Linux: Run fsck On LUKS (dm-crypt) Based LVM Physical Volume

by on December 6, 2011 · 2 comments· LAST UPDATED December 6, 2011

in

I'm using dm-crypt based transparent disk encryption subsystem in Linux. The cryptsetup command is used deal with the Linux Unified Key Setup (LUKS) on-disk format and mount the partition. My setup includes RAID-10 with an LVM physical volume. How do I run fsck ("file system check") on dm-crypt / LUKS based LVM physical volume under Linux operating systems?

First, you need to open the LUKS partition device and sets up a mapping using cryptsetup command. Do not run fsck command on mounted partition. Type the following command as root user:
# cryptsetup luksOpen /dev/md3 securebackup
Sample outputs:

Enter passphrase for /dev/md3: 

Where,

  1. /dev/md3 - My raid device. The device name will change according to your setup.
  2. securebackup - Sets up a mapping to securebackup after successful verification. This name will change according to your setup.

To read all physical volumes, enter:
# vgscan --mknodes
Sample outputs:

  Reading all physical volumes.  This may take a while...
  Found volume group "cryptvg" using metadata type lvm2

Where,

  1. cryptvg - Group volume name. It was created using lvm2 setup. This name will change according to your setup.

To activate logical volume and to create /dev/cryptvg/DEVICE name, enter:
# vgchange -ay
Sample outputs:

  1 logical volume(s) in volume group "cryptvg" now active

You can see your device name at the following location
# ls -l /dev/cryptvg
# ls -l /dev/mapper/

Sample outputs:

total 0
crw------- 1 root root 10, 59 Dec  6 12:27 control
lrwxrwxrwx 1 root root      7 Dec  6 12:54 cryptvg-mybackup -> ../dm-1
lrwxrwxrwx 1 root root      7 Dec  6 12:50 securebackup -> ../dm-0

You can type the following command to see information about VG in use:
# vgdisplay
Sample outputs:

  --- Volume group ---
  VG Name               cryptvg
  System ID
  Format                lvm2
  Metadata Areas        1
  Metadata Sequence No  2
  VG Access             read/write
  VG Status             resizable
  MAX LV                0
  Cur LV                1
  Open LV               0
  Max PV                0
  Cur PV                1
  Act PV                1
  VG Size               600.01 GiB
  PE Size               4.00 MiB
  Total PE              153602
  Alloc PE / Size       153602 / 600.01 GiB
  Free  PE / Size       0 / 0
  VG UUID               W0IDJ0-Yjt9-093X-qAzH-tbCJ-9NYH-BV1RYd

To display attributes of a physical volume, enter:
# pvdisplay
Sample outputs:

  --- Physical volume ---
  PV Name               /dev/dm-0
  VG Name               cryptvg
  PV Size               600.01 GiB / not usable 2.50 MiB
  Allocatable           yes (but full)
  PE Size               4.00 MiB
  Total PE              153602
  Free PE               0
  Allocated PE          153602
  PV UUID               swS5Nw-suTe-N0io-72LY-CBG5-6FhU-Tq8kYZ

OR
# pvdisplay /dev/dm-0
Sample outputs:

  --- Physical volume ---
  PV Name               /dev/dm-0
  VG Name               cryptvg
  PV Size               600.01 GiB / not usable 2.50 MiB
  Allocatable           yes (but full)
  PE Size               4.00 MiB
  Total PE              153602
  Free PE               0
  Allocated PE          153602
  PV UUID               swS5Nw-suTe-N0io-72LY-CBG5-6FhU-Tq8kYZ

To display attributes of a logical volume, enter:
# lvdisplay
Sample outputs:

  --- Logical volume ---
  LV Name                /dev/cryptvg/mybackup
  VG Name                cryptvg
  LV UUID                g0AghZ-bcv5-n6pP-AQUA-5c32-fQa1-OteSlg
  LV Write Access        read/write
  LV Status              available
  # open                 0
  LV Size                600.01 GiB
  Current LE             153602
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
  - currently set to     6144
  Block device           253:1

To check and possibly repair a LVM2+LUKS based Linux file system, enter:
# fsck -C -V /dev/cryptvg/mybackup
OR
# fsck -C -V -y /dev/cryptvg/mybackup
Sample outputs:

Fig.01: Running fsck on an LVM2 (LUKS based) volume

Fig.01: Running fsck on an LVM2 (LUKS based) volume


It may take some time to complete the fsck:

fsck from util-linux-ng 2.17.2
[/sbin/fsck.ext3 (1) -- /dev/mapper/cryptvg-mybackup] fsck.ext3 -C0 /dev/mapper/cryptvg-mybackup
e2fsck 1.41.12 (17-May-2010)
/dev/mapper/cryptvg-mybackup has been mounted 63 times without being checked, check forced.
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/dev/mapper/cryptvg-mybackup: 483163/39329792 files (0.2% non-contiguous), 16626195/157288448 blocks

You can now mount your device using the mount command:
# mount /dev/cryptvg/mybackup /securebackup/
# df -H

Sample outputs:

Filesystem             Size   Used  Avail Use% Mounted on
/dev/md0               127G   930M   120G   1% /
tmpfs                  1.1G      0   1.1G   0% /lib/init/rw
udev                   1.1G   267k   1.1G   1% /dev
tmpfs                  1.1G      0   1.1G   0% /dev/shm
/dev/md2               1.6T    88G   1.5T   6% /data
/dev/mapper/cryptvg-mybackup
                       635G    58G   544G  10% /securebackup
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 2 comments… read them below or add one }

1 pmjc101 March 29, 2012 at 2:59 am

I found this guide to be very helpful when configuring luks with my Fedora system. Also do you know if there is any way to configure the crypttab so that it doesnt prompt you for the passphrase until after the network services have loaded? I’d like to use this on a remote server and wont be able to physically access the machine when it reboots.

Thanks

Reply

2 Tim Sanders July 20, 2013 at 1:52 pm

Hi, I have the following problem with my linux box (Fedora 19). Everything is ok with encryption (LUKS+LVM) and everytime the system is rebooted I’m asked for a passphrase. No problem with this. The thing is that as a system-administrator many times I need to reboot the system remotely. Since I’m not there I can’t put the passphrase and thus the system will not restart. Is there any workaround for solving this problem remotely? Thanks in advance for any help.

Reply

Leave a Comment

Tagged as: , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Previous Faq:

Next Faq: