Improving support for LVM & LUKS encryption within Ubiquity

Registered by Tom Ellis on 2011-04-28

In multi-user corporate desktop environments full disk encryption is mandated by security policies and with large modern hard drives LVM provides flexibility and management over a fixed partitioning structure.

The idea of this blueprint is to have some form of integration or hooks for of both LVM and LUKS within Ubiquity, so that this configuration is possible from the live-cd.

Blueprint information

Status:
Complete
Approver:
Steve Langasek
Priority:
Essential
Drafter:
Evan Dandrea
Direction:
Approved
Assignee:
Dimitri John Ledkov
Definition:
Approved
Series goal:
Accepted for quantal
Implementation:
Implemented
Milestone target:
milestone icon ubuntu-12.10-beta-1
Started by
Steve Langasek on 2012-05-25
Completed by
Dimitri John Ledkov on 2012-10-09

Whiteboard

drussell - 2011-05-17 Information provided for basic skinning requirements
Basic skinning: add own company logo
Basic skinning: colour/theme changes across installer
Basic skinning: replace install "slideshow" with own images

ev - 2011-05-18 I've moved the logo addition to https://blueprints.launchpad.net/ubuntu/+spec/foundations-o-ubiquity . You can already replace the slideshow by providing your own slideshow package that provides the ubiquity-slideshow virtual package and replaces ubiquity-slideshow-ubuntu.

trellis - 2011-06-08 Chased a couple of customers who customise ubiquity
They add some disclaimers and license agreement steps, happy with current implementation

Will work on this out of tree for 12.04, but not committing to landing this in the archive because this is high-risk feature development for an LTS.

UDS-Q
dmitrij.ledkov 2012-05-18 - found 3rd party integrators who remove migration assistant, 'monkey-patch' partition script which creates LUKS full disk encryption, similar is done for encrypted usb-creator. Received source code.

dmitrij.ledkov 2012-05-18 - related to
https://blueprints.launchpad.net/ubuntu/+spec/encrypted-filesystems
ev 2012-05-18 - for what it's worth, migration-assistant is getting dropped in 12.10

More links:
* https://wiki.ubuntu.com/Ubiquity/SoftwareRaid
* https://wiki.ubuntu.com/Ubiquity/AdvancedPartitionerRewrite
* https://docs.google.com/document/d/1bZ4yQIVgGaUGSYu3qiUHnQt3ieBZoqunP_DcleHCr3I/edit?pli=1#heading=h.ac8e7d75e342

Nice to haves:
erase disk / fill with random data. grep Debolaz #ubuntu-devel 2012-07-06

== Old Actions ==
[drussell] chase other customers to find out other customisation in Ubiquity by current corporate customers: DONE
[trellis] chase other customers to find out other customisation in Ubiquity by current corporate customers: DONE

Release notes:
Users who previously installed using LVM or full-disk encryption via the alternate CD will find that these installation targets are supported by the consolidated image in 12.10.

(?)

Work Items

Work items for quantal-alpha-1:
Create functional design concept for complex partitioning schemes: DONE
[mpt] Design LUKS disk encryption in the Ubiquity installer <http://goo.gl/91qR7>: DONE
[mpt] Design LVM in the Ubiquity installer <http://goo.gl/ByXUS>: DONE
[mpt] Design RAID in the Ubiquity installer <http://goo.gl/3Cv2a>: DONE
Include partman-lvm, partman-auto-lvm in ubiquity build: DONE
Include partman-crypto, partman-auto-crypto in ubiquity build: DONE
Ensure that manual partitioning frontend does not offer complex block devices until such time as we have the ability to do something useful with them: DONE
Setup testing environment for being able to create test ISOs: DONE

Work items for quantal-alpha-2:
Check / Make sure that it is possible to pre-seed complex block device: DONE
Provide guided partitioning recipe for guided LVM: DONE
Provide guided partitioning recipe for guided LVM with encryption: DONE

Work items for ubuntu-12.10-beta-1:
manual UI redesign: DONE
Encryption manual UI ( lp:~xnox/ubiquity/adv-crypto ): DONE
LVM manual UI: POSTPONED
LVM manual UI - fancy custom widget: POSTPONED
Provide a guided partitioning recipe which uses only free space or only part of free space for LVM+LUKS: POSTPONED
Allow for user-testing this functionality on 12.04 LTS: POSTPONED
[cjwatson] Disable Ubuntu alternate image builds once we're satisfied this is working (last build 20120910): DONE
[jr] Provide automatic partitioning UI for the ubiquity KDE frontend: DONE
[kubuntu-devel] Disable Kubuntu alternate image builds once we're satisfied this is working: DONE

Dependency tree

* Blueprints in grey have been implemented.