From owner-freebsd-stable@FreeBSD.ORG Tue Mar 6 18:19:37 2012 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EEFF210656AA for ; Tue, 6 Mar 2012 18:19:37 +0000 (UTC) (envelope-from xenophon+freebsd@irtnog.org) Received: from mx1.irtnog.org (rrcs-24-123-13-61.central.biz.rr.com [24.123.13.61]) by mx1.freebsd.org (Postfix) with ESMTP id C3C2C8FC1B for ; Tue, 6 Mar 2012 18:19:37 +0000 (UTC) Received: from cinep001bsdgw.irtnog.net (localhost [127.0.0.1]) by mx1.irtnog.org (Postfix) with ESMTP id 99C831270B for ; Tue, 6 Mar 2012 13:03:05 -0500 (EST) X-Virus-Scanned: amavisd-new at irtnog.org Received: from mx1.irtnog.org ([127.0.0.1]) by cinep001bsdgw.irtnog.net (mx1.irtnog.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 564gl-Chp8Kn for ; Tue, 6 Mar 2012 13:03:03 -0500 (EST) Received: from cinip100ntsbs.irtnog.net (cinip100ntsbs.irtnog.net [10.63.1.100]) by mx1.irtnog.org (Postfix) with ESMTP for ; Tue, 6 Mar 2012 13:03:03 -0500 (EST) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Tue, 6 Mar 2012 13:03:00 -0500 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: geli keyfiles won't load automatically at boot time thread-index: Acz7w1q1eokLY4QBTeO6xtpF/gFs1Q== From: "xenophon\\+freebsd" To: Subject: geli keyfiles won't load automatically at boot time X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Mar 2012 18:19:38 -0000 Whether I boot from an unencrypted UFS partition or from a CD, I cannot get the boot loader to load my geli keyfiles automatically. I always have to interrupt the boot process and issue "load_geli" commands for each provider and its corresponding keyfile. Other settings in /boot/loader.conf get read and applied correctly - kernel modules, root file system specification, boot hints, etc. Here are the relevant lines from /boot/loader.conf: geom_eli_load=3D"YES" geli_ada0p2_keyfile0_load=3D"YES" geli_ada0p2_keyfile0_type=3D"ada0p2:geli_keyfile0" geli_ada0p2_keyfile0_file=3D"/boot/keys/ada0p2.key" geli_ada1p2_keyfile0_load=3D"YES" geli_ada1p2_keyfile0_type=3D"ada1p2:geli_keyfile0" geli_ada1p2_keyfile0_file=3D"/boot/keys/ada1p2.key" geli_ada2p2_keyfile0_load=3D"YES" geli_ada2p2_keyfile0_type=3D"ada2p2:geli_keyfile0" geli_ada2p2_keyfile0_file=3D"/boot/keys/ada2p2.key" geli_ada3p2_keyfile0_load=3D"YES" geli_ada3p2_keyfile0_type=3D"ada3p2:geli_keyfile0" geli_ada3p2_keyfile0_file=3D"/boot/keys/ada3p2.key" If I boot with this configuration, I get the following error: GEOM_ELI: Found no keyfiles in loader.conf for ada0p2 GEOM_ELI: Found no keyfiles in loader.conf for ada1p2 GEOM_ELI: Found no keyfiles in loader.conf for ada2p2 GEOM_ELI: Found no keyfiles in loader.conf for ada3p2 Instead, I have to issue the following loader commands manually: load_geli ada0p2 /boot/keys/ada0p2.key=20 load_geli ada1p2 /boot/keys/ada1p2.key load_geli ada2p2 /boot/keys/ada2p2.key load_geli ada3p2 /boot/keys/ada3p2.key Then, the system will boot normally. Can anyone tell me what's wrong with my configuration? It matches what's on the geli(8) manual page. I've glanced through the relevant kernel sources, but I won't pretend that I understood everything that I read. Best wishes, Matthew --=20 I FIGHT FOR THE USERS