Ubuntu 11.04 Server with encrypted LVM on dm RAID0 -- Incorrect metadata area header checksum - No volume groups found - ALERT! /dev/mapper/MachineName-root does not exist

I am noticing on my other Desktop Ubuntu 11.04 drive which I booted to submit this report, The Update Manager has Important security updates:

ecryptfs cryptografic filesystem (utilities) ecryptfs-utils (Size: 102 KB)

ecryptfs cryptografic filesystem (library) libecryptfs0 (Size: 65 KB)

--------------------------------------------
It looks like this could possibly be the cause since it was recently Updated.

--------------------------------------------
Changes Listed on update:

Changes for the versions:
87-0ubuntu1
87-0ubuntu1.1

Version 87-0ubuntu1.1:

  * SECURITY UPDATE: privilege escalation via mountpoint race conditions
    (LP: #732628)
    - debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint
      before checking permissions in src/utils/mount.ecryptfs_private.c.
    - CVE-2011-1831
    - CVE-2011-1832
  * SECURITY UPDATE: race condition when checking source during mount
    (LP: #732628)
    - debian/patches/CVE-2011-1833.patch: use new ecryptfs_check_dev_ruid
      kernel option when mounting directory in
      src/utils/mount.ecryptfs_private.c.
    - CVE-2011-1833
  * SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
    - debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp
      file first and make sure it succeeds before replacing the real mtab
      in src/utils/mount.ecryptfs_private.c.
    - CVE-2011-1834
  * SECURITY UPDATE: key poisoning via insecure temp directory handling
    (LP: #732628)
    - debian/patches/CVE-2011-1835.patch: make sure we don't copy into a
      user controlled directory in src/utils/ecryptfs-setup-private.
    - CVE-2011-1835
  * SECURITY UPDATE: information disclosure via recovery mount in /tmp
    (LP: #732628)
    - debian/patches/CVE-2011-1836.patch: mount inside protected
      subdirectory in src/utils/ecryptfs-recover-private.
    - CVE-2011-1836
  * SECURITY UPDATE: arbitrary file overwrite via lock counter race
    condition (LP: #732628)
    - debian/patches/CVE-2011-1837.patch: verify permissions with a file
      descriptor, and don't follow symlinks in
      src/utils/mount.ecryptfs_private.c.
    - CVE-2011-1837
----------------------------------------
Description:

eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem for Linux.
It provides advanced key management and policy features. eCryptfs stores cryptographic metadata in the header of each file written, so that encrypted files can be copied between hosts; the file will be decryptable with the proper key, and there is no need to keep track of any additional information aside from what is already in the encrypted file itself. Think of eCryptfs as a sort of "gnupgfs".
eCryptfs is a native Linux filesystem. The kernel module component of eCryptfs is part of the Linux kernel since 2.6.19.
This package contains the userland utilities.

-------------------------------------
Changes:

Changes for the versions:
87-0ubuntu1
87-0ubuntu1.1

Version 87-0ubuntu1.1:

  * SECURITY UPDATE: privilege escalation via mountpoint race conditions
    (LP: #732628)
    - debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint
      before checking permissions ...

This shouldn't have anything to do with ecryptfs, which is not involved with LUKS-encrypted devices.

Please show the contents of /conf/conf.d/cryptroot from the initramfs of the affected system.

[Expired for cryptsetup (Ubuntu) because there has been no activity for 60 days.]

This bug affects me too, on a nearly clean Ubuntu 12.04 install. However, I could not find a /conf/conf.d/cryptroot file as specified in the second last post.

I am able to boot into the system. But system-config-lvm shows me that /dev/mapper/... was renamed to /dev/dm-0.
The /dev/mapper/ partitions are shown as not initialised.

Help would be greatly appreciated.

This tells my /var/log/boot.log:

  Reading all physical volumes. This may take a while...
  Found volume group "lvm" using metadata type lvm2
  The link /dev/lvm/swap should had been created by udev but it was not found. Falling back to direct link creation.
  3 logical volume(s) in volume group "lvm" now active
/scripts/local-top/cryptroot: line 1: can't open /dev/mapper/lvm-root: no such file

Sebastian, is this an encrypted VG at all?

Yes, it is encrypted. And I have to admit that this was a problem with the next kernel from precise-proposed. When I reverted back to the one from precise-updates, the message was gone.

I installed this kernel because of bug #991977, which solved that, but than this error occured. Maybe it is better to wait for an updated kernel?!

I thought I would add more information:

This machine is using Stripe RAID is divided into 2 Drives (not partitions but 2 drives). The First RAID Drive has Ubuntu Server 11.04 with encrypted LVM on dm RAID0. The Second RAID0 drive has Windows XP. the Third Single Drive not in RAID has Ubuntu Desktop 11.10. I have not upgraded it to 12.04LTS yet.
Note: Grub does not know about the other OSes since it was installed before the other OSes and I use the BIOs Boot Menu to select the drive to boot from.

The system no longer drops to (initramfs) and no longer asks for the passphrase, due to constant rebooting, but it does do (grub).

When Booting to this first Drive in RAID0, I get the Grub Menu:
------------------------------------------------------------------------
  "GNU GRUB version 1.99~rcl-13ubuntu3".
Ubuntu, with Linux 2.6.38-10server
Ubuntu, with Linux 2.6.38-10-server (recovery mode)
Previous Linux Versions
Memory test (memtest86+)
Memory test (memtest86+, serial console 115200)

------------------------------------------------------------------------
If I select Previous Linux Version I get the GNU Grub Menu:
------------------------------------------------------------------------
  "GNU GRUB version 1.99~rcl-13ubuntu3".
Ubuntu, with Linux 2.6.38-8server
Ubuntu, with Linux 2.6.38-8-server (recovery mode)
------------------------------------------------------------------------
Selecting:
Ubuntu, with Linux 2.6.38-10server
Ubuntu, with Linux 2.6.38-10-server (recovery mode)
or
Ubuntu, with Linux 2.6.38-8server
Ubuntu, with Linux 2.6.38-8-server (recovery mode)
No longer gets me where I need to enter a Passphrase… It just reboots the machine.
------------------------------------------------------------------------
If I chose the 'c' Option it opens the GNU GRUB Command line option"
  "GNU GRUB version 1.99~rcl-13ubuntu3".
Minimal BASH-like line editing is supported. For the first word, TAB list possible command completions. Anywhere else TAB list possible device or file completions. ESC at any time exits.

grub>
------------------------------------------------------------------------

grub> ls
(hd0) (hd0,msdos5) (hd0,msdos1) (hd1) (hd1,msdos3) (hd1,msdos2) (hd1,msdos1) (hd2) (hd2,msdos1) (fd0)
grub>
------------------------------------------------------------------------
If I select 'e' Option on line "Ubuntu, with Linux 2.6.38-10server":

  "GNU GRUB version 1.99~rcl-13ubuntu3".
setparams 'Ubuntu, with Linus 2.6.38-10server'

recordfail
set gfxpayload=$linux_gfx_mode
insmod part_msdos
insmod ext2
set root='hd3,msdos1)'
search --no-floppy --fs-uuid --set=root ######xx-x###-#x#x-x###-####x#x\xx###
Linux /vmlinux-2.6.38-10-server root=/dev/mapper/MachineName-root ro \quiet
initrd /initrd.img-2.6.38-10-server
------------------------------------------------------------------------

When I Log into my other Ubuntu Single Drive, I can browse the 256mb filesystem ######xx-x###-#x#x-x###-####x#x but I am unable to mount the 750GB LVM2 Physical Volume Not a mountable file system. Once I get this message after typing in the password, I can not attempt to remount it. I had selected the forget immediately option when typing in the password. Loggi...

I can now confirm that this also occurs on Ubuntu 12.04 Desktop with generic kernel 3.2.0.24.26.
John, I'm not sure, are you and I having the same problem at all? Or should I better open a new bug report?

In opposition to you, booting goes on straight and I can use Unity without any problems. But there is always this message like in #5.

Status changed to 'Confirmed' because the bug affects multiple users.

I just upgraded to Ubuntu 12.10, and now I'm seeing the same message on boot:

  /scripts/local-top/cryptroot: line 1: can't open /dev/mapper/p490-root: no such file

The contents of "/var/log/boot.log" and "/etc/crypttab" are below.

/var/log/boot.log:

  Reading all physical volumes. This may take a while...
  Found volume group "p490" using metadata type lvm2
  3 logical volume(s) in volume group "p490" now active
/scripts/local-top/cryptroot: line 1: can't open /dev/mapper/p490-root: no such file
fsck from util-linux 2.20.1
fsck from util-linux 2.20.1
fsck from util-linux 2.20.1
/dev/mapper/p490-root: clean, 220625/1003680 files, 1770508/4006912 blocks (check after next mount)
/dev/sda1: clean, 263/124496 files, 53854/248832 blocks
/dev/mapper/p490-home: clean, 175868/13721600 files, 17080230/54867968 blocks

/etc/crypttab:

sda5_crypt UUID=497c7a02-64bf-496e-9cff-f0611c8c2490 none luks
sdb3_crypt UUID=e35c4825-3fd1-4145-8b5c-33a6f64172ef none luks,noauto

The system seems to boot normally after the message, though.

I got exactly the same behavior as #11. Maybe we sould file a new bug, since the rest works?