[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[linux-lvm] /dev/dm-* or /dev/mapper/*



I originally set up raid-luks-lvm on this machine with debian's
installer tool, now I am trying to add another encrypted raid1 device to
the existing volume group.  I already have the raid device set up and
encrypted, that's no problem.  Now the linux gazette
(http://linuxgazette.net/140/pfeiffer.html) tells me I should run
'pvcreate' on the device in /dev/mapper.  However, if I examine my
existing physical volumes with 'pvscan' I get the following:

iblis:/home/hatta# pvscan
  PV /dev/dm-0   VG iblis-volumes   lvm2 [931.32 GB / 0    free]
  Total: 1 [931.32 GB] / in use: 1 [931.32 GB] / in no VG: 0 [0   ]

Apparently I am using /dev/dm-0 instead of /dev/mapper/md1_crypt. I
wondered if these were maybe two names for the same thing, so I checked
ls:

iblis:/home/hatta# ls -ld /dev/dm-0 /dev/mapper/md1_crypt
brw-rw---- 1 root disk 253, 0 2009-08-16 12:02 /dev/dm-0
brw-rw---- 1 root disk 253, 0 2009-08-16 12:02 /dev/mapper/md1_crypt

Same major and minor number, if that means anything.  Next I ran
'dmcrypt info' on each:

iblis:/home/hatta# dmsetup info /dev/dm-0
Device /dev/dm-0 not found
Command failed
iblis:/home/hatta# dmsetup info /dev/mapper/md1_crypt 
Name:              md1_crypt
State:             ACTIVE
Read Ahead:        256
Tables present:    LIVE
Open count:        7
Event number:      0
Major, minor:      253, 0
Number of targets: 1


It works on one, and not the other.  So they're not the same thing.  My
new device 'md2_crypt' corresponds to /dev/dm-8, if I am to trust the
major/minor numbers. Should I run pvcreate on /dev/dm-8 or
/dev/mapper/md2_crypt?

And this is a somewhat broader question.  If I have two encrypted
volumes like this in the same volume group, and I have a partition that
spans both physical volumes, what happens when one of those volumes is
not yet unlocked?  There is a short time during bootup that md1_crypt is
unlocked and md2_crypt is not yet unlocked. The boot scripts are
definitely doing something with my logical volumes in that period, since
I can use a keyfile in /root (which is in a logical volume on md1_crypt)
to unlock md2_crypt.  

This seems dangerous to me, what would happen if I added md2_crypt to
that volume group, and extended that filesystem over both physical
volumes?  Is it possible for my keyfile in /root to end up on md2_crypt
and be inaccessible?  Suppose I had trouble entering my passphrase 3
times and cryptsetup gave up. What would happen then?  Would my system
try to mount a logical volume that only half exists?  Could that corrupt
the filesystem?
-- 
  
  hatta00 fastmail fm

-- 
http://www.fastmail.fm - A fast, anti-spam email service.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]