fix bug on buster

diff --git a/README b/README
index 5cc07de6778d64c7e98e372b674bcf2e0c2f22b7..97cf48388af3464d060f459432bdab2aafb5b219 100644 (file)
--- a/README
+++ b/README
@@ -116,7 +116,8 @@ fresize # resize swap or boot partitions in a host
 
 # Replacing a raid 10 disk
 
-
+# i expect better results with newer kernel and btrfs progs than the default stretch
+fai-server buster
 
 pxe-server -S HOST fai
 

diff --git a/fai/config/hooks/partition.DEFAULT b/fai/config/hooks/partition.DEFAULT
index b10a3e0f4c67e80fe6061ad23f2628785295c1b3..9ab73b22cceb9a2f91f2932b1c2c864f948484b0 100755 (executable)
--- a/fai/config/hooks/partition.DEFAULT
+++ b/fai/config/hooks/partition.DEFAULT
@@ -396,8 +396,15 @@ if $partition; then
     # This is just a bit more robust, and it could work for booting
     # into ipxe which can't persist data, if we ever got that working.
     mkfs.ext2 `grub_extdev`
+    # when we move to newer than trisquel 8, we can remove
+    # --type luks1. We can also check on cryptsetup --help | less /compil
+    # to see about the other settings. Default in debian 9 is luks2.
+    # You can convert from luks2 to luks 1 by adding a temporary key:
+    # cryptsetup luksAddKey --pbkdf pbkdf2
+    # then remove the new format keys with cryptsetup luksRemoveKey
+    # then cryptsetup convert DEV --type luks1, then readd old keys and remove temp.
     yes YES | cryptsetup luksFormat `rootdev` $luks_dir/host-$HOSTNAME \
-                         -c aes-cbc-essiv:sha256 -s 256 || [[ $? == 141 ]]
+                         --type luks1 -c aes-cbc-essiv:sha256 -s 256 || [[ $? == 141 ]]
     yes "$lukspw" | \
       cryptsetup luksAddKey --key-file $luks_dir/host-$HOSTNAME \
                  `rootdev` || [[ $? == 141 ]]