| Run truecrypt in a container? [message #43558] |
Thu, 22 September 2011 18:07  |
Todd Lyons
Messages: 3
Registered: September 2011
|
Junior Member |
|
|
Hello all, I'm very new to openvz. If I misstate names or concepts,
please do correct me.
Is there any possibility to get truecrypt to work inside a container?
===== Host Node =====
We set up an openvz server using proxmox. The HN is Debian Lenny:
dlscld91:~# cat /etc/issue
Debian GNU/Linux 5.0 \n \l
dlscld91:~# uname -a
Linux dlscld91 2.6.32-4-pve #1 SMP Tue Mar 29 09:08:37 CEST 2011
x86_64 GNU/Linux
The fuse (userspace filesystem) module is loaded in the HN:
dlscld91:~# lsmod | grep fuse
fuse 51198 3
And the CE is aware of it and the loop device:
dlscld91:~# vzctl set 901 --devnodes fuse:rw --devnodes loop0:rw
--devnodes loop1:rw --devnodes loop2:rw --devnodes loop3:rw --devnodes
loop4:rw --devnodes loop5:rw --devnodes loop6:rw --devnodes loop7:rw
--save
Setting devices
Saved parameters for CT 901
dlscld91:~# grep loop /etc/vz/conf/901.conf
DEVNODES="fuse:rw loop0:rw loop1:rw loop2:rw loop3:rw loop4:rw
loop5:rw loop6:rw loop7:rw "
===== CONTAINER =====
The CE is a CentOS 5.6 system, also x86_64. In the container, all
fuse libs and fuse utilities are installed. When I run truecrypt, I
get an error complaining about a lack of devicemapper support.
[root@dlswww91 ~]# truecrypt -c --encryption=AES --password=test
--random-source=/dev/urandom --volume-type=normal --size=20971520
--hash=RIPEMD-160 --filesystem="Linux Ext3" test.dat
Enter keyfile path [none]:
Done: 100.000% Speed: 21 MB/s Left: 0 s
The TrueCrypt volume has been successfully created.
[root@dlswww91 ~]# truecrypt --fs-options=users,uid=$(id -u),gid=$(id
-g),fmask=0113,dmask=002 --password=test --protect-hidden=no --mount
/root/test.dat /mnt/test/
Enter keyfile [none]:
Error: /proc/devices: No entry for misc found
Is device-mapper driver missing from kernel?
Failure to communicate with kernel device-mapper driver.
Command failed
[root@dlswww91 ~]# uname -a
Linux dlswww91.ivenue.net 2.6.32-4-pve #1 SMP Tue Mar 29 09:08:37 CEST
2011 x86_64 x86_64 x86_64 GNU/Linux
The /proc/devices file is ineed empty.
===== QUESTION =====
Is there any possibility to get truecrypt to work inside a container?
I worked through some errors, first with the fuse device not working
and second with the loop device not working. Both were solved by
solutions found in the openvz forum. I can create and mount iso
images on loopback, so I know my loop device is working. After
putting fuse in the DEVNODES list, the fuse error went away. Now I
just have to figure out how to tell truecrypt that device mapper
support is present. Now, it's possible that this just can't work
inside a container, in which case we'll fall back to using a KVM VM
instead of an OpenVZ CE for that particular host, but I'd like to use
the much lower overhead OpenVZ if possible.
Regards... Todd
--
If Americans could eliminate sugary beverages, potatoes, white bread,
pasta, white rice and sugary snacks, we would wipe out almost all the
problems we have with weight and diabetes and other metabolic
diseases. -- Dr. Walter Willett, Harvard School of Public Health
|
|
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
