My laptop recently died (System76 Galago Ultra), but thankfully, it
wasn’t a drive failure. However, recovering the data proved harder than
I thought due to the full-disk encryption. What follows is annotated
output from my script session.
Requirements
- Original drive
- I had an encrypted disk for my main hard drive -
when I set up Ubuntu 15.10, I checked “full-disk
encryption” and didn’t customize the partitions,
i.e., my
/boot,/home, etc., were all on the same partition. As I found out later, I had apparently made an LVM-encrypted drive too. - Recovery laptop
- I used a Chromebook with an Ubuntu 16.04 chroot via Crouton.
- Drive enclosure
- I picked up two cheap USB 3.0 enclosures - one for my primary (SATA) drive and another for my small mSATA drive).
Recovery
After many failed attempts, the basic process is:
- Find the drive identifier
- Decrypt the drive
- Deal with LVM
- Mount the drive
On your recovery system, open a terminal, switch to root (sudo su),
and begin. I recommend using script to record your commands so
you’ll have a record of your steps for the future.
Find the encrypted drive
# lsblk -f /dev/sda
NAME FSTYPE LABEL UUID MOUNTPOINT
sda
|-sda1 ext2 a1e8f1af-1849-49f4-8b6b-3c157e4f1f72 /var/host/media/removable/USB Drive 1
|-sda2
`-sda5 crypto_LUKS a16056e1-631e-47d1-8eaf-da8e8d72df94
# lsblk -f /dev/sda5
NAME FSTYPE LABEL UUID MOUNTPOINT
sda5 crypto_LUKS a16056e1-631e-47d1-8eaf-da8e8d72df94
(As an aside, I had a swap partition that was encrypted, but it was cluttering the results, so I deleted it with LVM in one of my earlier attempts.)
Decrypt the drive
# cryptsetup luksOpen /dev/sdb5 garbage
Enter passphrase for /dev/sda5:
Double-check that it succeeded:
(xenial)root@localhost: /home/jmdeldin # echo $?
0
LVM
Unfortunately, now we need to deal with LVM.
Find out our volume group name with vgdisplay:
# vgdisplay
/run/lvm/lvmetad.socket: connect failed: No such file or directory
WARNING: Failed to connect to lvmetad. Falling back to internal scanning.
--- Volume group ---
VG Name ubuntu-vg
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 4
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 1
Open LV 0
Max PV 0
Cur PV 1
Act PV 1
VG Size 238.23 GiB
PE Size 4.00 MiB
Total PE 60987
Alloc PE / Size 56910 / 222.30 GiB
Free PE / Size 4077 / 15.93 GiB
VG UUID lIcU2S-NJ3d-gAPj-wIwP-3pJ9-F9LC-2X4akS
lvmetad wasn’t running, and the internal scanning process had
failed every other time. After a quick man lvmetad, fire it up:
# lvmetad
Check vgdisplay again:
# vgdisplay
--- Volume group ---
VG Name ubuntu-vg
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 4
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 1
Open LV 0
Max PV 0
Cur PV 1
Act PV 1
VG Size 238.23 GiB
PE Size 4.00 MiB
Total PE 60987
Alloc PE / Size 56910 / 222.30 GiB
Free PE / Size 4077 / 15.93 GiB
VG UUID lIcU2S-NJ3d-gAPj-wIwP-3pJ9-F9LC-2X4akS
Success! Let’s get information about the volume:
# lvs
LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert
root ubuntu-vg -wi------- 222.30g
Activate the volume:
# lvchange -ay ubuntu-vg/root
# echo $?
0
Use vgscan to create the necessary /dev/ links:
# vgscan --mknodes
Reading all physical volumes. This may take a while...
Found volume group "ubuntu-vg" using metadata type lvm2
The link /dev/ubuntu-vg/root should have been created by udev but it was not
found. Falling back to direct link creation.
Confirm the volume is now active:
# lvscan
ACTIVE '/dev/ubuntu-vg/root' [222.30 GiB] inherit
Mount the drive
Finally!
# mkdir /media/old
# mount /dev/ubuntu-vg/root /media/old
# ls /media/old/home
jmdeldin