LuksClose does not always close the volume

[livier]

Hi pigmonkey, I still have some issues and try to understand what happened. At the end of the script the command luksClose does not take off the directory /dev/mapper/crypt-xxx corespondin to the device. Then I try to do it manually sudo cryptsetup luksClose crypt-xxx Le périphérique crypt-xxx est toujours occupé.

And then, it can't be opened for the next backup :-(

I have to reboot the computer to make it work again. I also tryed to run the script before lanching the graphical UI (kde here) and then it worked properly.

Seems like kde remember the device has been opened and keep it mapped for a next use (looking inside backup for exemple) and then disable next call off the script. Is there a way to force luksClose at the end of the backup or other ideas ?

[pigmonkey]

Cryptsetup does call luksClose. But if it fails when you call it manually, it probably is also failing when the script calls it.

It sounds like it fails to close because the device is still in use. You could check if it is still mounted.

$ mount | grep /dev/mapper/crypt

Cryptsetup also calls unmount. But if you see that it is still mounted, the unmount process must have failed. You can check if you have some process that is still operating on the mount.

$ lsof | grep /mnt/whereever-you-mounted-the-container

Kill whatever process is using the mount point. Then unmount it. Then close the LUKS container.

[livier]

Try to reproduce the commands from the script and your message that could show what appened

xavier@Xattitude:~$ sudo cryptsetup luksOpen --key-file /path/keyfile /dev/disk/by-partlabel/XXX-partition crypt-XXX-partition
xavier@Xattitude:~$ sudo mount --options noatime /dev/mapper/crypt-XXX-partition /mnt/XXX-partition
xavier@Xattitude:~$ sudo umount /mnt/XXX-partition
xavier@Xattitude:~$ sudo cryptsetup luksClose crypt-XXXpartition
Le périphérique crypt-XXX-partition est toujours occupé.
xavier@Xattitude:~$  mount | grep /dev/mapper/crypt
/dev/mapper/crypt-XXX-partition on /media/xavier/XaDomicile2024fs type ext4 (rw,nosuid,nodev,relatime,errors=remount-ro,uhelper=udisks2)
xavier@Xattitude:~$ lsof | grep /mnt/XXX-partition/
xavier@Xattitude:~$ sudo !! 
sudo lsof | grep /mnt/XXX-partition/ 
lsof: WARNING: can't stat() fuse.portal file system /run/user/1000/doc
      Output information may be incomplete.
xavier@Xattitude:~$ 

[pigmonkey]

So you mount the decrypted volume at /mnt/XXX-partition. You then unmount from /mnt/XXX-partition. After that unmount, but before the luksClose, that decrypted volume is getting mounted at /media/xavier/XaDomicile2024fs, which causes the luksClose to fail.

You must have some sort of automount thing on your computer that immediately re-mounts the drive under the /media directory as soon as it sees it was unmounted from /mnt. Tell it not to do that, and then Cryptshot should work fine.

[livier]

It might be the kde feature that ask for the device password as soon as it sees the device on usb line. I did not found the way to see the proces's number that could do that. I do not know how to block this kde feauture. And If I would do that, I will no more be able to open a usb key :-(
How do you deal with that on your side ? Don't you also have a graphical UI on your laptop ?

I'm going to desactivate udisk2 sudo systemctl stop udisks2.service sudo systemctl disable udisks2.service Then I'll come back to you after a reboot an observations ...

[pigmonkey]

I don't use any sort of automounting. If I want to mount a device I use udiskie-mount from udiskie.