3

I followed this guide some time ago to set up my system (ubuntu 22.10) on an encrypted ZFS file system, and all worked fine. Part of the guide is to encrypt the swap partition.

Then, I upgraded the primary (swap, boot) drive to a larger one. I had cloned the disk over with clonezilla, which was also fine.

On reboot, I got an error as shown below:

cryptsetup error message

It is pointing to the now removed hard drive swap partition. I updated crypttab to point to the new hard drive's swap partition.

How do I remove/resolve the error?

FSTAB entry for swap:

/dev/mapper/swap none swap defaults 0 0

crypttab entry (reflecting the new SSD)

swap /dev/disk/by-id/nvme-nvme.c0a9-323235324536393636464333-43543430303050335053534438-00000001-part3 /dev/urandom     swap,cipher=aes-xts-plain64,size=256,plain

I tried running ecryptfs-setup-swap with the below results:

$ sudo ecryptfs-setup-swap
WARNING: [/dev/dm-0] already appears to be encrypted, skipping.
WARNING: There were no usable swap devices to be encrypted.  Exiting.

$ sudo cryptsetup status swap
/dev/mapper/swap is active and is in use.
  type:    PLAIN
  cipher:  aes-xts-plain64
  keysize: 256 bits
  key location: dm-crypt
  device:  /dev/nvme0n1p3
  sector size:  512
  offset:  0 sectors
  size:    8388608 sectors
  mode:    read/write

Disk by ID

lrwxrwxrwx 1 root root 10 Mar  2 11:42 dm-name-swap -> ../../dm-0
lrwxrwxrwx 1 root root 10 Mar  2 11:42 dm-uuid-CRYPT-PLAIN-swap -> ../../dm-0
lrwxrwxrwx 1 root root 13 Mar  2 11:42 nvme-CT4000P3PSSD8_2240E671E0D3 -> ../../nvme1n1
lrwxrwxrwx 1 root root 15 Mar  2 11:42 nvme-CT4000P3PSSD8_2240E671E0D3-part1 -> ../../nvme1n1p1
lrwxrwxrwx 1 root root 15 Mar  2 11:42 nvme-CT4000P3PSSD8_2240E671E0D3-part9 -> ../../nvme1n1p9
lrwxrwxrwx 1 root root 13 Mar  2 11:42 nvme-CT4000P3PSSD8_2252E6966FC3 -> ../../nvme0n1
lrwxrwxrwx 1 root root 15 Mar  2 11:42 nvme-CT4000P3PSSD8_2252E6966FC3-part1 -> ../../nvme0n1p1
lrwxrwxrwx 1 root root 15 Mar  2 11:42 nvme-CT4000P3PSSD8_2252E6966FC3-part2 -> ../../nvme0n1p2
lrwxrwxrwx 1 root root 15 Mar  2 11:42 nvme-CT4000P3PSSD8_2252E6966FC3-part3 -> ../../nvme0n1p3
lrwxrwxrwx 1 root root 15 Mar  2 11:42 nvme-CT4000P3PSSD8_2252E6966FC3-part4 -> ../../nvme0n1p4
lrwxrwxrwx 1 root root 13 Mar  2 11:42 nvme-nvme.c0a9-323234304536373145304433-43543430303050335053534438-00000001 -> ../../nvme1n1
lrwxrwxrwx 1 root root 15 Mar  2 11:42 nvme-nvme.c0a9-323234304536373145304433-43543430303050335053534438-00000001-part1 -> ../../nvme1n1p1
lrwxrwxrwx 1 root root 15 Mar  2 11:42 nvme-nvme.c0a9-323234304536373145304433-43543430303050335053534438-00000001-part9 -> ../../nvme1n1p9
lrwxrwxrwx 1 root root 13 Mar  2 11:42 nvme-nvme.c0a9-323235324536393636464333-43543430303050335053534438-00000001 -> ../../nvme0n1
lrwxrwxrwx 1 root root 15 Mar  2 11:42 nvme-nvme.c0a9-323235324536393636464333-43543430303050335053534438-00000001-part1 -> ../../nvme0n1p1
lrwxrwxrwx 1 root root 15 Mar  2 11:42 nvme-nvme.c0a9-323235324536393636464333-43543430303050335053534438-00000001-part2 -> ../../nvme0n1p2
lrwxrwxrwx 1 root root 15 Mar  2 11:42 nvme-nvme.c0a9-323235324536393636464333-43543430303050335053534438-00000001-part3 -> ../../nvme0n1p3
lrwxrwxrwx 1 root root 15 Mar  2 11:42 nvme-nvme.c0a9-323235324536393636464333-43543430303050335053534438-00000001-part4 -> ../../nvme0n1p4

Disk by part label

lrwxrwxrwx 1 root root 15 Mar  2 11:42 Boot -> ../../nvme0n1p2
lrwxrwxrwx 1 root root 15 Mar  2 11:42 EFI -> ../../nvme0n1p1
lrwxrwxrwx 1 root root 15 Mar  2 11:42 Pool -> ../../nvme0n1p4
lrwxrwxrwx 1 root root 15 Mar  2 11:42 Swap -> ../../nvme0n1p3
lrwxrwxrwx 1 root root 15 Mar  2 11:42 zfs-1deacc253f223e81 -> ../../nvme1n1p1

Output of: $ sudo systemctl --type swap -all

 UNIT                                                                      LOAD   ACTIVE SUB    DESCRIPTION                                           
  dev-disk-by\x2did-dm\x2dname\x2dswap.swap                                 loaded active active /dev/disk/by-id/dm-name-swap
  dev-disk-by\x2did-dm\x2duuid\x2dCRYPT\x2dPLAIN\x2dswap.swap               loaded active active /dev/disk/by-id/dm-uuid-CRYPT-PLAIN-swap
  dev-disk-by\x2dlabel-swap.swap                                            loaded active active /dev/disk/by-label/swap
  dev-disk-by\x2duuid-1c32cf08\x2d4817\x2d4be4\x2d8c40\x2deeafe60330c1.swap loaded active active /dev/disk/by-uuid/1c32cf08-4817-4be4-8c40-eeafe60330c1
  dev-dm\x2d0.swap                                                          loaded active active /dev/dm-0
  dev-mapper-swap.swap                                                      loaded active active /dev/mapper/swap


LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.
6 loaded units listed.
To show all installed unit files use 'systemctl list-unit-files'.


$ sudo systemctl --type swap
  UNIT                 LOAD   ACTIVE SUB    DESCRIPTION     
  dev-mapper-swap.swap loaded active active /dev/mapper/swap

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.
1 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use 'systemctl list-unit-files'.
Thystra
  • 377
  • What is the output of sudo cryptsetup status swap ? – Raffa Mar 02 '23 at 09:42
  • Added to the bottom – Thystra Mar 02 '23 at 14:51
  • Double check /dev/nvme0n1p3 is your swap partition ... Then, change the device part in crypttab from /dev/disk/by-id/nvme-nvme.c0a9-...-part3 to just /dev/nvme0n1p3 then reboot and see if this solves the issue ... The reason I advise you to change to partition name is that partition ID is probably not constant in your case ... please see e.g. https://wiki.archlinux.org/title/dm-crypt/Swap_encryption – Raffa Mar 02 '23 at 15:42
  • This looks like a problem with ZFS trying to find the drive it came from - I think you'll need to somehow change it to point to the new drive. – ArrayBolt3 Mar 02 '23 at 16:18
  • I added the info on parts and changed it to the /dev/disk/partition, although that didn't have any direct effect. – Thystra Mar 02 '23 at 16:50
  • ZFS isn't loaded yet, it is cryptsetup that is specifically calling for the old WDC drive. Where does cryptsetup have configuration that would call for it, outside of /etc/crypttab? – Thystra Mar 02 '23 at 16:51
  • Probably from a systemd unit ... See for example https://askubuntu.com/a/1452122/968501 – Raffa Mar 02 '23 at 17:10
  • That doesn't appear to be it - added systemctl output above. – Thystra Mar 02 '23 at 18:23
  • "That doesn't appear to be it" ... Oh that appears to be it from where I stand :) ... If all the swap you configured is that one partition, then you should only have one of those. – Raffa Mar 02 '23 at 18:34
  • I added the base command (not -all). Nothing in there is calling out /dev/disk/by-id/nvme-WDC..... (the disk that was removed). It is pointing to /dev/mapper/swap, which is ultimately pointing to dm-0. – Thystra Mar 02 '23 at 18:43
  • I also disabled swap by disabling entries in crypttab and fstab. Error still occurs, so it's not the swap entries. – Thystra Mar 02 '23 at 18:49
  • 1
    Okay … update-initramfs -u -k … go back to your linked guide and run that part then run update-grub – Raffa Mar 02 '23 at 19:19
  • See this: https://askubuntu.com/a/1161575 – Raffa Mar 02 '23 at 19:30

1 Answers1

1
sudo update-initramfs -u -k all
sudo update-grub

resolved the issue! Thanks @Raffa

Thystra
  • 377