Results 1 to 10 of 10

Thread: Restore a backup on dm-crypted LVM

  1. #1
    Join Date
    Dec 2008
    Beans
    250
    Distro
    Ubuntu 11.10 Oneiric Ocelot

    Restore a backup on dm-crypted LVM

    Hi!
    I have an encrypted volume, which contains LVM volume group with volumes.
    I have unencrypted /boot and the rest is on that encrypted lvm.
    I have a backup I want to revert to, but that backup has a different kernel, and I don't know how to update the /boot since I have suspicions that the system won't boot if I just restore / .
    I have little experience with luks and LVM, so can you plz help me?
    I think I need to run update-initramfs and grub-install at some point..

  2. #2
    Join Date
    Dec 2008
    Beans
    250
    Distro
    Ubuntu 11.10 Oneiric Ocelot

    Re: Restore a backup on dm-crypted LVM

    I think the procedure is the same as if I had a nonencrypted / and a separate /boon partition. And I wanted to restore a / backup - what would I have to do to the /boot then?

  3. #3
    Join Date
    Jul 2005
    Location
    Hughenden, Australia
    Beans
    5,096
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Restore a backup on dm-crypted LVM

    I don't think you'll need to do anything special to /boot, just restore your / and then boot and get updates for your operating system as soon as convenient.

    I don't think you'll have trouble booting an older operating system with a newer kernel, but if you do, all you need to do is scroll down your kernels list in your GRUB Menu at boot time and choose an older kernel.

    The initrd.img file that comes with each kernel seems to be most important for booting your encrypted file system. I seem to vaguely remember running some kind of experiment a long time ago that involved deleting the initrd.img for some reason or other, I can't remember now what I was trying to prove. I think I tried replacing it with a copy of another one with the same number but from a different installation to see if it could still decrypt the file system and boot. I couldn't. I can remember chrooting into the encrypted file system to run mkinitrd to make a new initrd.img specific to the encrypted file system to fix it and make the system bootable again. But you won't have that problem.
    Ubuntu user since 2004 (Warty Warthog)

  4. #4
    Join Date
    Dec 2008
    Beans
    250
    Distro
    Ubuntu 11.10 Oneiric Ocelot

    Re: Restore a backup on dm-crypted LVM

    Thanks for the info, just a final question before I start restoring - I always delete older kernels, just keep latest, so in the backup there will be just kernel X, while /boot is trying to reference kernel Y
    The question is:
    having
    Code:
    menuentry 'Ubuntu, with Linux 2.6.38-8-generic' --class ubuntu --class gnu-linux --class gnu --class os {
    	recordfail
    	set gfxpayload=$linux_gfx_mode
    	insmod part_msdos
    	insmod ext2
    	set root='(/dev/sda,msdos3)'
    	search --no-floppy --fs-uuid --set=root f80e9aba-3905-4cc4-9826-c1d5f2e3294e
    	linux	/vmlinuz-2.6.38-8-generic root=/dev/mapper/vg1-root ro   nosplash nomodeset
    	initrd	/initrd.img-2.6.38-8-generic
    }
    in grub.cfg will I be able to boot a system with only older installed(kernel 2.6.36 for example)?

  5. #5
    Join Date
    Jul 2005
    Location
    Hughenden, Australia
    Beans
    5,096
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Restore a backup on dm-crypted LVM

    Check your /boot partition and see if there are some files in there with names like initrd.img* and vmlinuz*. The ones called vmlinuz-somenumber are your Linux kernels and the ones called initrd-somenumber will be the matching initial ramdisks that help the kernel get started reading the file system to start booting the operating system. You'll need at least one of each and ideally they should be a matching pair.

    There are also some symlinks in the / partition called vmlinuz, vmlinuz.old and initrd.img and initrd.img new, those are not your kernel and initrd.img files, but only symlinks to the real files, (or 'shortcuts' in some people's terminology).

