Last active
March 9, 2023 22:32
-
-
Save mauricioprado00/6ea2a43c36f6cc581b42c4b9464494b5 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
original_device=/dev/sdb | |
copy_device=/dev/nvme0n1 | |
function get_partition_prefix | |
{ | |
local device="$1" | |
ls ${device}* | grep -v '^'${device}'$' | sort | head -n1 | sed 's#[0-9]$##g' | |
} | |
function get_password | |
{ | |
local dev="$1" | |
local password | |
local confirm | |
echo -n "Please provide a password for the encrypted device {$dev}: " 1>&2 | |
read -s password | |
echo 1>&2 | |
echo -n ${password} | |
printf "${password}" | cryptsetup luksOpen --test-passphrase ${dev} | |
} | |
function get_deviceid | |
{ | |
local dev="$1" | |
local UUID | |
eval $(blkid "${dev}" | tr ' ' '\n' | grep '^UUID') | |
echo $UUID | |
} | |
encryption_password=$(get_password ${original_device}3) | |
original_partition=$(get_partition_prefix ${original_device}) | |
copy_partition=$(get_partition_prefix ${copy_device}) | |
original_deviceid=$(get_deviceid ${original_partition}3) | |
copy_deviceid=$(get_deviceid ${copy_partition}3) | |
crypt_name=$(basename ${original_partition})3_crypt | |
# from https://askubuntu.com/questions/719409/how-to-reinstall-grub-from-a-liveusb-if-the-partition-is-encrypted-and-there-i | |
# and https://wiki.debian.org/GrubEFIReinstall | |
# This is not a cli-script, it's an interactive detail of steps to be executed in your commandline | |
# assuming that originl device is ${original_device} and target device is ${copy_device} and they are of different size. | |
# if they are the same size then you can just use dd to clone. | |
# Target is to create: fdisk -l | |
# Device Start End Sectors Size Type | |
# ${copy_device}1 2048 1050623 1048576 512M EFI System | |
# ${copy_device}2 1050624 4550655 3500032 1,7G Linux filesystem | |
# ${copy_device}3 4550656 976773119 972222464 463,6G Linux filesystem | |
# | |
# more detailed information of the configuration can be obtained with | |
# sfdisk -d ${original_device} | |
# label: gpt | |
# label-id: 497F7EBE-6252-4EA3-B6ED-DB5C73EFA55A | |
# device: ${original_device} | |
# unit: sectors | |
# first-lba: 34 | |
# last-lba: 1000215182 | |
# sector-size: 512 | |
# | |
# ${original_device}p1 : start= 2048, size= 1048576, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=F3C23FAA-966B-42E7-8FAF-DACA3D30F3AF, name="EFI System Partition" | |
# ${original_device}p2 : start= 1050624, size= 3500032, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, uuid=B02AE055-0CD0-44AF-B187-1617C4C12DFD | |
# ${original_device}p3 : start= 4550656, size= 995663872, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, uuid=36E282E0-D31D-46A4-AFCF-40E5BD422B6C | |
# | |
# where ${copy_device}3 is encrypted and contains an LVM system. | |
# get configuration for nvme0n1 | |
sfdisk -d ${original_device} | \ | |
grep -v last-lba `# ignore size of disk` | \ | |
head -n -1 `# ignore last partition because we dont know its size ` |\ | |
grep -v 'device:' |\ | |
grep -v 'label-id:' |\ | |
sed 's#/dev/.*:# :#g' `# rename disk` \ | |
> /tmp/sda.sfdisk | |
# create the two first partitions (efi + boot) | |
sfdisk ${copy_device} < /tmp/sda.sfdisk | |
# get the last partition end, in sectors, because that way there is no roundig loss | |
set -- $(parted ${copy_device} unit s print | grep '^ [0-9]' | sed 's#[^0-9 ]##g' | tail -n1) | |
# ^ unit accepts MB, MiB, etc | |
# docs https://www.gnu.org/software/parted/manual/parted.html | |
start=$(($3 + 1)) | |
parted ${copy_device} mkpart primary ext4 ${start}s 100% | |
# ^ unit, accepts MB, MiB | |
# shound't be necessary, but just in case | |
parted ${copy_device} set 1 boot on | |
parted ${copy_device} set 1 esp | |
# New info: Information: You may need to update /etc/fstab.!!!!!!!!!!!!!!!!!!! | |
# format partitions, a bit useless if will be later overwritten, but well | |
yes | mkfs.fat -F32 ${copy_partition}1 | |
yes | mkfs.ext4 ${copy_partition}2 | |
# copy efi and boot partitions into target | |
dd if=${original_partition}1 bs=10M of=${copy_partition}1 | |
dd if=${original_partition}2 bs=10M of=${copy_partition}2 | |
sync | |
# get the size of the disk in bytes | |
#disk_size=$(blockdev --getsize64 ${copy_device}) | |
# create encrypted disk, provide password, this will erase everything in sda3 | |
cryptsetup luksFormat ${copy_partition}3 | |
# echo -n "${password}" | cryptsetup luksFormat ${copy_partition}3 | |
# create the mapper device /dev/mapper/${crypt_name} | |
cryptsetup open ${copy_partition}3 ${crypt_name} | |
# see LVM INFO | |
# lvscan | |
# pvdisplay | |
# vgdisplay | |
# lvdisplay | |
# create phisical volume | |
pvcreate /dev/mapper/${crypt_name} | |
# create volume group | |
vgcreate vgkubuntunew /dev/mapper/${crypt_name} | |
# select group to work | |
vgchange -ay vgkubuntunew | |
# create the swap disk of the size of ram (free -h) | |
lvcreate -L8G -n swap_1 vgkubuntunew /dev/mapper/${crypt_name} | |
# create the main partition with the remaining content | |
lvcreate -l 100%FREE -n root vgkubuntunew /dev/mapper/${crypt_name} | |
# format ext4 | |
yes | mkfs.ext4 /dev/vgkubuntunew/root | |
# mount the new system | |
mkdir /media/new-kubuntu-root | |
mount /dev/vgkubuntunew/root /media/new-kubuntu-root | |
# rsync -avxHAX --progress /media/original-kubuntu-root --exclude={"/media/original-kubuntu-root/dev/*","/media/original-kubuntu-root/proc/*","/media/original-kubuntu-root/sys/*","/media/original-kubuntu-root/tmp/*","/media/original-kubuntu-root/run/*","/media/original-kubuntu-root/mnt/*","/media/original-kubuntu-root/media/*","/media/original-kubuntu-root/lost+found"} /media/new-kubuntu-root | |
# mv /media/new-kubuntu-root/original-kubuntu-root/* /media/new-kubuntu-root/ | |
# rmdir /media/new-kubuntu-root/original-kubuntu-root | |
rsync -avxHAWX --progress / --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found"} /media/new-kubuntu-root | |
sed -i 's#UUID=[0-9a-zA-Z-]\+#UUID='${copy_deviceid}'#g' /media/new-kubuntu-root/etc/crypttab | |
# must restart and open only the copied device and do | |
vgrename vgkubuntunew vgkubuntu | |
# select group to work | |
vgchange -ay vgkubuntunew | |
modprobe efivars | |
# mount boot from device's partition | |
mkdir /media/new-kubuntu-root/boot/ | |
mount ${copy_partition}2 /media/new-kubuntu-root/boot/ | |
# mount efi from device's partition | |
mount ${copy_partition}1 /media/new-kubuntu-root/boot/efi | |
# mount linux special systems | |
mount --bind /dev /media/new-kubuntu-root/dev | |
mount --bind /dev/pts /media/new-kubuntu-root/dev/pts | |
mount --bind /proc /media/new-kubuntu-root/proc | |
mount --bind /sys /media/new-kubuntu-root/sys | |
mount --bind /sys/firmware/efi/efivars /media/new-kubuntu-root/sys/firmware/efi/efivars | |
# run chroot son new system | |
#chroot /media/new-kubuntu-root | |
# reinstall grub | |
chroot /media/new-kubuntu-root apt-get -y purge grub\* | |
chroot /media/new-kubuntu-root apt-get -y install grub-efi | |
chroot /media/new-kubuntu-root apt-get -y autoremove | |
chroot /media/new-kubuntu-root apt-get install --reinstall -y grub-efi-amd64 | |
chroot /media/new-kubuntu-root grub-install ${original_device} | |
chroot /media/new-kubuntu-root update-grub | |
chroot /media/new-kubuntu-root update-initramfs -u -k all | |
# new info | |
#dpkg: error processing package shim-signed (--configure): | |
# dependency problems - leaving triggers unprocessed | |
#Errors were encountered while processing: | |
# grub-efi-amd64-signed | |
# shim-signed | |
#E: Sub-process /usr/bin/dpkg returned an error code (1) | |
# exit chroot | |
#exit | |
# unmount all | |
umount /media/new-kubuntu-root/dev/pts | |
umount /media/new-kubuntu-root/dev | |
umount /media/new-kubuntu-root/proc | |
umount /media/new-kubuntu-root/sys/firmware/efi/efivars | |
umount /media/new-kubuntu-root/sys | |
umount /media/new-kubuntu-root/boot/efi/ | |
umount /media/new-kubuntu-root/boot/ | |
umount /media/new-kubuntu-root/ | |
# https://linux-blog.anracom.com/2018/11/08/cryptsetup-close-not-working-for-lvm-on-luks-device-busy/ | |
dmsetup info -C | |
vgchange -a n vgkubuntu | |
dmsetup info -C | |
# close encrypted partition | |
cryptsetup luksClose ${crypt_name} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment