Zimbra volume on truecrypt

Revision as of 08:54, 28 November 2008 by Santosh rao99 (talk | contribs) (New page: This article describes the steps to setup a truecrypt partition as a secondary zimbra volume. We assume you have ZCS already installed and operational. In this case using Ubuntu 8.04 LTS (...)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

This article describes the steps to setup a truecrypt partition as a secondary zimbra volume. We assume you have ZCS already installed and operational. In this case using Ubuntu 8.04 LTS (Hardy Heron) and ZCS 5.0.11

To know about truecrypt visit: http://www.truecrypt.org

Part 0 : Installation of Truecrypt package :

Prerequisite :
No GUI necessary.
  sudo apt-get install dmsetup libsm6 libgtk2.0-0
  sudo apt-get -f install
To download Truecrypt :
  sudo wget http://www.truecrypt.org/downloads/truecrypt-6.1-ubuntu-x86.tar.gz
To install :
  sudo tar zxpf truecrypt-6.1-ubuntu-x86.tar.gz
  sudo ./truecrypt-6.1-setup-ubuntu-x86
To test install :
  truecrypt --text --test
To see help :
  truecrypt --text --help

Part 1 : To create Truecrypt volume :

To host file containing volumes :
  sudo mkdir /protect-folder
To create volume in interactive way :
  truecrypt --text --create
  or
  To create normal Truecrypt volume directly :
  (This command just ask for password of new volume and random 300 car string)
  sudo truecrypt --text -c -k "" --volume-type=normal --size=100000000
  --encryption=AES-Twofish --hash=SHA-512 --filesystem=FAT
  /protect-folder/prdvolume1.tc
  (size in bytes ==> 100000000 = 100Mb, FAT is the only choice possible==> see
   EXT3 format below)
To mount volume :
  sudo truecrypt --text -k "" --protect-hidden=no --mount
  /protect-folder/prdvolume1.tc /media/truecrypt1
To list mounted volumes :
  sudo truecrypt --text -l
To see properties of a volume :
  sudo truecrypt --text --volume-properties /protect-folder/prdvolume1.tc
To dismount TrueCrypt volume :
  sudo truecrypt --text --dismount /protect-folder/prdvolume1.tc
To format TC volume in Ext3 linux format :
  Login a root :
  sudo su -

Mount Truecrypt volume :
  sudo truecrypt --text -k "" --protect-hidden=no --mount
  /protect-folder/prdvolume1.tc /media/truecrypt1
See name of logical disk :
  sudo truecrypt --text -l
Unmount Linux Vol but not Truecrypt volume ! :
  sudo umount /media/truecrypt1
Format Truecrypt volume in Ext3 mode :
  sudo mke2fs -j /dev/mapper/truecrypt1
  (See doc in http://manpages.ubuntu.com/manpages/hardy/man8/mke2fs.html)
Dismount Truecrypt volume :
  sudo truecrypt --text --dismount /protect-folder/prdvolume1.tc
And remount Truecrypt volume :
  sudo truecrypt --text -k "" --protect-hidden=no --mount
  /protect-folder/prdvolume1.tc /media/truecrypt1
To verify Truecrypt volume is OK :
  sudo truecrypt --text --volume-properties /protect-folder/prdvolume1.tc
To prepare the directory to host ZCS volume :
  sudo mkdir /media/truecrypt1/storetc
To make Zimbra user owner of storetc directory (mandatory for Zimbra volume):
  chown -v -R zimbra /media/truecrypt1/storetc
To give permissions (mandatory for Zimbra volume) :
  sudo chmod -v -R 0755 /media/truecrypt1

Permissions are persistent with dismount and mount.


Part 2 : To create Zimbra secondary volume in /media/truecrypt1/storetc :

As user zimbra:

To create a secondary volume :
  zmvolume -a -n messagetc1 -p /media/truecrypt1/storetc -t secondaryMessage
To verify, list the volumes :
  zmvolume -l
To activate the secondary volume :
  zmvolume -sc -id 3
To verify current active volumes :
  zmvolume -dc

To test login to ZCS Administration Console and test HSM on server/volumes tab

Back to console as root : To verify everything is see the directory name 0 created by ZCS :

ls /media/truecrypt1/storetc

Thanks to Jean-Regis BOULET for sharing his notes with us.

Jump to: navigation, search