    You haven't mentioned what software or method you used for the backup and I didn't ask, but as long as your backup is good and the restore process works okay I don't think you have anything to worry about.
    Just in case it would be a good idea to have a separate (ordinary) backup of your files, if you don't have one already you should probably make one before restoring your encrypted operating system.
    Last edited by Herman; June 11th, 2011 at 07:56 PM.
    Ubuntu user since 2004 (Warty Warthog)

  6. #6
    Join Date
    Dec 2008
    Beans
    250
    Distro
    Ubuntu 11.10 Oneiric Ocelot

    Re: Restore a backup on dm-crypted LVM

    This is /boot
    Code:
    drwxr-xr-x  4 root root     1024 2011-06-01 21:28 ./
    drwxr-xr-x 22 root root     4096 2011-05-04 14:33 ../
    -rw-r--r--  1 root root   730039 2011-04-11 07:24 abi-2.6.38-8-generic
    -rw-r--r--  1 root root   130313 2011-04-11 07:24 config-2.6.38-8-generic
    drwxr-xr-x  3 root root     8192 2011-06-11 19:09 grub/
    -rw-r--r--  1 root root 20034182 2011-06-01 21:28 initrd.img-2.6.38-8-generic
    drwx------  2 root root    12288 2010-12-09 17:47 lost+found/
    -rw-r--r--  1 root root   160988 2010-10-22 15:08 memtest86+.bin
    -rw-r--r--  1 root root   163168 2010-10-22 15:08 memtest86+_multiboot.bin
    -rw-------  1 root root  2654256 2011-04-11 07:24 System.map-2.6.38-8-generic
    -rw-------  1 root root     1368 2011-04-11 07:26 vmcoreinfo-2.6.38-8-generic
    -rw-------  1 root root  4523936 2011-04-11 07:24 vmlinuz-2.6.38-8-generic
    I was using fsarchiver savefs for backup. Not sure if it's the best way, just seems simple..
    I worry that $ sudo dpkg -L linux-image-2.6.38-8-generic lists a whole lot of files/modules that come with kernel, and since I don't have this version installed in /, I'm not sure if the system would boot.. I will backup the /boot now along with current / and then will try to restore. If it fails I hope I can still revert to current backup.

  7. #7
    Join Date
    Dec 2008
    Beans
    250
    Distro
    Ubuntu 11.10 Oneiric Ocelot

    Re: Restore a backup on dm-crypted LVM

    So, just like expected. The OS booted, but drops to terminal.
    i cant dpkg-reconf the old kernel since /boot aint has it.
    Cant upgrade since cant connect to inet due to missing module.
    Plz advise )

  8. #8
    Join Date
    Jul 2005
    Location
    Hughenden, Australia
    Beans
    5,096
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Restore a backup on dm-crypted LVM

    What kind of terminal, a busybox prompt?

    It's quite common for an operating system that has just been restored from a whole partition backup to need a file system check before it will be bootable. I'm just guessing that might be what you need to do, and anyway it's probably the proper thing to try first.
    The file system needs to be clean before we can mount it, and if this doesn't fix it we may need to mount it and chroot into it.

    You'll need a Ubuntu Live CD or even better, an auxilliary Ubuntu installation in a USB flash memory stick.

    How to run e2fsck on an encrypted LUKS volume
    1. This command is to make sure the required software is installed in the operating system which you are using to perform the operation.
    Only needed once in a USB or hard-disk installed Ubuntu, but if you have a Live CD you'll need to do this every time.
    Code:
    sudo apt-get install lvm2 cryptsetup
    2. Use the next command, (below) to probe required module.
    You only need to do these two steps if your operating system doesn't have the lvm2 cryptsetup program installed yet. Once it's installed it will still be there ready to use again next time except if you're in a CD, which will forget the changes on reboot.
    Code:
    sudo modprobe dm-crypt
    3. Look in your 'Places', 'Removable Media' Menu for the iten called something like 'X GB Encrytped' and click on it, you will be asked for the LUKS encryption passphrase.
    Ignore the pop-up which will appear to tell you it can't mount the file system, (just close it).

    4. Run the following command, it should give you the LV name (name of the logical volume), and a list of other details, pay attention to the LV name,
    Code:
    sudo lvdisplay
    for example, the LV Name for one of mine is '/dev/silver-usb/root' We will be looking for a name something like that but not identical to that later on to copy and paste into a later command.

