Good suggestions. But the problem I'm having at the moment is that the umount and remove were not done prior to shutdown. There was an error in reboot checking the filesystem. I removed it from fstab and was able to get the system up. But I can't mount the encrypted file system. I can't remove the mapper through cryptsetup. How can I clear this up? I don't want to just start hacking away. I have already restored the system once to get around this, but if we start using this on production, I don't think that will be an option. How to clear up if the system isn't taken down gracefully? # mount /dev/mapper/test201 /test201 mount: /dev/mapper/test201 is not a valid block device # cryptsetup remove test201 Error: Could not remove /dev/mapper/test201, still in use? Bob -----Original Message----- From: Zenon Panoussis [mailto:oracle@xxxxxxxxxxxxxxx] Sent: Friday, November 24, 2006 1:23 PM To: dm-crypt@xxxxxxxx Subject: Re: Question for newbie Bates, Bob wrote: > I have just started playing with dm-crypt and the last thing > I did was to try a shutdown -r now. The system would not come > up because of a bad filesystem on the encrypted disk. OK, makes > sense, figure I need to tell fstab not to check it at boot time. > For now I removed the line from fstab so I could get the system > to come up. Your shutdown scripts should do something like umount /dev/mapper/<mapper_name> cryptsetup remove <mapper_name> at the right time, i.e. when everything that could be accessing the device has already been killed but while cryptsetup is still available. > But, once the system does come up I can't get it to mount. It tells > me it is not a valid block device. If I try cryptsetup create again, > it already exists. If I try and remove it I get still in use? Try cryptsetup remove <mapper_name> cryptsetup -v -c <cipher> -b <device_size> create <mapper_name> <device> (e.g. cryptsetup -v -c twofish -b 12345678 create hda3 /dev/hda3) and then mount /dev/mapper/<mapper_name> /mountpoint If you typo the passphrase, the mapper device will be created but it will be unmountable. Once it's there you can't create it again without removing it first. It is therefore a good idea to use remove before create in your start-up scripts, so if you typo the passphrase you can just run the script again. I use something like if [ $ok != 1 ] then if [ -e /dev/mapper/name ] then cryptsetup remove name fi cryptsetup -v -c cipher -b size create name /dev/device mount /dev/mapper/name /mountpoint if [ $? = 0 ] then ok=1 fi fi Z --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
