[linux-lvm] /dev/dm-* or /dev/mapper/*

[linux-lvm] /dev/dm-* or /dev/mapper/*

[Edward Siefker]

I originally set up raid-luks-lvm on this machine with debian's
installer tool, now I am trying to add another encrypted raid1 device to
the existing volume group.  I already have the raid device set up and
encrypted, that's no problem.  Now the linux gazette
(http://linuxgazette.net/140/pfeiffer.html) tells me I should run
'pvcreate' on the device in /dev/mapper.  However, if I examine my
existing physical volumes with 'pvscan' I get the following:

iblis:/home/hatta# pvscan
  PV /dev/dm-0   VG iblis-volumes   lvm2 [931.32 GB / 0    free]
  Total: 1 [931.32 GB] / in use: 1 [931.32 GB] / in no VG: 0 [0   ]

Apparently I am using /dev/dm-0 instead of /dev/mapper/md1_crypt. I
wondered if these were maybe two names for the same thing, so I checked
ls:

iblis:/home/hatta# ls -ld /dev/dm-0 /dev/mapper/md1_crypt
brw-rw---- 1 root disk 253, 0 2009-08-16 12:02 /dev/dm-0
brw-rw---- 1 root disk 253, 0 2009-08-16 12:02 /dev/mapper/md1_crypt

Same major and minor number, if that means anything.  Next I ran
'dmcrypt info' on each:

iblis:/home/hatta# dmsetup info /dev/dm-0
Device /dev/dm-0 not found
Command failed
iblis:/home/hatta# dmsetup info /dev/mapper/md1_crypt 
Name:              md1_crypt
State:             ACTIVE
Read Ahead:        256
Tables present:    LIVE
Open count:        7
Event number:      0
Major, minor:      253, 0
Number of targets: 1


It works on one, and not the other.  So they're not the same thing.  My
new device 'md2_crypt' corresponds to /dev/dm-8, if I am to trust the
major/minor numbers. Should I run pvcreate on /dev/dm-8 or
/dev/mapper/md2_crypt?

And this is a somewhat broader question.  If I have two encrypted
volumes like this in the same volume group, and I have a partition that
spans both physical volumes, what happens when one of those volumes is
not yet unlocked?  There is a short time during bootup that md1_crypt is
unlocked and md2_crypt is not yet unlocked. The boot scripts are
definitely doing something with my logical volumes in that period, since
I can use a keyfile in /root (which is in a logical volume on md1_crypt)
to unlock md2_crypt.  

This seems dangerous to me, what would happen if I added md2_crypt to
that volume group, and extended that filesystem over both physical
volumes?  Is it possible for my keyfile in /root to end up on md2_crypt
and be inaccessible?  Suppose I had trouble entering my passphrase 3
times and cryptsetup gave up. What would happen then?  Would my system
try to mount a logical volume that only half exists?  Could that corrupt
the filesystem?
-- 
  
  hatta00@fastmail.fm

-- 
http://www.fastmail.fm - A fast, anti-spam email service.

Re: [linux-lvm] /dev/dm-* or /dev/mapper/*

[Ron Johnson]

On 2009-08-16 19:08, Edward Siefker wrote:
> I originally set up raid-luks-lvm on this machine with debian's
> installer tool, now I am trying to add another encrypted raid1 device to
> the existing volume group.  I already have the raid device set up and
> encrypted, that's no problem.  Now the linux gazette
> (http://linuxgazette.net/140/pfeiffer.html) tells me I should run
> 'pvcreate' on the device in /dev/mapper.  However, if I examine my
> existing physical volumes with 'pvscan' I get the following:
> 
> iblis:/home/hatta# pvscan
>   PV /dev/dm-0   VG iblis-volumes   lvm2 [931.32 GB / 0    free]
>   Total: 1 [931.32 GB] / in use: 1 [931.32 GB] / in no VG: 0 [0   ]
> 
> Apparently I am using /dev/dm-0 instead of /dev/mapper/md1_crypt. I
> wondered if these were maybe two names for the same thing, so I checked
> ls:
> 
> iblis:/home/hatta# ls -ld /dev/dm-0 /dev/mapper/md1_crypt
> brw-rw---- 1 root disk 253, 0 2009-08-16 12:02 /dev/dm-0
> brw-rw---- 1 root disk 253, 0 2009-08-16 12:02 /dev/mapper/md1_crypt
> 
> Same major and minor number, if that means anything.  Next I ran
> 'dmcrypt info' on each:
> 
> iblis:/home/hatta# dmsetup info /dev/dm-0
> Device /dev/dm-0 not found
> Command failed
> iblis:/home/hatta# dmsetup info /dev/mapper/md1_crypt 
> Name:              md1_crypt
> State:             ACTIVE
> Read Ahead:        256
> Tables present:    LIVE
> Open count:        7
> Event number:      0
> Major, minor:      253, 0
> Number of targets: 1
> 
> 
> It works on one, and not the other.  So they're not the same thing.  My
> new device 'md2_crypt' corresponds to /dev/dm-8, if I am to trust the
> major/minor numbers. Should I run pvcreate on /dev/dm-8 or
> /dev/mapper/md2_crypt?

/dev/dm-* device names seem to go in sequence of when they are 
discovered at boot time, or order in the config file, or some other 
such algorithm who's input changes as LVs are added and destroyed.

You know, though, that md1_crypt will always be md1_crypt no matter 
what you do to any other LVs.

I'd run interactive commands against dm-8, but would refer to 
md2_crypt in any scripts that I write which need to work tomorrow, 
next week, etc.

-- 
Scooty Puff, Sr
The Doom-Bringer

Re: [linux-lvm] /dev/dm-* or /dev/mapper/*

[Peter Rajnoha]

On 08/17/2009 02:08 AM, Edward Siefker wrote:
> I originally set up raid-luks-lvm on this machine with debian's
> installer tool, now I am trying to add another encrypted raid1 device to
> the existing volume group.  I already have the raid device set up and
> encrypted, that's no problem.  Now the linux gazette
> (http://linuxgazette.net/140/pfeiffer.html) tells me I should run
> 'pvcreate' on the device in /dev/mapper.  However, if I examine my
> existing physical volumes with 'pvscan' I get the following:
> 
> iblis:/home/hatta# pvscan
>   PV /dev/dm-0   VG iblis-volumes   lvm2 [931.32 GB / 0    free]
>   Total: 1 [931.32 GB] / in use: 1 [931.32 GB] / in no VG: 0 [0   ]

Which version of libdevmapper/dmsetup do you use?

> Apparently I am using /dev/dm-0 instead of /dev/mapper/md1_crypt. I
> wondered if these were maybe two names for the same thing, so I checked
> ls:
> 
> iblis:/home/hatta# ls -ld /dev/dm-0 /dev/mapper/md1_crypt
> brw-rw---- 1 root disk 253, 0 2009-08-16 12:02 /dev/dm-0
> brw-rw---- 1 root disk 253, 0 2009-08-16 12:02 /dev/mapper/md1_crypt
> 
> Same major and minor number, if that means anything.

Well, from functional point of view they are same - they point to the
same device, of course. But dmsetup/lvm itself does not create the
/dev/dm-X nodes - the ones in /dev/mapper are the right and official
ones that should always be used.

The /dev/dm-X nodes are created by some general udev rules, dm-X is
only internal kernel name for that device and you can't rely on those
names (because the number X that is assigned is not stable and could
be changed - it depends on the sequence of device activation).

> iblis:/home/hatta# dmsetup info /dev/dm-0
> Device /dev/dm-0 not found
> Command failed

..just forget that /dev/dm-X exists :) The thing is that these nodes
shouldn't be there with recent versions of libdevmapper/dmsetup used
in all distros..


HOWEVER, there has been some work done on udev support in LVM upstream
lately (version 2.02.51, which also includes dmsetup/libdevmapper).
Also, new udev rules have been added to support device mapper devices.
When this udev support is enabled (it's still disabled by default
though), the /dev/dm-X nodes are created directly by device-mapper
rules, then /dev/mapper/ symlinks that point to /dev/dm-X
(and /dev/<vgname>/<lvname> symlinks that point to /dev/dm-X
as well for LVM devices). The reason for doing so is that creating
nodes root /dev directory is considered to be the "standard way".
Nevertheless, you should always use /dev/mapper!

> iblis:/home/hatta# dmsetup info /dev/mapper/md1_crypt 
> Name:              md1_crypt
> State:             ACTIVE
> Read Ahead:        256
> Tables present:    LIVE
> Open count:        7
> Event number:      0
> Major, minor:      253, 0
> Number of targets: 1
> 
> 
> It works on one, and not the other.  So they're not the same thing.  My
> new device 'md2_crypt' corresponds to /dev/dm-8, if I am to trust the
> major/minor numbers. Should I run pvcreate on /dev/dm-8 or
> /dev/mapper/md2_crypt?

Alays use /dev/mapper. This is the only reliable way :)

Peter

Re: [linux-lvm] /dev/dm-* or /dev/mapper/*

[Peter Rajnoha]

On 08/17/2009 02:08 AM, Edward Siefker wrote:
> I originally set up raid-luks-lvm on this machine with debian's
> installer tool, now I am trying to add another encrypted raid1 device to
> the existing volume group.  I already have the raid device set up and
> encrypted, that's no problem.  Now the linux gazette
> (http://linuxgazette.net/140/pfeiffer.html) tells me I should run
> 'pvcreate' on the device in /dev/mapper.  However, if I examine my
> existing physical volumes with 'pvscan' I get the following:
> 
> iblis:/home/hatta# pvscan
>   PV /dev/dm-0   VG iblis-volumes   lvm2 [931.32 GB / 0    free]
>   Total: 1 [931.32 GB] / in use: 1 [931.32 GB] / in no VG: 0 [0   ]

..also, try to look at devices/preferred_names setting in lvm.conf.
This one should give priority to scanned devices and prioritize them..

Peter