inside the mind of a linux admin

Fun with fsck on Fedora – avoiding mounted partitions and handling LUKS encrypted ones

I run Fedora on a few of my machines, and inevitably over the course of time the filesystem will need to be repaired because of orphaned inodes, wrong free byte counts, etc.

Typically when EXT4 errors are detected during boot, Fedora will detect this and offer to drop you into “Emergency mode” or continue.

example:

 

That’s all well and grand, however at this point of the boot sequence, some of the file systems are typically already mounted, making a forced fsck very dangerous (and highly not recommended).

If your rootfs became corrupted in a way that fsck refused to fix it in non-interactive mode, you will have to run fsck manually.

The easiest way I’ve found to do this is using the built-in ‘rd.break’ functionality before grub boots the kernel.

Simply reboot the system and modify the kernel’s cmdline, using grub edit command…

 

  1. Start your system and wait for the GRUB menu to show (if you don’t see a GRUB menu, press and hold the left Shift key right after starting the system).
  2. Now highlight the kernel you want to use, and press the e key. You should be able to see and edit the commands associated with the highlighted kernel.
  3. Go down to the line starting with linux and add your parameter  rd.break=pre-mount to its end.
  4. Then press Ctrl + x to boot.

 

The boot process will break just before mounting any filesystem. This means that you can now manually run fsck on any of your filesystems since they have not been mounted yet.

If this worked successfully, you can now reboot the system and go on with your life…

 

But what if my filesystem(s) are encrypted with LUKS?

First, congratulations on your above-average security consciousness. There is not a laptop or workstation I own in existence that has a single byte of my data left unencrypted. While the piece of mind and added security is nice, it adds another layer of complexity around performing fscks…

 

The exact method for fsck’ing an encrypted filesystem depends on how you have setup LUKS, and if you have LVM on top of LUKS or if you just have a filesystem within the LUKS volume.

If you don’t have LVM in addition to LUKS then you would probably do something like this…

OR

 

If you used the LVM on LUKS option providied by the OS installer, then you’ll need to start up LVM. So vgchange -aly after opening the encrypted volume, then run fsck against the /dev/mapper/lvname.

 

Protip:
Like the rd.break solution? Dracut has couple other breakpoints you can use. To check full list, run:
grep -E 'rd.?break' /usr/lib/dracut/modules.d/99base/init.sh

Related Posts

How to install CSF Firewall on CentOS 7

ConfigServer (CSF) is advanced open-source firewall for Linux. If you are like me, I don’t really care much for the native firewalld that’s included with RHEL7 releases, and I’ve used APF for years which is basically just a frontend for iptables. Here’s instructions on how to install it: 1. Disable firewalld systemctl stop firewalld systemctl […]

Read More

ScreenCloud: Troubleshooting missing Python modules after updates

One of my favorite tools that I find myself using quite often is called “ScreenCloud“. It allows you to quickly select any area of your workspace, create an sized screen shot, and then upload it or export it off to their server, your Dropbox account or an SFTP server. If you’ve recently performed upgrades, either […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Twitter: kireguy

Tweeter button Facebook button Myspace button