    5
    . Run 'sudo blkid',
    Code:
    sudo blkid
    example output,
    /dev/sda1: UUID="97f5afde-c174-4c1d-8814-a0b495059d3f" TYPE="ext4"
    /dev/sdb1: LABEL="DATA_III" UUID="abd128aa-414d-405b-bd87-ee62ad4f065c" TYPE="ext4"
    /dev/sdc1: LABEL="DATA_1000GB" UUID="fc157c58-069e-4d1b-9613-e4843067f785" TYPE="ext4"
    /dev/sdc2: LABEL="OCZ_SAVER" UUID="eb783d62-e1eb-4f3c-8931-84211444206c" TYPE="ext4"
    /dev/sdc3: LABEL="OCZ_SAVER_II" UUID="cb4e08c2-01b9-4ce6-b6d6-213bd52f8332" TYPE="ext4"
    /dev/sdd1: LABEL="WEBSITE" UUID="a678a230-d764-46f5-b9f3-55be5c1fd207" TYPE="reiserfs"
    /dev/sde1: UUID="728f2eac-d0df-4150-9333-55140167a7c8" TYPE="ext2"
    /dev/sde5: UUID="dd028577-5c83-47da-8bd2-92d5c0599b68" TYPE="crypto_LUKS"
    /dev/mapper/udisks-luks-uuid-dd028577-5c83-47da-8bd2-92d5c0599b68-uid1000: UUID="IFQK7o-arP8-LfLv-10F0-AwUW-q35U-1GeQSm" TYPE="LVM2_member"
    /dev/mapper/silver--usb-root: UUID="80cfa8ca-08ac-4585-bc5f-fdb1f5170da8" TYPE="ext4"
    /dev/mapper/silver--usb-swap_1: UUID="7ffbb2ea-58bc-4951-a46f-643cdabeed22" TYPE="swap"
    In the above command output, the words '/dev/mapper/silver--usb-root' are the ones to copy and use in the command for the file system check, (below).

    6. Run your file system check,
    Code:
    sudo e2fsck -C0 -p -f -v /dev/mapper/silver--usb-root
    232061 inodes used (9.97%)
    1122 non-contiguous files (0.5%)
    438 non-contiguous directories (0.2%)
    # of inodes with ind/dind/tind blocks: 0/0/0
    Extent depth histogram: 195733/167
    3241711 blocks used (34.83%)
    0 bad blocks
    1 large file

    164516 regular files
    21012 directories
    57 character device files
    26 block device files
    0 fifos
    429 links
    46436 symbolic links (36063 fast symbolic links)
    5 sockets
    --------
    232481 files
    7. I recommend running the resize command as well, as often a restored file system isn't the right size to fill the partition,
    Code:
    sudo resize2fs -p /dev/mapper/silver--usb-root
    resize2fs 1.41.14 (22-Dec-2010)
    The filesystem is already 9306112 blocks long. Nothing to do!
    8. Reboot and try to boot your encrypted operating system again. Hopefully it should boot up now.
    Last edited by Herman; June 13th, 2011 at 11:07 AM.
    Ubuntu user since 2004 (Warty Warthog)

  9. #9
    Join Date
    Dec 2008
    Beans
    250
    Distro
    Ubuntu 11.10 Oneiric Ocelot

    Re: Restore a backup on dm-crypted LVM

    Thanks for the reply.
    I checked the FS and it was clean. The problem was that all the modules linked to the /boot/new_kernel were not found in the FS. And since I don't know any way to regenerate /boot/vmlinuz /boot/initrd from the kernel that IS installed in /, I was trying to install/reinstall a kernel. This didn't work since I couldn't even get the packages - no inet, unable to use usb flash/cdrom (modules not loaded).
    Had to boot from flash and copy the packages to the fs, then reboot into the system and install.
    That worked finally
    Wish there was a simpler way to regenerate the files on /boot from the kernel on /.
    dpkg-reconfigure didn't work for this..

  10. #10
    Join Date
    Jul 2005
    Location
    Hughenden, Australia
    Beans
    5,096
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Restore a backup on dm-crypted LVM

    Okay, I'm glad you got it fixed. In all of my operating systems the kernels are in /boot, yours must be different or I'm not understanding properly what you're trying to say. I have symlinks to the kernel and initrd in / but no kernel or initrd. The main thing is you got it fixed anyway. "All's well the ends well".
    Last edited by Herman; June 13th, 2011 at 11:17 AM.
    Ubuntu user since 2004 (Warty Warthog)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •