Red Hat Bugzilla – Bug 506960
mount no longer mounts LUKS encrypted partitions....
Last modified: 2013-01-22 18:41:36 EST
Description of problem: My LUKS encrypted ext4 partition on my USB hard drive no longer mounts: [root@tlondon ~]# mount /dev/sdc1 /mnt mount: unknown filesystem type 'crypto_LUKS' [root@tlondon ~]# I see this in /var/log/messages: Jun 19 07:51:21 tlondon kernel: sdc: sdc1 Jun 19 07:51:21 tlondon kernel: sd 5:0:0:0: [sdc] Attached SCSI disk Jun 19 07:51:28 tlondon kernel: usb 1-5.3: reset high speed USB device using ehci_hcd and address 7 Jun 19 07:51:29 tlondon kernel: padlock: VIA PadLock Hash Engine not detected. Jun 19 07:51:29 tlondon modprobe: FATAL: Error inserting padlock_sha (/lib/modules/2.6.30-6.fc12.x86_64/kernel/drivers/crypto/padlock-sha.ko): No such device ^C I've tried reverting a number of packages: lvm2, device-mapper, util-linux-ng, all to no avail. Version-Release number of selected component (if applicable): lvm2-2.02.47-1.fc12.x86_64 device-mapper-libs-1.02.32-1.fc12.x86_64 util-linux-ng-2.15.1-0.1.fc12.x86_64 device-mapper-multipath-0.4.9-1.fc12.x86_64 device-mapper-devel-1.02.32-1.fc12.x86_64 device-mapper-1.02.32-1.fc12.x86_64 device-mapper-multipath-libs-0.4.9-1.fc12.x86_64 [Also newer rawhide packages] How reproducible: Every time. Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
I think I "misfiled" this against /sbin/mount. It appears that the "automagic" disk/partition mounting (DeviceKit-disks ?, gnome-disk-utility? gnome-mount? other?) is properly running "cryptsetup" on the partition, since I see a newly created /dev/dm-2: [tbl@tlondon ~]$ ls -l /dev/dm* brw-rw----. 1 root disk 253, 0 2009-06-19 17:54 /dev/dm-0 brw-rw----. 1 root disk 253, 1 2009-06-19 17:54 /dev/dm-1 brw-rw----. 1 root disk 253, 2 2009-06-19 17:57 /dev/dm-2 [tbl@tlondon ~]$ [dm-0 is / and dm-1 is swap, I believe] I can mount /dev/dm-2: [root@tlondon ~]# [root@tlondon ~]# mount /dev/dm-2 /mnt [root@tlondon ~]# [root@tlondon ~]# mount /dev/mapper/vg_tlondon-lv_root on / type ext4 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw) /dev/sda2 on /boot type ext3 (rw) tmpfs on /dev/shm type tmpfs (rw,rootcontext="system_u:object_r:tmpfs_t:s0") none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) gvfs-fuse-daemon on /home/tbl/.gvfs type fuse.gvfs-fuse-daemon (rw,nosuid,nodev,user=tbl) /dev/sdb1 on /media/E0FD-1813 type vfat (rw,nosuid,nodev,uhelper=devkit,uid=500,gid=500,shortname=lower,dmask=0077,utf8=1,flush) /dev/dm-2 on /mnt type ext4 (rw) [root@tlondon ~]# So, the crypto is properly working as is gnome-keyring, but the usual "mount" on /media/Backup (Backup is the partition's label) fails. If I run palimpsest before I manually mount, I see no options to mount. I will reassign the BZ to gnome-disk-utility (I'm guessing here, since only it and DeviceKit-disks have been updated recently) and hope for the best. Please reassign if I've guessed wrong (again).
Forgot current versions: gnome-disk-utility-0.3-1.fc12.x86_64 DeviceKit-disks-004-3.fc12.x86_64
Updating to gnome-disk-utility-0.4-1.fc12.x86_64 DeviceKit-disks-005-2.fc12.x86_64 and running in SELinux permissive mode seems to work. The new code seems to want additional stuff: module localdevicekit 1.0; require { type polkit_t; type devicekit_disk_t; class dbus send_msg; class netlink_kobject_uevent_socket { read bind create setopt getattr }; } #============= devicekit_disk_t ============== allow devicekit_disk_t polkit_t:dbus send_msg; allow devicekit_disk_t self:netlink_kobject_uevent_socket { read bind create setopt getattr }; #============= polkit_t ============== allow polkit_t devicekit_disk_t:dbus send_msg;
Sorry, fat fingers.... Adding Daniel Walsh for the SELinux bits....
Fixed in selinux-policy-3.6.18-1.fc12