Hi all.
[ update: manually mounting them can now be done if you read all the way though... retaining the entire post as it may help others... BUT root cause is still outstanding in that encrypted disks that automatically setup LVM volumes at boot in F17 will not in F18]
I have been unable to access encrypted LUKS volumes since I used fedup to upgrade to F18.
The server has three LUKS encrypted disks all withe the same password, the boot disk is handled OK but the other two disks fail to get setup correctly.
Under F17 the password entered for the boot disk would be retained/remembered and used to mount the other two disks (which still works if I boot using the F17 boot entry from the grub menu).
Under F18 the additional two disks are unusable. They show with a 'ls /dev/sd*' listing but no longer show in pvdisplay/vgdisplay/lvdisplay (more on that below)
The boot.log contains messages like these
[FAILED] Failed to start Cryptography Setup for luks-f2d259a3-c3c3-4389-8271-eda3c2242d58.
See 'systemctl status cryptsetup@luks\x2df2d259a3\x2dc3c3\...2242d58.service' for details.
[DEPEND] Dependency failed for Encrypted Volumes.
The status message is meaningless to me. I am assuming it is the result of the password entered for the boot disk not being chained and used to make the other disks available as was done in F17.
[root@dragon log]# systemctl status cryptsetup@luks\x2df2d259a3\x2dc3c3\...2242d58.service
cryptsetup@luksx2df2d259a3x2dc3c3x2d...2242d58.service
Loaded: error (Reason: No such file or directory)
Active: inactive (dead)
These are the entries I have in crypttab
[root@dragon log]# cat /etc/crypttab
# boot disk
luks-c5a6c0d4-212c-4f3d-94f3-dbec23b143dc UUID=c5a6c0d4-212c-4f3d-94f3-dbec23b143dc none
# other two internal disks
luks-f2d259a3-c3c3-4389-8271-eda3c2242d58 UUID=f2d259a3-c3c3-4389-8271-eda3c2242d58 none
luks-e7ea744a-59cf-4ee4-8c24-eb57a71bb71d UUID=e7ea744a-59cf-4ee4-8c24-eb57a71bb71d none
Manual steps I have tried so far
Manually using cryptsetup luksOpen on the disks prompts for the password which is accepted and when that is done
+ lvdisplay/vgdisplay/lvdisplay show the disks, volume grops and logical volumes
+ a ls in /dev/mapper shows there are entries for those luks disks now
+ there are /dev/dm-n entries created for the disks
but
- no /dev/mapper entries or /dev/<volgroup>/<lv> entries are created so whatever background process managed to detect the LVs doesn't actually set them up so I still can't mount the LVs on those disks
So when the disks are mounted manually with cryptsetup only part of the setup seems to be done (actually I was supprised that LVM suddenly detected they were there for the display commands).
Also tried using the lvm command vgmknodes; that didn't activate the logical volumes.
Does anyone have any idea what changed in LUKS so can give pointers on how I can get those two disks made available with the PV/VG/LV entries correctly setup at boot time.
One of them is actually /home. I had to comment that and the other affected mountpoints out of /etc/fstab or every boot dropped into the emergency mode prompt.
Prior to the disks being manually luksOpened This is what I had
[root@dragon ~]# ls /dev/mapper
control vg_dragon-lv_root
luks-c5a6c0d4-212c-4f3d-94f3-dbec23b143dc vg_dragon-lv_swap
[root@dragon ~]# ls /dev/vg_*
lv_root lv_swap
[root@dragon ~]# ls /dev/dm*
/dev/dm-0 /dev/dm-1 /dev/dm-2
[root@dragon ~]# lvm
lvm> pvscan
PV /dev/mapper/luks-c5a6c0d4-212c-4f3d-94f3-dbec23b143dc VG vg_dragon lvm2 [74.03 GiB / 0 free]
Total: 1 [74.03 GiB] / in use: 1 [74.03 GiB] / in no VG: 0 [0 ]
lvm> vgscan
Reading all physical volumes. This may take a while...
Found volume group "vg_dragon" using metadata type lvm2
lvm> lvscan
ACTIVE '/dev/vg_dragon/lv_swap' [7.84 GiB] inherit
ACTIVE '/dev/vg_dragon/lv_root' [66.19 GiB] inherit
lvm>
After the disks have been manually mounted the dm-n devices and LVM information become available but no LVM device entries are created
[root@dragon ~]# cryptsetup luksOpen UUID=f2d259a3-c3c3-4389-8271-eda3c2242d58 luks-f2d259a3-c3c3-4389-8271-eda3c2242d58
Enter passphrase for /dev/disk/by-uuid/f2d259a3-c3c3-4389-8271-eda3c2242d58:
[root@dragon ~]# cryptsetup luksOpen UUID=e7ea744a-59cf-4ee4-8c24-eb57a71bb71d luks-e7ea744a-59cf-4ee4-8c24-eb57a71bb71d
Enter passphrase for /dev/disk/by-uuid/e7ea744a-59cf-4ee4-8c24-eb57a71bb71d:
[root@dragon ~]#
[root@dragon ~]# ls /dev/mapper
control
luks-c5a6c0d4-212c-4f3d-94f3-dbec23b143dc
luks-e7ea744a-59cf-4ee4-8c24-eb57a71bb71d
luks-f2d259a3-c3c3-4389-8271-eda3c2242d58
vg_dragon-lv_root
vg_dragon-lv_swap
[root@dragon ~]# ls /dev/vg_*
lv_root lv_swap
[root@dragon ~]# ls /dev/dm*
/dev/dm-0 /dev/dm-1 /dev/dm-2 /dev/dm-3 /dev/dm-4
[root@dragon ~]# lvm
lvm> pvscan
PV /dev/mapper/luks-e7ea744a-59cf-4ee4-8c24-eb57a71bb71d VG vg_dragon2 lvm2 [74.52 GiB / 0 free]
PV /dev/mapper/luks-f2d259a3-c3c3-4389-8271-eda3c2242d58 VG vg_dragon1 lvm2 [74.52 GiB / 0 free]
PV /dev/mapper/luks-c5a6c0d4-212c-4f3d-94f3-dbec23b143dc VG vg_dragon lvm2 [74.03 GiB / 0 free]
Total: 3 [223.08 GiB] / in use: 3 [223.08 GiB] / in no VG: 0 [0 ]
lvm> vgscan
Reading all physical volumes. This may take a while...
Found volume group "vg_dragon2" using metadata type lvm2
Found volume group "vg_dragon1" using metadata type lvm2
Found volume group "vg_dragon" using metadata type lvm2
lvm> lvscan
inactive '/dev/vg_dragon2/lv_spare' [74.52 GiB] inherit
inactive '/dev/vg_dragon1/lv_home1' [74.52 GiB] inherit
ACTIVE '/dev/vg_dragon/lv_swap' [7.84 GiB] inherit
ACTIVE '/dev/vg_dragon/lv_root' [66.19 GiB] inherit
lvm>
If anyone can point me in the direction of being able to get those disks and the LVM data on them available at boot time that would be great.
***** BINGO ******
Found post http://forums.fedoraforum.org/showthread.php?t=287069 that looked slightly similar, and it got the disks available.
I had tried the vgmknodes and got nowhere, this was the manual command that had to be entered after vgmknodes I was missing
lvm> vgchange -aly
1 logical volume(s) in volume group "vg_dragon2" now active
1 logical volume(s) in volume group "vg_dragon1" now active
2 logical volume(s) in volume group "vg_dragon" now active
And filesystems can be mounted.
However, while I can now manually start the disks and access the filesystems I really need them available at boot time like they used to be under F17. Putting into a rc2.d script for now but I shouldn't have to.
Thanks in advance, looking forward to getting my /home directory mounted automagically again one day.
----------------
One new update :-)
Did a yum update, it only found a few packages, installed.
Immediately after that I did a
yum clean all
yum --releasever=18 --disableplugin=presto distro-sync
It wants to download 2.3Gb (fedup missed 2.3Gb?); letting it do so, maybe that will fix the issue.
That will take a day or two with my bandwith, so I'll now in a few days.
[ update: manually mounting them can now be done if you read all the way though... retaining the entire post as it may help others... BUT root cause is still outstanding in that encrypted disks that automatically setup LVM volumes at boot in F17 will not in F18]
I have been unable to access encrypted LUKS volumes since I used fedup to upgrade to F18.
The server has three LUKS encrypted disks all withe the same password, the boot disk is handled OK but the other two disks fail to get setup correctly.
Under F17 the password entered for the boot disk would be retained/remembered and used to mount the other two disks (which still works if I boot using the F17 boot entry from the grub menu).
Under F18 the additional two disks are unusable. They show with a 'ls /dev/sd*' listing but no longer show in pvdisplay/vgdisplay/lvdisplay (more on that below)
The boot.log contains messages like these
[FAILED] Failed to start Cryptography Setup for luks-f2d259a3-c3c3-4389-8271-eda3c2242d58.
See 'systemctl status cryptsetup@luks\x2df2d259a3\x2dc3c3\...2242d58.service' for details.
[DEPEND] Dependency failed for Encrypted Volumes.
The status message is meaningless to me. I am assuming it is the result of the password entered for the boot disk not being chained and used to make the other disks available as was done in F17.
[root@dragon log]# systemctl status cryptsetup@luks\x2df2d259a3\x2dc3c3\...2242d58.service
cryptsetup@luksx2df2d259a3x2dc3c3x2d...2242d58.service
Loaded: error (Reason: No such file or directory)
Active: inactive (dead)
These are the entries I have in crypttab
[root@dragon log]# cat /etc/crypttab
# boot disk
luks-c5a6c0d4-212c-4f3d-94f3-dbec23b143dc UUID=c5a6c0d4-212c-4f3d-94f3-dbec23b143dc none
# other two internal disks
luks-f2d259a3-c3c3-4389-8271-eda3c2242d58 UUID=f2d259a3-c3c3-4389-8271-eda3c2242d58 none
luks-e7ea744a-59cf-4ee4-8c24-eb57a71bb71d UUID=e7ea744a-59cf-4ee4-8c24-eb57a71bb71d none
Manual steps I have tried so far
Manually using cryptsetup luksOpen on the disks prompts for the password which is accepted and when that is done
+ lvdisplay/vgdisplay/lvdisplay show the disks, volume grops and logical volumes
+ a ls in /dev/mapper shows there are entries for those luks disks now
+ there are /dev/dm-n entries created for the disks
but
- no /dev/mapper entries or /dev/<volgroup>/<lv> entries are created so whatever background process managed to detect the LVs doesn't actually set them up so I still can't mount the LVs on those disks
So when the disks are mounted manually with cryptsetup only part of the setup seems to be done (actually I was supprised that LVM suddenly detected they were there for the display commands).
Also tried using the lvm command vgmknodes; that didn't activate the logical volumes.
Does anyone have any idea what changed in LUKS so can give pointers on how I can get those two disks made available with the PV/VG/LV entries correctly setup at boot time.
One of them is actually /home. I had to comment that and the other affected mountpoints out of /etc/fstab or every boot dropped into the emergency mode prompt.
Prior to the disks being manually luksOpened This is what I had
[root@dragon ~]# ls /dev/mapper
control vg_dragon-lv_root
luks-c5a6c0d4-212c-4f3d-94f3-dbec23b143dc vg_dragon-lv_swap
[root@dragon ~]# ls /dev/vg_*
lv_root lv_swap
[root@dragon ~]# ls /dev/dm*
/dev/dm-0 /dev/dm-1 /dev/dm-2
[root@dragon ~]# lvm
lvm> pvscan
PV /dev/mapper/luks-c5a6c0d4-212c-4f3d-94f3-dbec23b143dc VG vg_dragon lvm2 [74.03 GiB / 0 free]
Total: 1 [74.03 GiB] / in use: 1 [74.03 GiB] / in no VG: 0 [0 ]
lvm> vgscan
Reading all physical volumes. This may take a while...
Found volume group "vg_dragon" using metadata type lvm2
lvm> lvscan
ACTIVE '/dev/vg_dragon/lv_swap' [7.84 GiB] inherit
ACTIVE '/dev/vg_dragon/lv_root' [66.19 GiB] inherit
lvm>
After the disks have been manually mounted the dm-n devices and LVM information become available but no LVM device entries are created
[root@dragon ~]# cryptsetup luksOpen UUID=f2d259a3-c3c3-4389-8271-eda3c2242d58 luks-f2d259a3-c3c3-4389-8271-eda3c2242d58
Enter passphrase for /dev/disk/by-uuid/f2d259a3-c3c3-4389-8271-eda3c2242d58:
[root@dragon ~]# cryptsetup luksOpen UUID=e7ea744a-59cf-4ee4-8c24-eb57a71bb71d luks-e7ea744a-59cf-4ee4-8c24-eb57a71bb71d
Enter passphrase for /dev/disk/by-uuid/e7ea744a-59cf-4ee4-8c24-eb57a71bb71d:
[root@dragon ~]#
[root@dragon ~]# ls /dev/mapper
control
luks-c5a6c0d4-212c-4f3d-94f3-dbec23b143dc
luks-e7ea744a-59cf-4ee4-8c24-eb57a71bb71d
luks-f2d259a3-c3c3-4389-8271-eda3c2242d58
vg_dragon-lv_root
vg_dragon-lv_swap
[root@dragon ~]# ls /dev/vg_*
lv_root lv_swap
[root@dragon ~]# ls /dev/dm*
/dev/dm-0 /dev/dm-1 /dev/dm-2 /dev/dm-3 /dev/dm-4
[root@dragon ~]# lvm
lvm> pvscan
PV /dev/mapper/luks-e7ea744a-59cf-4ee4-8c24-eb57a71bb71d VG vg_dragon2 lvm2 [74.52 GiB / 0 free]
PV /dev/mapper/luks-f2d259a3-c3c3-4389-8271-eda3c2242d58 VG vg_dragon1 lvm2 [74.52 GiB / 0 free]
PV /dev/mapper/luks-c5a6c0d4-212c-4f3d-94f3-dbec23b143dc VG vg_dragon lvm2 [74.03 GiB / 0 free]
Total: 3 [223.08 GiB] / in use: 3 [223.08 GiB] / in no VG: 0 [0 ]
lvm> vgscan
Reading all physical volumes. This may take a while...
Found volume group "vg_dragon2" using metadata type lvm2
Found volume group "vg_dragon1" using metadata type lvm2
Found volume group "vg_dragon" using metadata type lvm2
lvm> lvscan
inactive '/dev/vg_dragon2/lv_spare' [74.52 GiB] inherit
inactive '/dev/vg_dragon1/lv_home1' [74.52 GiB] inherit
ACTIVE '/dev/vg_dragon/lv_swap' [7.84 GiB] inherit
ACTIVE '/dev/vg_dragon/lv_root' [66.19 GiB] inherit
lvm>
If anyone can point me in the direction of being able to get those disks and the LVM data on them available at boot time that would be great.
***** BINGO ******
Found post http://forums.fedoraforum.org/showthread.php?t=287069 that looked slightly similar, and it got the disks available.
I had tried the vgmknodes and got nowhere, this was the manual command that had to be entered after vgmknodes I was missing
lvm> vgchange -aly
1 logical volume(s) in volume group "vg_dragon2" now active
1 logical volume(s) in volume group "vg_dragon1" now active
2 logical volume(s) in volume group "vg_dragon" now active
And filesystems can be mounted.
However, while I can now manually start the disks and access the filesystems I really need them available at boot time like they used to be under F17. Putting into a rc2.d script for now but I shouldn't have to.
Thanks in advance, looking forward to getting my /home directory mounted automagically again one day.
----------------
One new update :-)
Did a yum update, it only found a few packages, installed.
Immediately after that I did a
yum clean all
yum --releasever=18 --disableplugin=presto distro-sync
It wants to download 2.3Gb (fedup missed 2.3Gb?); letting it do so, maybe that will fix the issue.
That will take a day or two with my bandwith, so I'll now in a few days.