Linux: Run fsck On LUKS (dm-crypt) Based LVM Physical Volume

I‘m using dm-crypt based transparent disk encryption subsystem in Linux. The cryptsetup command is used deal with the Linux Unified Key Setup (LUKS) on-disk format and mount the partition. My setup includes RAID-10 with an LVM physical volume. How do I run fsck (“file system check”) on dm-crypt / LUKS based LVM physical volume under Linux operating systems?

First, you need to open the LUKS partition device and sets up a mapping using cryptsetup command. Do not run fsck command on mounted partition. Type the following command as root user:
# cryptsetup luksOpen /dev/md3 securebackup
Sample outputs:

Enter passphrase for /dev/md3:

Where,

/dev/md3 – My raid device. The device name will change according to your setup.
securebackup – Sets up a mapping to securebackup after successful verification. This name will change according to your setup.

To read all physical volumes, enter:
# vgscan --mknodes
Sample outputs:

  Reading all physical volumes.  This may take a while...
  Found volume group "cryptvg" using metadata type lvm2

Where,

cryptvg – Group volume name. It was created using lvm2 setup. This name will change according to your setup.

To activate logical volume and to create /dev/cryptvg/DEVICE name, enter:
# vgchange -ay
Sample outputs:

  1 logical volume(s) in volume group "cryptvg" now active

You can see your device name at the following location
# ls -l /dev/cryptvg # ls -l /dev/mapper/
Sample outputs:

total 0
crw------- 1 root root 10, 59 Dec  6 12:27 control
lrwxrwxrwx 1 root root      7 Dec  6 12:54 cryptvg-mybackup -> ../dm-1
lrwxrwxrwx 1 root root      7 Dec  6 12:50 securebackup -> ../dm-0

You can type the following command to see information about VG in use:
# vgdisplay
Sample outputs:

  --- Volume group ---
  VG Name               cryptvg
  System ID             
  Format                lvm2
  Metadata Areas        1
  Metadata Sequence No  2
  VG Access             read/write
  VG Status             resizable
  MAX LV                0
  Cur LV                1
  Open LV               0
  Max PV                0
  Cur PV                1
  Act PV                1
  VG Size               600.01 GiB
  PE Size               4.00 MiB
  Total PE              153602
  Alloc PE / Size       153602 / 600.01 GiB
  Free  PE / Size       0 / 0   
  VG UUID               W0IDJ0-Yjt9-093X-qAzH-tbCJ-9NYH-BV1RYd

To display attributes of a physical volume, enter:
# pvdisplay
Sample outputs:

  --- Physical volume ---
  PV Name               /dev/dm-0
  VG Name               cryptvg
  PV Size               600.01 GiB / not usable 2.50 MiB
  Allocatable           yes (but full)
  PE Size               4.00 MiB
  Total PE              153602
  Free PE               0
  Allocated PE          153602
  PV UUID               swS5Nw-suTe-N0io-72LY-CBG5-6FhU-Tq8kYZ

OR
# pvdisplay /dev/dm-0
Sample outputs:

  --- Physical volume ---
  PV Name               /dev/dm-0
  VG Name               cryptvg
  PV Size               600.01 GiB / not usable 2.50 MiB
  Allocatable           yes (but full)
  PE Size               4.00 MiB
  Total PE              153602
  Free PE               0
  Allocated PE          153602
  PV UUID               swS5Nw-suTe-N0io-72LY-CBG5-6FhU-Tq8kYZ

To display attributes of a logical volume, enter:
# lvdisplay
Sample outputs:

  --- Logical volume ---
  LV Name                /dev/cryptvg/mybackup
  VG Name                cryptvg
  LV UUID                g0AghZ-bcv5-n6pP-AQUA-5c32-fQa1-OteSlg
  LV Write Access        read/write
  LV Status              available
  # open                 0
  LV Size                600.01 GiB
  Current LE             153602
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
  - currently set to     6144
  Block device           253:1

To check and possibly repair a LVM2+LUKS based Linux file system, enter:
# fsck -C -V /dev/cryptvg/mybackup
OR
# fsck -C -V -y /dev/cryptvg/mybackup
Sample outputs:

Fig.01: Running fsck on an LVM2 (LUKS based) volume

It may take some time to complete the fsck:

fsck from util-linux-ng 2.17.2
[/sbin/fsck.ext3 (1) -- /dev/mapper/cryptvg-mybackup] fsck.ext3 -C0 /dev/mapper/cryptvg-mybackup 
e2fsck 1.41.12 (17-May-2010)
/dev/mapper/cryptvg-mybackup has been mounted 63 times without being checked, check forced.
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure                                           
Pass 3: Checking directory connectivity                                        
Pass 4: Checking reference counts                                              
Pass 5: Checking group summary information                                     
/dev/mapper/cryptvg-mybackup: 483163/39329792 files (0.2% non-contiguous), 16626195/157288448 blocks

You can now mount your device using the mount command:
# mount /dev/cryptvg/mybackup /securebackup/ # df -H
Sample outputs:

Filesystem             Size   Used  Avail Use% Mounted on
/dev/md0               127G   930M   120G   1% /
tmpfs                  1.1G      0   1.1G   0% /lib/init/rw
udev                   1.1G   267k   1.1G   1% /dev
tmpfs                  1.1G      0   1.1G   0% /dev/shm
/dev/md2               1.6T    88G   1.5T   6% /data
/dev/mapper/cryptvg-mybackup
                       635G    58G   544G  10% /securebackup

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Your support makes a big difference:

I have a small favor to ask. More people are reading the nixCraft. Many of you block advertising which is your right, and advertising revenues are not sufficient to cover my operating costs. So you can see why I need to ask for your help. The nixCraft takes a lot of my time and hard work to produce. If everyone who reads nixCraft, who likes it, helps fund it, my future would be more secure. You can donate as little as $1 to support nixCraft:

3 comment

I found this guide to be very helpful when configuring luks with my Fedora system. Also do you know if there is any way to configure the crypttab so that it doesnt prompt you for the passphrase until after the network services have loaded? I’d like to use this on a remote server and wont be able to physically access the machine when it reboots.

Thanks

Hi, I have the following problem with my linux box (Fedora 19). Everything is ok with encryption (LUKS+LVM) and everytime the system is rebooted I’m asked for a passphrase. No problem with this. The thing is that as a system-administrator many times I need to reboot the system remotely. Since I’m not there I can’t put the passphrase and thus the system will not restart. Is there any workaround for solving this problem remotely? Thanks in advance for any help.

You made my day!!! This was exactly what I was looking for.
And it solved my problem.

Thanks a lot!!!

pmjc101 says:
March 29, 2012 at 2:59 am
I found this guide to be very helpful when configuring luks with my Fedora system. Also do you know if there is any way to configure the crypttab so that it doesnt prompt you for the passphrase until after the network services have loaded? I’d like to use this on a remote server and wont be able to physically access the machine when it reboots.
Thanks
Tim Sanders says:
July 20, 2013 at 1:52 pm
Hi, I have the following problem with my linux box (Fedora 19). Everything is ok with encryption (LUKS+LVM) and everytime the system is rebooted I’m asked for a passphrase. No problem with this. The thing is that as a system-administrator many times I need to reboot the system remotely. Since I’m not there I can’t put the passphrase and thus the system will not restart. Is there any workaround for solving this problem remotely? Thanks in advance for any help.
Orti says:
July 10, 2015 at 6:05 pm
You made my day!!! This was exactly what I was looking for.
And it solved my problem.
Thanks a lot!!!

Have a question? Post it on our forum!