I don't need /var/swap (turned into cryptswap discussion)

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
Post Reply
goetzkluge
Level 3
Level 3
Posts: 104
Joined: Thu Nov 15, 2007 9:41 am
Location: Germany
Contact:

I don't need /var/swap (turned into cryptswap discussion)

Post by goetzkluge » Sat Jul 25, 2015 7:29 pm

I use an encrypted home directory. I know the reason for having cryptswap too, but I don't need this nevertheless. So I have a 0 bytes /etc/crypttab, reformatted the swap-partition as regular swap-partition and also reactivated the line on swap (with proper UUID) in /etc/fstab.

No I get:

Code: Select all

$ swapon -s
Filename				Type		Size	Used	Priority
/dev/sda4                               partition	4006908	0	-1
/var/swap                               file		2097148	0	-2
I would like to have a real swap partition only, no /var/swap. (I know the risks.) How can I avoid that /var/swap is initiated?
Last edited by goetzkluge on Sat Aug 08, 2015 6:47 am, edited 3 times in total.

Laurent85
Level 16
Level 16
Posts: 6148
Joined: Tue May 26, 2015 10:11 am

Re: I don't need /var/swap

Post by Laurent85 » Sat Jul 25, 2015 7:40 pm

Should be in /etc/fstab
Can you post back command result

Code: Select all

cat /etc/fstab | grep swap
Image

goetzkluge
Level 3
Level 3
Posts: 104
Joined: Thu Nov 15, 2007 9:41 am
Location: Germany
Contact:

Re: I don't need /var/swap

Post by goetzkluge » Mon Jul 27, 2015 3:59 pm

Merci, Laurent,

I looked into /etc/fstab already earlier. It ends with:

Code: Select all

# a swapfile is not a swap partition, no line here
#   use  dphys-swapfile swap[on|off]  for that
So I have to dig into dphys-swapfile.

Interestingly, no swap file is created if I install Mint without encrypted home directory. My guess is that for installations *with* encrypted directory, a second swap is created and used for root operations and for users without encrypted directory. For systems with small RAM my idea to remove that 2GiB swap file may even be not such a good idea.

I could try all that out, but perhaps someone here knows the answer already.

By the way. As for my next install, I will not reset the computer right away after installing Mint. Rather, I will enter

Code: Select all

cryptswap1 /dev/sdXN /dev/urandom swap,offset=8,cipher=aes-cbc-essiv:sha256
as a single line into /etc/crypttab of the newly installed Mint (of course not in the running Mint installer), where sdXN is swap partition of that installation, usually sdaN (I'll be be cautious).
Perhaps already that would fix the swap trouble (inherited from Ubuntu) for installations with encrypted directory. If offset=8 (probably offset=6 would be sufficient already) is omitted, the swap partition will be messed up after restarting the new installation. But, as said, I didn't try it out yet.

Laurent85
Level 16
Level 16
Posts: 6148
Joined: Tue May 26, 2015 10:11 am

Re: I don't need /var/swap

Post by Laurent85 » Mon Jul 27, 2015 4:16 pm

So I have to dig into dphys-swapfile.
I see. Just remove package dphys-swapfile from your system

Code: Select all

sudo apt purge dphys-swapfile
cryptswap1 /dev/sdXN /dev/urandom swap,offset=8,cipher=aes-cbc-essiv:sha256
This line should suffice

Code: Select all

cryptswap1 /dev/sdXN /dev/urandom swap,cipher=aes-cbc-essiv:sha256,noearly
Hope this helps :wink:
Image

goetzkluge
Level 3
Level 3
Posts: 104
Joined: Thu Nov 15, 2007 9:41 am
Location: Germany
Contact:

Re: I don't need /var/swap

Post by goetzkluge » Mon Jul 27, 2015 4:24 pm

Merci again.

But the offset is necessary. Before I used it, the swap partition worked, but it wasn't reported to be a spap partition anymore by gparted.
The reasons for that are explained in https://bugs.launchpad.net/ubuntu/+sour ... ug/1310058
I'll try the noearly too.

Laurent85
Level 16
Level 16
Posts: 6148
Joined: Tue May 26, 2015 10:11 am

Re: [SOLVED] I don't need /var/swap

Post by Laurent85 » Mon Jul 27, 2015 4:34 pm

Not really necessary. The system does not need the offset option to work properly.
The reasons for that are explained in https://bugs.launchpad.net/ubuntu/+sour ... ug/1310058
I see, in fact the offset option is necessary when using uuid. If using /dev/sdXN device id you don't need offset option. Offset is used to avoid cryptsetup program overwriting uuid signature when setting up encrypted swap device.
Image

goetzkluge
Level 3
Level 3
Posts: 104
Joined: Thu Nov 15, 2007 9:41 am
Location: Germany
Contact:

Re: I don't need /var/swap

Post by goetzkluge » Sat Aug 08, 2015 6:45 am

I think that the offset is needed.

here is
http://www.linuxmint.com/rel_rebecca_mate.php ->
https://bugs.launchpad.net/ubuntu/+sour ... ug/1310058
altered by me (see remarks in sqare brackets)
After changing the the script
* /usr/bin/ecryptfs-setup-swap
* from old version with:

*****

Code: Select all

 # Add crypttab entry
 echo "cryptswap$i $swap /dev/urandom swap,cipher=aes-cbc-essiv:sha256" >> /etc/crypttab
*****

* into latest version with:

*****

Code: Select all

 # Add crypttab entry
 echo "cryptswap$i UUID=$uuid /dev/urandom swap,cipher=aes-cbc-essiv:sha256" >> /etc/crypttab
*****

the function is no more usable!
[Because without the offset below the UUID of the spap partition will be destroyed and not be found in crypttab]
See also https://bugs.launchpad.net/ubuntu/+sour ... bug/953875
https://bugs.launchpad.net/ubuntu/+sour ... ug/1310058

After some reboots [the 2nd reboot, because after the 1st one the UUID in the swap partition is gone] in a fresh installed Ubuntu as well other derivates, the command "swapon -s" shows no swap-device available either connected. Only a new, manually setup solves the problem by typing in a terminal (device may be i.e. /dev/sdb3. ):

[Don't do this:]

Code: Select all

sudo -s
umount /dev/sdb3
mkswap /dev/sdb3 # copy UUID shown into next cmdline
echo "RESUME=UUID=66ed5336-3ae1-4166-aad7-7c69086299a1" > /etc/initramfs-tools/conf.d/resume
sudo echo "cryptswap1 /dev/sdb3 /dev/urandom swap,cipher=aes-cbc-essiv:sha256" > /etc/crypttab
update-initramfs -u
exit
[This is better:

Code: Select all

sudo -s
umount /dev/sdLX #
mkswap /dev/sdLX # [UUID will be displayed. Replace UUID in next cmdline by UUID shown after mkswap.]
echo "RESUME=UUID=66ed5336-3ae1-4166-aad7-7c69086299a1" > /etc/initramfs-tools/conf.d/resume
sudo echo "cryptswap1 UUID=66ed5336-3ae1-4166-aad7-7c69086299a1 /dev/urandom swap,offset=8,noearly,cipher=aes-cbc-essiv:sha256" > /etc/crypttab
update-initramfs -u
exit
On portable disks with a Linux installation on them you want to use UUID.
Update 2015-08-09: I added "noearly"]

[If mkswap doesn't work because sdLX still is used by some process, I format it from another Linux.]

[Initial swap installation also seems to fail if swap partition is on extended partition. Workaround: "noearly" (see above) and/or "sudo swapoff -a" and then "sudo swapon -a" can help.]

[also check /etc/fstab]

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: ecryptfs-utils 104-0ubuntu1
ProcVersionSignature: Ubuntu 3.13.0-24.46-generic 3.13.9
Uname: Linux 3.13.0-24-generic x86_64
ApportVersion: 2.14.1-0ubuntu3
Architecture: amd64
Date: Sat Apr 19 20:37:12 2014
ProcEnviron:
LANGUAGE=de:en
TERM=xterm
PATH=(custom, no user)
LANG=de_DE.UTF-8
SHELL=/bin/bash
SourcePackage: ecryptfs-utils
UpgradeStatus: Upgraded to trusty on 2014-04-08 (11 days ago)
Best regards from Munich
Götz
Last edited by goetzkluge on Sun Aug 09, 2015 4:14 am, edited 2 times in total.

Laurent85
Level 16
Level 16
Posts: 6148
Joined: Tue May 26, 2015 10:11 am

Re: I don't need /var/swap (turned into cryptswap discussion

Post by Laurent85 » Sat Aug 08, 2015 7:11 am

goetzkluge wrote:I think that the offset is needed.
Hmm, did you missed the end of my post ?
Laurent85 wrote:I see, in fact the offset option is necessary when using uuid. If using /dev/sdXN device id you don't need offset option. Offset is used to avoid cryptsetup program overwriting uuid signature when setting up encrypted swap device.
The following crypttab setup works, no offset option needed since uuid is not used. Using uuid in crypttab is not mandatory, you can use /dev/sdXN device id as well :wink:
Laurent85 wrote:cryptswap1 /dev/sdXN /dev/urandom swap,cipher=aes-cbc-essiv:sha256,noearly
Image

goetzkluge
Level 3
Level 3
Posts: 104
Joined: Thu Nov 15, 2007 9:41 am
Location: Germany
Contact:

Re: I don't need /var/swap (turned into cryptswap discussion

Post by goetzkluge » Sat Aug 08, 2015 4:10 pm

Laurent85 wrote:
goetzkluge wrote:I think that the offset is needed.
Hmm, did you missed the end of my post ?
[...]
Not really ;-)

I prefer UUID usage as some of the installations I use generate different disk numbers when booting with flash drives connected to them. I have a PC where the swap sometimes is /dev/sdb3 and sometimes /dev/sdc3. But the UUID does not change.

And without the offset, the swap partition cannot be detected as a swap partition anymore. Unnecessarily messing up the partition just is not right even if it works in your case.

One thing is sure, the “offset=8″ protects the UUID and the file system indicator of the swap partition and does no harm. In worst case you waste a few kBytes at the beginning of your swap partition.

goetzkluge
Level 3
Level 3
Posts: 104
Joined: Thu Nov 15, 2007 9:41 am
Location: Germany
Contact:

Re: I don't need /var/swap (turned into cryptswap discussion

Post by goetzkluge » Sun Aug 09, 2015 4:23 am

I rewrote my proposal to Clem in http://blog.linuxmint.com/?p=2889#comment-119856 for a change in the installer and added "noearly" (as used by Laurent85):

Replace in installer

Code: Select all

# Add crypttab entry
echo “cryptswap$i UUID=$uuid /dev/urandom swap,cipher=aes-cbc-essiv:sha256″ >> /etc/crypttab
by

Code: Select all

# Add crypttab entry
echo “cryptswap$i UUID=$uuid /dev/urandom swap,offset=8,noearly,cipher=aes-cbc-essiv:sha256″ >> /etc/crypttab
My assumption: The “offset=8″ is the difference. Without it, a freshly installed Linuxmint finds the cryptswap and then destroys its UUID. When rebooted again, the UUID is gone and the swap partition cannot be found anymore. The offset in the installer script should fix that problem.

This is my own fix and I didn’t commit that anywhere upstream. But one thing is sure, the “offset=8″ protects the UUID as well as the type indicator of the swap partition and does no harm. In worst case you waste a few kBytes at the beginning of your swap partition.

Post Reply

Return to “Newbie Questions”