cryptsetup-reencrypt may delete old header backup and log file after on-device header marked dirty
if you reference target device by symlink in /dev/disk/by-uuid
cryptsetup-reencrypt fails to start reencryption process. Unfortunately it also removes both header backups and log file while original on-disk header is already marked dirty. This makes the device unusable until the original header is cleaned.
example:
[root@frawhide tmp]# cryptsetup-reencrypt -v /dev/disk/by-uuid/8f74c710-6213-43a7-a88f-f6c566473c0e
Reencryption will change: volume key.
Enter passphrase for key slot 0:
Key slot 0 unlocked.
LUKS header backup of device /dev/disk/by-uuid/8f74c710-6213-43a7-a88f-f6c566473c0e created.
New LUKS header for device /dev/disk/by-uuid/8f74c710-6213-43a7-a88f-f6c566473c0e created.
Activated keyslot 0.
Marking LUKS device /dev/disk/by-uuid/8f74c710-6213-43a7-a88f-f6c566473c0e unusable.
Activating temporary device using old LUKS header.
Key slot 0 unlocked.
Cannot get info about device /dev/disk/by-uuid/8f74c710-6213-43a7-a88f-f6c566473c0e.
Activation of temporary devices failed.
[root@frawhide tmp]# ls LUKS-*
[root@frawhide tmp]#