From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] help mounting partitions in an encrypted disk after first reboot
Date: Sun, 18 Jun 2017 17:40:54 +0200 [thread overview]
Message-ID: <20170618154054.GA9525@tansi.org> (raw)
In-Reply-To: <15cb9f6bc21.e7fcdcb9152844.6693124782086296883@metempsy.com>
Hi Julio,
the partitions do not show up on reboot as the kernel cannot
see them. The partition table it would need to scan is
in the encrypted LUKS container and as that is still
closed on boot, hence the kernel has no chance to look at it.
A fix might be to just call "partprobe" after opening the
LUKS container. That scans all reachable devices for
partition tables. It also works directly after repartitioning,
i.e. without a reboot.
partptobe is part of the parted package (at least on Debian).
Regards,
Arno
On Sun, Jun 18, 2017 at 08:49:33 CEST, Julio Gago wrote:
> Hi there!
>
> I'm facing an issue I've been unable to solve by myself. I've been exploring around a lot without success. I'm a newbie in this topic so please accept my apologies if this is a silly question.
>
> I am using cryptsetup 1.6.6 in Ubuntu 16.04 on kernel 4.8.0.
>
> I successfully encrypted a disk with LUKS and then created a couple of partitions and mounted them with:
>
> cryptsetup luksFormat --cipher aes-xts /dev/sdc
> cryptsetup luksOpen /dev/sdc sdc
> fdisk /dev/mapper/sdc
> (created partitions manually)
> mkfs.ext4 /dev/mapper/sdc1
> mkfs.ext4 /dev/mapper/sdc2
> mount /dev/mapper/sdc1 /part1_dmcrypt
> mount /dev/mapper/sdc2 /part2_dmcrypt
>
> fdisk gave the usual complaint about updating partition list to kernel, which I ignored and assumed it would be fixed by the next reboot. But it didn't!
>
> After reboot, I can open the luks volume normally:
>
> cryptsetup luksOpen /dev/sdc sdc
> cryptsetup status sdc
> /dev/mapper/sdc is active and is in use.
> type: LUKS1
> cipher: aes-xts-plain64
> keysize: 256 bits
> device: /dev/sdc
> offset: 4096 sectors
> size: 11719929856 sectors
> mode: read/write
>
> And I can see the partitions if I use fdisk:
>
> Disk /dev/mapper/sdc: 5.5 TiB, 6000604086272 bytes, 11719929856 sectors
> Units: sectors of 1 * 512 = 512 bytes
> Sector size (logical/physical): 512 bytes / 4096 bytes
> I/O size (minimum/optimal): 4096 bytes / 4096 bytes
> Disklabel type: gpt
> Disk identifier: 2F089102-C3CE-4C64-BA09-A19FCC49CFF8
>
> Device Start End Sectors Size Type
> /dev/mapper/sdc-part1 2048 6442452991 6442450944 3T Linux filesystem
> /dev/mapper/sdc-part2 6442452992 11719929822 5277476831 2.5T Linux filesystem
>
> However, the kernel does not seem to see the partitions, since the block devices are not present in /dev:
>
> ls -la /dev/mapper
> total 0
> drwxr-xr-x 2 root root 80 Jun 16 19:07 .
> drwxr-xr-x 19 root root 4560 Jun 16 18:38 ..
> crw------- 1 root root 10, 236 Jun 16 18:35 control
> lrwxrwxrwx 1 root root 7 Jun 17 12:15 sdc -> ../dm-0
>
> So I cannot mount the volumes normally. I tried partx and other methods to tell the kernel about the partitions without success. The corresponding IOCTL calls return with EINVAL error.
>
> Decryption seems to be working alright (since I can see the partitions) and I can in fact mount the volumes doing something like this:
>
> losetup /dev/loop0 /dev/mapper/sdc -o 1048576
> mount /dev/loop0 /part1_dmcrypt
>
> The volumes seem to have the right contents. So I am actually ok to
> proceed, I have backups of both volumes and the LUKS header.
>
> However, I would like to understand what is wrong and how could I fix the
> issue and mount the volumes canonicaly.
>
> Thanks in advance for your help and my apologies if I did anything really
> silly :)
>
> Regards,
> Julio
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
--
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
next prev parent reply other threads:[~2017-06-18 15:40 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-18 6:49 [dm-crypt] help mounting partitions in an encrypted disk after first reboot Julio Gago
2017-06-18 7:25 ` Michael Kjörling
2017-06-18 8:30 ` Julio Gago
2017-06-18 15:25 ` Carl-Daniel Hailfinger
2017-06-18 15:51 ` Arno Wagner
2017-06-18 22:26 ` Carl-Daniel Hailfinger
2017-06-18 23:01 ` Arno Wagner
2017-06-19 19:02 ` Carl-Daniel Hailfinger
2017-06-19 21:34 ` Arno Wagner
2017-06-18 15:40 ` Arno Wagner [this message]
2017-06-18 17:21 ` Julio Gago
2017-06-18 18:03 ` Arno Wagner
2017-06-18 19:13 ` Julio Gago
2017-06-18 20:07 ` Arno Wagner
2017-06-18 18:45 ` Michael Kjörling
2017-06-18 19:03 ` Arno Wagner
2017-06-19 22:04 ` Sven Eschenberg
2017-06-19 22:48 ` Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170618154054.GA9525@tansi.org \
--to=arno@wagner.name \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.