How to recover with a full backup?

Sat Dec 9 20:02:24 UTC 2017

Volker Wysk schreef op 09-12-2017 20:26:

> The filesystem which might need to be recovered, is encrypted and a
> logical volume (LVM based). I don't know how to activate the volume
> group.

Oh.

Well I thought there might be more, but I did not read the other topic.

It is really not that hard.

So you have 2 options:

1) recreate the entire crypt, and the entire LVM, and new filesystems 
(root, boot and swap)

2) open the crypt, allow the LVM to be activated, and zero or reformat 
the partitions.

Option 1) is reinstalling the system.

This is option 2)

In the live session:

- cryptsetup open /dev/sda5 sda5_crypt

(assuming your encrypted partition is /dev/sda5, and your boot is 
/dev/sda1)

(this will automatically activate the volume group contained in the LUKS 
crypt)

(at this point, assuming default, there exist now devices such as 
/dev/ubuntu-vg/root)

To zero your root and boot and swap:

- dd if=/dev/zero of=/dev/ubuntu-vg/root bs=1M
- dd if=/dev/zero of=/dev/ubuntu-vg/boot bs=1M
- dd if=/dev/zero of=/dev/ubuntu-vg/swap bs=1M

To create a new filesystem:

- mkfs.ext4 /dev/ubuntu-vg/root
- mkfs.ext2 /dev/ubuntu-vg/boot
- mkswap /dev/ubuntu-vg/swap

To mount the new root and boot so you can restore the backup there:

- mkdir /target
- mount /dev/ubuntu-vg/root /target
- mount /dev/ubuntu-vg/boot /target/boot

Assuming your backup is monolithic including /boot:

- <restorationcommand> -C /target

Installing grub:

- for d in dev proc sys run; do mount --bind /$d /target/$d
- chroot /target
- grub-install /dev/sda

To leave the chroot:
- exit

At this point you are done, assuming your backup is file-based (e.g. 
tar).

All of this runs as root (sudo su first) or prefix everything with sudo.

If a volume group really is not activated, run : vgchange -ay

To close the LUKS container again:

- for d in sys run proc dev; do umount /target/$d; done
- umount /target/boot
- umount /target
- vgchange -an
- cryptsetup close luks

Then you are back at the beginning, but with a newly installed (copied) 
system.

Closing is of course not necessary, you can reboot instantly.

> This is what I meant with the message "LVM: How to access a
> foreign volume group", here in this list.

I have not filtered all my messages ;-). I thought it belonged to the 
LVM-user group ;-).

I have one warning: the sda5_crypt you supply to cryptsetup open MUST 
match that of the installed system (the original system).

If you don't, Grub will complain or update-initramfs might nag about not 
finding some device.

In Ubuntu the default is sda5_crypt.

This is the value on the beginning of the line in /etc/crypttab.