You are not logged in.

Pages: 1

#1 2009-04-09 07:06:58

schuay
Package Maintainer (PM)
From: Austria
Registered: 2008-08-19
Posts: 564

lvm2+luks: filesystem mounted or opened exclusively by another program

I've been experimenting with an encrypted lvm2 setup using dm-crypt. Config is as follows:

fdisk -l

Disk /dev/sda: 80.0 GB, 80026361856 bytes
255 heads, 63 sectors/track, 9729 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x41ab2316

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1          17      136521   83  Linux
/dev/sda2            6080        9729    29318625   83  Linux
/dev/sda3              18        6079    48693015   8e  Linux LVM

Partition table entries are not in disk order

grub/menu.lst, kernel26-mod.img is the initcpio generated with lvm2 and encrypt hooks

title Arch Linux LVM2 LUKS
root    (hd0,0)
kernel  /vmlinuz26 root=/dev/array/root ro
initrd  /kernel26-mod.img

mkinitcpio.conf

HOOKS="base udev autodetect pata scsi sata lvm2 encrypt filesystems"

fstab

#
# /etc/fstab: static file system information
#
# <file system>        <dir>         <type>    <options>          <dump> <pass>
none                   /dev/pts      devpts    defaults            0      0
none                   /dev/shm      tmpfs     defaults            0      0

#/dev/cdrom             /media/cd   auto    ro,user,noauto,unhide   0      0
#/dev/dvd               /media/dvd  auto    ro,user,noauto,unhide   0      0
#/dev/fd0               /media/fl   auto    user,noauto             0      0

/dev/sda1       /boot ext2 defaults 0 1
/dev/array/root / ext4 defaults 1 2
/dev/array/home /home ext4 defaults 1 2

crypttab:

lukshome        /dev/array/home         "XXXX"

Now, I tested this configuration before encrypting the partitions - and LVM works. After encryption, I can enter my password at boot, it unlocks the root and home partitions successfully, and then throws an error during fsck: "Filesystem mounted or opened exclusively by another program".

In the recovery console, df shows /dev/sda2 being mounted as /, even though it's definitely /dev/array/root that's mounted (to clarify: I see the files from /dev/array/root, but df shows /dev/sda2 as the only filesystem)!

I've tried various configs of menu.lst including cryptdevice= in the kernel line, but I can't even get to the password prompt like that - I'm stuck. Could somebody help out?

edit: from another installation, the lvm/luks partitions mount and fsck without errors. here's my applicable dev content:

$ sudo ls /dev/array/
home  root
$ sudo ls /dev/mapper/
array-home  array-root  control  lukshome  luksroot

Last edited by schuay (2009-04-09 07:16:14)

Offline

#2 2009-04-09 11:15:26

Ranguvar
Member
Registered: 2008-08-12
Posts: 2,549

Re: lvm2+luks: filesystem mounted or opened exclusively by another program

GRUB should point to the encrypted filesystem, everything else should point to the unencrypted filesystem (/dev/mapper/luksroot, it looks like?).

Offline

#3 2009-04-09 11:30:13

schuay
Package Maintainer (PM)
From: Austria
Registered: 2008-08-19
Posts: 564

Re: lvm2+luks: filesystem mounted or opened exclusively by another program

I followed the wiki during setup, so first I installed LVM on /dev/sda3 (2 partitions, /dev/array/root and /dev/array/home), then encrypted both using luks ( /dev/mapper/luksroot, /dev/mapper/lukshome ).

I tried modifying the grub kernel line but somehow I didn't even get as far as before.. In the meantime, I installed from scratch on a VM , first encrypting a partition and afterwards setting up LVM on it, which booted fine on the first try. So unless I'm able to fix my current install, I'm probably going to reinstall with the same setup as the VM.

Still a bit confused on luks/lvm though smile

Offline

#4 2009-04-09 17:14:48

schuay
Package Maintainer (PM)
From: Austria
Registered: 2008-08-19
Posts: 564

Re: lvm2+luks: filesystem mounted or opened exclusively by another program

Well, I reinstalled the other way around, lvm set up inside of an encrypted physical partition - all working now.

For reference, here's what I did:

make partitions, we will need a separate unencrypted boot partition (sda1) and one large partition for lvm (sda2)
encrypt sda2 using:
        modprobe dm-crypt
        modprobe aes-i586
        cryptsetup -c aes-xts-plain -y -s 512 luksFormat /dev/sda2
        cryptsetup luksOpen /dev/sda2 root
setup lvm2:
        modprobe dm-mod
        lvm pvcreate /dev/sda2  #phys vol
        lvm vgcreate array /dev/sda2    #vol group
        lvm lvcreate --size 50G --name root array       #logical vol
        vgchange -ay    #turn on partitions
install arch - if copying from existing setup we need to create /dev/console:
        mknod -m 600 /dev/console c 5 1
        there's probably some stuff missing (black and white boot) but at least the system is bootable
configure:
        mkinitcpio: add hooks encrypt lvm2 before filesystems and regenerate initcpio
        fstab: use lvm2 names (/dev/array/root)
        menu.lst: kernel line - root=/dev/mapper/array-root cryptdevice=/dev/sda2:array
done!

Last edited by schuay (2009-04-09 17:15:24)

Offline

Pages: 1

Board footer

Powered by FluxBB