Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Not mounting LVM volumes (inside LUKS) at boot
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
Nublet
n00b
n00b


Joined: 31 Oct 2010
Posts: 9

PostPosted: Tue Nov 02, 2010 9:35 pm    Post subject: Not mounting LVM volumes (inside LUKS) at boot Reply with quote

Edit: Changed the partition setup a bit: please read my reply (Sat Nov 06) instead.


decided to use following partition setup:
unencrypted: /boot, /
encrypted: LVM2 container (inside swap, /usr, /var, /home, /usr/portage)

Well.. I understand that it may not be the best (or most logical: having / unencrypted while encrypting /usr), but I thought it may be a bit more simple, safe and less "error prune" than encrypting everything except /boot. Anyway.. that's not the case.


For some reason I'm not getting password prompt at boot. I have configured /etc/conf.d/dmcrypt as following:
Code:
target=encrypted
source='/dev/sda6'

/dev/sda6 is the correct partition - I'm able to open it manually with cryptsetup luksOpen.

/etc/fstab is following: (although I don't think it matters as no /dev/mapper/... device(s) is created)
Code:

/dev/sda3               /boot           ext2        noauto,noatime                              1 2
/dev/sda5               /               ext4        noatime                                     0 1

/dev/mapper/enc-swap    none            swap        sw                                          0 0
/dev/mapper/enc-var     /var            reiserfs    noatime,notail                              0 1
/dev/mapper/enc-usr     /usr            ext4        noatime                                     0 1
/dev/mapper/enc-portage /usr/portage    reiserfs    noatime,nolog                               0 1
/dev/mapper/enc-home    /home           ext4        noatime                                     0 1

tmpfs                   /tmp            tmpfs       size=512M,mode=1777,noatime,nosuid          0 0

proc                    /proc           proc        defaults                                    0 0
shm                     /dev/shm        tmpfs       nodev,nosuid,noexec                         0 0


There doesn't seem to be any errors at start-up - at least before system tries to mount /dev/mapper/... volumes. Also LVM seems to start fine, but doesn't find any volumes as the partition isn't decrypted.
Why dmcrypt isn't asking me password? Should I add it somewhere?

Could someone please help me.

PS! Using kernel-genkernel-x86-2.6.36-gentoo


Last edited by Nublet on Sat Nov 06, 2010 7:40 pm; edited 3 times in total
Back to top
View user's profile Send private message
Hu
Watchman
Watchman


Joined: 06 Mar 2007
Posts: 8602

PostPosted: Thu Nov 04, 2010 1:45 am    Post subject: Reply with quote

Encrypting /usr and leaving / exposed seems like a strange choice. Generally, / has more secrets than /usr (root's files, /etc/shadow, and customized configuration files). Your setup is probably one of the more rare designs. Most people who use encryption either restrict the encryption to /home or encrypt everything except /boot.

What is the output of emerge --info?
Back to top
View user's profile Send private message
Nublet
n00b
n00b


Joined: 31 Oct 2010
Posts: 9

PostPosted: Thu Nov 04, 2010 1:46 pm    Post subject: Reply with quote

Hu wrote:
Encrypting /usr and leaving / exposed seems like a strange choice. Generally, / has more secrets than /usr (root's files, /etc/shadow, and customized configuration files). Your setup is probably one of the more rare designs. Most people who use encryption either restrict the encryption to /home or encrypt everything except /boot.
Good points indeed. Thanks.
Hu wrote:
What is the output of emerge --info?
Here it is:
Code:
Portage 2.1.9.24 (default/linux/x86/10.0/desktop/gnome, gcc-4.4.3, glibc-2.11.2-r0, 2.6.36-gentoo i686)
=================================================================
System uname: Linux-2.6.36-gentoo-i686-Intel-R-_Core-TM-2_Duo_CPU_P8400_@_2.26GHz-with-gentoo-1.12.13
Timestamp of tree: Tue, 02 Nov 2010 16:15:01 +0000
ccache version 2.4 [enabled]
app-shells/bash:     4.1_p7
dev-java/java-config: 2.1.11-r1
dev-lang/python:     2.6.5-r3, 3.1.2-r4
dev-util/ccache:     2.4-r8
dev-util/cmake:      2.8.1-r2
sys-apps/baselayout: 1.12.13
sys-apps/sandbox:    2.3-r1
sys-devel/autoconf:  2.65-r1
sys-devel/automake:  1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.4.3-r2
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.10
sys-devel/make:      3.81-r2
virtual/os-headers:  2.6.30-r1 (sys-kernel/linux-headers)
ACCEPT_KEYWORDS="x86 ~x86"
ACCEPT_LICENSE="* -@EULA"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=native -pipe -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -march=native -pipe -fomit-frame-pointer"
DISTDIR="/var/portage/distfiles"
FEATURES="assume-digests binpkg-logs ccache distlocks fixlafiles fixpackages news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
GENTOO_MIRRORS="ftp://trumpetti.atm.tut.fi/gentoo http://gentoo.tups.lv/source http://distfiles.gentoo.org"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="en_GB en et"
MAKEOPTS="-j3"
PKGDIR="/var/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="X a52 aac acpi alsa avi bash-completion berkdb bittorrent bluetooth branding bzip2 bzlib cairo cdda cddb cdparanoia cdr cli consolekit cracklib crypt css cups cvs cxx dbus djvu dri dts dvd dvdr eds emboss encode exif fam fbcon ffmpeg firefox flac fontconfig foomaticdb ftp gd gdbm gdu gif gimp gnome gnome-keyring gnutls gphoto2 gpm gstreamer gtk gtk2 hal hardened hddtemp iconv icu ieee1394 imagemagick imap imlib ipv6 irc jadetex java java6 javascript jpeg jpeg2k lame laptop lcms ldap libnotify libsamplerate libwww lm_sensors mad matroska mhash mikmod mime mmx mng modules mp3 mp4 mpeg mplayer msn mudflap nautilus ncurses nls nptl nptlonly offensive ogg opengl openmp pam pango pcmia pcre pdf pdflib perl png policykit ppds pppd python qt3support quicktime raw readline rss samba scanner sdl session smartcard smp speex spell sse sse2 ssl startup-notification subversion svg symlink sysfs tcpd threads tiff truetype udev unicode usb vnc vorbis wav wifi wmf x264 x86 xcb xine xml xmms xorg xscreensaver xulrunner xv xvid zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev synaptics keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_GB en et" PHP_TARGETS="php5-2" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="fglrx radeon" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Back to top
View user's profile Send private message
Nublet
n00b
n00b


Joined: 31 Oct 2010
Posts: 9

PostPosted: Sat Nov 06, 2010 1:31 pm    Post subject: Reply with quote

I decided to do as Hu suggested and reinstalled my system with full encryption except /boot (and Windows partitions). Otherwise the disk setup is the same:

/boot 100M ext2
/dev/sda5 -> LUKS encrypted LVM2 volume that contains: SWAP, /, /var, /usr, /usr/portage, /home partitions (/tmp is tmpfs)

I used Arantius.com guide (and Gentoo Handbook) as reference. Now it asks me for passphrase during the boot and / partition (inside the encrypted LVM this time) is mounted succesfully, but no other partitions. However LVM states that it finds the partitions:
Code:
>> Activating mdev
>> Scanning for Volume Groups
   Reading all physical volumes.   This may take a while ...
Enter passphrase for /dev/sda5:
>> LUKS device /dev/sda5 opened
>> Scanning for Volume Groups
   Reading all physical volumes.   This may take a while ...
   Found volume group "enc" using metadata type lvm2
>> Activating Volume Groups
   6 logical volume(s) in volume group "enc" now active
>> Determining root devices...
>> Mounting root...
>> Booting (initramfs)..
INIT: version 2.88 booting

What makes it even more weird is that I can't even find LVM device for / (or ofcourse any other partiton) under /dev/mapper. The folder contains only one file: control. If I try manually to decrypt LVM volume and then mount partitions I get this:
Code:

# cryptsetup luksOpen /dev/sda5 encrypted
Enter passphrase for /dev/sda5:
# vgscan
   Reading all physical volumes. This may take a while...
   Found duplicate PV XXXXxxxxXXXXxxxXXXXXXXX: using /dev/mapper/encrypted not /dev/dm-0
   Found volume group "enc" using metadata type lvm2
# vgchange -a y
   Found duplicate PV XXXXxxxxXXXXxxxXXXXXXXX: using /dev/mapper/encrypted not /dev/dm-0
   6 logical volume(s) in volume group "enc" now active
# ls -AlF /dev/mapper
crw------- 1 root root 10, 236 Nov   6 15:03 control
lrwxrwxrwx 1 root root       7 Nov   6 15:06 encrypted -> ../dm-7
No devices created? Also tried mounting partitions by their label (I have set the labels to partitions), but its not succesful either (no such partition found).

Running genkernel-x86-2.6.36-gentoo. I installed it with following options (genkernel.conf was unmodified):
Code:
# genkernel --makeopts="-j3" --symlink --lvm --luks --disklabel --menuconfig --install all
Code:
    Device Drivers  --->
    [*] Multiple devices driver support (RAID and LVM)  --->
        <*> Device mapper support
        <*> Crypt target support
-*- Cryptographic API  --->
    *** Digest ***
    <*> SHA224 and SHA256 digest algorithm
    <*> SHA384 and SHA512 digest algorithms
    *** Ciphers ***
    <*> AES cipher algorithms

vgdisplay:
Code:
  --- Volume group ---
  VG Name               enc
  System ID             
  Format                lvm2
  Metadata Areas        1
  Metadata Sequence No  7
  VG Access             read/write
  VG Status             resizable
  MAX LV                0
  Cur LV                6
  Open LV               1
  Max PV                0
  Cur PV                1
  Act PV                1
  VG Size               34.91 GiB
  PE Size               4.00 MiB
  Total PE              8936
  Alloc PE / Size       6987 / 27.29 GiB
  Free  PE / Size       1949 / 7.61 GiB
  VG UUID               a6Soyk-X28a-Co3a-83fX-Z6G9-vyU0-AuRAf1

lvdisplay:
Code:
  /dev/mapper/enc-swap: open failed: No such file or directory
  --- Logical volume ---
  LV Name                /dev/enc/swap
  VG Name                enc
  LV UUID                1OSuIN-0GK0-Kupv-LVjy-ATLJ-EP3n-GJsivS
  LV Write Access        read/write
  LV Status              NOT available
  LV Size                3.50 GiB
  Current LE             896
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto

  /dev/mapper/enc-root: open failed: No such file or directory 
  --- Logical volume ---
  LV Name                /dev/enc/root
  VG Name                enc
  LV UUID                EBQbvT-dT13-qCaj-YSGQ-sJAe-D2yF-3GAt8K
  LV Write Access        read/write
  LV Status              NOT available
  LV Size                1.00 GiB
  Current LE             256
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto

  /dev/mapper/enc-var: open failed: No such file or directory 
  --- Logical volume ---
  LV Name                /dev/enc/var
  VG Name                enc
  LV UUID                EKTY4Q-7tNl-afzw-wY0s-z7Q1-zW0h-x3xRTy
  LV Write Access        read/write
  LV Status              NOT available
  LV Size                3.50 GiB
  Current LE             896
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto

  /dev/mapper/enc-portage: open failed: No such file or directory 
  --- Logical volume ---
  LV Name                /dev/enc/portage
  VG Name                enc
  LV UUID                Ynzs6h-oNgU-XFMq-U8jA-LbB6-yXvx-GjBChL
  LV Write Access        read/write
  LV Status              NOT available
  LV Size                300.00 MiB
  Current LE             75
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto

  /dev/mapper/enc-usr: open failed: No such file or directory 
  --- Logical volume ---
  LV Name                /dev/enc/usr
  VG Name                enc
  LV UUID                tshLLW-oaQH-QyEo-45pm-cFn1-e1Fm-VEbsVo
  LV Write Access        read/write
  LV Status              NOT available
  LV Size                12.00 GiB
  Current LE             3072
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
 
  /dev/mapper/enc-home: open failed: No such file or directory   
  --- Logical volume ---
  LV Name                /dev/enc/home
  VG Name                enc
  LV UUID                HdaF1h-Zgxo-UMjf-n1d6-KIZn-bMho-AYrOCL
  LV Write Access        read/write
  LV Status              NOT available
  LV Size                7.00 GiB
  Current LE             1792
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
   

mount:
Code:
rootfs on / type rootfs (rw)
/dev/mapper/enc-root on / type ext4 (rw,noatime,barrier=1,data=ordered)
proc on /proc type proc (rw,relatime)
rc-svcdir on /lib/rc/init.d type tmpfs (rw,nosuid,nodev,noexec,relatime,size=1024k,mode=755)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
udev on /dev type tmpfs (rw,nosuid,relatime,size=10240k,mode=755)
fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620)
shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /tmp type tmpfs (rw,nosuid,noatime,size=512M,mode=1777)
usbfs on /proc/bus/usb type usbfs (rw,noexec,nosuid)

/etc/fstab:
Code:
LABEL=BOOT   /boot      ext2      noauto,noatime            1 2

LABEL=SWAP   none      swap      sw               0 0
LABEL=ROOT   /      ext4      noatime               0 1
LABEL=VAR   /var      reiserfs   noatime,notail            0 1
LABEL=USR   /usr      ext4      noatime               0 1
LABEL=PORTAGE   /usr/portage   reiserfs   noatime,nolog            0 1
LABEL=HOME   /home      ext4      noatime               0 1
tmpfs      /tmp      tmpfs      size=512M,mode=1777,noatime,nosuid   0 0

proc      /proc      proc      defaults            0 0
shm      /dev/shm   tmpfs      nodev,nosuid,noexec         0 0

I have also tried using /dev/mapper/enc-... names instead of labels, but it doesn't make difference.

grub.conf:
Code:
default 0
timeout 30

title Gentoo Linux
root (hd0,2)
kernel /boot/kernel-genkernel-x86-2.6.36-gentoo dolvm init=/linuxrc ramdis=8192 root=/dev/ram0 crypt_root=/dev/sda5 real_root=/dev/mapper/enc-root
initrd /boot/initramfs-genkernel-x86-2.6.36-gentoo

title Windows 7
rootnoverify (hd0,0)
makeactive
chainloader +1


emerge --info (I had to boot from the install CD and mount, chroot there to get it as I'm unable to mount the volumes if I boot from the installed system - as stated above):
Code:
Portage 2.1.9.24 (default/linux/x86/10.0/desktop/gnome, gcc-4.4.5, glibc-2.12.1-r3, 2.6.34-gentoo-r6 i686)
=================================================================
System uname: Linux-2.6.34-gentoo-r6-i686-Intel-R-_Core-TM-2_Duo_CPU_P8400_@_2.26GHz-with-gentoo-2.0.1
Timestamp of tree: Thu, 04 Nov 2010 17:15:01 +0000
ccache version 2.4 [enabled]
app-shells/bash:     4.1_p9
dev-java/java-config: 2.1.11-r1
dev-lang/python:     2.6.6-r1, 3.1.2-r4
dev-util/ccache:     2.4-r8
dev-util/cmake:      2.8.1-r2
sys-apps/baselayout: 2.0.1-r1
sys-apps/openrc:     0.6.3
sys-apps/sandbox:    2.3-r1
sys-devel/autoconf:  2.68
sys-devel/automake:  1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.4.5
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.10
sys-devel/make:      3.82
virtual/os-headers:  2.6.35 (sys-kernel/linux-headers)
ACCEPT_KEYWORDS="x86 ~x86"
ACCEPT_LICENSE="* -@EULA"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=native -pipe -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -march=native -pipe -fomit-frame-pointer"
DISTDIR="/var/portage/distfiles"
FEATURES="assume-digests binpkg-logs ccache distlocks fixlafiles fixpackages news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
GENTOO_MIRRORS="ftp://trumpetti.atm.tut.fi/gentoo http://gentoo.tups.lv/source http://distfiles.gentoo.org"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="en_GB en et"
MAKEOPTS="-j3"
PKGDIR="/var/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="X a52 aac acpi alsa avi bash-completion berkdb bittorrent bluetooth branding bzip2 bzlib cairo cdda cddb cdparanoia cdr cli consolekit cracklib crypt css cups cvs cxx dbus djvu dri dts dvd dvdr eds emboss encode exif fam fbcon ffmpeg firefox flac fontconfig foomaticdb ftp gd gdbm gdu gif gimp gnome gnome-keyring gnutls gphoto2 gpm gstreamer gtk gtk2 hal hardened hddtemp iconv icu ieee1394 imagemagick imap imlib ipv6 irc java java6 javascript jpeg jpeg2k lame laptop lcms ldap libnotify libsamplerate libwww lm_sensors mad matroska mhash mikmod mime mmx mng modules mp3 mp4 mpeg mplayer msn mudflap nautilus ncurses nls nptl nptlonly offensive ogg opengl openmp pam pango pcmia pcre pdf pdflib perl png policykit ppds pppd python qt3support quicktime raw readline rss samba scanner sdl session smartcard smp speex spell sse sse2 ssl startup-notification subversion svg symlink sysfs tcpd threads tiff truetype udev unicode usb vnc vorbis wav wifi wmf x264 x86 xcb xine xml xmms xorg xscreensaver xulrunner xv xvid zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev synaptics keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_GB en et" PHP_TARGETS="php5-2" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="fglrx radeon" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

Any advice or suggestion is really welcome. I'm so lost here :'(
Thanks in advance.
Back to top
View user's profile Send private message
jathlon
Tux's lil' helper
Tux's lil' helper


Joined: 26 Sep 2006
Posts: 89
Location: Canada

PostPosted: Sat Nov 06, 2010 2:05 pm    Post subject: Re: dmcrypt not opening volume at boot? Reply with quote

Nublet wrote:
Also LVM seems to start fine, but doesn't find any volumes as the partition isn't decrypted.


Last time I seen this behavior, I had forgot to set the partition type to LVM.

Code:
fdisk -l /dev/sdc
<snip>
   Device Boot      Start         End      Blocks   Id  System
/dev/sdc1              63   976762079   488381008+  8e  Linux LVM
/dev/sdc2       976762080  1953525167   488381544   8e  Linux LVM


In this case I was lucky and I just went in with fdisk and changed the partitions to type 8e and I didn't have to restore the data.

Just something else that you can double check for yourself.

joe
Back to top
View user's profile Send private message
Nublet
n00b
n00b


Joined: 31 Oct 2010
Posts: 9

PostPosted: Sat Nov 06, 2010 3:26 pm    Post subject: Re: dmcrypt not opening volume at boot? Reply with quote

jathlon wrote:
Last time I seen this behavior, I had forgot to set the partition type to LVM.
Hmm.. my LVM partition is inside LUKS' partition. Should I set LUKS partition (/dev/sda5) type to LVM? I mean .. I don't think there's partition table inside LUKS - at least fdisk tells me that if I try to open /dev/mapper/encrypted (created with cryptsetup luksOpen /dev/sda5 encrypted - while booted from install cd).
Back to top
View user's profile Send private message
Hu
Watchman
Watchman


Joined: 06 Mar 2007
Posts: 8602

PostPosted: Sat Nov 06, 2010 4:25 pm    Post subject: Reply with quote

The partition type should not matter here. LVM clearly finds the volumes or it would not be producing so much output from lvdisplay. This looks like a problem triggered by the failure to allocate the expected device nodes. I see that /dev/dm-7 exists. What about lower numbered dm-X nodes?

I have seen reports of some issues recently with some versions of lvm and/or udev interacting in a way that did not set up all the device nodes in their traditional locations. I do not know which package is at fault for this.
Back to top
View user's profile Send private message
Nublet
n00b
n00b


Joined: 31 Oct 2010
Posts: 9

PostPosted: Sat Nov 06, 2010 4:57 pm    Post subject: Reply with quote

Hu wrote:
I see that /dev/dm-7 exists. What about lower numbered dm-X nodes?
There are nodes dm-0 to dm-6 after booting. dm-7 was created when I did "cryptsetup luksOpen ..." manually.
Here's whole output of ls -AlF /dev.

Output of blkid /dev/dm-*:
Code:
/dev/dm-0: UUID="QoMwZY-y03W-r6oZ-SuAI-vEFC-3AGI-eZgENB" TYPE="LVM2_member"
/dev/dm-1: LABEL="SWAP" UUID="f0b2467c-94c6-4f09-8f1e-a901d82b1d2c" TYPE="swap"
/dev/dm-2: LABEL="ROOT" UUID="62dd64e0-5738-4d54-bdab-ffeef6c32bad" TYPE="ext4"
/dev/dm-3: LABEL="VAR" UUID="11bd3088-607d-418a-8ec6-c935b4e3fbdb" TYPE="reiserfs"
/dev/dm-4: LABEL="PORTAGE" UUID="906bcceb-6ae4-4716-b9a5-7cc6d9a13c24" TYPE="reiserfs"
/dev/dm-5: LABEL="USR" UUID="aee31d49-456b-4da2-81d1-d964b324fded" TYPE="ext4"
/dev/dm-6: LABEL="HOME" UUID="02d3a486-8c58-413b-84c8-30cb9b537f9b" TYPE="ext4"

I suppose I should use those names in /etc/fstab instead? Should everything work then as intended or may it cause problems? I mean even lvdisplay is still trying to access them under /dev/mapper/. Should I manually create symlinks?

PS! Tried mounting /dev/dm-3 and got error:
Code:
# mount -o notail,noatime /dev/dm-3 /var
mount: special device /dev/mapper/enc-var does not exist
Same with other nodes :(
Back to top
View user's profile Send private message
Hu
Watchman
Watchman


Joined: 06 Mar 2007
Posts: 8602

PostPosted: Sat Nov 06, 2010 8:24 pm    Post subject: Reply with quote

That fits with what I expected. For some reason, udev is not creating the /dev/mapper nodes. When the lvm commands create them, they are running in the initramfs. You are then able to mount the root node while in the initramfs, but those nodes are lost after the switch_root. The dm-X nodes are numbered in discovery order, so you should avoid using them in any long term configuration. You might be able to work around this by enabling CONFIG_DEVTMPFS, modifying your initscript to use that for your /dev, and then allowing udev to mount that same devtmpfs when it takes control in the main system.
Back to top
View user's profile Send private message
Nublet
n00b
n00b


Joined: 31 Oct 2010
Posts: 9

PostPosted: Sun Nov 07, 2010 4:01 pm    Post subject: Reply with quote

Hu wrote:
You might be able to work around this by enabling CONFIG_DEVTMPFS, modifying your initscript to use that for your /dev, and then allowing udev to mount that same devtmpfs when it takes control in the main system.
I recompiled kernel with CONFIG_DEVTMPFS and CONFIG_DEVTMPFS_MOUNT and now mount shows that /dev is mounted as devtmpfs (before it was tmpfs), but it still doesn't contain /dev/mapper nodes.
Code:
udev on /dev type devtmpfs (rw,nosuid,relatime,size=10249k,nr_inodes=218481,mode=755)
So I suppose I haven't done it right.
You told I should modify the initscript. I suppose it is inside initramfs? Haven't ever nibbled with it tho'. Well.. I suppose I have to do some research then.

Thanks a lot for your suggestions tho'. Would never have figured it out myself.

PS! As I understand it is not intended behaviour? So there is hope for some fix in foreseeable future if I don't manage to get this work around working?
Back to top
View user's profile Send private message
Hu
Watchman
Watchman


Joined: 06 Mar 2007
Posts: 8602

PostPosted: Sun Nov 07, 2010 4:42 pm    Post subject: Reply with quote

I suggested devtmpfs because it persists across mounts (but not across reboots), so nodes created in a devtmpfs survive being unmounted from the initramfs and remounted in the main system. Thus, if your initramfs had mounted devtmpfs prior to running vgscan, the nodes it created would be there in the main boot process and allow you to boot successfully. The change you need to your initramfs is to ensure that it mounts devtmpfs on /dev before it runs cryptsetup.

I do not know if the behavior you are seeing is intended, but it is not an isolated event. Personally, I consider this behavior undesirable, but it could just be a matter of having some program misconfigured, rather than an actual bug.
Back to top
View user's profile Send private message
Nublet
n00b
n00b


Joined: 31 Oct 2010
Posts: 9

PostPosted: Sun Nov 07, 2010 9:41 pm    Post subject: Reply with quote

Made a custom initramfs with following initscript:
Code:
#!/bin/busybox sh

# Mount the /proc and /sys filesystems.
mount -t proc none /proc
mount -t sysfs none /sys

# Mount /devtmpfs for using USB-Disks
mount -t devtmpfs none /dev

# Open encrypted parition.
cryptsetup luksOpen /dev/sda5 encrypted

# Establish LVM.
lvm vgscan
lvm vgchange -a y

# Mount root.
mount -t ext4 -o noatime /dev/mapper/enc-root /mnt/root

# Bind /dev.
mount -o bind /dev /mnt/root/dev

# Clean up.
#umount /dev
umount /sys
umount /proc

# Boot the real thing.
exec switch_root /mnt/root /sbin/init
Still need to improve it further, but it seems to work. Dunno if using "-o bind" is the best solution, but at least now the nodes are visible in the main system (and mounted according to fstab).

Used following guide and thread to figure it out:
Initramfs - Gentoo Linux Wiki
Gentoo LUKS+LVM init help [solved]
And big thanks to Hu for pointing me in right direction :)
Back to top
View user's profile Send private message
Hu
Watchman
Watchman


Joined: 06 Mar 2007
Posts: 8602

PostPosted: Sun Nov 07, 2010 10:17 pm    Post subject: Reply with quote

Nublet wrote:
Code:
# Bind /dev.
mount -o bind /dev /mnt/root/dev
#umount /dev
You could probably remove the bind mount and uncomment the umount. The entire point of pushing you to use devtmpfs is that, unlike a regular tmpfs, it persists its contents across being unmounted and remounted.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum