#2493 PR merged: Inform the user about unsupported LUKS2 volumes but do not error out¶

Labels: enhancement, bug, fixed / solved / done

jsmeix opened issue at 2020-09-16 13:21:¶

• Type: Bug Fix / Enhancement

• Impact: Normal

• Reference to related issue (URL):
  https://github.com/rear/rear/issues/2491

• How was this pull request tested?

On my home-office laptop I have both LUKS1 and LUKS2 volumes.
luks2test is the only LUKS2 volume.

With this changes I get (excerpts):

# usr/sbin/rear -D mkrescue
...
Creating disk layout
Overwriting existing disk layout file /root/rear.github.master/var/lib/rear/layout/disklayout.conf
Error: Incomplete values for LUKS device 'luks2test' at '/dev/sda8' (only LUKS version 1 is supported) see /root/rear.github.master/var/lib/rear/layout/disklayout.conf
Excluding component fs:/other
...

(The component fs:/other gets automatically excluded
because I use OUTPUT_URL=file:///other for my tests.)

This is the resulting var/lib/rear/layout/disklayout.conf

# Disk layout dated 20200916145825 (YYYYmmddHHMMSS)
# NAME                                                      KNAME     PKNAME    TRAN   TYPE  FSTYPE        SIZE MOUNTPOINT
# /dev/sda                                                  /dev/sda            sata   disk              465.8G 
# |-/dev/sda1                                               /dev/sda1 /dev/sda         part                  8M 
# |-/dev/sda2                                               /dev/sda2 /dev/sda         part  crypto_LUKS     4G 
# | `-/dev/mapper/cr_ata-TOSHIBA_MQ01ABF050_Y2PLP02CT-part2 /dev/dm-0 /dev/sda2        crypt swap            4G [SWAP]
# |-/dev/sda3                                               /dev/sda3 /dev/sda         part  crypto_LUKS   200G 
# | `-/dev/mapper/cr_ata-TOSHIBA_MQ01ABF050_Y2PLP02CT-part3 /dev/dm-1 /dev/sda3        crypt ext4          200G /
# |-/dev/sda4                                               /dev/sda4 /dev/sda         part  ext4          100G /nfs
# |-/dev/sda5                                               /dev/sda5 /dev/sda         part  ext4          150G /var/lib/libvirt
# |-/dev/sda6                                               /dev/sda6 /dev/sda         part  ext2            8G /other
# |-/dev/sda7                                               /dev/sda7 /dev/sda         part  crypto_LUKS     1G 
# | `-/dev/mapper/luks1test                                 /dev/dm-2 /dev/sda7        crypt ext2         1022M /luks1test
# `-/dev/sda8                                               /dev/sda8 /dev/sda         part  crypto_LUKS     1G 
#   `-/dev/mapper/luks2test                                 /dev/dm-3 /dev/sda8        crypt ext2         1020M /luks2test
# /dev/sr0                                                  /dev/sr0            sata   rom                1024M 
# Disk /dev/sda
# Format: disk <devname> <size(bytes)> <partition label type>
disk /dev/sda 500107862016 gpt
# Partitions on /dev/sda
# Format: part <device> <partition size(bytes)> <partition start(bytes)> <partition type|name> <flags> /dev/<partition>
part /dev/sda 8388608 1048576 rear-noname bios_grub /dev/sda1
part /dev/sda 4294967296 9437184 rear-noname swap /dev/sda2
part /dev/sda 214748364800 4304404480 rear-noname legacy_boot /dev/sda3
part /dev/sda 107374182400 219052769280 rear-noname none /dev/sda4
part /dev/sda 161061273600 326426951680 rear-noname none /dev/sda5
part /dev/sda 8589934592 487488225280 other none /dev/sda6
part /dev/sda 1073741824 496078159872 playground none /dev/sda7
part /dev/sda 1073741824 497151901696 playground2 none /dev/sda8
# Filesystems (only ext2,ext3,ext4,vfat,xfs,reiserfs,btrfs are supported).
# Format: fs <device> <mountpoint> <fstype> [uuid=<uuid>] [label=<label>] [<attributes>]
fs /dev/mapper/cr_ata-TOSHIBA_MQ01ABF050_Y2PLP02CT-part3 / ext4 uuid=f05af948-6075-40a3-9191-354b0a0a9afc label= blocksize=4096 reserved_blocks=4% max_mounts=-1 check_interval=0d bytes_per_inode=16383 default_mount_options=user_xattr,acl options=rw,relatime,data=ordered
fs /dev/mapper/luks1test /luks1test ext2 uuid=84e951c1-170d-489d-b1cc-191f95608d97 label= blocksize=4096 reserved_blocks=4% max_mounts=-1 check_interval=0d bytes_per_inode=16384 default_mount_options=user_xattr,acl options=rw,relatime
fs /dev/mapper/luks2test /luks2test ext2 uuid=c1d5b6e6-7760-4b6a-bfe8-70beda9003d7 label= blocksize=4096 reserved_blocks=5% max_mounts=-1 check_interval=0d bytes_per_inode=16384 default_mount_options=user_xattr,acl options=rw,relatime
fs /dev/sda4 /nfs ext4 uuid=4c4a923d-1562-4254-a1fa-4e761278c02f label= blocksize=4096 reserved_blocks=5% max_mounts=-1 check_interval=0d bytes_per_inode=16384 default_mount_options=user_xattr,acl options=rw,relatime,data=ordered
fs /dev/sda5 /var/lib/libvirt ext4 uuid=4a42395e-4f9d-4056-9948-6d5d9d92d990 label= blocksize=4096 reserved_blocks=5% max_mounts=-1 check_interval=0d bytes_per_inode=16384 default_mount_options=user_xattr,acl options=rw,relatime,data=ordered
#fs /dev/sda6 /other ext2 uuid=259dac9c-f2fd-4181-a351-83603398e465 label= blocksize=4096 reserved_blocks=4% max_mounts=-1 check_interval=0d bytes_per_inode=16384 default_mount_options=user_xattr,acl options=rw,relatime
# Swap partitions or swap files
# Format: swap <filename> uuid=<uuid> label=<label>
swap /dev/mapper/cr_ata-TOSHIBA_MQ01ABF050_Y2PLP02CT-part2 uuid=6d8f8998-dd20-412a-bcc2-618eed858662 label=
crypt /dev/mapper/cr_ata-TOSHIBA_MQ01ABF050_Y2PLP02CT-part3 /dev/sda3 cipher=aes-xts-plain64 key_size=256 hash=sha256 uuid=a6dba0d8-5be8-4970-b1e7-a272ae0cafdd 
crypt /dev/mapper/luks1test /dev/sda7 cipher=aes-xts-plain64 key_size=256 hash=sha256 uuid=1b4198c9-d9b0-4c57-b9a3-3433e391e706 
crypt /dev/mapper/cr_ata-TOSHIBA_MQ01ABF050_Y2PLP02CT-part2 /dev/sda2 cipher=aes-xts-plain64 key_size=256 hash=sha256 uuid=54fc77c5-8ec2-457f-b558-9deda3b843b2 
# Incomplete values for LUKS device 'luks2test' at '/dev/sda8' (only LUKS version 1 is supported):
#crypt /dev/mapper/luks2test /dev/sda8 cipher=- key_size= hash= uuid=3e874a28-7415-4f8c-9757-b3f28a96c4d2

• Brief description of the changes in this pull request:

In case of LUKS2 volumes inform the user via LogPrintError
and write the available info as comment to disklayout.conf
but do not error out because there is no simple way
to skip LUKS2 volumes during "rear mkrescue",
see the comments in the code.

jsmeix commented at 2020-09-16 13:42:¶

I did not yet test "rear recover".

My assumption is that for "rear recover" with the above disklayout.conf "as is"
no luks2test LUKS volume will get created on /dev/sda8
so there is no /dev/mapper/luks2test which would make
the filesystem creation step fs /dev/mapper/luks2test /luks2test ... fail
which lets "rear recover" fail which is the right outcome in that case.

The user would have to manually adapt disklayout.conf as he likes
before he can run "rear recover" successfully with a LUKS2 voulme.

I think it may work
to recreate that LUKS2 volume as LUKS1 volume
by adding LUKS1 values to the luks2test entry in disklayout.conf e.g. like

crypt /dev/mapper/luks2test /dev/sda8 cipher=aes-xts-plain64 key_size=256 hash=sha256 uuid=3e874a28-7415-4f8c-9757-b3f28a96c4d2

Alternatively it may work
to recreate that LUKS2 volume as normal unencrypted volume
by changing its fs entry to a normal one e.g. like

fs /dev/sda8 /luks2test ext2 uuid=c1d5b6e6-7760-4b6a-bfe8-70beda9003d7 label= blocksize=4096 reserved_blocks=5% max_mounts=-1 check_interval=0d bytes_per_inode=16384 default_mount_options=user_xattr,acl options=rw,relatime

Alternatively it may work
to not recreate a separated volume for what is in the /luks2test directory
by also commenting the fs /dev/mapper/luks2test /luks2test ... entry
so that the files from the backup in the /luks2test directory would get restored
into the volume of the root filesystem. Then after "rear recover" finished the
user could manually set up the LUKS2 volume and move those files there.

I did not test if that works.
It is only my offhanded assumtions what might work.

jsmeix commented at 2020-09-17 10:44:¶

I tested my recent
https://github.com/rear/rear/pull/2493/commits/5057f8bdc00196c08cd9ff33b0b4c2cc0c96cda5
and got the same disklayout.conf as in
https://github.com/rear/rear/pull/2493#issue-487985471

jsmeix commented at 2020-09-17 10:59:¶

@rear/contributors
according to
https://github.com/rear/rear/issues/2491#issuecomment-693442633
"rear mkresuce" also works well for @kalos
so I would like to merge it tomorrow afternoon if there are no objections.

jsmeix commented at 2020-09-18 07:18:¶

Via
https://github.com/rear/rear/pull/2493/commits/0a88449ea670b21655b24f9663081d3bd450509e
I removed the leading word "Error:" from the LogPrintError message to show only the plain facts like

Incomplete values for LUKS device 'luks2test' at '/dev/sda8' (only LUKS version 1 is supported) see /var/lib/rear/layout/disklayout.conf

(and not Error: Incomplete values for LUKS device ... as it was before)
so that ReaR does not show that message as an "Error" to the user in any case
even if he had excluded the LUKS2 volume in his etc/rear/local.conf e.g. via

EXCLUDE_COMPONENTS+=( /dev/mapper/luks2test )

because excluding (i.e. disabling) components in disklayout.conf happens after
the components were detected and the detection results were written to disklayout.conf
to have the information about all components (enabled and disabled) in disklayout.conf
so that the user could manually recreate things where components have been disabled.

FYI:
Values for the EXCLUDE_COMPONENTS array
must match what there is in var/lib/rear/layout/disktodo.conf

---

[Export of Github issue for rear/rear.]