Partition vs. whole disk and creating encrypted filesystem...

With a new laptop I got a 1T disk which I intend to use as a data disk. So, it will have a single encrypted partition. This is a new disk with a 4K sector size and because of that fdisk tool offers me to start partition on 2048th sector. This is some alignment stuff from the old days of MSDOS, and obviously I don't want to waste disk space for those reasons. You can read more about that on Linux ATA Wiki. Linux is the only OS I'll use with this disk. It is possible to start partition from 63rd sector but if you are using fdisk you'll have to first create a partition and then switch to expert menu (option x) where it is possible to move beginning of the partition from 2048th to 63rd sector (option b).

Now, it is also possible to use the whole disk for a filesystem, without partition table. I found some discussions of pros and cons of this approach. Additional question is if the Fedora will recognize such disks during a boot process. LWM HOWTO also talks about this issue. It seems that everything boils down to the problem if some other tools or operating systems, that expect disk to be partitioned, treat disk as unpartitioned and thus destroy data on it. Also, someone noted possible performance degradation, but this was not confirmed by simple testing (look at the first link I gave), and besides, why would that happen when you use the whole disk? It can not be better aligned, can it? Also, someone used the whole disk for his Gentoo OS and then he had to install GRUB. Since GRUB, during installation, asks you whether you want it to be installed on, e.g. /dev/sda or /dev/sda1, it seems that it isn't important if you don't have partition table. But, I didn't go more deeper in this.

In the end, I decided to use the whole disk, no partitions. This disk will hold a single partition, will have only data on it, it will never be used on anything other than Linux, actually, on anything other than my laptop. So, this is the way I decided to go.

So, from that point on everything was very simple:

1. Encrypt the whole disk

# cryptsetup luksFormat /dev/sdc

WARNING!
========
This will overwrite data on /dev/sdc irrevocably.

Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase:

2. Open crypted disk:

   # cryptsetup luksOpen /dev/sdc cryptodev1
   Enter passphrase for /dev/sdc:

3. Create file system:

# mkfs -t ext4 /dev/mapper/cryptodev1
mke2fs 1.42.5 (29-Jul-2012)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
61054976 inodes, 244190134 blocks
12209506 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=4294967296
7453 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
        4096000, 7962624, 11239424, 20480000, 23887872, 71663616, 78675968,
        102400000, 214990848

Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

4. Remove reserved blocks (5% by default):

# tune2fs -m 0 /dev/mapper/cryptodev1
tune2fs 1.42.5 (29-Jul-2012)
Setting reserved blocks percentage to 0% (0 blocks)

5. Finally, mount a disk:

# mount /dev/mapper/cryptodev1 /mnt

And that's basically it. When you want to use disk, and it is not mounted, then you first have to open crypted device (step 2) and then you mount newly created file system.

Why we should study history...

Oh, it happened so many times! I stumbled upon it already while reading John Day's book titled Patterns in network architecture: A return to fundamentals. In short, at one point something is controversial and in next, it's regarded as a some kind of a rule that people passionately protect! One good example is 7-layer ISO/OSI Reference Model. When it was created it was problematic how many layers there should be, now, it is taken as something set in stone that there are 7-layers, while in reality it is dubious if this is a correct number. I'm certain that there are a large number of similar examples in every area you can think of. What this implies is that we have to always question the correctness of our current knowledge knowing that something might happen by chance, or politics of a certain time, and that ultimately hampers us from making further progress, maybe even clean start.

And today, I found this post. written by Rob Landley. It's ubeliviable! I'm using Unix/Linux for over 20 years now, always knowing there is a split between /bin, /sbin, /usr/sbin and /usr/bin and knowing why it is done so. But I realise now that, till today, I didn't actually know and, what's more, this is again an example of something that by accident becomes a law. What's more interesting is that not once I stumbled upon some heated discussion about file system layout (an example) in which there were proponents of this split with a simple argument that it is a Unix way of things! Boy, how wrong they are! :)

I'm copying this post here for a refence: