Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[Solved] failure running cryptsetup
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
KarlP
n00b
n00b


Joined: 10 Sep 2017
Posts: 37
Location: Vorderstoder, Austria

PostPosted: Wed Sep 16, 2020 6:09 pm    Post subject: [Solved] failure running cryptsetup Reply with quote

Hi forum members!

I tried to set up a gentoo installation on a new PC following the instructions from here
https://wiki.gentoo.org/wiki/Handbook:AMD64 and here
https://wiki.gentoo.org/wiki/Full_Disk_Encryption_From_Scratch_Simplified#Configuring_the_Linux_kernel

As something went wrong during my first try I started again in section "Preparing the disks" by performing a mkfs on the partitions and I went through up to "Finalizing the installation". Up to now I did not go any further.

But at this point it seems that I failed to make a functioning kernel that fits to the encrypted disk. I changed from a manual configuration to using genkernel for the compilation. The required modules for dm-crypt and lvm should now be compiled into the initramfs.

Watching the messages running by when I boot into the new installation I have noticed:

Code:
failure running cryptsetup
ERROR: dm-crypt failed to start


Although all the filesystems are finally mounted as requested by my fstab some strange behavior can be noticed.

After logging into the system the settings of keymap and locale respectively are not functioning correctly and instead of the defined hostname
Code:
(none) ~ #

appears.

And /var/log/messages is missing!

It seems that more than one failure has occurred.
More info is here:

Code:
Portage 3.0.4 (python 3.7.8-final-0, default/linux/amd64/17.1, gcc-9.3.0, glibc-2.31-r6, 5.4.60-gentoo-x86_64 x86_64)
=================================================================
System uname: Linux-5.4.60-gentoo-x86_64-x86_64-Intel-R-_Core-TM-_i3-7100U_CPU_@_2.40GHz-with-gentoo-2.7
KiB Mem:    16320728 total,  15528008 free
KiB Swap:          0 total,         0 free
Timestamp of repository gentoo: Tue, 15 Sep 2020 18:30:01 +0000
Head commit of repository gentoo: afebccb91e5cb5df6fbb95523be96bdc60b430de
sh bash 5.0_p18
ld GNU ld (Gentoo 2.33.1 p2) 2.33.1
app-shells/bash:          5.0_p18::gentoo
dev-lang/perl:            5.30.3::gentoo
dev-lang/python:          2.7.18-r1::gentoo, 3.7.8-r2::gentoo, 3.8.5::gentoo
dev-util/cmake:           3.16.5::gentoo
sys-apps/baselayout:      2.7::gentoo
sys-apps/openrc:          0.42.1::gentoo
sys-apps/sandbox:         2.18::gentoo
sys-devel/autoconf:       2.13-r1::gentoo, 2.69-r5::gentoo
sys-devel/automake:       1.16.1-r1::gentoo
sys-devel/binutils:       2.33.1-r1::gentoo
sys-devel/gcc:            9.3.0-r1::gentoo
sys-devel/gcc-config:     2.3.1::gentoo
sys-devel/libtool:        2.4.6-r6::gentoo
sys-devel/make:           4.2.1-r4::gentoo
sys-kernel/linux-headers: 5.4-r1::gentoo (virtual/os-headers)
sys-libs/glibc:           2.31-r6::gentoo
Repositories:

gentoo
    location: /var/db/repos/gentoo
    sync-type: rsync
    sync-uri: rsync://rsync.gentoo.org/gentoo-portage
    priority: -1000
    sync-rsync-verify-max-age: 24
    sync-rsync-verify-jobs: 1
    sync-rsync-verify-metamanifest: yes
    sync-rsync-extra-opts:

ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="@FREE"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/gconf /etc/gentoo-release /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -pipe"
DISTDIR="/var/cache/distfiles"
ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR"
FCFLAGS="-O2 -pipe"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-O2 -pipe"
GENTOO_MIRRORS="http://mirror.netcologne.de/gentoo/ http://mirror.switch.ch/ftp/mirror/gentoo/ http://ftp.halifax.rwth-aachen.de/gentoo/ http://gentoo.modulix.net/gentoo/ http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo"
LANG="C.UTF8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="de en"
MAKEOPTS="-j3"
PKGDIR="/var/cache/binpkgs"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
USE="acl amd64 berkdb bzip2 cli crypt dbus dri elogind fortran gdbm iconv ipv6 jpeg libglvnd libtirpc multilib ncurses nls nptl openmp pam pcre ppp readline seccomp split-usr ssl tcpd unicode xattr xscreensaver zlib" ABI_X86="64" ADA_TARGET="gnat_2018" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="libinput" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-2 php7-3 php7-4" POSTGRES_TARGETS="postgres10 postgres11" PYTHON_SINGLE_TARGET="python3_7" PYTHON_TARGETS="python2_7 python3_7" RUBY_TARGETS="ruby25 ruby26" USERLAND="GNU" VIDEO_CARDS="intel i915" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CC, CPPFLAGS, CTARGET, CXX, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS


Code:
~ $ grep -i 'dm-crypt\|cryptsetup' genkernel.log
  CC [M]  drivers/md/dm-crypt.o
  CC [M]  drivers/md/dm-crypt.mod.o
  LD [M]  drivers/md/dm-crypt.ko
  INSTALL drivers/md/dm-crypt.ko
* Checking for binpkg(s) required for cryptsetup-2.3.4 (L0) ...
* GKBUILD '/usr/share/genkernel/gkbuilds/cryptsetup-2.3.4.gkbuild' does NOT exist; Skipping ...
* Existing cryptsetup-2.3.4 binpkg is newer than '/usr/share/genkernel/gkbuilds/cryptsetup.gkbuild'; Skipping ...
* Existing cryptsetup-2.3.4 binpkg is newer than 'util-linux-2.36-x86_64.tar.xz'; Skipping ...
* Existing cryptsetup-2.3.4 binpkg is newer than 'eudev-3.2.9-x86_64.tar.xz'; Skipping ...
* Existing cryptsetup-2.3.4 binpkg is newer than 'json-c-0.13.1-x86_64.tar.xz'; Skipping ...
* Existing cryptsetup-2.3.4 binpkg is newer than 'popt-1.18-x86_64.tar.xz'; Skipping ...
* Existing cryptsetup-2.3.4 binpkg is newer than 'libgpg-error-1.39-x86_64.tar.xz'; Skipping ...
* Existing cryptsetup-2.3.4 binpkg is newer than 'libgcrypt-1.8.6-x86_64.tar.xz'; Skipping ...
* Existing cryptsetup-2.3.4 binpkg is newer than 'LVM2.2.02.187-x86_64.tar.xz'; Skipping ...
* Can keep using existing cryptsetup-2.3.4 binpkg from '/var/cache/genkernel/4.1.2/cryptsetup-2.3.4-x86_64.tar.xz'!
*                 cryptsetup: >> Using cryptsetup-2.3.4 binpkg ...
-rwxr-xr-x 1 root root 2907784 Sep 13 17:38 ./sbin/cryptsetup
*                          - Copying dm-crypt.ko ...
-rw-r--r--  1 root root   86129 Sep 15 23:37 ./lib/modules/5.4.60-gentoo-x86_64/kernel/drivers/md/dm-crypt.ko


This seems strage too.

Can somebody help?


Last edited by KarlP on Fri Sep 25, 2020 5:42 am; edited 1 time in total
Back to top
View user's profile Send private message
DespLock
n00b
n00b


Joined: 27 Jul 2020
Posts: 16

PostPosted: Wed Sep 16, 2020 8:08 pm    Post subject: Reply with quote

Looks like there are some services which don't start. Might be related to errors in /etc/fstab

Please post the content of /etc/fstab and the output of "blkid" to see if the setup of the partitions is correct.
Back to top
View user's profile Send private message
KarlP
n00b
n00b


Joined: 10 Sep 2017
Posts: 37
Location: Vorderstoder, Austria

PostPosted: Thu Sep 17, 2020 5:56 am    Post subject: failure running cryptsetup Reply with quote

Here are fstab and blkid info:

Code:
# /etc/fstab: static file system information.
#
# <file sys>   <mount point>   <type>   <options>   <dump>   <pass>
# device during installation: /dev/sdb1
UUID=9A34-4C65   /boot   vfat   rw   0   2
# device during installation: /dev/mapper/vg0-root
UUID=6b2b6e43-dd79-43ae-93d3-015687c59866   /   ext4   defaults   0   1
# device during installation: /dev/mapper/vg0-var
UUID=8c36d14d-180b-4232-b3db-b451bce6793d   /var   ext4   defaults   0   1
# device during installation: /dev/mapper/vg0-home
UUID=73a368c3-ac38-4021-bf54-3aaf32abb686   /home   ext4   defaults   0   1
# device during installation: /dev/sda1
UUID=6204bb59-da8b-4a52-9b71-84f44322d421   /datadisk   ext4   defaults   0   2
# device during installation: /dev/sdb3
UUID=383b12ae-43c3-40c8-82e5-6d03045e7d12   none   swap   sw   0   0
# tmps
tmpfs                            /tmp            tmpfs           size=4G         0 0
tmpfs                            /run            tmpfs           size=100M       0 0
# shm
shm                              /dev/shm        tmpfs           nodev,nosuid,noexec 0 0



Code:
/dev/sda1: UUID="9A34-4C65" BLOCK_SIZE="512" TYPE="vfat" PARTLABEL="primary" PARTUUID="9006a8c8-1182-4016-86b8-7b0a4fba5d1c"
/dev/sda2: UUID="5ed92f17-5f22-4245-bba1-d1962033556c" TYPE="crypto_LUKS" PARTLABEL="lvm" PARTUUID="1fb4cacd-78b5-43ae-9d73-d5021857301d"
/dev/sda3: UUID="383b12ae-43c3-40c8-82e5-6d03045e7d12" TYPE="swap" PARTLABEL="primary" PARTUUID="a19de17d-c1ef-4eca-99dc-e80cdda08cb3"
/dev/sdb1: UUID="6204bb59-da8b-4a52-9b71-84f44322d421" BLOCK_SIZE="4096" TYPE="ext4" PARTLABEL="primary" PARTUUID="2322d249-68aa-4e8a-acdc-332fd6cf7e2d"
/dev/dm-0: UUID="M43eU9-3H14-r1is-bFLc-bhbv-aVs2-IOKrxB" TYPE="LVM2_member"
/dev/dm-1: UUID="6b2b6e43-dd79-43ae-93d3-015687c59866" BLOCK_SIZE="4096" TYPE="ext4"
/dev/dm-2: UUID="8c36d14d-180b-4232-b3db-b451bce6793d" BLOCK_SIZE="4096" TYPE="ext4"
/dev/dm-3: UUID="73a368c3-ac38-4021-bf54-3aaf32abb686" BLOCK_SIZE="4096" TYPE="ext4"
Back to top
View user's profile Send private message
DespLock
n00b
n00b


Joined: 27 Jul 2020
Posts: 16

PostPosted: Thu Sep 17, 2020 7:18 am    Post subject: Reply with quote

Use the partuuid for the /boot partition as mentioned here:

https://forums.gentoo.org/viewtopic-t-1117306-highlight-.html

More info:
https://unix.stackexchange.com/questions/375548/what-is-uuid-partuuid-and-ptuuid
Back to top
View user's profile Send private message
KarlP
n00b
n00b


Joined: 10 Sep 2017
Posts: 37
Location: Vorderstoder, Austria

PostPosted: Thu Sep 17, 2020 6:02 pm    Post subject: failure running cryptsetup Reply with quote

Following your recommendation I have replaced all the entries of UUID with PARTUUID entries in my fstab and also in /etc/conf.d/dmcrypt and /etc/default/grub. After that I have made a new initramfs with genkernel.

Regrettably nothing has changed. The situation is the same as described in my first post.
Back to top
View user's profile Send private message
DespLock
n00b
n00b


Joined: 27 Jul 2020
Posts: 16

PostPosted: Thu Sep 17, 2020 7:17 pm    Post subject: Reply with quote

You missread my post: Just change the entry for the BOOT partution. All other partitions should work with the UUID.

The entry in /etc/fstab should now look like:

Code:

PARTUUID=9006a8c8-1182-4016-86b8-7b0a4fba5d1c   /boot   vfat   rw   0   2




After you booted your system run
Code:
mount


The output should like
Quote:

/dev/dm-1 on / type ext4 (rw,..)


Or is the device mounted ro ?
Quote:

/dev/dm-1 on / type ext4 (ro,..)



For kernel config take a look at https://wiki.gentoo.org/wiki/Dm-crypt and check the settings.
Back to top
View user's profile Send private message
KarlP
n00b
n00b


Joined: 10 Sep 2017
Posts: 37
Location: Vorderstoder, Austria

PostPosted: Sat Sep 19, 2020 9:00 am    Post subject: failure running cryptsetup Reply with quote

DespLock, the output of mount gives in my case:

Code:
/dev/mapper/vg0-root on / type ext4 (rw,..)


And in every case a (rw,..). So this seems o.k.

In the meantime I have done an experiment in buildig a new kernel.

Although I have now made a kernel and an initramfs using:

Code:
make allyesconfig
make && make modules_install
genkernel --luks --lvm initramfs


... I stille get:

Code:
failure running cryptsetup
ERROR: dm-crypt failed to start


... and this ugly prompt:

Code:
(none) ~ #


Could it be that a further option has to be added to the genkernel?
Back to top
View user's profile Send private message
Whissi
Developer
Developer


Joined: 12 Jan 2011
Posts: 157

PostPosted: Sun Sep 20, 2020 10:28 pm    Post subject: Reply with quote

Show used kernel command-line.

Also, where is the message coming from? Is genkernel initramfs actually starting? I am not sure where this error message is coming from. Failures in genkernel's initramfs normally look different. And if you get an error within genkernel initramfs you should get a debug shell.
_________________
Regards,
Whissi
Back to top
View user's profile Send private message
DespLock
n00b
n00b


Joined: 27 Jul 2020
Posts: 16

PostPosted: Tue Sep 22, 2020 12:23 pm    Post subject: Reply with quote

It looks like your system is booting, but some/all services are not starting. But with your current information i'm not sure about this anymore.

If there is an issue with luks, you would get either a shell from grub or a rescue shell in initram. Both won't show any message about dm-crypt-service (like yours).


Can you pls answer a few questions as short as possible:

1) The error occurs after you start your system (cold boot)?
2) Have you unlocked your luks volume with passphrase or key during boot?
3) Post your cmdline (cat /proc/cmdline).

4) Have you tried the new distribution kernel? (https://gentoo.org/news/2020/09/15/distribution-kernel.html) I would try sys-kernel/gentoo-kernel-bin with use-flag initramfs


If all this is done and the boot fails, i would start another system (live-CD) do a chroot (https://wiki.gentoo.org/wiki/Handbook:AMD64/Installation/Base), format your boot partition again (mkfs.fat -F32 /dev/sda1) and follow the steps to install the distribution kernel (with use-flag initramfs).
Don't forget to
a) update fstab with current PARTUUID for boot
b) update grub: grub-mkconfig -o /boot/grub/grub.cfg
Back to top
View user's profile Send private message
KarlP
n00b
n00b


Joined: 10 Sep 2017
Posts: 37
Location: Vorderstoder, Austria

PostPosted: Tue Sep 22, 2020 5:44 pm    Post subject: failure running cryptsetup Reply with quote

The error occurs after I start my system.

During startup I get a prompt where I enter the passphrase to unlock my luks volume.

The messages

Code:
failure running cryptsetup
ERROR: dm-crypt failed to start


.. do appear afterwards.

"cat /proc/cmdline" gives:

Code:
BOOT_IMAGE=/vmlinuz-5.4.60-gentoo-x86_64 root=/dev/mapper/vg0-root ro dolvm crypt_root=PARTUUID=1fb4cacd-78b5-43ae-9d73-d5021857301d root=/dev/mapper/vg0-root root_trim=yes


The kernel and initramfs I have at the moment are:

Code:
/boot/vmlinuz-5.4.60-gentoo-x86_64
/boot/initramfs-5.4.60-gentoo-x86_64.img


And these have been build by:

Code:
make && make modules_install
make install
genkernel --kernel-config=/boot/config-5.4.60-gentoo-x86_64 --luks --lvm initramfs


Based on:
Code:
sys-kernel/gentoo-sources
Installed Version: 5.4.60(5.4.60)^bs(20:00:40 2020-09-12)(-build -experimental -symlink)
Back to top
View user's profile Send private message
Whissi
Developer
Developer


Joined: 12 Jan 2011
Posts: 157

PostPosted: Tue Sep 22, 2020 5:50 pm    Post subject: Reply with quote

OK, so this has nothing to do with genkernel.

The dm-crypt service is failing to start. You are using OpenRC, right?
Check it's configuration. If you have no clue where to start, I would suggest starting with
Code:
/etc/init.d/dmcrypt --debug start
so you will see what it is doing and where it is failing.
_________________
Regards,
Whissi
Back to top
View user's profile Send private message
KarlP
n00b
n00b


Joined: 10 Sep 2017
Posts: 37
Location: Vorderstoder, Austria

PostPosted: Tue Sep 22, 2020 8:57 pm    Post subject: failure running cryptsetup Reply with quote

So, if I boot into my installation and enter:

Code:
LANG=C /etc/init.d/dmcrypt --debug start


I do get:

Code:

...
+ local arg1=create arg2=lvm arg3=/dev/sdb2
+ cryptsetup isLuks /dev/sdb2
+ arg1=open
+ arg2=/dev/sdb2
+ arg3=lvm
+ cryptsetup status lvm
+ egrep -q ' is active'
+ splash svc_input_begin dmcrypt
+ '[' -n /etc/keyfiles/main ']'
+ mode=/etc/keyfiles/main
+ '[' /etc/keyfiles/main = /etc/keyfiles/main ']'
+ mode=reg
+ key=/etc/keyfiles/main
+ case "${mode}" in
+ '[' -n '' ']'
+ '[' '!' -e /etc/keyfiles/main ']'
+ ebegin '  lvm using:   open /dev/sdb2 lvm'
 *   lvm using:   open /dev/sdb2 lvm ...
+ '[' reg = gpg ']'
+ '[' reg = reg ']'
+ cryptsetup -d /etc/keyfiles/main open /dev/sdb2 lvm
Cannot use device /dev/sdb2 which is in use (already mapped or mounted).
+ ret=5
+ eend 5 'failure running cryptsetup'
 * failure running cryptsetup                                                                                                                                                                                                             [ !! ]
+ '[' -d '' ']'
+ splash svc_input_end dmcrypt
+ '[' 5 -ne 0 ']'
+ cryptfs_status=1
+ ewend 1 'Failed to setup dm-crypt devices'
 * Failed to setup dm-crypt devices                                                                                                                                                                                                       [ !! ]
+ exit 1
 * ERROR: dmcrypt failed to start


This "Cannot use device /dev/sdb2 which is in use (already mapped or mounted)." is what I already know from the boot messages.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15972

PostPosted: Tue Sep 22, 2020 9:33 pm    Post subject: Reply with quote

This most recent post appears to be the first time we learned that, though. The question then is, why is it already in use? Do you have some earlier stage that already unlocked this device?
Back to top
View user's profile Send private message
KarlP
n00b
n00b


Joined: 10 Sep 2017
Posts: 37
Location: Vorderstoder, Austria

PostPosted: Tue Sep 22, 2020 10:48 pm    Post subject: failure running cryptsetup Reply with quote

As I have already mentioned in my post from Sep 22, 2020 5:44 pm I do get a prompt where I have to enter the passphrase for unlocking. This happens already at an earlier stage. I don't know why.

The messages
Code:
Cannot use device /dev/sdb2 which is in use (already mapped or mounted).
failure running cryptsetup
ERROR: dmcrypt failed to start

.. do appear afterwards.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15972

PostPosted: Tue Sep 22, 2020 10:59 pm    Post subject: Reply with quote

Yes, but you didn't show us the full output, and it was not clear whether you were previously reporting that the "failure running cryptsetup" was caused by cryptsetup failing after it solicited your password, or if it was a separate failure of a different cryptsetup instance later on.

It seems you have two different points where the same device gets unlocked.
Back to top
View user's profile Send private message
DespLock
n00b
n00b


Joined: 27 Jul 2020
Posts: 16

PostPosted: Wed Sep 23, 2020 11:35 am    Post subject: Reply with quote

Quote:

BOOT_IMAGE=/vmlinuz-5.4.60-gentoo-x86_64 root=/dev/mapper/vg0-root ro dolvm crypt_root=PARTUUID=1fb4cacd-78b5-43ae-9d73-d5021857301d root=/dev/mapper/vg0-root root_trim=yes


You have two entries for your root device "root=/dev/mapper/vg0-root". Remove it and change the other to use the UUID instead:
Code:

root=UUID=6b2b6e43-dd79-43ae-93d3-015687c59866


EDIT: There is also something strange with your hdd's.
If i read your blkid/fstab correct you have:

/dev/sda1 = PARTUUID="9006a8c8-1182-4016-86b8-7b0a4fba5d1c" = boot
/dev/sda2 = UUID="5ed92f17-5f22-4245-bba1-d1962033556c" = luks volume
/dev/sda3 = UUID=383b12ae-43c3-40c8-82e5-6d03045e7d12 = swap
/dev/dm-0 = UUID="M43eU9-3H14-r1is-bFLc-bhbv-aVs2-IOKrxB" = mapper for luks volume
/dev/dm-1 = UUID="6b2b6e43-dd79-43ae-93d3-015687c59866" = /
/dev/dm-2 = UUID="8c36d14d-180b-4232-b3db-b451bce6793d" = /var
/dev/dm-3 = UUID="73a368c3-ac38-4021-bf54-3aaf32abb686" = /home
/dev/sdb1 = UUID="6204bb59-da8b-4a52-9b71-84f44322d421" = /datadisk

I can't find entry for dev/sdb2. Is it possible that /dev/sdb2 is a copy of your root device or any other and holds a backup of it? It might have the same UUID? The dm-crypt service might fail therefore.
Look in /etc/conf.d/dmcrypt and compare the UUIDs pls.
Maybe even another vg with the same name? (vg0)
Back to top
View user's profile Send private message
KarlP
n00b
n00b


Joined: 10 Sep 2017
Posts: 37
Location: Vorderstoder, Austria

PostPosted: Wed Sep 23, 2020 7:11 pm    Post subject: failure running cryptsetup Reply with quote

DespLock, I have followed your recommendation and removed one of the "root=/dev/mapper/vg0-root" entries from the kernel lines in grub.cfg.

Changing from PARTUUID to UUID, however leads to an error when using /dev/dm-1
Code:
UUID=6b2b6e43-dd79-43ae-93d3-015687c59866


Code:
>> Activating volume groups ...
!! Looks like CRYPT_ROOT kernel cmdline argument is not set.
!! Could not find the root in .
!! Please specify another value
...
root() ::


This does not occur when I use the "crypto_LUKS"-patition
Code:
UUID=5ed92f17-5f22-4245-bba1-d1962033556c


The use of "/dev/sda2" or "/dev/sdb2" in the messages that are output when the installation is booting seems to be inconsistent. It seems that in any case the TYPE="crypto_LUKS" partition is meant.

Code:
/dev/sda1: UUID="0DE3-8EAA" BLOCK_SIZE="512" TYPE="vfat" PARTLABEL="primary" PARTUUID="9006a8c8-1182-4016-86b8-7b0a4fba5d1c"
/dev/sda2: UUID="5ed92f17-5f22-4245-bba1-d1962033556c" TYPE="crypto_LUKS" PARTLABEL="lvm" PARTUUID="1fb4cacd-78b5-43ae-9d73-d5021857301d"
/dev/sda3: UUID="383b12ae-43c3-40c8-82e5-6d03045e7d12" TYPE="swap" PARTLABEL="primary" PARTUUID="a19de17d-c1ef-4eca-99dc-e80cdda08cb3"
/dev/sdb1: UUID="6204bb59-da8b-4a52-9b71-84f44322d421" BLOCK_SIZE="4096" TYPE="ext4" PARTLABEL="primary" PARTUUID="2322d249-68aa-4e8a-acdc-332fd6cf7e2d"


Regrettably the situation has not improved.
Back to top
View user's profile Send private message
DespLock
n00b
n00b


Joined: 27 Jul 2020
Posts: 16

PostPosted: Wed Sep 23, 2020 9:36 pm    Post subject: Reply with quote

Here is an example of my cmdline (/etc/default/grub):
Code:

crypt_root=UUID=9193fdaa-409b-48ae-85c1-5de5ae5ba474 root=UUID=326909a4-d13c-43f4-9bd0-2f51b88f3111 root_trim=yes dolvm


Yours should look similar with the corresponding UUIDs. You can stay with your version ofc, i just like to use the same syntax in all files. You need to update grub afterwards ofc.

Further the dmcrypt-service is trying to mount /dev/sdb2, clearly not /dev/sda2 and that's what is causing the error. Do you have a partition /dev/sdb2? Inconsistent? You're saying it shows sometimes /dev/sda2 or /dev/sdb2?

Please post the content of "/etc/conf.d/dmcrypt" and "fdisk -l /dev/sdb".


