Mageia forum

[nickdegraeve]

I can't seem to mount a file as an encrypted file system.

The setup process seems to go as it should but when it's time to mount it fails with
No available loopback devices
Cannot open device "/home/nick/mnt/mystuff.fs" for target "mystuff"

The setup:

Code: Select all

[root@hal9000 ~]# cryptmount-setup

------------------------------
cryptmount setup script

This program will allow you to setup a secure filing-system that will
be managed by "cryptmount". You will be able to select basic features
such as the location and size of the filesystem - if you want more
advanced features, you should consult the cryptmount manual page.

cryptmount version 4.3, (C)Copyright 2007-2009 RW Penney
cryptmount comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it under
certain conditions - see the file 'COPYING' in the source directory.

------------------------------
Each cryptmount filesystem is identifed by a short name which is used
when mounting or configuring that filesystem. This name should be a
single word (without spaces), such as "opaque".
The following target names have already been used:    (NONE)

  Please enter a target name for your filesystem
  [opaque]: mystuff


The mystuff filesystem can be configured to be owned by a nominated
user, who will be able to create top-level files & directories
without needing to involve the superuser.

  Which user should own the filesystem (leave blank for "root")
  []: nick


In order to access the mystuff filesystem, it must be mounted on top
of an empty directory.

  Please specify where "mystuff" should be mounted
  [/home/nick/crypt]: /home/nick/mnt/mystuff


The maximum available size of your filesystem needs to be chosen so
that enough space can be reserved on your disk.

  Enter the filesystem size (in MB)
  [64]: 1024


The actual encrypted filesystem will be stored in a special file,
which needs to be large enough to contain your entire encrypted
filesystem.

  Enter a filename for your encrypted container
  [/home/nick/crypto.fs]: /home/nick/mnt/mystuff.fs
WARNING: /home/nick/mnt/mystuff.fs already exists

  Enter a filename for your encrypted container
  [/home/nick/crypto.fs]: /home/nick/mnt/mystuff.fs


Access to your encrypted filesystem is protected by a key that is
kept in a separate small file. The key is locked by a password that
you must enter whenever you mount the filesystem.

  Enter a location for the keyfile
  [/etc/cryptmount/mystuff.key]:

------------------------------
Your filing system is now ready to be built - this will involve:
 - Creating the directory "/home/nick/mnt/mystuff"
 - Creating a 1024MB file, "/home/nick/mnt/mystuff.fs"
 - Adding an extra entry ("mystuff") in /etc/cryptmount/cmtab
 - Creating a key-file ("/etc/cryptmount/mystuff.key")
 - Creating an ext3 filingsystem on "/home/nick/mnt/mystuff.fs"
If you do not wish to proceed, no changes will be made to your system.

  Please confirm that you want to proceed (enter "yes")
  [no]: yes
Making mount-point (/home/nick/mnt/mystuff)... done
Creating filesystem container (/home/nick/mnt/mystuff.fs)... done
Taking backup of cryptmount master config-file (/etc/cryptmount/cmtab.bckp-setup)... done
Generating filesystem access key (/etc/cryptmount/mystuff.key)...
Generating random key; please be patient...
Enter new password for target "mystuff":
Confirm password:
Formatting encrypted filesystem...
Enter password for target "mystuff":
No available loopback devices
Cannot open device "/home/nick/mnt/mystuff.fs" for target "mystuff"


All necessary files seem to have been created.

Code: Select all

[root@hal9000 ~]# ls -lh /home/nick/mnt/
total 1.1G
drwxr-xr-x 2 root root  4.0K Sep 28 13:54 mystuff/
-rw-r--r-- 1 root root  1.0G Sep 28 14:01 mystuff.fs


Code: Select all

[root@hal9000 ~]# ls -lh /etc/cryptmount/
total 8.0K
-rw-r--r-- 1 root root 243 Sep 28 14:01 cmtab
-rw-r--r-- 1 root root   0 Sep 28 13:55 cmtab.bckp-setup
-rw------- 1 root root  64 Sep 28 14:01 mystuff.key


Code: Select all

[root@hal9000 ~]# cat /etc/cryptmount/cmtab

# Entry automatically generated by setup-script:
mystuff {
    dev=/home/nick/mnt/mystuff.fs
    dir=/home/nick/mnt/mystuff
    fstype=ext3
    fsoptions=defaults
    cipher=aes
    keyformat=builtin
    keyfile=/etc/cryptmount/mystuff.key
}


And still, when I try to mount it:

Code: Select all

[root@hal9000 ~]# cryptmount mystuff
Enter password for target "mystuff":
No available loopback devices
Cannot open device "/home/nick/mnt/mystuff.fs" for target "mystuff"


What am I doing wrong?

[nickdegraeve]

Solved it. But I got some more questions. (see below)

Apparently the loopback kernel module wasn't loaded. After doing

Code: Select all

[root@hal9000 ~]# modprobe loop

I was able to mount but I got following error

Code: Select all

ot@hal9000 /home/nick]# cryptmount mystuff
Enter password for target "mystuff":
e2fsck 1.42.7 (21-Jan-2013)
ext2fs_open2: Bad magic number in super-block
fsck.ext3: Superblock invalid, trying backup blocks...
fsck.ext3: Bad magic number in super-block while trying to open /dev/mapper/mystuff

The superblock could not be read or does not describe a correct ext2
filesystem.  If the device is valid and it really contains an ext2
filesystem (and not swap or ufs or something else), then the superblock
is corrupt, and you might try running e2fsck with an alternate superblock:
    e2fsck -b 8193 <device>


I decided to start all over and deleted the .fs file, the key file and removed the entry from cmtab.
Running cryptmount-setup succeeded this time and I was able to mount the encrypted FS as my ordinary user:

Code: Select all

[nick@hal9000 ~]$ /usr/bin/cryptmount mystuff
Enter password for target "mystuff":
e2fsck 1.42.7 (21-Jan-2013)
/dev/mapper/mystuff: clean, 11/65536 files, 12644/262144 blocks


Writing to it also works:

Code: Select all

[nick@hal9000 ~]$ touch mnt/mystuff/iets
[nick@hal9000 ~]$ ls -la mnt/mystuff
total 24
drwx------ 3 nick root        4096 Sep 30 12:51 ./
drwxr-xr-x 6 nick users       4096 Sep 30 11:46 ../
-rw-r--r-- 1 nick powerusers     0 Sep 30 12:51 iets
drwx------ 2 root root       16384 Sep 30 11:46 lost+found/


I got 2 questions now:

What is the best way to load the kernel module at boot time?

As I'm going to mount it by hand always, how can I make it unmount automatically when I shutdown the machine?

[nickdegraeve]

The issue of the kernel module not been loaded is also an issue for TrueCrypt files.
It is addressed in the wiki (https://wiki.mageia.org/en/Truecrypt#Add_loop_module_.28Mageia_3_only.29) and a bug report was filed for it (https://bugs.mageia.org/show_bug.cgi?id=9657).

As suggested in the linked wiki entry and bug report I added an entry in /etc/modules:

Code: Select all

[root@hal9000 ~]# echo loop >> /etc/modules
[root@hal9000 ~]# cat /etc/modules
# /etc/modules: kernel modules to load at boot time.
#
# This file should contain the names of kernel modules that are
# to be loaded at boot time, one per line.  Comments begin with
# a `#', and everything on the line after them are ignored.

loop


[nickdegraeve]

I created a bug report for it: https://bugs.mageia.org/show_bug.cgi?id=11323