[Pacemaker] Pacemaker and LUKS partition

Georges-Etienne Legendre legege at legege.com
Wed Nov 10 23:40:32 UTC 2010


Turns out eCryptFS is not very good when failover is done. We get this
strange error in syslog:

---
mount.ecryptfs: Error attempting to link the user session keyring into
the session keyring
lrmd: [2772]: info: RA output: (fs-ecryptfs:start:stdout) Unable to
link the KEY_SPEC_USER_KEYRING into the KEY_SPEC_SESSION_KEYRING; there
is something wrong with your kernel keyring. Did you build key retention
support into your kernel?
----

So, back to LUKS. We decided to write our own RA for opening LUKS
before mounting the filesystem and closing it after unmounting it. It
works fine!

-- 
Georges-Etienne

On Fri, 05 Nov 2010 15:59:11 -0400, Georges-Etienne Legendre
<legege at legege.com> wrote:
> For your information, I ended up using eCryptFS, which can be mounted
> like any other partition. The ocf:heartbeat:Filesystem can thus be used
> directly.
> 
> Thanks,
> -- 
> Georges-Etienne
> 





More information about the Pacemaker mailing list