cryptsetup refuses to luksFormat?

Josef Wolf jw at raven.inka.de
Sat Oct 21 18:10:43 UTC 2023 

On Sat, Oct 21, 2023 at 01:49:05PM +0200, Josef Wolf wrote:
> On Sat, Oct 14, 2023 at 01:51:06AM +0200, Josef Wolf wrote:
> > I want to encrypt the whole disk (including boot) on ubuntu-2204 as described on
> > https://discourse.maas.io/t/deploying-servers-with-full-disk-encryption-luks2/3286
> > 
> > So I enter following commands:
> > 
> >    # mount -o remount,ro /boot
> >    # install -m0600 /dev/null /tmp/boot.tar
> >    # tar -C /boot --acls --xattrs --one-file-system -cf /tmp/boot.tar .
> >    # umount /boot/efi
> >    # umount /boot
> >    # cryptsetup -y luksFormat --type luks1 /dev/nvme0n1p3
> >    WARNING: Device /dev/nvme0n1p3 already contains a 'ext4' superblock signature.
> >    
> >    WARNING!
> >    ========
> >    This will overwrite dataon /dev/nvme0n1p3 irrevocably.
> >     
> >    Are you sure? (Type 'yes' in capital letters); YES
> >    Device /dev/nvme0n1p3 is in use. Cannot proceed with format operation.
> > 
> > Uh, not what I expected. So i start to investigate:
> > 
> >    # grep /dev/nvme0n1p3 /proc/mounts
> >    # lsof | grep /dev/nvme0n1p3
> >    # lsof /dev/nvme0n1p3
> >    # fuser /dev/nvme0n1p3
> > 
> > So:
> > - umount succeeded
> > - /proc/mounts, lsof, fuser don's show any sign that the partition is in use
> > 
> > BUT:
> > 
> >     strace cryptsetup luksFormat --type luks1 /dev/nvme0n1p3 2>&1 | \
> >       egrep '(nvme0n1p3|close)'
> > 
> > shows
> > 
> >     openat(AT_FDCWD, "/dev/nvme0n1p3", O_RDONLY|ODIRECT) = 3
> >     close(3)
> >     openat(AT_FDCWD, "/dev/nvme0n1p3", O_RDONLY|O_NONBLOCK|OCLOEXEC) = 3
> >     close(3)
> >     openat(AT_FDCWD, "/dev/nvme0n1p3", O_RDWR|OEXCL) = -1 EBUSY (Device or resource busy)
> > 
> > So there must be something holdig a hand on the partition.
> > 
> > Any idea what that might be?
> 
> No ideas on this one?

Uh! It gets even more strange:

  # mount -o remount,ro /boot
  # install -m0600 /dev/null /tmp/boot.tar
  # tar -C /boot --acls --xattrs --one-file-system -cf /tmp/boot.tar .
  # umount /boot/efi
  # umount /boot
  # mount /boot
  mount: /boot: /dev/nvme0n1p3 already mounted or mount point busy

and again: no sign that the partition is in use:

  # grep nvme0n1p3 /proc/mounts
  # lsof | grep nvme0n1p3
  # lsof nvme0n1p3
  # fuser nvme0n1p3

-- 
Josef Wolf
jw at raven.inka.de

More information about the ubuntu-users mailing list