============================================
To make it more precise from your former output of dmcrypt-service:

Quote:

+ local arg1=create arg2=lvm arg3=/dev/sdb2
+ cryptsetup isLuks /dev/sdb2
+ arg1=open
+ arg2=/dev/sdb2
+ arg3=lvm


These 3 parameters are read from the file "/etc/conf.d/dmcrypt". You can find the source in "/etc/init.d/dmcrypt", line 73ff:
arg1="open"
arg2="${source}"
arg3="${target}"

It means: try to luksOpen /dev/sdb2 at target /dev/mapper/lvm.
And this is the source of your error (at least for the dmcrypt-service).
Back to top
View user's profile Send private message
KarlP
n00b
n00b


Joined: 10 Sep 2017
Posts: 37
Location: Vorderstoder, Austria

PostPosted: Thu Sep 24, 2020 5:59 pm    Post subject: failure running cryptsetup Reply with quote

DespLock, following your suggestions I have now:

Code:
GRUB_CMDLINE_LINUX="dolvm crypt_root=UUID=5ed92f17-5f22-4245-bba1-d1962033556c root=UUID=6b2b6e43-dd79-43ae-93d3-015687c59866 root_trim=yes"


Code:
# /etc/conf.d/dmcrypt
dmcrypt_key_timeout=1
dmcrypt_retries=5
target='lvm'
source=UUID='5ed92f17-5f22-4245-bba1-d1962033556c'
key='/etc/keyfiles/main'


Code:
Disk /dev/sda: 931.53 GiB, 1000204886016 bytes, 1953525168 sectors
Disk model: ST1000LM049-2GH1
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: gpt
Disk identifier: 866CEFBF-52EE-42BA-A44F-47492E2645C6

Device     Start        End    Sectors   Size Type
/dev/sda1   2048 1953525134 1953523087 931.5G Linux filesystem


Code:
Disk /dev/sdb: 232.91 GiB, 250059350016 bytes, 488397168 sectors
Disk model: Samsung SSD 860
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 8AB906FF-5779-4A8F-A74E-9E102CEA7C66

Device         Start       End   Sectors   Size Type
/dev/sdb1       2048   1050623   1048576   512M Microsoft basic data
/dev/sdb2    1050624 471619583 470568960 224.4G Linux LVM
/dev/sdb3  471619584 488396799  16777216     8G Linux swap


And furthermore:

Code:
BOOT_IMAGE=/vmlinuz-5.4.60-gentoo-x86_64 dolvm crypt_root=UUID=5ed92f17-5f22-4245-bba1-d1962033556c root=UUID=6b2b6e43-dd79-43ae-93d3-015687c59866 root_trim=yes


I have noticed that after updating grub.cfg with "grub-mkconfig -o /boot/grub/grub.cfg" somehow
Code:
root=/dev/mapper/vg0-root ro

gets also into grub.cfg. I decided to remove it manually.

This finally leads to:

Code:
LANG=C /etc/init.d/dmcrypt --debug start
..
++ blkid -l -t UUID=5ed92f17-5f22-4245-bba1-d1962033556c -o device
+ source=/dev/sda2
+ '[' -z /dev/sda2 ']'
+ '[' '!' -e /dev/sda2 ']'
+ '[' -n lvm ']'
+ :
+ '[' -n '' ']'
+ local arg1=create arg2=lvm arg3=/dev/sda2
+ cryptsetup isLuks /dev/sda2
+ arg1=open
+ arg2=/dev/sda2
+ arg3=lvm
+ cryptsetup status lvm
+ egrep -q ' is active'
+ splash svc_input_begin dmcrypt
+ '[' -n /etc/keyfiles/main ']'
+ mode=/etc/keyfiles/main
+ '[' /etc/keyfiles/main = /etc/keyfiles/main ']'
+ mode=reg
+ key=/etc/keyfiles/main
+ case "${mode}" in
+ '[' -n '' ']'
+ '[' '!' -e /etc/keyfiles/main ']'
+ ebegin '  lvm using:   open /dev/sda2 lvm'
 *   lvm using:   open /dev/sda2 lvm ...
+ '[' reg = gpg ']'
+ '[' reg = reg ']'
+ cryptsetup -d /etc/keyfiles/main open /dev/sda2 lvm
Cannot use device /dev/sda2 which is in use (already mapped or mounted).
+ ret=5
+ eend 5 'failure running cryptsetup'
 * failure running cryptsetup                                                                                    [ !! ]
+ '[' -d '' ']'
+ splash svc_input_end dmcrypt
+ '[' 5 -ne 0 ']'
+ cryptfs_status=1
+ ewend 1 'Failed to setup dm-crypt devices'
 * Failed to setup dm-crypt devices                                                                              [ !! ]
+ exit 1
 * ERROR: dmcrypt failed to start

Back to top
View user's profile Send private message
DespLock
n00b
n00b


Joined: 27 Jul 2020
Posts: 16

PostPosted: Thu Sep 24, 2020 6:54 pm    Post subject: Reply with quote

Well sbd2 is a LVM volume and cannot be mounted via dmcrypt.

On my 1st post i asked you to show us the output of blkid but it seems Hu was right and you cut the important part on nearly every output.

2020-09-17:
Quote:

/dev/sda1: UUID="9A34-4C65" BLOCK_SIZE="512" TYPE="vfat" PARTLABEL="primary" PARTUUID="9006a8c8-1182-4016-86b8-7b0a4fba5d1c"
/dev/sda2: UUID="5ed92f17-5f22-4245-bba1-d1962033556c" TYPE="crypto_LUKS" PARTLABEL="lvm" PARTUUID="1fb4cacd-78b5-43ae-9d73-d5021857301d"
/dev/sda3: UUID="383b12ae-43c3-40c8-82e5-6d03045e7d12" TYPE="swap" PARTLABEL="primary" PARTUUID="a19de17d-c1ef-4eca-99dc-e80cdda08cb3"
/dev/sdb1: UUID="6204bb59-da8b-4a52-9b71-84f44322d421" BLOCK_SIZE="4096" TYPE="ext4" PARTLABEL="primary" PARTUUID="2322d249-68aa-4e8a-acdc-332fd6cf7e2d"
/dev/dm-0: UUID="M43eU9-3H14-r1is-bFLc-bhbv-aVs2-IOKrxB" TYPE="LVM2_member"
/dev/dm-1: UUID="6b2b6e43-dd79-43ae-93d3-015687c59866" BLOCK_SIZE="4096" TYPE="ext4"
/dev/dm-2: UUID="8c36d14d-180b-4232-b3db-b451bce6793d" BLOCK_SIZE="4096" TYPE="ext4"
/dev/dm-3: UUID="73a368c3-ac38-4021-bf54-3aaf32abb686" BLOCK_SIZE="4096" TYPE="ext4"



2020-09-24
Quote:

isk /dev/sdb: 232.91 GiB, 250059350016 bytes, 488397168 sectors
Disk model: Samsung SSD 860
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 8AB906FF-5779-4A8F-A74E-9E102CEA7C66

Device Start End Sectors Size Type
/dev/sdb1 2048 1050623 1048576 512M Microsoft basic data
/dev/sdb2 1050624 471619583 470568960 224.4G Linux LVM
/dev/sdb3 471619584 488396799 16777216 8G Linux swap


I think there are volumes/partitions with the same UUID


Last edited by DespLock on Thu Sep 24, 2020 7:15 pm; edited 7 times in total
Back to top
View user's profile Send private message
Whissi
Developer
Developer


Joined: 12 Jan 2011
Posts: 157

PostPosted: Thu Sep 24, 2020 6:55 pm    Post subject: Reply with quote

What are you trying to archive?

Your /dev/sda2 aka UUID="5ed92f17-5f22-4245-bba1-d1962033556c" is LUKS volume which already got opened during boot by genkernel.

So no need to tell dm-crypt service to open that again. You only need dm-crypt service if you have additional disks you want to open.
_________________
Regards,
Whissi
Back to top
View user's profile Send private message
KarlP
n00b
n00b


Joined: 10 Sep 2017
Posts: 37
Location: Vorderstoder, Austria

PostPosted: Thu Sep 24, 2020 8:18 pm    Post subject: failure running cryptsetup Reply with quote

So it seems that I got some information from https://wiki.gentoo.org/wiki/Full_Disk_Encryption_From_Scratch_Simplified totally wrong! I'm sorry.

That means I do not need entries into /etc/conf.d/dmcrypt nor do I need to add dmcrypt to boot by rc-update, right?
Back to top
View user's profile Send private message
Whissi
Developer
Developer


Joined: 12 Jan 2011
Posts: 157

PostPosted: Thu Sep 24, 2020 8:46 pm    Post subject: Reply with quote

Right, when you only have one LUKS volume which already got opened during boot, you do not need dmcrypt service at all.
_________________
Regards,
Whissi
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum