swapon: stat of /dev/mapper/cryptswap1 failed: No such file or directory
I had the same issue when trying to set up my encrypted swap space and think I've come to a solution. To get started here's a couple links that I used in my research:
- Simple How-To encrypt swap space with ecryptfs (when everything works right)
- Debugging Blog post that debugs a very similar problem in depth. I got a lot of my ideas from here, so I'd recommend giving it a read.
Problem Setup
When I ran ecryptfs-setup-swap
the first time (note that I had already set up swap space when I installed, so I didn't need to do the mkswap
, I got an error message saying the swap space could not be mounted properly.
$ sudo ecryptfs-setup-swap
[sudo] password for isaac:
WARNING:
An encrypted swap is required to help ensure that encrypted files are not leaked to disk in an unencrypted format.
HOWEVER, THE SWAP ENCRYPTION CONFIGURATION PRODUCED BY THIS PROGRAM WILL BREAK HIBERNATE/RESUME ON THIS SYSTEM!
NOTE: Your suspend/resume capabilities will not be affected.
Do you want to proceed with encrypting your swap? [y/N]: y
INFO: Setting up swap: [/dev/nvme0n1p5]
WARNING: Commented out your unencrypted swap from /etc/fstab
marking GPT swap partition /dev/nvme0n1p5 as no-auto...
swapon: stat of /dev/mapper/cryptswap1 failed: No such file or directory
I tried to run the command again and got a message stating that I no longer had any swap space.
$ sudo ecryptfs-setup-swap
INFO: You do not currently have any swap space defined.
You can create a swap file by doing:
$ sudo dd if=/dev/zero of=/swapfile count=130667600
$ sudo mkswap /swapfile
$ sudo swapon /swapfile
And then re-run /usr/bin/ecryptfs-setup-swap
Double checking the error message from the first run of the ecrypt command, it does appear that /dev/mapper/cryptswap1
does not exist.
$ ls /dev/mapper/
control
Investigating Relevant System Files
Based on the previously mentioned blog post, I decided to start hunting around in my system files for evidence as to why the swap space wasn't being identified. The blog mentions that the changed naming schemes of hard drive partitions causes issues for ecryptfs and that switching over to using a UUID based identifier is more consistent.
$ blkid
/dev/nvme0n1p5: UUID="aea96d7f-e091-460b-95fd-a34ab884d440" TYPE="swap" PARTUUID="0a7db4e0-17bf-40e3-8675-afec7891afc5"
/dev/nvme0n1p1: LABEL="ESP" UUID="C291-E533" TYPE="vfat" PARTLABEL="EFI system partition" PARTUUID="63fc7fb9-2ca5-422b-90c7-0db698acdb3c"
/dev/nvme0n1p3: UUID="16F4C1EEF4C1D063" TYPE="ntfs" PARTLABEL="Basic data partition" PARTUUID="c04d0838-5570-4bfc-a961-4b9224b8cc0c"
/dev/nvme0n1p4: UUID="0EEE7736EE7714E5" TYPE="ntfs" PARTUUID="4dc6595f-cc9c-4d80-99ab-ffd9cbe3c1d7"
/dev/nvme0n1p6: UUID="8b2f5c94-db79-4c8d-b5c6-403d912bc0dd" TYPE="ext4" PARTUUID="e373c83f-f992-4e62-a235-1fdd01ac7cf0"
Notice that my swap space is /dev/nvme0n1p5
and has the UUID aea96d7f...
. Now I'll take a look /etc/fstab
and /etc/crypttab
to see what the swap configuration looks like.
$ cat /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
# / was on /dev/nvme0n1p6 during installation
UUID=8b2f5c94-db79-4c8d-b5c6-403d912bc0dd / ext4 errors=remount-ro 0 1
# /boot/efi was on /dev/nvme0n1p1 during installation
UUID=C291-E533 /boot/efi vfat umask=0077 0 1
# swap was on /dev/nvme0n1p5 during installation
#UUID=aea96d7f-e091-460b-95fd-a34ab884d440 none swap sw 0 0
/dev/mapper/cryptswap1 none swap sw 0 0
$ cat /etc/crypttab
# <target name> <source device> <key file> <options>
cryptswap1 UUID=aea96d7f-e091-460b-95fd-a34ab884d440 /dev/urandom swap,offset=1024,cipher=aes-xts-plain64
There are a couple things worth noting here, so I'll go through them one at a time.
- ecryptfs seems to have properly modified my
fstab
to disable my old swap space (commented out line with the swap UUID) and enable the encrypted one. - The crypttab is set up with the appropriate UUID to map to my swap space. This is a big deal, if your crypttab is set up with something besides a UUID (say, the name of the drive in /dev), it's possible that the kernel could rename the drive and cause issues (again, see the blog for details). In my case, ecryptfs seems to have set up the entry properly using a UUID (my guess is that it is patched on 16.04 as the blog mentions the problem on 14.04).
- The crypttab specifies an offset for the drive. Again, this is a subtle "gotcha" mentioned in the blog, but if the offset is not present, it can apparently cause your drive to lose it's UUID because it will get encrypted.
Finally, I checked swapon
to see if it's finding any swap space.
$ swapon -s
Filename Type Size Used Priority
/dev/dm-0 partition 31248892 0 -1
Looks like it is pointing to a swap space (of the correct size) but that swap space is not being properly set up within /dev/mapper
(as referenced by fstab).
Solution
Following the suggestions in the blog post, I decided to see if simply restarting the cryptdisks
service would solve the issue.
$ swapoff -a
$ /etc/init.d/cryptdisks start
$ swapon -a
$ swapon -s
Filename Type Size Used Priority
/dev/dm-0 partition 31248892 0 -1
$ ls -l /dev/mapper/
total 0
crw------- 1 root root 10, 236 Jan 9 11:30 control
lrwxrwxrwx 1 root root 7 Jan 9 12:28 cryptswap1 -> ../dm-0
At this point it seems like my swap space is configured properly. Running htop
shows the appropriate amount of swap space and the diagnostic commands that I was using above are all coming out positive, notably blkid
now shows /dev/mapper/cryptswap1
.
$ sudo blkid
/dev/nvme0n1p1: LABEL="ESP" UUID="C291-E533" TYPE="vfat" PARTLABEL="EFI system partition" PARTUUID="63fc7fb9-2ca5-422b-90c7-0db698acdb3c"
/dev/nvme0n1p3: UUID="16F4C1EEF4C1D063" TYPE="ntfs" PARTLABEL="Basic data partition" PARTUUID="c04d0838-5570-4bfc-a961-4b9224b8cc0c"
/dev/nvme0n1p4: UUID="0EEE7736EE7714E5" TYPE="ntfs" PARTUUID="4dc6595f-cc9c-4d80-99ab-ffd9cbe3c1d7"
/dev/nvme0n1p5: UUID="aea96d7f-e091-460b-95fd-a34ab884d440" TYPE="swap" PARTUUID="0a7db4e0-17bf-40e3-8675-afec7891afc5"
/dev/nvme0n1p6: UUID="8b2f5c94-db79-4c8d-b5c6-403d912bc0dd" TYPE="ext4" PARTUUID="e373c83f-f992-4e62-a235-1fdd01ac7cf0"
/dev/mapper/cryptswap1: UUID="113abaa7-c122-4d47-a826-181ee6a29627" TYPE="swap"
The settings persisted through reboot and everything seems to be running ok, so as far as I can tell, this worked. Hopefully this helps.
Potential alternate solution
To make sure that my answer was working appropriately, I tried to replicate the problem on an EC2 instance. I had the same behavior where running sudo ecryptfs-setup-swap
where it would error trying to run swappon
. However, for some reason the device mapping /dev/dm-0
did not seem to be set up properly. The /etc
files seemed to be ok, so I tried simply rebooting the instance. This appeared to work just fine; however, I'd recommend at least inspecting the appropriate config settings before rebooting to make sure that they are set up correctly so the kernel can mount the swap when you reboot.
Simple reboot fixed this problem for me.