cryptdisks_stop
Stop/deactivate encrypted disk devices
SYNOPSIS
cryptdisks_stop [device_name ...]
PARAMETERS
device_name
Specifies the name(s) of the encrypted device(s) to stop. If no device names are provided, all devices in /etc/crypttab are stopped.
DESCRIPTION
The `cryptdisks_stop` command is a crucial utility in managing encrypted block devices in Linux environments. It is primarily used to cleanly shut down and remove active mappings created by `cryptdisks_start`.
The command iterates through the configuration file `/etc/crypttab` to identify encrypted volumes and attempts to deactivate and remove their associated device mapper mappings. It ensures the underlying encrypted devices are securely unmounted, preventing data corruption. Crucially, it relies on properly configured entries in `/etc/crypttab` to understand which devices to stop. Incorrect or missing entries can lead to errors or skipped devices.
`cryptdisks_stop` is typically executed during system shutdown or when an encrypted volume is no longer needed. Proper shutdown procedures are vital to maintain the integrity of the encrypted data. The command also performs checks like ensuring that the device is properly unmounted before dismounting it from the system to protect against data loss. Because it relies on `/etc/crypttab`, it operates in the context of system boot and shutdown or manual device management.
It is important to understand that running `cryptdisks_stop` without proper configuration may lead to unexpected results and potential data loss.
CAVEATS
Improper configuration in /etc/crypttab can lead to the command skipping devices or failing to unmount them properly, potentially leading to data corruption. This command should be run as root or with proper privileges.
RETURN CODES
The command returns 0 on success. Non-zero return codes indicate errors, such as a device not being found or failing to unmount.
CONFIGURATION FILE
The `/etc/crypttab` file is crucial. It contains definitions for each encrypted volume, specifying the device to encrypt, the mapping name, the key source, and any options.
Each line in /etc/crypttab represents a volume. The format is:
<mapping_name> <device> <key_file> <options>
HISTORY
The `cryptdisks_stop` command has evolved alongside the development of the `cryptsetup` package and the Linux kernel's device mapper functionality. It was created to provide a reliable and automated way to shut down encrypted volumes, integrating with the system's boot and shutdown processes. It became an essential component of systems using LUKS encryption.
SEE ALSO
cryptdisks_start(8), crypttab(5), dmsetup(8)