[dm-crypt] help mounting partitions in an encrypted disk after first reboot
arno at wagner.name
Sun Jun 18 17:40:54 CEST 2017
the partitions do not show up on reboot as the kernel cannot
see them. The partition table it would need to scan is
in the encrypted LUKS container and as that is still
closed on boot, hence the kernel has no chance to look at it.
A fix might be to just call "partprobe" after opening the
LUKS container. That scans all reachable devices for
partition tables. It also works directly after repartitioning,
i.e. without a reboot.
partptobe is part of the parted package (at least on Debian).
On Sun, Jun 18, 2017 at 08:49:33 CEST, Julio Gago wrote:
> Hi there!
> I'm facing an issue I've been unable to solve by myself. I've been exploring around a lot without success. I'm a newbie in this topic so please accept my apologies if this is a silly question.
> I am using cryptsetup 1.6.6 in Ubuntu 16.04 on kernel 4.8.0.
> I successfully encrypted a disk with LUKS and then created a couple of partitions and mounted them with:
> cryptsetup luksFormat --cipher aes-xts /dev/sdc
> cryptsetup luksOpen /dev/sdc sdc
> fdisk /dev/mapper/sdc
> (created partitions manually)
> mkfs.ext4 /dev/mapper/sdc1
> mkfs.ext4 /dev/mapper/sdc2
> mount /dev/mapper/sdc1 /part1_dmcrypt
> mount /dev/mapper/sdc2 /part2_dmcrypt
> fdisk gave the usual complaint about updating partition list to kernel, which I ignored and assumed it would be fixed by the next reboot. But it didn't!
> After reboot, I can open the luks volume normally:
> cryptsetup luksOpen /dev/sdc sdc
> cryptsetup status sdc
> /dev/mapper/sdc is active and is in use.
> type: LUKS1
> cipher: aes-xts-plain64
> keysize: 256 bits
> device: /dev/sdc
> offset: 4096 sectors
> size: 11719929856 sectors
> mode: read/write
> And I can see the partitions if I use fdisk:
> Disk /dev/mapper/sdc: 5.5 TiB, 6000604086272 bytes, 11719929856 sectors
> Units: sectors of 1 * 512 = 512 bytes
> Sector size (logical/physical): 512 bytes / 4096 bytes
> I/O size (minimum/optimal): 4096 bytes / 4096 bytes
> Disklabel type: gpt
> Disk identifier: 2F089102-C3CE-4C64-BA09-A19FCC49CFF8
> Device Start End Sectors Size Type
> /dev/mapper/sdc-part1 2048 6442452991 6442450944 3T Linux filesystem
> /dev/mapper/sdc-part2 6442452992 11719929822 5277476831 2.5T Linux filesystem
> However, the kernel does not seem to see the partitions, since the block devices are not present in /dev:
> ls -la /dev/mapper
> total 0
> drwxr-xr-x 2 root root 80 Jun 16 19:07 .
> drwxr-xr-x 19 root root 4560 Jun 16 18:38 ..
> crw------- 1 root root 10, 236 Jun 16 18:35 control
> lrwxrwxrwx 1 root root 7 Jun 17 12:15 sdc -> ../dm-0
> So I cannot mount the volumes normally. I tried partx and other methods to tell the kernel about the partitions without success. The corresponding IOCTL calls return with EINVAL error.
> Decryption seems to be working alright (since I can see the partitions) and I can in fact mount the volumes doing something like this:
> losetup /dev/loop0 /dev/mapper/sdc -o 1048576
> mount /dev/loop0 /part1_dmcrypt
> The volumes seem to have the right contents. So I am actually ok to
> proceed, I have backups of both volumes and the LUKS header.
> However, I would like to understand what is wrong and how could I fix the
> issue and mount the volumes canonicaly.
> Thanks in advance for your help and my apologies if I did anything really
> silly :)
> dm-crypt mailing list
> dm-crypt at saout.de
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno at wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
A good decision is based on knowledge and not on numbers. -- Plato
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
More information about the dm-crypt