Ubuntu – Dual boot w/ UEFI and LUKS – What do I need to know/do

dual-bootluksuefi

I want to rebuild my mobile workstation (HP EliteBook 8560w) to dual boot CentOS 6.5 and Ubuntu 14.01LTS. I would like to protect both instances with LUKS. In my research I have come across a few items I do not understand or need guidance with.

1. Should I partition the drive, including the EFI System Partition, before beginning either installation?
2. My CentOS build requires several partitions for /, /home, /tmp, /var/log etc.; can I use Logical Volumes inside a LUKS partition for this, or does each filesystem require its own LUKS partition?
3. Will I need to use or chain load GRUB with this design? (I think the answer is "no"…not certain.)
4. Does it matter which distribution I install first?

Thanks much for any guidance. I will try to provide updates as I make progress.

Should I partition the drive, including the EFI System Partition, before beginning either installation?

I would; however, most distributions, including both Ubuntu and CentOS, provide partitioning tools as part of their installers. Doing it ahead of time has the advantage that you'll be using cross-distribution tools (such as GParted, parted, or gdisk) that are usually more powerful than the tools that the distribution installers provide.

My CentOS build requires several partitions for /, /home, /tmp, /var/log etc.; can I use Logical Volumes inside a LUKS partition for this, or does each filesystem require its own LUKS partition?

The term logical volume applies to Logical Volume Manager (LVM) configuration. As such, logical volumes are stored within (and sometimes across multiple) LVM partitions (known as physical volumes in LVM-speak). I don't know offhand if it's possible to encrypt a physical volume, but you can certainly encrypt each logical volume individually. I've got one system set up this way. I don't recall offhand what documentation I followed when setting up this system, but Googling on terms like "CentOS encrypted LVM" produces plenty of hits.

Will I need to use or chain load GRUB with this design? (I think the answer is "no"...not certain.)

I haven't checked CentOS's default EFI boot loader, but it's probably either a patched GRUB Legacy or GRUB 2. Ubuntu definitely uses GRUB 2 by default. If you use the default settings, the first distribution you install will set up for itself alone and the second will set up for itself and either chainload the other one or add entries to directly boot the other. How well this works is hard to predict; the setup scripts don't generally do as good a job with "foreign" distributions as they do with their own.

If you dislike GRUB, you can manually configure any of several alternatives. I describe all the major ones on my Web page devoted to this topic, so check there if you want to know what I think of them all. Note that some of them have requirements that might affect how you partition the disk. For instance, if you use ELILO or gummiboot, you'll probably want to make a bigger EFI System Partition (ESP) than with some others. Anything but GRUB or rEFInd will require manual adjustments as you add and remove kernels. (GRUB doesn't need this because the distributions keep their GRUB configurations up-to-date; rEFInd doesn't need it because it scans for kernels at boot times and builds its boot list dynamically.)

Does it matter which distribution I install first?

If you plan to use the default boot loader, it can -- the one whose boot loader you want to use is the one you should install second. If you plan to switch to another boot loader, though, I don't think it's likely to make much difference.