Using Leap 15.4 and about install Leap 15.5 so my problem may fix itself but I am curious as to how to fix this otherwise.
Using YaST partioner to set up a GPT partition table on a USB disk with one normal and one encrypted EXT4 partition. After a couple of failed attempts setting up the encrypted partition I ended up with both partitions on the removable drive but crypto_LUKS not set up to mount and access the encrypted partition. Note that the output from lsblk -f shows the encrypted partition on sde2 but not the failed attempts that used sdb2 and sdc2. The failed mapper device files still exist. If I plug the drive into another computer, both partitions are available. How do I clean out these failed attempts and hopefully access the encrypted partition as intended? Is it possible to use YaST partitioner to set up access such that the encrypted partition DOES NOT auto mount when the drive is plugged in but mountable by USER? 95% of the time I will only be accessing the non-encrypted partition.
EReST00 is the volume label for the (to be) encrypted partition.
All three were produced by the failed attempts and by failure, I mean that after editing the (to be) encrypted partition in YaST partitioner to format (EXT4) and encrypt the partition, I was unable to mount that partition.
Device names sdb2, sdc2, sdd2 and sde2 are associated with the same USB disk drive that was un/plugged between set up attempts.
Commenting out the ‘cr_run_media_rs_EReST00’ in crypttab and rebooting is worth a try after lunch.
The surprising part for me is that when I plugged this drive into a different machine (also Leap 15.4) I was asked for a password, super user ID, and the encrypted partition was mounted as expected.
That suggests that you did properly setup that partition.
When I use Yast to setup an encrypted partition on a USB device, I check the box “Do not mount”. I think that avoids getting entries in “/etc/fstab” and in “/etc/crypttab”.
If I have been using an encrypted partition from a USB drive, then I make sure it is unmounted before I unplug. And I also use
# cryptsetup luksClose cr_whatever
(changing that “whatever” to the appropriate name) before unplugging. Otherwise the USB port will be seen as busy, and that would be why your device was changing from “/dev/sdb” to “/dev/sdc” to “/dev/sde”.
Well, that didn’t end well. After the comment as suggested, restarting sent me into emergency mode. I uncommented and restarted but still in emergency. Poking around it appears that references to the encrypted partition are scattered in few places such as /run/systemd/generator for example and these may be throwing a spanner into the works. I used to mount encrypted partitions and container files with my own cryptsetup scripts but became used to the convenience of YaST (and it worked). I agree with the precautions you mentioned but it is easy to drop the ball and not unmount. I don’t expect that trying to fix this installation is worth the time so I may be upgrading a few days sooner than planned. I wish I had done that backup last night.
Saved! I deleted reference to those removable volume names within fstab and the system booted. However, rather than fight this issue further, I may proceed with the upgrade this weekend and go from there. Now I will have a recent backup at the start.
Thank you for the suggestions. If I get this working as desired under Leap 15.5, I’ll reply once again with a conclusion.