bug, but it says closed so i'm thinking i went wrong somewhere.
    any help is appreciated
    here is my mkinitcpio.conf
    # vim:set ft=sh
    # MODULES
    # The following modules are loaded before any boot hooks are
    # run. Advanced users may wish to specify all system modules
    # in this array. For instance:
    # MODULES="piix ide_disk reiserfs"
    MODULES=""
    # BINARIES
    # This setting includes any additional binaries a given user may
    # wish into the CPIO image. This is run last, so it may be used to
    # override the actual binaries included by a given hook
    # BINARIES are dependency parsed, so you may safely ignore libraries
    BINARIES=""
    # FILES
    # This setting is similar to BINARIES above, however, files are added
    # as-is and are not parsed in any way. This is useful for config files.
    FILES=""
    # HOOKS
    # This is the most important setting in this file. The HOOKS control the
    # modules and scripts added to the image, and what happens at boot time.
    # Order is important, and it is recommended that you do not change the
    # order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for
    # help on a given hook.
    # 'base' is _required_ unless you know precisely what you are doing.
    # 'udev' is _required_ in order to automatically load modules
    # 'filesystems' is _required_ unless you specify your fs modules in MODULES
    # Examples:
    ## This setup specifies all modules in the MODULES setting above.
    ## No raid, lvm2, or encrypted root is needed.
    # HOOKS="base"
    ## This setup will autodetect all modules for your system and should
    ## work as a sane default
    # HOOKS="base udev autodetect block filesystems"
    ## This setup will generate a 'full' image which supports most systems.
    ## No autodetection is done.
    # HOOKS="base udev block filesystems"
    ## This setup assembles a pata mdadm array with an encrypted root FS.
    ## Note: See 'mkinitcpio -H mdadm' for more information on raid devices.
    # HOOKS="base udev block mdadm encrypt filesystems"
    ## This setup loads an lvm2 volume group on a usb device.
    # HOOKS="base udev block lvm2 filesystems"
    ## NOTE: If you have /usr on a separate partition, you MUST include the
    # usr, fsck and shutdown hooks.
    HOOKS="base udev autodetect modconf encrypt lvm2 block filesystems keyboard fsck"
    # COMPRESSION
    # Use this to compress the initramfs image. By default, gzip compression
    # is used. Use 'cat' to create an uncompressed image.
    #COMPRESSION="gzip"
    #COMPRESSION="bzip2"
    #COMPRESSION="lzma"
    #COMPRESSION="xz"
    #COMPRESSION="lzop"
    # COMPRESSION_OPTIONS
    # Additional options for the compressor
    #COMPRESSION_OPTIONS=""
    and my grub.cfg
    # DO NOT EDIT THIS FILE
    # It is automatically generated by grub-mkconfig using templates
    # from /etc/grub.d and settings from /etc/default/grub
    ### BEGIN /etc/grub.d/00_header ###
    insmod part_gpt
    insmod part_msdos
    if [ -s $prefix/grubenv ]; then
    load_env
    fi
    if [ "${next_entry}" ] ; then
    set default="${next_entry}"
    set next_entry=
    save_env next_entry
    set boot_once=true
    else
    set default="0"
    fi
    if [ x"${feature_menuentry_id}" = xy ]; then
    menuentry_id_option="--id"
    else
    menuentry_id_option=""
    fi
    export menuentry_id_option
    if [ "${prev_saved_entry}" ]; then
    set saved_entry="${prev_saved_entry}"
    save_env saved_entry
    set prev_saved_entry=
    save_env prev_saved_entry
    set boot_once=true
    fi
    function savedefault {
    if [ -z "${boot_once}" ]; then
    saved_entry="${chosen}"
    save_env saved_entry
    fi
    function load_video {
    if [ x$feature_all_video_module = xy ]; then
    insmod all_video
    else
    insmod efi_gop
    insmod efi_uga
    insmod ieee1275_fb
    insmod vbe
    insmod vga
    insmod video_bochs
    insmod video_cirrus
    fi
    if loadfont unicode ; then
    set gfxmode=auto
    load_video
    insmod gfxterm
    set locale_dir=$prefix/locale
    set lang=en_US
    insmod gettext
    fi
    terminal_input console
    terminal_output gfxterm
    set timeout=5
    ### END /etc/grub.d/00_header ###
    ### BEGIN /etc/grub.d/10_linux ###
    menuentry 'Arch Linux, with Linux core repo kernel' --class arch --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-core repo kernel-true-e084640b-9864-4667-84a4-9f5fb0a43483' {
    load_video
    set gfxpayload=keep
    insmod gzio
    insmod part_msdos
    insmod ext2
    set root='hd0,msdos1'
    if [ x$feature_platform_search_hint = xy ]; then
    search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 802f1bee-db08-4896-87df-97c3883f58be
    else
    search --no-floppy --fs-uuid --set=root 802f1bee-db08-4896-87df-97c3883f58be
    fi
    echo 'Loading Linux core repo kernel ...'
    linux /vmlinuz-linux root=/dev/mapper/main-root rw cryptdevice=/dev/sda2:main quiet
    echo 'Loading initial ramdisk ...'
    initrd /initramfs-linux.img
    menuentry 'Arch Linux, with Linux core repo kernel (Fallback initramfs)' --class arch --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-core repo kernel-fallback-e084640b-9864-4667-84a4-9f5fb0a43483' {
    load_video
    set gfxpayload=keep
    insmod gzio
    insmod part_msdos
    insmod ext2
    set root='hd0,msdos1'
    if [ x$feature_platform_search_hint = xy ]; then
    search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 802f1bee-db08-4896-87df-97c3883f58be
    else
    search --no-floppy --fs-uuid --set=root 802f1bee-db08-4896-87df-97c3883f58be
    fi
    echo 'Loading Linux core repo kernel ...'
    linux /vmlinuz-linux root=/dev/mapper/main-root rw cryptdevice=/dev/sda2:main quiet
    echo 'Loading initial ramdisk ...'
    initrd /initramfs-linux-fallback.img
    ### END /etc/grub.d/10_linux ###
    ### BEGIN /etc/grub.d/20_linux_xen ###
    ### END /etc/grub.d/20_linux_xen ###
    ### BEGIN /etc/grub.d/30_os-prober ###
    ### END /etc/grub.d/30_os-prober ###
    ### BEGIN /etc/grub.d/40_custom ###
    # This file provides an easy way to add custom menu entries. Simply type the
    # menu entries you want to add after this comment. Be careful not to change
    # the 'exec tail' line above.
    ### END /etc/grub.d/40_custom ###
    ### BEGIN /etc/grub.d/41_custom ###
    if [ -f ${config_directory}/custom.cfg ]; then
    source ${config_directory}/custom.cfg
    elif [ -z "${config_directory}" -a -f $prefix/custom.cfg ]; then
    source $prefix/custom.cfg;
    fi
    ### END /etc/grub.d/41_custom ###
    ### BEGIN /etc/grub.d/60_memtest86+ ###
    ### END /etc/grub.d/60_memtest86+ ###
    and my default/grub
    GRUB_DEFAULT=0
    GRUB_TIMEOUT=5
    GRUB_DISTRIBUTOR="Arch"
    GRUB_CMDLINE_LINUX_DEFAULT="cryptdevice=/dev/sda2:main quiet"
    GRUB_CMDLINE_LINUX=""
    # Preload both GPT and MBR modules so that they are not missed
    GRUB_PRELOAD_MODULES="part_gpt part_msdos"
    # Uncomment to enable Hidden Menu, and optionally hide the timeout count
    #GRUB_HIDDEN_TIMEOUT=5
    #GRUB_HIDDEN_TIMEOUT_QUIET=true
    # Uncomment to use basic console
    GRUB_TERMINAL_INPUT=console
    # Uncomment to disable graphical terminal
    #GRUB_TERMINAL_OUTPUT=console
    # The resolution used on graphical terminal
    # note that you can use only modes which your graphic card supports via VBE
    # you can see them in real GRUB with the command `vbeinfo'
    GRUB_GFXMODE=auto
    # Uncomment to allow the kernel use the same resolution used by grub
    GRUB_GFXPAYLOAD_LINUX=keep
    # Uncomment if you want GRUB to pass to the Linux kernel the old parameter
    # format "root=/dev/xxx" instead of "root=/dev/disk/by-uuid/xxx"
    #GRUB_DISABLE_LINUX_UUID=true
    # Uncomment to disable generation of recovery mode menu entries
    GRUB_DISABLE_RECOVERY=true
    # Uncomment and set to the desired menu colors. Used by normal and wallpaper
    # modes only. Entries specified as foreground/background.
    #GRUB_COLOR_NORMAL="light-blue/black"
    #GRUB_COLOR_HIGHLIGHT="light-cyan/blue"
    # Uncomment one of them for the gfx desired, a image background or a gfxtheme
    #GRUB_BACKGROUND="/path/to/wallpaper"
    #GRUB_THEME="/path/to/gfxtheme"
    # Uncomment to get a beep at GRUB start
    #GRUB_INIT_TUNE="480 440 1"
    #GRUB_SAVEDEFAULT="true"
    vconsole.conf
    KEYMAP="de-latin1-nodeadkeys"
    Last edited by ziv667 (2013-11-27 12:18:03)

    ziv667 wrote:HOOKS="base udev autodetect modconf encrypt lvm2 block filesystems keyboard fsck"
    Where's the keymap hook?
    HOOKS="base udev autodetect modconf keymap encrypt lvm2 block filesystems keyboard fsck"

  • RAID-5 over RAID-1, with encryption

    I'm planning to restructure my fileserver.  It has (well, will have) 8 hard drives for data, each 1.5 TB in size.  I want to create 4 mirrored pairs, and then place each pair in a RAID-5 array, for a total usable space of 4.5 TB.  I want to place encryption on top of it, with dm-crypt/LUKS, with either ext4 or xfs on top of that (_probably_ ext4, but it's easy to change that after I have the block devices set up).
    I guess my questions are mostly about performance and best practices.
    For reference, the server has 6 GB RAM (although I can easily buy more if needed), and a first-gen i3 (which, sadly, does not have hardware AES support).  The hard drives are all running off the motherboard's SATA ports, but I can buy (and probably will buy at some point) a good JBOD controller.
    I should also say that the server will be used for (a) keeping differential backups of my other computers (probably only 500-750 GB in backup files), (b) streaming music / HD video, (c) torrenting.  So the usage is really a fix of access patterns, but the files should generally be larger-than-average (most files will probably be over 10 MB), and there will probably be many files open at once.
    1)  What kind of chunk size should I use?  I assume using equal chunk sizes for the mirrors and the RAID-5 array would be good.  I was thinking 256 KB (which would yield a 768 KB block size in the FS), but that may be a bit big.
    2)  I hear it's best to put the encryption between the filesystem and the top-level block device (which is the RAID-5 array in this case).  The other feasible option is placing it directly on the drives (well, on the drives' partitions).  Is this true?
    3)  An alternative configuration would be to mirror two RAID-5 arrays together, but partial rebuilds would take longer and put more stress on the drives.  It would be nice to get some confirmation that I'm right in my reasoning here, and that RAID-5 over RAID-1 would be better than RAID-1 over RAID-5.
    Any other advice with such a setup is welcome.
    Thanks for your input!
    (Note:  This was brought about due to the failure of a few hard drives in my fileserver.  To that end, I am unable to really test anything with all the disks until I get them back from the RMA.  I can still play around with a few disks for now, though.)

    alphaniner wrote:α. BAARF
    Yeah, someone linked me to that too.  I looked through their reasoning (well, about 3-4 of the links on that site) and I don't think it really pertains to me, because:
    During a full rebuild (of the overarching RAID-5 array), one (or even up to three) more hard drive failures will not cause issues.
    RAID-6 provided ample performance for me, so I assume RAID-5 will be the same (if not better).
    Adding more hard drives would entail (a) a new controller, (b) a new case (probably a server chassis, to handle 10+ hard drives), and possibly (c) a new PSU.  So it's actually not at all cheap for me to buy them.
    The reason I'm thinking of RAID-15 and not RAID-51 is because if 1 drive fails, the rebuild only reads from one drive (to restore that mirror).  If 1 drive fails in RAID-51, then the rebuild must read from the other 3 drives.  The situation can easily get worse with 2 failures, since this would cause reading from probably 2 but at most 3 drives in RAID-15, but would cause reading from all 6 with RAID-51.  Basically, recovering from a failure would take about 3 times as long, which means about 3 times the stress on the remaining drives while the array is more vulnerable.

  • Southampton left-back Luke Shaw, 18, will be included when England

    Southampton left-back Luke Shaw, 18, will be included when England manager Roy Hodgson names his 23-man squad, plus seven standby players, on Monday..........
    [url=http://earthship.org/Forums/academy/1894-lajoo-watch-the-amazing-spider-man-2-online-free]Watch The Amazing Spider-Man 2 Online[/url]
    [url=http://earthship.org/Forums/academy/1923-lajoo-watch-the-other-woman-online-2014-hd-movie]Watch The Other Woman Online[/url]
    [url=http://earthship.org/Forums/academy/1936-lajoo-watch-captain-america-2-the-winter-soldier]Watch Captain America 2 Online[/url]
    [url=http://earthship.org/Forums/academy/1960-lajoo-watch-captain-america-the-winter-soldier]Watch Captain America The Winter Soldier Online[/url]
    [url=http://earthship.org/Forums/academy/1971-lajoo-watch-neighbors-2014-free-online-hd]Watch Neighbors Online[/url]
    [url=http://earthship.org/Forums/academy/1982-lajoo-watch-legends-of-oz-dorothy-s-return-onlin]Watch Legends of Oz: Dorothy's Return Online[/url]
    [url=http://earthship.org/Forums/academy/1993-lajoo-watch-moms-night-out-2014-online]Watch Moms' Night Out Online[/url]
    [url=http://earthship.org/Forums/academy/2002-lajoo-watch-noah-full-movie-online-2014]Watch Noah Online[/url]
    [url=http://earthship.org/Forums/academy/2014-lajoo-watch-divergent-2014-free-onlin-hd]Watch Divergent Online[/url]
    [url=http://earthship.org/Forums/academy/2027-lajoo-watch-frozen-full-movie-online-free]Watch Frozen Online[/url]
    [url=http://earthship.org/Forums/academy/2042-lajoo-watch-rio-online-free-putlocker-2014]Watch Rio 2 Online[/url]
    [url=http://earthship.org/Forums/academy/2050-lajoo-watch-brick-mansions-online-2014-full-movi]Watch Brick Mansions Online[/url]
    [url=http://earthship.org/Forums/academy/2060-lajoo-watch-bears-2014-full-hd-online]Watch Bears Online[/url]
    [url=http://earthship.org/Forums/academy/2070-lajoo-watch-heaven-is-for-real-full-hd-online]Watch Heaven Is for Real Online[/ur]
    [url=http://earthship.org/Forums/academy/2077-lajoo-watch-god-s-not-dead-movie-online]Watch God's Not Dead Online[/url]
    [url=http://earthship.org/Forums/academy/2089-lajoo-watch-the-raid-2-2014-full-movie-online]Watch The Raid 2 Online[/url]
    [url=http://earthship.org/Forums/academy/2106-lajoo-watch-that-awkward-moment-online-free-2014]Watch That Awkward Moment Online[/url]
    [url=http://earthship.org/Forums/academy/2121-lajoo-watch-300-rise-of-an-empire-2014-online]Watch 300 Rise of An Empire Online[/url]
    [url=http://earthship.org/Forums/academy/2129-lajoo-watch-non-stop-2014-full-movie-hd-stream]Watch Non Stop Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=105589]Watch The Amazing Spider-Man 2 Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=105810]Watch The Other Woman Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=105944]Watch Captain America 2 Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=106135]Watch Captain America The Winter Soldier Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=106253]Watch Neighbors Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=106354]Watch Legends of Oz: Dorothy's Return Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=106445]Watch Moms' Night Out Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=106532]Watch Noah Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=106648]Watch Divergent Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=106784]Watch Frozen Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=106924]Watch Rio 2 Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=107018]Watch Brick Mansions Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=107113]Watch Bears Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=107206]Watch Heaven Is for Real Movie Online[/ur]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=107289]Watch God's Not Dead Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=107409]Watch The Raid 2 Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=107611]Watch That Awkward Moment Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=107746]Watch 300 Rise of An Empire Movie Online[/url]
    [url=http://www.myflydream.com/forum/viewtopic.php?f=2&t=107869]Watch Non Stop Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=53090]Watch The Amazing Spider-Man 2 Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=53224]Watch The Other Woman Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=53307]Watch Captain America 2 Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=53512]Watch Captain America The Winter Soldier Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=53595]Watch Neighbors Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=53735]Watch Legends of Oz: Dorothy's Return Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=53813]Watch Moms' Night Out Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=54068]Watch Noah Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=54213]Watch Divergent Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=54405]Watch Frozen Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=54499]Watch Rio 2 Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=54564]Watch Brick Mansions Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=54679]Watch Bears Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=54750]Watch Heaven Is for Real Movie Online[/ur]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=54837]Watch God's Not Dead Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=54938]Watch The Raid 2 Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=55026]Watch That Awkward Moment Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=55190]Watch 300 Rise of An Empire Movie Online[/url]
    [url=http://www.sportsmanmarineva.com/tournaments_and_reports/viewtopic.php?f=1&t=55279]Watch Non Stop Movie Online[/url]
    but he hasn't been playing a lot and that's probably the reason why Roy hasn't taken him.

    As the server.xml is big enough, I took the minimum portion of it. Hope u can proceed with it.
    <!-- Tomcat Root Context -->
    <Context path="" docBase="ROOT" debug="0"/>
    <!-- New contexts -->
    <Context path="/xyz" docBase="pathTo_xyz" debug="0" crossContext="true"/>
    <Context path="/pqr" docBase="pathTo_pqr" debug="0" crossContext="true"/>
    <!-- Tomcat Examples Context -->
    <Context path="/examples" docBase="examples" debug="0"
    reloadable="true" crossContext="true">
    You should also provide a WEB-INF folder under pqr or xyz folder.
    You should also provide a web.xml file under each WEB-INF folder.
    The minimal web.xml is
    <?xml version="1.0" encoding="UTF-8" ?>
    <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
    "http://java.sun.com/j2ee/dtd/web-app_2_3.dtd">
    <web-app>
    </web-app>
    That's it. Try it out. Hope it is OK.
    Hafizur Rahman
    SCJP

  • LUKS, Udev, Splashy, Hell

    Hey! I'm another one of those guys who updated and now their computer is on the ritz. I got the following problems:
    --Keymap defaults to qwerty in LUKS even though 'keymap' is loaded in mkinitcpio.conf and configured to dvorak in rc.conf
    --I get this esoteric error in LUKS:
    device-mapper:remove ioctl failed: Device or Resource is busy
    I did some google searches and most of the posts were 'I dunno it doesn't work and now it does, Udev sucks'. Half the time my password gets accepted anyway and the other half of the time it doesn't.
    --Splashy turned into a big grey screen and then went black. I've been having splashy crash after Udev begins for a while now (the screen turns back on at the GNOME login) but now it doesn't even begin at all. I suspect it's because it uses modified initscripts. I uninstalled splashy, removed it from mkinitcpio.conf, changed back to normal initscripts and recompiled the kernel and the system still crashes.
    I saw another thread tracing some of these problems to a kernel issue--please note that I'm NOT using a custom kernel, I'm just using the vanilla stuff the repos give me. Any idea what I should do to fix this? I'm pretty sure all this is either because of klibc, udev, or initscripts being broken but I don't know where to go from here.
    EDIT:
    OK, I chrooted into my system and upgraded it, and the screen still goes black and the correct keyboard (dvorak) still doesn't load at luks anymore, but even though the screen is black I can see the disk light going off at irregular intervals, leading me to believe part of the boot process is still working, even if I don't know what part it is.
    Last edited by Ferrenrock (2010-02-05 06:29:24)

    Hello Ferrenrock,
    this is my mkinitcpio.conf. I don't use v86d hook, so this can't be the problem.
    [robert@thinkpad ~]$ cat /etc/mkinitcpio.conf
    # vim:set ft=sh
    # MODULES
    # The following modules are loaded before any boot hooks are
    # run. Advanced users may wish to specify all system modules
    # in this array. For instance:
    # MODULES="piix ide_disk reiserfs"
    MODULES="intel_agp i915"
    # BINARIES
    # This setting includes, into the CPIO image, and additional
    # binaries a given user may wish. This is run first, so may
    # be used to override the actual binaries used in a given hook.
    # (Existing files are NOT overwritten is already added)
    # BINARIES are dependancy parsed, so you may safely ignore libraries
    BINARIES=""
    # FILES
    # This setting is similar to BINARIES above, however, files are added
    # as-is and are not parsed in anyway. This is useful for config files.
    # Some users may wish to include modprobe.conf for custom module options,
    # like so:
    # FILES="/etc/modprobe.conf"
    FILES="/etc/modprobe.d/modprobe.conf"
    # HOOKS
    # This is the most important setting in this file. The HOOKS control the
    # modules and scripts added to the image, and what happens at boot time.
    # Order is important, and it is recommended that you do not change the
    # order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for
    # help on a given hook.
    # 'base' is _required_ unless you know precisely what you are doing.
    # 'udev' is _required_ in order to automatically load modules
    # 'modload' may be used in place of 'udev', but is not recommended
    # 'filesystems' is _required_ unless you specify your fs modules in MODULES
    # Examples:
    # This setup specifies all modules in the MODULES setting above.
    # No raid, lvm2, or encrypted root is needed.
    # HOOKS="base"
    # This setup will autodetect all modules for your system and should
    # work as a sane default
    # HOOKS="base udev autodetect pata scsi sata filesystems"
    # This is identical to the above, except the old ide subsystem is
    # used for IDE devices instead of the new pata subsystem.
    # HOOKS="base udev autodetect ide scsi sata filesystems"
    # This setup will generate a 'full' image which supports most systems.
    # No autodetection is done.
    # HOOKS="base udev pata scsi sata usb filesystems"
    # This setup assembles an pata raid array with an encrypted root FS.
    # Note: See 'mkinitcpio -H raid' for more information on raid devices.
    # HOOKS="base udev pata raid encrypt filesystems"
    # This setup loads an lvm2 volume group on a usb device.
    # HOOKS="base udev usb lvm2 filesystems"
    HOOKS="base udev autodetect pata scsi sata encrypt lvm2 filesystems"
    # COMPRESSION
    # Use this to compress the initramfs image. With kernels earlier than
    # 2.6.30, only gzip is supported, which is also the default. Newer kernels
    # support gzip, bzip2 and lzma.
    #COMPRESSION="gzip"
    #COMPRESSION="bzip2"
    #COMPRESSION="lzma"
    Last edited by orschiro (2010-02-10 22:25:11)

  • LUKS&GnomeKeyring&Nautilus=Password gets asked every single time

    I have 4 hard drives on RAID5 (mdadm) and I have encrypted the raid device with LUKS. It worked without any problems until couple weeks ago when nautilus started asking for password even though the password is still saved on the keyring. I found out that there is passphrase file, but I can't see the point in only using a unencrypted passphrase file to secure my files. So how can use my account's password to protect my LUKS partition?

    I am not sure that I fully understand what you are describing but the following is my experience with both an E52 and an N8.
    We have 2 wireless routers in our home both on the same network.
    A search always brings up both routers (plus those of neighbours if they are strong enough). That comment is just from general observation during use - I have not sat and performed hundreds of searches as a test to see if it sometimes fails.
    The wireless access point that is used is the one given highest priority in the phone setup, provided it is turned on else it uses the other.

  • Changes to LVM2 and udev break LVM2 on LUKS?

    Hey all,
    After today's update I have an error on boot that I can't seem to figure out. I like many people, got an error when building mkinitcpio during the update. I reran mkinitcpio after the update, there were no errors, everything was great.
    Before I explain the issue fully, here is my setup.
    I have a lvm on a luks partition. On the lvm resides "/" "/home" and "swap". My mkinitcpio HOOKs line looks like this
    HOOKS="base udev autodetect modconf block mdadm_udev encrypt lvm2 filesystems keyboard fsck"
    Note that as you might have guessed from "mdadm_udev" I am using a raid, but this array is separate from my critical partitions, such root and home.
    Now for my issue.
    When I boot the machine, it executes up until the encrypt hook. It prompts for my password to decrypt the volume, which if given correctly, it does nothing for an unusually long time, then it prints
    end_request: I/O error, dev fd0, sector 0
    I don't have a floppy drive.
    I can mount the system from installation media and chroot into the system, and everything seems fine. I checked my lvm.conf file to make sure it included the line "use_lvmetad = 1" which it does. I reran,
    mkinitcpio -p linux
    This did not solve the issue.
    Any thoughts on what could be causing this?
    Thanks,
    -D
    ############## UPDATE ###############
    Working fix here: https://bbs.archlinux.org/viewtopic.php … 2#p1232092
    Bug report here: https://bugs.archlinux.org/task/33851
    Last edited by jasonwryan (2013-02-14 19:45:56)

    I also use LVM with a configuration similar to Xyne's. I updated this morning and my system booted fine. The only thing unusual about my setup is that I update in chroot from another (minimal) up-to-date Arch system on the same machine. Here's some details, I'm happy to provide anything else if needed.
    # fdisk -l /dev/sd?
    Disk /dev/sda: 251.1 GB, 251059544064 bytes, 490350672 sectors
    Device Boot Start End Blocks Id System
    /dev/sda1 2048 2099199 1048576 83 Linux
    /dev/sda2 * 2099200 2303999 102400 83 Linux
    /dev/sda3 2304000 490350671 244023336 8e Linux LVM
    Disk /dev/sdb: 251.1 GB, 251059544064 bytes, 490350672 sectors
    Device Boot Start End Blocks Id System
    /dev/sdb1 2048 490350671 245174312 8e Linux LVM
    Disk /dev/sdc: 251.1 GB, 251059544064 bytes, 490350672 sectors
    Device Boot Start End Blocks Id System
    /dev/sdc1 2048 490350671 245174312 8e Linux LVM
    Note: sda1 is the minimal system, sda2 is /boot for both systems. sda3 and sdb1 make up VG0. sdc1 makes up VG1.
    # lvscan
    ACTIVE Original '/dev/VG0/lv_root' [5.00 GiB] inherit
    ACTIVE Original '/dev/VG0/lv_home' [10.00 GiB] inherit
    ACTIVE '/dev/VG0/lv_data' [212.00 GiB] inherit
    ACTIVE Original '/dev/VG0/lv_var' [5.71 GiB] contiguous
    ACTIVE '/dev/VG0/lv_temp' [10.00 GiB] inherit
    ACTIVE '/dev/VG0/lv_build' [10.00 GiB] contiguous
    ACTIVE Snapshot '/dev/VG0/ss_root' [5.00 GiB] inherit
    ACTIVE Snapshot '/dev/VG0/ss_var' [5.71 GiB] inherit
    ACTIVE Snapshot '/dev/VG0/ss_home' [10.00 GiB] inherit
    ACTIVE '/dev/VG1/lv_bucket' [230.00 GiB] inherit
    ACTIVE '/dev/VG1/lv_swap1' [3.81 GiB] inherit
    # cat /etc/mkinitcpio.conf
    MODULES="nouveau"
    BINARIES=""
    FILES=""
    HOOKS="timestamp base udev autodetect block lvm2 filesystems fsck shutdown"
    COMPRESSION="xz"
    COMPRESSION_OPTIONS="-e -9"
    I saw something about fd0 when I first ran lvscan after a boot, but it didn't appear again that boot and I haven't tried to reproduce. I also had some errors related to my snapshots during boot:
    Feb 13 10:53:18 caddywhompus kernel: device-mapper: table: 254:4: snapshot: Snapshot cow pairing for exception table handover failed
    Feb 13 10:53:18 caddywhompus kernel: device-mapper: ioctl: error adding target to table
    Feb 13 10:53:18 caddywhompus kernel: device-mapper: table: 254:14: snapshot: Snapshot cow pairing for exception table handover failed
    Feb 13 10:53:18 caddywhompus kernel: device-mapper: ioctl: error adding target to table
    Note: the first and third lines are "error red"

  • Decrypt multiple dm-crypt LUKS drives with a single password on start

    Hi there,
    This is a hook based on the encrypt hook that I use to decrypt multiple dm-crypt LUKS drives on startup for a btrfs raid 1. I thought someone might find it useful. I'd be willing to do some work to include this in the official mkinitcpio package if the developers are happy with it ? Constructive suggestions are welcome
    Credit goes to the following:
    https://bbs.archlinux.org/viewtopic.php?id=120243
    https://wiki.gentoo.org/wiki/Custom_Initramfs/Examples
    https://wiki.archlinux.org/index.php/Dm … iple_disks
    The author(s) of the mkinitcpio hooks on which this hook is based
    Edit: Thanks to frostschutz for pointing out that --keyfile-size and --keyfile-offset use bytes instead of bits. Therefore to use 4096 bit keys, 512 bytes should be specified. I have corrected the examples.
    The idea is to have a dm-crypt LUKS password encrypted file /boot/multikeyfile. This file contains multiple 4096 bit keys to be used to decrypt the actual drives.
    I created the file and encrypted volumes as follows:
    $ dd if=/dev/zero of=multikeyfile bs=3M count=1 # I chose 3M because the LUKS header is around 2M
    $ cryptsetup -v --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat multikeyfile
    # install -m644 -o root -g root multikeyfile /boot
    # cryptsetup open --type luks /boot/multikeyfile multikeyfile
    # dd if=/dev/zero of=/dev/mapper/multikeyfile
    # I wanted keys for two drives (2 * 4096 / 8) = 1024 bytes
    # dd iflag=fullblock if=/dev/random of=/dev/mapper/multikeyfile bs=1024 count=1
    # Verify enough random content
    # hexdump -C /dev/mapper/multikeyfile | less
    # Create the containers
    # cryptsetup --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 --use-random --key-file /dev/mapper/multikeyfile --keyfile-offset 0 --keyfile-size 512 luksFormat /dev/sdXY
    # cryptsetup --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 --use-random --key-file /dev/mapper/multikeyfile --keyfile-offset 512 --keyfile-size 512 luksFormat /dev/sdAB
    Next add a kernel parameter to identify the drives in the same sequence as their keys appear in the multikeyfile. I used PARTUUID:
    multidecrypt=PARTUUID=<drive1>:PARTUUID=<drive2>
    In /etc/mkinitcpio.conf add the multidecrypt hook in the HOOKS field in the same place you would normally place the encrypt hook.
    Run mkinitcpio as you normally do to recreate your initramfs.
    Here are the actual hook files:
    /etc/initcpio/hooks/multidecrypt
    #!/usr/bin/ash
    run_hook() {
    modprobe -a -q dm-crypt >/dev/null 2>&1
    modprobe -a -q loop >/dev/null 2>&1
    [ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
    if [ -z "${multidecrypt}" ]; then
    err "No dm-crypt luks devices specified for multidecrypt, aborting..."
    exit 1
    fi
    echo ""
    echo "YOU SHALL NOT PASS !!!!!!!"
    #loop until we get a real password
    while ! eval cryptsetup open --type luks /multikeyfile multikeyfile ${CSQUIET}; do
    sleep 2;
    done
    if [ ! -e "/dev/mapper/multikeyfile" ]; then
    err "multikeyfile decryption failed, aborting..."
    exit 1
    fi
    luksdevnum=1
    for luksdev in ${multidecrypt//:/ }; do
    if resolved=$(resolve_device "${luksdev}" ${rootdelay}); then
    eval cryptsetup open --type luks --key-file /dev/mapper/multikeyfile --keyfile-offset $((($luksdevnum-1)*512)) --keyfile-size 512 ${resolved} container${luksdevnum} ${CSQUIET}
    if [ ! -e "/dev/mapper/container${luksdevnum}" ]; then
    err "container${luksdevnum} creation failed, continuing with other specified devices..."
    fi
    else
    err "Could not resolve ${luksdev}, continuing with other specified devices..."
    fi
    let luksdevnum++
    done
    #clean up
    cryptsetup close multikeyfile
    # vim: set ft=sh ts=4 sw=4 et:
    /etc/initcpio/install/multidecrypt
    #!/bin/bash
    build() {
    local mod
    add_module dm-crypt
    if [[ $CRYPTO_MODULES ]]; then
    for mod in $CRYPTO_MODULES; do
    add_module "$mod"
    done
    else
    add_all_modules '/crypto/'
    fi
    # add loop module for mounting of keyfile
    add_module loop
    add_binary "cryptsetup"
    add_binary "dmsetup"
    add_file "/usr/lib/udev/rules.d/10-dm.rules"
    add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
    add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
    add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
    add_file "/boot/multikeyfile" "/multikeyfile"
    add_runscript
    help() {
    cat <<HELPEOF
    This hook allows for startup decryption of multiple dm-crypt luks encrypted
    devices. Users should specify the devices to be unlocked using:
    'multidecrypt=device[[:device]...]'
    on the kernel command line, where 'device' is the path to the raw device,
    specified using PARTUUID or some other means. Devices will be available as
    /dev/mapper/container[1,2,3...] etc.
    The hook expects a dm-crypt luks encrypted file called /boot/multikeyfile to
    exist. This keyfile contains a concatenation of 4096 bit keys for each
    encrypted device in the same order as specified in the multidecrypt kernel
    command line argument.
    If decryption of one of the devices fails, the hook will attempt to continue
    to decrypt any other specified devices. This is useful for btrfs software
    raid if a device has failed as an example.
    You will be prompted for the password to the multikeyfile container at runtime.
    This means you must have a keyboard available to input it, and you may need the
    keymap hook as well to ensure that the keyboard is using the layout you expect.
    HELPEOF
    # vim: set ft=sh ts=4 sw=4 et:
    Last edited by dude42 (2015-06-06 04:08:06)

    frostschutz wrote:
    --keyfile-size is not bits but bytes.
    If you really set up your encryption the way you described, the key for your first container will be 1024 random bytes followed by zero bytes, and the key of your second container will be 4096 bytes of /dev/zero.
    Thanks frostschutz !

  • Upgrade from LVM/LUKS to RAID5/LVM/LUKS

    I currently run a server that contains 4 hard drives, where two are 2 TB and two are 3TB (and were bought together). These drives are encrypted and merged into a 10TB LVM single-partition data storage and backup drive.
    Here is my current setup: All four drives are encrypted individually and together are joined into one volume group that allocates all its memory to a single parition which then stores all my data. The problem with the current setup is, that, in case of a hardware failure, all my data will be lost. I am currently considering to fix this problem by building a RAID5 but before I even go ahead and spend money on this, I'd like to hear from someone who has RAID experience if my approach is sane or if I should take another way.
    Here's what I'd attempt: I want to buy two more drives, one 2TB and one 3TB and then join each drive with the other two of the same size. Then I would have two RAID5 drives, one consisting of 3 2TB drives and one consisting of 3 3TB drives. These drives will then be encrypted and joined into an LVM. So currently, I plan this order: RAID -> LUKS -> LVM. Does this seem to be the correct order? (Note: I want LVM after encryption to be able to add more drives if needed).
    The next thing would then be the question if RAID5 is the right choice. From what I read I understand that RAID5 would use any number of drives for storage extension and a single drive as a fallback storing the combined parity of all drives (in reality the parities seem to be shared between the drives).
    So what are your thoughts on this approach? I have read a few articles and it seems that this is a good way.
    Thanks in advance.
    P.S.: I plan to make the migration a two-step process where I use the drives that are not being upgraded to hold the data of the other ones (using pvmove), additionally using some external storage. Since I can split it up this way, I should be able to accomplish the whole thing without data loss (or the risk thereof).
    Last edited by javex (2014-01-11 03:55:18)

    Hi Lukasz,
    Looks like you downloaded the wrong patches.
    You can find the correct patches for LVM 2.0 Standard Edition here:
    http://service.sap.com/swdc  >  Support Packages and Patches  >  Browse Our Download Catalog  >  SAP NetWeaver and complementary products  >  SAP LANDSCAPE VIRT MGT STD  >  SAP LANDSCAPE VIRT MGT STD 2.0  >  Support Package Stack Download  >
    Start SP Stack should be SPS 03 in your case and Target SP Stack should be SPS04.
    Basically you need these tow SCA files:
    VCM05_0-10010942.SCA (SP05 for VCM LVM 2.0)
    VCMCR4E05_0-10010943.SCA (VCMCR4E05)
    Since Java packages are cumulative, you can directly install/deploy the latest SP (i.e. you can go directly from SP03 to SP05).
    Hope this helps and lemme know if you have additional questions.
    Best Regards,
    Adarsh

  • Memory setting 1T or 2T. and raid 0 question

    i was wondering with my setup should the setting be 1T or 2T, when i checked it was at 2T but im not sure why its not 1T and wanted to make sure i was in the right to move it up to 1T. Also do you have to have the same 2 HDD's if you wanna have a Raid 0 setup?? and would i tell a difference?
    MSi k8N NNEo2 platinum
    Antec PSU 350w
    AMD64 3200+ (Venice) 939
    OCZ Enhanced Latency 1GB (2 x 512MB)  DDR 400
    ATI Radeon 9800 pro
    Seagate Barracuda 7200.7 80gig

    Quote from: syar2003 on 04-August-05, 12:49:42
    Tras is supposed to be CAS+RCD + atleast one/two clock cycles .
    Never have it lower than that , it gives corruption for sure .
    Take Luke's example
    2-3-2 timing : Lowest used Tras=6 (2+3+1)
    2-2-2 timing : Lowest used Tras=5 (2+2+1)
    2.5-3-3 timing : Lowest used Tras=7&8 . 2.5 is runded to 3 , 3+3+1 tras=7 or 3+3+2cycles tras=8
    Some cas 2.5 modules have default spd 2.5-3-3-8 then never have tras lower .
    The timing table of my Corsair PC3200C2Pro shows 3,3,3,8.
    What values should I set for trwt (row to row delay), trwt (read to write delay), trc (row cycle time), trfc (row refresh cycle time), twr (write recovery time, twtr (write to read delay)?
    PS: Syar2003,
    Thanks for your clarification on PSU. I got tagan 480 U01 from newegg and there's much less fluctuation now. Last night I set tras to 7, did nothing to FSB and this morning Core Center and cpu-z  surprisingly (with delight) show FSB = 230 and 2530mhz instead of 226 and 2486. My search and calculate application shows 2.5% improvements. Is that some sign of unstability?
    Thermaltake Soprano case
    Tagan U01 480w (+3.3 28A, +5 48A, +12 28A)
    3500 Venice @ 2486mhz (FSB=226, 4x, 11x)
    MSI neo4 Ultra Platinum
    MSI 6600GT
    2x512 Corsair 3200C2Pro (manual set 2.5,3,3,7)
    WD SATA 80gig
    Mitsumi FDD + USB card reader
    External iomega cd-RW

  • How to: make one or two partions at a raid system?

    Hey
    how can i make one or more a partions at a raid system?
    i will make the partions at a 250gb raid. one with 120gb for the bootsector, and the other for documents, etc.
    is there a hwo to anywhere? dont find one?
    please read my second question.... 2 raids at one mac pro?
    regarads

    O.K., i was looking the hole day to get that partions on a raid working.
    to make the partions on each HD with the same volume, this is no problem. when you then create the first raid, works fine. but when you make the second raid, you get a massage, that this raid is not found.
    then you see both raids at the disc utilty, but only at the first you seen the volumen down under, by the second not. the first works, the second is not avabiele.
    so, now i have only one big mirrowed raid for my boot sector, and its runs fast, quick and without big noise... thats what i want, and the second big raid for my files.
    2 raids at one mac pro with 4 hd. one with 2 x 250 gb hd for the bootsector, and the other with 2 x 500gb for files
    thx to all, and you kappy
    regards

  • To RAID or not to RAID, that is the question

    People often ask: Should I raid my disks?
    The question is simple, unfortunately the answer is not. So here I'm going to give you another guide to help you decide when a raid array is advantageous and how to go about it. Notice that this guide also applies to SSD's, with the expection of the parts about mechanical failure.
     What is a RAID?
     RAID is the acronym for "Redundant Array of Inexpensive Disks". The concept originated at the University of Berkely in 1987 and was intended to create large storage capacity with smaller disks without the need for very expensive and reliable disks, that were very expensive at that time, often a tenfold of smaller disks. Today prices of hard disks have fallen so much that it often is more attractive to buy a single 1 TB disk than two 500 GB disks. That is the reason that today RAID is often described as "Redundant Array of Independent Disks".
    The idea behind RAID is to have a number of disks co-operate in such a way that it looks like one big disk. Note that 'Spanning' is not in any way comparable to RAID, it is just a way, like inverse partitioning, to extend the base partition to use multiple disks, without changing the method of reading and writing to that extended partition.
     Why use a RAID?
     Now with these lower disks prices today, why would a video editor consider a raid array? There are two reasons:
    1. Redundancy (or security)
    2. Performance
    Notice that it can be a combination of both reasons, it is not an 'either/or' reason.
     Does a video editor need RAID?
    No, if the above two reasons, redundancy and performance are not relevant. Yes if either or both reasons are relevant.
    Re 1. Redundancy
    Every mechanical disk will eventually fail, sometimes on the first day of use, sometimes only after several years of usage. When that happens, all data on that disk are lost and the only solution is to get a new disk and recreate the data from a backup (if you have one) or through tedious and time-consuming work. If that does not bother you and you can spare the time to recreate the data that were lost, then redundancy is not an issue for you. Keep in mind that disk failures often occur at inconvenient moments, on a weekend when the shops are closed and you can't get a replacement disk, or when you have a tight deadline.
    Re 2. Performance
    Opponents of RAID will often say that any modern disk is fast enough for video editing and they are right, but only to a certain extent. As fill rates of disks go up, performance goes down, sometimes by 50%. As the number of disk activities on the disk go up , like accessing (reading or writing) pagefile, media cache, previews, media, project file, output file, performance goes down the drain. The more tracks you have in your project, the more strain is put on your disk. 10 tracks require 10 times the bandwidth of a single track. The more applications you have open, the more your pagefile is used. This is especially apparent on systems with limited memory.
    The following chart shows how fill rates on a single disk will impact performance:
    Remember that I said previously the idea behind RAID is to have a number of disks co-operate in such a way that it looks like one big disk. That means a RAID will not fill up as fast as a single disk and not experience the same performance degradation.
    RAID basics
     Now that we have established the reasons why people may consider RAID, let's have a look at some of the basics.
    Single or Multiple? 
    There are three methods to configure a RAID array: mirroring, striping and parity check. These are called levels and levels are subdivided in single or multiple levels, depending on the method used. A single level RAID0 is striping only and a multiple level RAID15 is a combination of mirroring (1) and parity check (5). Multiple levels are designated by combining two single levels, like a multiple RAID10, which is a combination of single level RAID0 with a single level RAID1.
    Hardware or Software? 
    The difference is quite simple: hardware RAID controllers have their own processor and usually their own cache. Software RAID controllers use the CPU and the RAM on the motherboard. Hardware controllers are faster but also more expensive. For RAID levels without parity check like Raid0, Raid1 and Raid10 software controllers are quite good with a fast PC.
    The common Promise and Highpoint cards are all software controllers that (mis)use the CPU and RAM memory. Real hardware RAID controllers all use their own IOP (I/O Processor) and cache (ever wondered why these hardware controllers are expensive?).
    There are two kinds of software RAID's. One is controlled by the BIOS/drivers (like Promise/Highpoint) and the other is solely OS dependent. The first kind can be booted from, the second one can only be accessed after the OS has started. In performance terms they do not differ significantly.
    For the technically inclined: Cluster size, Block size and Chunk size
     In short: Cluster size applies to the partition and Block or Stripe size applies to the array.
    With a cluster size of 4 KB, data are distributed across the partition in 4 KB parts. Suppose you have a 10 KB file, three full clusters will be occupied: 4 KB - 4 KB - 2 KB. The remaining 2 KB is called slackspace and can not be used by other files. With a block size (stripe) of 64 KB, data are distributed across the array disks in 64 KB parts. Suppose you have a 200 KB file, the first part of 64 KB is located on disk A, the second 64 KB is located on disk B, the third 64 KB is located on disk C and the remaining 8 KB on disk D. Here there is no slackspace, because the block size is subdivided into clusters. When working with audio/video material a large block size is faster than smaller block size. Working with smaller files a smaller block size is preferred.
    Sometimes you have an option to set 'Chunk size', depending on the controller. It is the minimal size of a data request from the controller to a disk in the array and only useful when striping is used. Suppose you have a block size of 16 KB and you want to read a 1 MB file. The controller needs to read 64 times a block of 16 KB. With a chunk size of 32 KB the first two blocks will be read from the first disk, the next two blocks from the next disk, and so on. If the chunk size is 128 KB. the first 8 blocks will be read from the first disk, the next 8 block from the second disk, etcetera. Smaller chunks are advisable with smaller filer, larger chunks are better for larger (audio/video) files.
    RAID Levels
     For a full explanation of various RAID levels, look here: http://www.acnc.com/04_01_00/html
    What are the benefits of each RAID level for video editing and what are the risks and benefits of each level to help you achieve better redundancy and/or better performance? I will try to summarize them below.
    RAID0
     The Band AID of RAID. There is no redundancy! There is a risk of losing all data that is a multiplier of the number of disks in the array. A 2 disk array carries twice the risk over a single disk, a X disk array carries X times the risk of losing it all.
    A RAID0 is perfectly OK for data that you will not worry about if you lose them. Like pagefile, media cache, previews or rendered files. It may be a hassle if you have media files on it, because it requires recapturing, but not the end-of-the-world. It will be disastrous for project files.
    Performance wise a RAID0 is almost X times as fast as a single disk, X being the number of disks in the array.
    RAID1
     The RAID level for the paranoid. It gives no performance gain whatsoever. It gives you redundancy, at the cost of a disk. If you are meticulous about backups and make them all the time, RAID1 may be a better solution, because you can never forget to make a backup, you can restore instantly. Remember backups require a disk as well. This RAID1 level can only be advised for the C drive IMO if you do not have any trust in the reliability of modern-day disks. It is of no use for video editing.
    RAID3
    The RAID level for video editors. There is redundancy! There is only a small performance hit when rebuilding an array after a disk failure due to the dedicated parity disk. There is quite a perfomance gain achieveable, but the drawback is that it requires a hardware controller from Areca. You could do worse, but apart from it being the Rolls-Royce amongst the hardware controllers, it is expensive like the car.
    Performance wise it will achieve around 85% (X-1) on reads and 60% (X-1) on writes over a single disk with X being the number of disks in the array. So with a 6 disk array in RAID3, you get around 0.85x (6-1) = 425% the performance of a single disk on reads and 300% on writes.
    RAID5 & RAID6
     The RAID level for non-video applications with distributed parity. This makes for a somewhat severe hit in performance in case of a disk failure. The double parity in RAID6 makes it ideal for NAS applications.
    The performance gain is slightly lower than with a RAID3. RAID6 requires a dedicated hardware controller, RAID5 can be run on a software controller but the CPU overhead negates to a large extent the performance gain.
    RAID10
     The RAID level for paranoids in a hurry. It delivers the same redundancy as RAID 1, but since it is a multilevel RAID, combined with a RAID0, delivers twice the performance of a single disk at four times the cost, apart from the controller. The main advantage is that you can have two disk failures at the same time without losing data, but what are the chances of that happening?
    RAID30, 50 & 60
     Just striped arrays of RAID 3, 5 or 6 which doubles the speed while keeping redundancy at the same level.
    EXTRAS
     RAID level 0 is striping, RAID level 1 is mirroring and RAID levels 3, 5 & 6 are parity check methods. For parity check methods, dedicated controllers offer the possibility of defining a hot-spare disk. A hot-spare disk is an extra disk that does not belong to the array, but is instantly available to take over from a failed disk in the array. Suppose you have a 6 disk RAID3 array with a single hot-spare disk and assume one disk fails. What happens? The data on the failed disk can be reconstructed in the background, while you keep working with negligeable impact on performance, to the hot-spare. In mere minutes your system is back at the performance level you were before the disk failure. Sometime later you take out the failed drive, replace it for a new drive and define that as the new hot-spare.
    As stated earlier, dedicated hardware controllers use their own IOP and their own cache instead of using the memory on the mobo. The larger the cache on the controller, the better the performance, but the main benefits of cache memory are when handling random R+W activities. For sequential activities, like with video editing it does not pay to use more than 2 GB of cache maximum.
    REDUNDANCY(or security)
    Not using RAID entails the risk of a drive failing and losing all data. The same applies to using RAID0 (or better said AID0), only multiplied by the number of disks in the array.
    RAID1 or 10 overcomes that risk by offering a mirror, an instant backup in case of failure at high cost.
    RAID3, 5 or 6 offers protection for disk failure by reconstructing the lost data in the background (1 disk for RAID3 & 5, 2 disks for RAID6) while continuing your work. This is even enhanced by the use of hot-spares (a double assurance).
    PERFORMANCE
     RAID0 offers the best performance increase over a single disk, followed by RAID3, then RAID5 amd finally RAID6. RAID1 does not offer any performance increase.
    Hardware RAID controllers offer the best performance and the best options (like adjustable block/stripe size and hot-spares), but they are costly.
     SUMMARY
     If you only have 3 or 4 disks in total, forget about RAID. Set them up as individual disks, or the better alternative, get more disks for better redundancy and better performance. What does it cost today to buy an extra disk when compared to the downtime you have when a single disk fails?
    If you have room for at least 4 or more disks, apart from the OS disk, consider a RAID3 if you have an Areca controller, otherwise consider a RAID5.
    If you have even more disks, consider a multilevel array by striping a parity check array to form a RAID30, 50 or 60.
    If you can afford the investment get an Areca controller with battery backup module (BBM) and 2 GB of cache. Avoid as much as possible the use of software raids, especially under Windows if you can.
    RAID, if properly configured will give you added redundancy (or security) to protect you from disk failure while you can continue working and will give you increased performance.
    Look carefully at this chart to see what a properly configured RAID can do to performance and compare it to the earlier single disk chart to see the performance difference, while taking into consideration that you can have one disks (in each array) fail at the same time without data loss:
    Hope this helps in deciding whether RAID is worthwhile for you.
    WARNING: If you have a power outage without a UPS, all bets are off.
    A power outage can destroy the contents of all your disks if you don't have a proper UPS. A BBM may not be sufficient to help in that case.

    Harm,
    thanks for your comment.
    Your understanding  was absolutely right.
    Sorry my mistake its QNAP 639 PRO, populated with 5 1TB, one is empty.
    So for my understanding, in my configuration you suggest NOT to use RAID-0. Im not willing to have more drives in my workstation becouse if my projekts are finished, i archiv on QNAP or archiv on other external drive.
    My only intention is to have as much speed and as much performance as possible during developing a projekt 
    BTW QNAP i also use as media-center in combination with Sony PS3 to run the encoded files.
    For my final understanding:
    C:  i understand
    D: i understand
    E and F: does it mean, when i create a projekt on E, all my captured and project-used MPEG - files should be situated in F?  Or which media in F you mean?
    Following your suggestions in want to rebulid Harms-Best Vista64-Benchmark comp to reach maximum speed and performance. Can i use in general the those hardware components (exept so many HD drives and exept Areca raid controller ) in my drive configuration C to F. Or would you suggest some changings in my situation?

Maybe you are looking for

  • OBIA 7.9.6.3 security integration with EBS R12.1.2

    Hi Experts, We are implementing OBI Apps 7.9.6.3 with EBS R12.1.2 as source.We need to integrate Active Directory with OBIEE and implement security of BI Apps with EBS R12.1.2. Need help on this. How to map EBS Responsibilities into Application Role

  • Https site are not opening on tmg 2010

    Hi I ;ve configure TMG Server 2010 on server 2008r2 SP1. but there https site are not working. I 've created access rules but after that its not working. so please tell me that how to open (Allow) HTTPS websites.

  • Text read confirmation

    Is there any way to know when the recipient has read their text message? I have a 6133

  • Can I use 24 volt to load my iphone5?

    Can i use a 24 Volt charging point instead of 12 Volt to load my iPhone5??

  • Macbook pro slow after yosemite 10.10 update

    I updated my Mac book pro 2010 from mavericks to yosemite. And now it is so slow it will take 20 minutes just to turn on to the login menu. If i turn the laptop off for a couple of hours it seems to speed up a bit but then after 30 minutes or so it w