Page 1 of 3 123 LastLast
Results 1 to 10 of 23

Thread: How to access encrypted LVM filesystem in rescue mode - ext3 filesystem cannot mount

  1. #1
    Join Date
    Jan 2014
    Location
    Singapore
    Posts
    15

    Default How to access encrypted LVM filesystem in rescue mode - ext3 filesystem cannot mount

    I have two hard disks, one 120 GB Samsung EVO 840 SSD, and one 1 TB Samsung 7200 rpm spinning HDD.
    On the 120 GB disk I installed openSUSE 13.1 successfully, using LVM and encryption at login.
    This 120 GB drive is internally recognised as /dev/sdb.

    Next, I formatted the 1 TB disk into three partitions, using the fdisk command.
    sda1 is a legacy partition formatted in ntfs and I left untouched (file type 07).
    sda2 became 600 GB in size and was formatted in 83 LINUX.
    sda3 become 205 GB in size and was formatted in 83 LINUX.

    Next, I chose to format both sda2 and sda3 in ext3, so I would have future compatibility with OpenBSD or Mac OS X. I completed the formatting successfully using mkfs.ext3 /dev/sda3.

    Next, I created two directories in the /mnt directory, called P2 and P3.

    Next, I made corresponding entries in the /etc/fstab file, using the vi editor. My two entries look like this
    /dev/sda2 /mnt/P2 ext3 defaults 1 1
    /dev/sda3 /mnt/P3 ext3 defaults 1 1

    Next, I installed truecrypt on the desktop and encrypted the sda3 partition, using the truecrypt installation wizard. In this installation dialogue, truecrypt asks specifically, whether this partition will have to be accessible by other operating systems. My answer was "No", to ensure that truecrypt would not change my format to FAT32 or NTFS, without my control. I made sure the format would remain ext3 to retain future compatibility with other UNIX-like operating systems.

    Next, I copied some 70 GB of data into the truecrypt partition without any problems, and I shut down my computer.

    Now my trouble begins:
    At the next restart, openSUSE 13.1 boots successfully until it gets to the password prompt for the encrypted LVM filesystem on the 120 GB (sdb) disk. It accepts my correct password, then apparently tries to mount P2 and P3, but fails, as it throws the computer into an endless loop, toggling every few seconds between trying to start the X Window System environment with the login prompt, and switching back to console mode and sending endlessly this message to the screen:
    ...
    [ 186.133206] EXT4-fs (sda3): VFS: Can't find ext4 filesystem
    ...

    1.
    Clearly, it is looking for an ext4 filesystem, but only finds ext3. This should not be an issue for a Linux operating system, but let's think results oriented first: I physically remove the 1 TB disk causing the trouble, which is easy to do as I am using an ICY DOCK MB994SP-4S (which is fantastic, BTW), then reboot the system. Removing the disk causes openSUSE to not even make it to the encryption password prompt, it crashes before it gets there.

    2.
    I insert my boot DVD, and enter Rescue Mode. In Rescue mode, I do not make it to the encryption password prompt either, it throws out messages to me such as:
    systemd-fsck[566]: fsck: fsck.ntfs: not found
    systemd-fsck[566]: fsck: error 2 while executing fsck.ntfs
    Mounting /mnt/P2...
    [OK] Found device /dev/system/home.
    [OK] Started Activation of LVM2 logical volumes.
    [OK] Activated swap /dev/system/swap.
    [FAILED] Failed to mount /mnt/P2.
    See 'systemctl status mnt-P2.mount' for details.
    Further down, I also get
    [FAILED] Failed to start Recreate Volatile Files and Directories.

    3.
    When I get to the rescue system prompt, using the root login (no password required), try to mount sdb, but fail:
    Rescue:/etc# mount /dev/sdb /mnt
    mount.bin: /dev/sdb is write-protected, mounting read-only
    mount.bin: wrong fs type, bad option, bad superblock on /dev/sdb,
    missing codepage or helper program, or other error
    In some cases useful info is found in syslog - try "dmesg | tail" or so.

    4.
    At this point, two solutions come to my mind:
    (1) In Regular Mode, I need to try to stop the startup program from mounting sda3. How?
    (2) In Rescue Mode, I would like to change the /etc/fstab entry, but cannot mount it unless I get an encryption password prompt first. How?

    Any useful hints greatly appreciated.
    Last edited by rhett1butler; 11-Jan-2014 at 03:55. Reason: sba changed to sda (typo)

  2. #2
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: How to access encrypted LVM filesystem in rescue mode - ext3filesystem cannot mount

    On 2014-01-11 11:56, rhett1butler wrote:

    >
    > I have two hard disks, one 120 GB Samsung EVO 840 SSD, and one 1 TB
    > Samsung 7200 rpm spinning HDD.
    > On the 120 GB disk I installed openSUSE 13.1 successfully, using LVM and
    > encryption at login.


    So, the main system is encrypted. Using LUKS, I guess.

    > Next, I created two directories in the /mnt directory, called P2 and P3.
    >
    > Next, I made corresponding entries in the /etc/fstab file, using the vi
    > editor. My two entries look like this
    > /dev/sda2 /mnt/P2 ext3 defaults 1 1
    > /dev/sda3 /mnt/P3 ext3 defaults 1 1
    >
    > Next, I installed truecrypt on the desktop and encrypted the sda3


    Truecrypt, not LUKS, for the hard disk.


    > Now my trouble begins:
    > At the next restart, openSUSE 13.1 boots successfully until it gets to
    > the password prompt for the encrypted disk.


    I guess that it is the password for the system disk, the SSD, which is
    using LUKS.

    > It accepts my correct
    > password, then apparently tries to mount P2 and P3, but fails,


    Well, fstab says that those are plain unencrypted ext3 partitions, but
    they are not. They are now encrypted with truecrypt

    > Clearly, it is looking for an ext4 filesystem, but only finds ext3. This
    > should not be an issue for a Linux operating system, but let's think
    > results oriented first: I physically remove the 1 TB disk causing the
    > trouble, which is easy to do as I am using an ICY DOCK MB994SP-4S (which
    > fantastic, BTW), then reboot the system. Removing the disk causes
    > openSUSE to not even make it to the encryption password prompt, it
    > crashes before it gets there.


    It should jump to rescue mode, because fstab says to mount a device that
    is no longer present. To avid that you have to edit fstab and mark P1
    and P2 as "nofail".


    > 2.
    > I insert my boot DVD, and enter Rescue Mode. In Rescue mode, I do not
    > make it to the encryption password prompt either, it throws out messages
    > to me such as:


    I no longer use the rescue system on the DVD. Instead I download the
    dedicated XFCE rescue image.

    > systemd-fsck[566]: fsck: fsck.ntfs: not found
    > systemd-fsck[566]: fsck: error 2 while executing fsck.ntfs
    > Mounting /mnt/P2...


    It should not be trying to mount that, because that is in the system
    fstab. The rescue system should have no fstab, or rather a very
    different fstab.


    You should post your current partition tables, as seen by "fdisk -l" and
    "blkid". Your fstab file could be useful, too.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

  3. #3
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    10,823
    Blog Entries
    3

    Default Re: How to access encrypted LVM filesystem in rescue mode - ext3 filesystem cannot mount

    Quote Originally Posted by rhett1butler View Post
    Any useful hints greatly appreciated.
    Carlos answered most of the questions. But I'm not sure if he answered the one in the thread title.

    To access the LVM from your rescue boot:

    Code:
    cryptsetup luksOpen /dev/sdXY cr_lvm
    #### change that "sdXY" to the device name.
    vgscan  ## not sure if this is really needed, and it will operate without any output
    vgchange -a y  #### that makes the volumes accessible, but may also be silent
    ls /dev/mapper   ### that will tell you something about what lvm volumes are now accessible to mount
    opensuse Leap 15.0; KDE Plasma 5;
    opensuse tumbleweed; KDE Plasma 5 (test system);

  4. #4
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: How to access encrypted LVM filesystem in rescue mode - ext3filesystem cannot mount

    On 2014-01-11 19:06, nrickert wrote:
    >
    > rhett1butler;2615063 Wrote:
    >> Any useful hints greatly appreciated.

    >
    > Carlos answered most of the questions. But I'm not sure if he answered
    > the one in the thread title.


    Mmm, right...
    I have encrypted filesystems, but not combined with LVM :-)

    I hoped the rescue system (not the one on the install disk) would mount
    it automatically, and if not, then we'd see.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

  5. #5
    Join Date
    Jan 2014
    Location
    Singapore
    Posts
    15

    Arrow Re: How to access encrypted LVM filesystem in rescue mode - ext3 filesystem cannot mount

    Quote Originally Posted by nrickert View Post
    Carlos answered most of the questions. But I'm not sure if he answered the one in the thread title.

    To access the LVM from your rescue boot:

    Code:
    cryptsetup luksOpen /dev/sdXY cr_lvm
    #### change that "sdXY" to the device name.
    vgscan  ## not sure if this is really needed, and it will operate without any output
    vgchange -a y  #### that makes the volumes accessible, but may also be silent
    ls /dev/mapper   ### that will tell you something about what lvm volumes are now accessible to mount

    Thank you for your input, also to robin_listas, your comments and suggestions are very much appreciated.

    I just tried the above commands, here is my screen output:
    >>>
    Rescue: ~ # vgscan
    No volume groups found
    Rescue: ~ # vgchange -a y
    No volume groups found
    Rescue: ~ # ls /dev/mapper
    control
    Rescue: ~ # cryptsetup luksOpen /dev/sdb
    Command requires device and mapped name as arguments.
    Rescue: ~ # cryptsetup luksOpen /dev/sdb1
    Usage: cryptsetup [-?vyrq] [-?|--help] [--usage] [--version] [-v|--verbose] [--debug] [-c|--cipher=STRING] [-h|--hash=STRING] [-y|--verify-passphrase] [-d|--key-file=STRING] [--master-key=STRING] [--dump-master-key] [-r|--readonly] [-i|iter-time=msecs] [-q|--batch-mode] [-t|--timeout=secs] [-T|--tries=INT] [--align-payload=SECTORS] [--header-backup-file=STRING] [--use-random] [--shared] [--uuid=STRING] [--allow-discards] [--header=STRING] [--test-passphrase] [--tcrypt-hidden] [--tcrypt-system] [-M|--type=STRING] [--force-password] [OPTION...] <action> <action-specific>
    cryptsetup: Unkown action.
    Rescue: ~ # fdisk /dev/sdb
    Welcome to fdisk (util-linux 2.23.2).

    Changes will remain in memory only, until you decide to write them.
    Be careful before using the write command.


    Command (m for help): p

    Disk /dev/sdb: 120.0 GB, 120034123776 bytes, 234441648 sectors
    Units = sectors of 1 * 512 = 512 bytes
    Sector size (logical/physical): 512 bytes / 512 bytes
    I/O size (minimum/optimal): 512 bytes / 512 bytes
    Disk label type: dos
    Disk identifier: 0x0001ceaa

    Device Boot Start End Blocks Id System
    /dev/sdb1 * 2048 819199 408576 83 Linux
    /dev/sdb2 819200 234440703 116810752 8e Linux LVM

    Command (m for help): q

    Rescue: ~ # blkid
    /dev/loop0: TYPE="squashfs"
    /dev/loop1: TYPE="squashfs"
    /dev/loop2: TYPE="squashfs"
    /dev/loop3: TYPE="squashfs"
    /dev/loop4: TYPE="squashfs"
    /dev/sda1: LABEL=P1" UUID="<16 character ID> TYPE="ntfs"
    /dev/sda2: UUID="xxyyxxyy-xxyy-xxyy-xxyy-xxyyxxyyxxyy" TYPE="ext3"
    /dev/sdb1: UUID="xxyyxxyy-xxyy-xxyy-xxyy-xxyyxxyyxxyy" TYPE="ext4" PTTYPE="dos"
    /dev/sdb2: UUID="xxyyxxyy-xxyy-xxyy-xxyy-xxyyxxyyxxyy" TYPE="crypto LUKS"
    /dev/sr0: UUID="2013-11-06-20-55-31-00" LABEL=""openSUSE-13.1-DVD-x86_640091" TYPE=iso9660" PTTYPE="dos"
    <<<

    Now, I could play around a little with the "cryptsetup" command to see what I can accomplish with it, thanks for the suggestion, nrickert!

    At this point I may want to circumvent the problems I have with getting access via Rescue Mode by installing a second openSUSE operating system on the 600 GB spare partition sda2 (perhaps after splitting this partition into two so I have another spare partition left), then try to get access to sdb1 and sdb2 from there, so I can modify the /etc/fstab entries from this second openSUSE installation.

    Alternatively, I have to do a fresh installation on the 120 GB, which is a nuissance, but does not involve any loss of data. I just do not like having to spend so much time updating and tweaking the setup until I have it the way it was (".)

    I agree with the gist of what Robin_lista wrote as a possible explanation why my computer ends up in an endless loop: the boot script tries to mount sda3, but cannot mount it, probably because of truecrypt encryption. But it cannot stop trying because there is no "noauto" parameter set (I think "nofail" would not get me out of the loop).

    I shall post any progress or new insights here.

    Again, thank you for your valuable input, comments and suggestions. I very much appreciate it!

  6. #6
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: How to access encrypted LVM filesystem in rescue mode - ext3filesystem cannot mount

    On 2014-01-12 13:46, rhett1butler wrote:

    > Thank you for your input, also to robin_listas, your comments and
    > suggestions are very much appreciated.
    >
    > I just tried the above commands, here is my screen output:


    Please do not forget to use CODE TAGS to post such things as that below.
    You get them by clicking on the '#' button on the editor. And don't use
    any extra formatting inside, such as bold or colors, please.

    I'll try to rebuild your part.


    Code:
    
    > *Rescue: ~ #* vgscan
    > No volume groups found
    > *Rescue: ~ #* vgchange -a y
    > No volume groups found
    > *Rescue: ~ #* ls /dev/mapper
    > control
    > *Rescue: ~ #* cryptsetup luksOpen /dev/sdb
    > Command requires device and mapped name as arguments.
    Notice that there is a missing word in the above when you compare it to
    what nrickert told you to use. What about the "cr_lvm"?

    That's what the command is telling you to use. The manual tells you
    about it, too.

    (it is just an arbitrary name of your choosing)

    Code:
    
    > *Rescue: ~ #* fdisk /dev/sdb
    > Welcome to fdisk (util-linux 2.23.2).
    Just using "fdisk -l" produces the wanted output.

    Now I have to rebuild your output to make it readable.

    Code:
    
    > Disk /dev/sdb: 120.0 GB, 120034123776 bytes, 234441648 sectors
    > Units = sectors of 1 * 512 = 512 bytes
    > Sector size (logical/physical): 512 bytes / 512 bytes
    > I/O size (minimum/optimal): 512 bytes / 512 bytes
    > Disk label type: dos
    > Disk identifier: 0x0001ceaa
    >
    > Device  Boot           Start          End      Blocks      Id      System
    > /dev/sdb1    *         2048        819199      408576      83      Linux
    > /dev/sdb2            819200     234440703   116810752      8e      Linux LVM


    Code:
    
    > *Rescue: ~ #* blkid
    > /dev/loop0: TYPE="squashfs"
    > /dev/loop1: TYPE="squashfs"
    > /dev/loop2: TYPE="squashfs"
    > /dev/loop3: TYPE="squashfs"
    > /dev/loop4: TYPE="squashfs"
    > /dev/sda1: LABEL=P1" UUID="<16 character ID> TYPE="ntfs"
    > /dev/sda2: UUID="xxyyxxyy-xxyy-xxyy-xxyy-xxyyxxyyxxyy" TYPE="ext3"
    > /dev/sdb1: UUID="xxyyxxyy-xxyy-xxyy-xxyy-xxyyxxyyxxyy" TYPE="ext4" PTTYPE="dos"
    > /dev/sdb2: UUID="xxyyxxyy-xxyy-xxyy-xxyy-xxyyxxyyxxyy" TYPE="crypto LUKS"
    > /dev/sr0: UUID="2013-11-06-20-55-31-00"
    > LABEL=""openSUSE-13.1-DVD-x86_640091" TYPE=iso9660" PTTYPE="dos"



    > At this point I may want to circumvent the problems I have with getting
    > access via Rescue Mode by installing a second openSUSE operating system
    > on the 600 GB spare partition sda2 (perhaps after splitting this
    > partition into two so I have another spare partition left), then try to
    > get access to sdb1 and sdb2 from there, so I can modify the /etc/fstab
    > entries from this second openSUSE installation.


    No, no need to install anything, unless you want to. Instead,
    download... well, if you can, of course, you need another computer to do
    the download, the so called XFCE rescue image from the openSUSE download
    page, and copy it to an USB stick. It is very useful for any operation
    such as this. It is way more powerful than the included rescue image in
    the install DVD. The usb gets a writeable partition, so that
    configuration changes remain across boots, and you can even install
    packages to it (in 13.1, not in 12.3)



    > I agree with the gist of what Robin_lista wrote as a possible
    > explanation why my computer ends up in an endless loop: the boot script
    > tries to mount sda3, but cannot mount it, probably because of truecrypt
    > encryption. But it cannot stop trying because there is no "noauto"
    > parameter set (I think "nofail" would not get me out of the loop).


    Well, it really should stop! Stop and ask the admin to correct the
    situation. That is what happened before systemd, when we had systemv.

    > I shal post any progress or new insights here.
    >
    > Again, thank you for your valuable input, comments and suggestions. I
    > very much appreciate it!


    Welcome :-)


    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

  7. #7
    Join Date
    Jan 2014
    Location
    Singapore
    Posts
    15

    Default Re: How to access encrypted LVM filesystem in rescue mode - ext3 filesystem cannot mount

    Noted, Robin_listas, thank you for the instructions how to use the # ("hash") key.

    As to your request regarding the missing "cr_lvm" in the command: I had forgotten to type it up, but for the avoidance of any doubt or ambiguity: it does not make any difference, the output is the same, the command is unsuccessful:

    Code:
    Rescue:~ # cryptsetup luksopen /dev/sdb1 cr_lvm
    Usage: cryptsetup [-?vyrq] [-?|--help] [--usage] [--version]  [-v|--verbose] [--debug] [-c|--cipher=STRING] [-h|--hash=STRING]  [-y|--verify-passphrase] [-d|--key-file=STRING] [--master-key=STRING]  [--dump-master-key] [-r|--readonly] [-i|iter-time=msecs]  [-q|--batch-mode] [-t|--timeout=secs] [-T|--tries=INT]  [--align-payload=SECTORS] [--header-backup-file=STRING] [--use-random]  [--shared] [--uuid=STRING] [--allow-discards] [--header=STRING]  [--test-passphrase] [--tcrypt-hidden] [--tcrypt-system]  [-M|--type=STRING] [--force-password] [OPTION...] <action>  <action-specific>
    cryptsetup: Unknown action.
    It also does not make any difference whether I use "sdb" or "sdb1" in the command above.

  8. #8
    Join Date
    Sep 2012
    Posts
    4,687

    Default Re: How to access encrypted LVM filesystem in rescue mode - ext3 filesystem cannot mount

    Quote Originally Posted by rhett1butler View Post
    Code:
    Rescue:~ # cryptsetup luksopen /dev/sdb1 cr_lvm
    cryptsetup: Unknown action.
    It's luksOpen. Capital "o". cryptsetup also has manual page.

  9. #9
    Join Date
    Jan 2014
    Location
    Singapore
    Posts
    15

    Default Re: How to access encrypted LVM filesystem in rescue mode - ext3 filesystem cannot mount

    Quote Originally Posted by arvidjaar View Post
    It's luksOpen. Capital "o". cryptsetup also has manual page.
    Thanks arvidjaar, for pointing it out to me. The response from the system is slightly different, but it does not work yet either. Neither does "open" instead of "luksOpen" work:

    Code:
    Rescue:~ # cryptsetup luksOpen /dev/sdb1 cr_lvm
    Device /dev/sdb1 is not a valid LUKS device.
    Rescue:~ # cryptsetup luksOpen /dev/sdb cr_lvm
    Device /dev/sdb is not a valid LUKS device.
    Rescue:~ # cryptsetup open /dev/sdb1 cr_lvm
    Device /dev/sdb1 is not a valid LUKS device.
    I have read the manual page and am trying several variations.
    Thank you again for your valuable input and for providing a critical eye.

  10. #10
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: How to access encrypted LVM filesystem in rescue mode - ext3filesystem cannot mount

    On 2014-01-12 15:56, rhett1butler wrote:

    > Code:
    > --------------------
    >
    >
    > Rescue:~ # cryptsetup luksOpen /dev/sdb1 cr_lvm
    > Device /dev/sdb1 is not a valid LUKS device.
    >
    > --------------------


    Well, it is obvious that sdb1 is not a valid LUKS device. Insistence is
    futile.

    Find out what it is:

    Code:
    file -s /dev/sdb1
    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.3 x86_64 "Dartmouth" at Telcontar)

Page 1 of 3 123 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •