From owner-freebsd-geom@FreeBSD.ORG Mon Jan 30 11:02:23 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id AF9A016A420
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 11:02:23 +0000 (GMT)
(envelope-from owner-bugmaster@freebsd.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
by mx1.FreeBSD.org (Postfix) with ESMTP id 78CA543D45
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 11:02:23 +0000 (GMT)
(envelope-from owner-bugmaster@freebsd.org)
Received: from freefall.freebsd.org (peter@localhost [127.0.0.1])
by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k0UB2Nsd019580
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 11:02:23 GMT
(envelope-from owner-bugmaster@freebsd.org)
Received: (from peter@localhost)
by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k0UB2K8R019539
for freebsd-geom@freebsd.org; Mon, 30 Jan 2006 11:02:21 GMT
(envelope-from owner-bugmaster@freebsd.org)
Date: Mon, 30 Jan 2006 11:02:21 GMT
Message-Id: <200601301102.k0UB2K8R019539@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: peter set sender to
owner-bugmaster@freebsd.org using -f
From: FreeBSD bugmaster <bugmaster@freebsd.org>
To: freebsd-geom@FreeBSD.org
Cc:
Subject: Current problem reports assigned to you
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2006 11:02:23 -0000
Current FreeBSD problem reports
Critical problems
Serious problems
S Submitted Tracker Resp. Description
-------------------------------------------------------------------------------
o [2005/01/21] kern/76538 geom [gbde] nfs-write on gbde partition stalls
o [2005/08/04] kern/84556 geom [geom] GBDE-encrypted swap causes panic a
o [2005/10/16] kern/87544 geom [gbde] mmaping large files on a gbde file
o [2005/11/16] kern/89102 geom [geom_vfs] [panic] panic when forced unmo
o [2005/12/08] bin/90093 geom fdisk(8) incapable of altering in-core ge
o [2005/12/18] kern/90582 geom [geom_mirror] [panic] Restore cause panic
6 problems total.
Non-critical problems
S Submitted Tracker Resp. Description
-------------------------------------------------------------------------------
o [2005/02/26] bin/78131 geom gbde "destroy" not working.
o [2005/03/26] kern/79251 geom [2TB] newfs fails on 2.6TB gbde device
2 problems total.
From owner-freebsd-geom@FreeBSD.ORG Mon Jan 30 14:55:59 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 6038F16A420
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 14:55:59 +0000 (GMT)
(envelope-from Markus.Orebrand@operax.com)
Received: from smtp.operax.com (net-internal.operax.com [213.50.74.197])
by mx1.FreeBSD.org (Postfix) with SMTP id 810FE43D48
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 14:55:57 +0000 (GMT)
(envelope-from Markus.Orebrand@operax.com)
Received: (qmail 46144 invoked by uid 0); 30 Jan 2006 14:55:56 -0000
Received: from lulex02.ad.operax.com (192.168.2.13)
by treo.operax.com with SMTP; 30 Jan 2006 14:55:56 -0000
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 30 Jan 2006 15:55:55 +0100
Message-ID: <33656995C5C5094A983DE84DA649A92449F8CC@lulex02.ad.operax.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Expandable filesystem with more disk
Thread-Index: AcYlrUXHvWh2SxloTfqONLwcKZxYHQ==
From: =?iso-8859-1?Q?Markus_=D6rebrand?= <Markus.Orebrand@operax.com>
To: <freebsd-geom@freebsd.org>
Subject: Expandable filesystem with more disk
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2006 14:55:59 -0000
I need a possibility to expand a filesystem by adding more disk. I am
sensing that a certain GEOM setup would do the job.
The ideal conditions would be:
- The filesystem is created on a GEOM.=20
- Initially, the GEOM has only one consumer.
- A consumer is a FreeBSD partition (created with bsdlabel(8))
- The size of the GEOM is expandable by adding more consumers.
- The filesystem is expandable by using growfs(8).
Are these conditions realistic? What is the procedure to a) do basic
setup, b) expand the filesystem?
Would this be secure (i.e. is there a risk of data corruption or -loss)?
I am fairly confident that the hardware should pose no security risk
(hardware RAID5, UPS on disks and server).
I am thankful for all advice,
Markus =D6rebrand, Systems administrator @ Operax
From owner-freebsd-geom@FreeBSD.ORG Mon Jan 30 16:00:52 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 6660216A420
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 16:00:52 +0000 (GMT)
(envelope-from gcubfg-freebsd-geom@m.gmane.org)
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2])
by mx1.FreeBSD.org (Postfix) with ESMTP id C20FE43D46
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 16:00:51 +0000 (GMT)
(envelope-from gcubfg-freebsd-geom@m.gmane.org)
Received: from root by ciao.gmane.org with local (Exim 4.43)
id 1F3bRx-0003Rf-4k
for freebsd-geom@freebsd.org; Mon, 30 Jan 2006 17:00:19 +0100
Received: from 222-1-124-83.dsl.3u.net ([83.124.1.222])
by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
id 1AlnuQ-0007hv-00
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 17:00:17 +0100
Received: from christian.baer by 222-1-124-83.dsl.3u.net with local (Gmexim
0.1 (Debian)) id 1AlnuQ-0007hv-00
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 17:00:17 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-geom@freebsd.org
From: Christian Baer <christian.baer@informatik.uni-dortmund.de>
Date: Mon, 30 Jan 2006 16:46:38 +0100 (CET)
Organization: Convenimus Projekt
Lines: 53
Message-ID: <drlccu$1uv6$2@nermal.rz1.convenimus.net>
X-Complaints-To: usenet@sea.gmane.org
X-Gmane-NNTP-Posting-Host: 222-1-124-83.dsl.3u.net
User-Agent: slrn/0.9.8.1 (FreeBSD)
Sender: news <news@sea.gmane.org>
Subject: A few things about GELI
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2006 16:00:52 -0000
Good afternoon[1], fellow readers! :-)
Because I wanted something new to play with and because I found the idea
of encrypting swap and temp space, I decided to give GELI a try. The
idea of using crypto(9) seems good too, because that way hardware
support is added at no extra cost - I know, that was part of the reason,
why GELI was written. :-)
Note:
This thread is not really related to the one I started on the security
mailing-list. Because of the existing crypto-hardware GELI won that
race described there. This here is more of personal interest.
The question is more of an academic nature, but interesting just the
same: Can it be said that GELI is more secure (by design) than GBDE or
vice versa? The differences are not only of cosmetic nature or in the
user interface, but there is a real difference within the concept. Can
one of these approaches be called more secure than the other[2]?
Are there any plans to add additional ciphers like Twofish or Serpant to
GELI?
What does this "sector-to-sector encryption" mean and how is it
different from GBDE's approach?
Are there plans for a geli(4) manpage inspired by gbde(4) manpage? It
just shows the non-expert wonderfully, how it works and how safe it is
(in numbers).
Now for some *real* questions... :-)
GBDE wants to be attached to a partition like adxs1d. The examples in
the handbook however suggest that GELI should be attached to the
hardware-device adx and not to a partition. Why is this so? I am
guessing that GELI would be just as happy to be attached to ad1s1d as to
ad1 (wouldn't this be mandatory if there were more than one partition on
the drive?), but does this have any (dis-) advantages?
If I were to use encrypted swap space I couldn't use the fstab for these
anymore. Should I do this with a start-up script and if so, where should
I put it? 'Where' as in 'where should it be in the boot-order?'
Basicly the same thing goes for temp-space. When should it be mounted.
And more importantly, if I use a new key every time, wouldn't I need a
newfs during every boot - before I mount /tmp?
Regards
Chris
[1] Depending on your time zone of course. :-)
[2] I don't see either of them being cracked any time soon and if either
were attacked it would probably be easier to brute force the
passphrase than to attack the architecture itself.
From owner-freebsd-geom@FreeBSD.ORG Mon Jan 30 16:15:21 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id DB5BB16A420
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 16:15:21 +0000 (GMT)
(envelope-from oxy@field.hu)
Received: from green.field.hu (green.field.hu [217.20.130.28])
by mx1.FreeBSD.org (Postfix) with ESMTP id 67D6E43D45
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 16:15:21 +0000 (GMT)
(envelope-from oxy@field.hu)
Received: from localhost (green.field.hu [217.20.130.28])
by green.field.hu (Postfix) with ESMTP id BFBC211A50D
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 17:15:04 +0100 (CET)
Received: from green.field.hu ([217.20.130.28])
by localhost (green.field.hu [217.20.130.28]) (amavisd-new, port 10024)
with ESMTP id 87900-09 for <freebsd-geom@freebsd.org>;
Mon, 30 Jan 2006 17:15:04 +0100 (CET)
Received: from oxy (dsl85-238-76-104.pool.tvnet.hu [85.238.76.104])
by green.field.hu (Postfix) with ESMTP id 94ABE119C90
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 17:15:04 +0100 (CET)
Message-ID: <000901c625b8$68954120$0201a8c0@oxy>
From: "OxY" <oxy@field.hu>
To: <freebsd-geom@freebsd.org>
Date: Mon, 30 Jan 2006 17:15:37 +0100
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-2";
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2670
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
X-Virus-Scanned: by Amavisd-new (Spamassassin+Razor2+Pyzor+DCC+Bayes db,
Clamd Antivirus) at field.hu
Subject: geli bugreport? fdisk error with non default sector size
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2006 16:15:22 -0000
hi!
i tried to encrypt my root partition and the whole hard disk..
used this cmd to initalize geli:
#geli init -b -s 4096 -l 256 /dev/ad2
it succed, but after then i tried to use
#fdisk -f part.cfg /dev/ad2.eli
and it gave me an error: length must be multiple of sector size..
when i gave 4096,8192, so on to length the error was the same..
i tried to init the provdier without -s switch, then the fdisk ran without
any error..
did i do something wrong or is this a bug?
thanks!
From owner-freebsd-geom@FreeBSD.ORG Mon Jan 30 16:47:18 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id E482B16A420
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 16:47:18 +0000 (GMT)
(envelope-from chris@haakonia.hitnet.rwth-aachen.de)
Received: from ms-dienst.rz.rwth-aachen.de (ms-2.rz.RWTH-Aachen.DE
[134.130.3.131])
by mx1.FreeBSD.org (Postfix) with ESMTP id 1727B43D49
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 16:47:17 +0000 (GMT)
(envelope-from chris@haakonia.hitnet.rwth-aachen.de)
Received: from circe (circe.rz.RWTH-Aachen.DE [134.130.3.36])
by ms-dienst.rz.rwth-aachen.de
(iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004))
with ESMTP id <0ITW0069VZXYTE@ms-dienst.rz.rwth-aachen.de> for
freebsd-geom@freebsd.org; Mon, 30 Jan 2006 17:46:47 +0100 (MET)
Received: from talos.rz.RWTH-Aachen.DE ([134.130.3.22])
by circe (MailMonitor for SMTP v1.2.2 ) ;
Mon, 30 Jan 2006 17:46:46 +0100 (MET)
Received: from bigboss.hitnet.rwth-aachen.de
(bigspace.hitnet.RWTH-Aachen.DE [137.226.181.2]) by
smarthost.rwth-aachen.de
(8.13.1/8.13.1/1) with ESMTP id k0UGkjhp005897;
Mon, 30 Jan 2006 17:46:45 +0100
Received: from lorien.hitnet.rwth-aachen.de
([137.226.181.92] helo=haakonia.hitnet.rwth-aachen.de)
by bigboss.hitnet.rwth-aachen.de with esmtps
(TLS-1.0:DHE_RSA_AES_256_CBC_SHA:32) (Exim 4.50) id 1F3cAw-0001mh-5H;
Mon, 30 Jan 2006 17:46:46 +0100
Received: by haakonia.hitnet.rwth-aachen.de (Postfix, from userid 1001)
id B25BD3F40A; Mon, 30 Jan 2006 17:46:45 +0100 (CET)
Date: Mon, 30 Jan 2006 17:46:45 +0100
From: Christian Brueffer <chris@unixpages.org>
In-reply-to: <drlccu$1uv6$2@nermal.rz1.convenimus.net>
To: Christian Baer <christian.baer@informatik.uni-dortmund.de>
Message-id: <20060130164645.GA1486@haakonia.hitnet.RWTH-Aachen.DE>
MIME-version: 1.0
Content-type: multipart/signed; boundary=PNTmBPCT7hxwcZjr;
protocol="application/pgp-signature"; micalg=pgp-sha1
Content-disposition: inline
User-Agent: Mutt/1.5.11
X-Operating-System: FreeBSD 6.0-STABLE
X-PGP-Key: http://people.FreeBSD.org/~brueffer/brueffer.key.asc
X-PGP-Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D
References: <drlccu$1uv6$2@nermal.rz1.convenimus.net>
Cc: freebsd-geom@freebsd.org
Subject: Re: A few things about GELI
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2006 16:47:19 -0000
--PNTmBPCT7hxwcZjr
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Jan 30, 2006 at 04:46:38PM +0100, Christian Baer wrote:
> Good afternoon[1], fellow readers! :-)
>=20
> Because I wanted something new to play with and because I found the idea
> of encrypting swap and temp space, I decided to give GELI a try. The
> idea of using crypto(9) seems good too, because that way hardware
> support is added at no extra cost - I know, that was part of the reason,
> why GELI was written. :-)
>=20
> Note:
> This thread is not really related to the one I started on the security
> mailing-list. Because of the existing crypto-hardware GELI won that
> race described there. This here is more of personal interest.
>=20
> The question is more of an academic nature, but interesting just the
> same: Can it be said that GELI is more secure (by design) than GBDE or
> vice versa? The differences are not only of cosmetic nature or in the
> user interface, but there is a real difference within the concept. Can
> one of these approaches be called more secure than the other[2]?
>=20
There was a huge thread about this very topic on one of the NetBSD lists
and freebsd-hackers@ between phk and the guy that implemented cgd for
NetBSD (very similar in concept to geli). So, if you're interested in
the gory details, I suggest you look that thread up.
To cut it short: opinions differ greatly.
>=20
> Are there plans for a geli(4) manpage inspired by gbde(4) manpage? It
> just shows the non-expert wonderfully, how it works and how safe it is
> (in numbers).
>=20
That would be very useful indeed.
> Now for some *real* questions... :-)
>=20
> GBDE wants to be attached to a partition like adxs1d. The examples in
> the handbook however suggest that GELI should be attached to the
> hardware-device adx and not to a partition. Why is this so? I am
> guessing that GELI would be just as happy to be attached to ad1s1d as to
> ad1 (wouldn't this be mandatory if there were more than one partition on
> the drive?), but does this have any (dis-) advantages?
>=20
You can encrypt arbitrary providers with geli (same as with gbde). E.g.
on my notebook I have encrypted ad0s1f with geli and have it attach at
boot with the corresponding rc.conf variables.
> If I were to use encrypted swap space I couldn't use the fstab for these
> anymore. Should I do this with a start-up script and if so, where should
> I put it? 'Where' as in 'where should it be in the boot-order?'
>=20
To have your partitions encrypted, you just have to add .eli (for geli)
or .bde (for gbde) to your device name in /etc/fstab, e.g. /dev/ad0s1b.eli
on my notebook. The /etc/rc.d/encswap script does the rest automagically.
That means you don't have to worry about the boot-order.
(The above is true for 7-CURRENT and 6-STABLE, I'm not sure whether encswap
was part of 6.0-RELEASE. For older versions, there were special gbde optio=
ns
for rc.conf).
> Basicly the same thing goes for temp-space. When should it be mounted.
> And more importantly, if I use a new key every time, wouldn't I need a
> newfs during every boot - before I mount /tmp?
>=20
You could use a tmpmfs (see corresponding rc.conf variables). Adding
it to the geli_devices variable probably just works(tm), but it depends
on the order of the rc scripts.
- Christian
--=20
Christian Brueffer chris@unixpages.org brueffer@FreeBSD.org
GPG Key: http://people.freebsd.org/~brueffer/brueffer.key.asc
GPG Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D
--PNTmBPCT7hxwcZjr
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFD3kL1bHYXjKDtmC0RApr7AKDR6hNdBuIoT5FleaHYvTr+qCis/wCfa3Jr
6O/DyfZw1DCbhqConl03QuU=
=pVdm
-----END PGP SIGNATURE-----
--PNTmBPCT7hxwcZjr--
From owner-freebsd-geom@FreeBSD.ORG Mon Jan 30 19:26:47 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 7838E16A420
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 19:26:47 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: from mail.garage.freebsd.pl (arm132.internetdsl.tpnet.pl
[83.17.198.132])
by mx1.FreeBSD.org (Postfix) with ESMTP id E2AD843D48
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 19:26:39 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: by mail.garage.freebsd.pl (Postfix, from userid 65534)
id 97A3550A7F; Mon, 30 Jan 2006 20:26:36 +0100 (CET)
Received: from localhost (dlt101.neoplus.adsl.tpnet.pl [83.24.49.101])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by mail.garage.freebsd.pl (Postfix) with ESMTP id 6793150A16;
Mon, 30 Jan 2006 20:26:30 +0100 (CET)
Date: Mon, 30 Jan 2006 20:26:26 +0100
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
To: OxY <oxy@field.hu>
Message-ID: <20060130192626.GA928@garage.freebsd.pl>
References: <000901c625b8$68954120$0201a8c0@oxy>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="VS++wcV0S1rZb1Fb"
Content-Disposition: inline
In-Reply-To: <000901c625b8$68954120$0201a8c0@oxy>
X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc
X-OS: FreeBSD 7.0-CURRENT i386
User-Agent: mutt-ng/devel-r535 (FreeBSD)
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on
mail.garage.freebsd.pl
X-Spam-Level:
X-Spam-Status: No, score=-0.5 required=3.0 tests=BAYES_00,RCVD_IN_NJABL_DUL,
RCVD_IN_SORBS_DUL autolearn=no version=3.0.4
Cc: freebsd-geom@freebsd.org
Subject: Re: geli bugreport? fdisk error with non default sector size
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2006 19:26:47 -0000
--VS++wcV0S1rZb1Fb
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Jan 30, 2006 at 05:15:37PM +0100, OxY wrote:
+> hi!
+>=20
+> i tried to encrypt my root partition and the whole hard disk..
+> used this cmd to initalize geli:
+> #geli init -b -s 4096 -l 256 /dev/ad2
+>=20
+> it succed, but after then i tried to use #fdisk -f part.cfg /dev/ad2.eli=
=20
+> and it gave me an error: length must be multiple of sector size..
+> when i gave 4096,8192, so on to length the error was the same..
+> i tried to init the provdier without -s switch, then the fdisk ran witho=
ut
+> any error..
+>=20
+> did i do something wrong or is this a bug?
Could you give me output of:
# diskinfo /dev/ad2 /dev/ad2.eli
--=20
Pawel Jakub Dawidek http://www.wheel.pl
pjd@FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
--VS++wcV0S1rZb1Fb
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFD3mhiForvXbEpPzQRAqcIAKCVMkip+vFq2CXIVKc9NJkpq1kgnwCgu6Id
yHvrEfbgozSD+7bTIBD9Jz4=
=2dj0
-----END PGP SIGNATURE-----
--VS++wcV0S1rZb1Fb--
From owner-freebsd-geom@FreeBSD.ORG Mon Jan 30 20:13:05 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id D92D216A420
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 20:13:05 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: from mail.garage.freebsd.pl (arm132.internetdsl.tpnet.pl
[83.17.198.132])
by mx1.FreeBSD.org (Postfix) with ESMTP id 2F6AC43D48
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 20:13:05 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: by mail.garage.freebsd.pl (Postfix, from userid 65534)
id AABE650A7F; Mon, 30 Jan 2006 21:13:03 +0100 (CET)
Received: from localhost (dlt101.neoplus.adsl.tpnet.pl [83.24.49.101])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by mail.garage.freebsd.pl (Postfix) with ESMTP id A047E50A16;
Mon, 30 Jan 2006 21:12:57 +0100 (CET)
Date: Mon, 30 Jan 2006 21:12:52 +0100
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
To: Christian Baer <christian.baer@informatik.uni-dortmund.de>
Message-ID: <20060130201252.GB928@garage.freebsd.pl>
References: <drlccu$1uv6$2@nermal.rz1.convenimus.net>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="LyciRD1jyfeSSjG0"
Content-Disposition: inline
In-Reply-To: <drlccu$1uv6$2@nermal.rz1.convenimus.net>
X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc
X-OS: FreeBSD 7.0-CURRENT i386
User-Agent: mutt-ng/devel-r535 (FreeBSD)
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on
mail.garage.freebsd.pl
X-Spam-Level:
X-Spam-Status: No, score=-0.5 required=3.0 tests=BAYES_00,RCVD_IN_NJABL_DUL,
RCVD_IN_SORBS_DUL autolearn=no version=3.0.4
Cc: freebsd-geom@freebsd.org
Subject: Re: A few things about GELI
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2006 20:13:06 -0000
--LyciRD1jyfeSSjG0
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Jan 30, 2006 at 04:46:38PM +0100, Christian Baer wrote:
+> The question is more of an academic nature, but interesting just the
+> same: Can it be said that GELI is more secure (by design) than GBDE or
+> vice versa? The differences are not only of cosmetic nature or in the
+> user interface, but there is a real difference within the concept. Can
+> one of these approaches be called more secure than the other[2]?
I'm not going to answer this. In my opinion both are secure enough for
most uses (ie. for data privacy).
+> Are there any plans to add additional ciphers like Twofish or Serpant to
+> GELI?
If those will be added to crypto(9) it will be trivial to add them to
geli(8).
+> What does this "sector-to-sector encryption" mean and how is it
+> different from GBDE's approach?
In GBDE there is one sector with keys per 32 sectors with data.
In GELI there is one main key and each data sector is represented by
exactly one sector in *.eli provider.
+> Are there plans for a geli(4) manpage inspired by gbde(4) manpage? It
+> just shows the non-expert wonderfully, how it works and how safe it is
+> (in numbers).
Yes, there are plans...
+> GBDE wants to be attached to a partition like adxs1d. The examples in
+> the handbook however suggest that GELI should be attached to the
+> hardware-device adx and not to a partition. Why is this so? I am
+> guessing that GELI would be just as happy to be attached to ad1s1d as to
+> ad1 (wouldn't this be mandatory if there were more than one partition on
+> the drive?), but does this have any (dis-) advantages?
Both gbde(8) and geli(8) can work just fine with any GEOM providers
(disks, partitions, slices, mirrors, stripes, etc.).
+> If I were to use encrypted swap space I couldn't use the fstab for these
+> anymore. Should I do this with a start-up script and if so, where should
+> I put it? 'Where' as in 'where should it be in the boot-order?'
For swap devices you simply can put /dev/adXs1.eli to /etc/fstab and
/etc/rc.d/encswap script will detect .eli suffix and configure it with
one-time key.
+> Basicly the same thing goes for temp-space. When should it be mounted.
+> And more importantly, if I use a new key every time, wouldn't I need a
+> newfs during every boot - before I mount /tmp?
There is no rc.d script for this yet. So now you need to put something
like this into /etc/rc.early:
prov=3D`mdconfig -a -t swap -s 64m`
geli onetime /dev/${prov}
newfs /dev/${prov}
+> [2] I don't see either of them being cracked any time soon and if either
+> were attacked it would probably be easier to brute force the
+> passphrase than to attack the architecture itself.
In geli(8) password is protected with PKCS#5v2. On my laptop my
passphrase is protected with 131072 interactions, which bascially means
it is 2^17 times harder to break.
--=20
Pawel Jakub Dawidek http://www.wheel.pl
pjd@FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
--LyciRD1jyfeSSjG0
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFD3nNEForvXbEpPzQRAof6AKCxH5S6uOXZKF+wUgB8zmCEssp++gCeLHw3
jbsYgbnoaLENZ7fHqrEa5/4=
=wMid
-----END PGP SIGNATURE-----
--LyciRD1jyfeSSjG0--
From owner-freebsd-geom@FreeBSD.ORG Mon Jan 30 20:29:34 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 6C43716A427
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 20:29:34 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: from mail.garage.freebsd.pl (arm132.internetdsl.tpnet.pl
[83.17.198.132])
by mx1.FreeBSD.org (Postfix) with ESMTP id C073743D45
for <freebsd-geom@freebsd.org>; Mon, 30 Jan 2006 20:29:33 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: by mail.garage.freebsd.pl (Postfix, from userid 65534)
id F039050A7F; Mon, 30 Jan 2006 21:29:31 +0100 (CET)
Received: from localhost (dlt101.neoplus.adsl.tpnet.pl [83.24.49.101])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by mail.garage.freebsd.pl (Postfix) with ESMTP id 182E850A16;
Mon, 30 Jan 2006 21:29:25 +0100 (CET)
Date: Mon, 30 Jan 2006 21:29:21 +0100
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
To: Markus =?iso-8859-2?Q?=D6rebrand?= <Markus.Orebrand@operax.com>
Message-ID: <20060130202920.GC928@garage.freebsd.pl>
References: <33656995C5C5094A983DE84DA649A92449F8CC@lulex02.ad.operax.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="jy6Sn24JjFx/iggw"
Content-Disposition: inline
In-Reply-To: <33656995C5C5094A983DE84DA649A92449F8CC@lulex02.ad.operax.com>
X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc
X-OS: FreeBSD 7.0-CURRENT i386
User-Agent: mutt-ng/devel-r535 (FreeBSD)
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on
mail.garage.freebsd.pl
X-Spam-Level:
X-Spam-Status: No, score=-0.5 required=3.0 tests=BAYES_00,RCVD_IN_NJABL_DUL,
RCVD_IN_SORBS_DUL autolearn=no version=3.0.4
Cc: freebsd-geom@freebsd.org
Subject: Re: Expandable filesystem with more disk
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2006 20:29:34 -0000
--jy6Sn24JjFx/iggw
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Jan 30, 2006 at 03:55:55PM +0100, Markus =D6rebrand wrote:
+> I need a possibility to expand a filesystem by adding more disk. I am
+> sensing that a certain GEOM setup would do the job.
+>=20
+> The ideal conditions would be:
+> - The filesystem is created on a GEOM.=20
+> - Initially, the GEOM has only one consumer.
+> - A consumer is a FreeBSD partition (created with bsdlabel(8))
+> - The size of the GEOM is expandable by adding more consumers.
+> - The filesystem is expandable by using growfs(8).
+>=20
+>=20
+> Are these conditions realistic? What is the procedure to a) do basic
+> setup, b) expand the filesystem?
+>=20
+> Would this be secure (i.e. is there a risk of data corruption or -loss)?
+> I am fairly confident that the hardware should pose no security risk
+> (hardware RAID5, UPS on disks and server).
You can do it with gconcat(8). Create concatenated device with two
components:
# gconcat label NAME ad0s1d ad1
# newfs /dev/concat/NAME
When you want to add another disk:
# gconcat label NAME ad0s1d ad1 ad2
# growfs /dev/concat/NAME
With 'label' and 'create' subcommand you need to give at least two
providers currently, but now I see it will be useful to allow to specify
only one. I'll change it soon.
--=20
Pawel Jakub Dawidek http://www.wheel.pl
pjd@FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
--jy6Sn24JjFx/iggw
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFD3ncgForvXbEpPzQRAibNAJ9jJAhSftmVdtVEEyGztLbmlI5yFACglf4M
cQbRCmT3Jy+ibv/BOgbD3ag=
=B1tE
-----END PGP SIGNATURE-----
--jy6Sn24JjFx/iggw--
From owner-freebsd-geom@FreeBSD.ORG Tue Jan 31 09:44:39 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id B694B16A420;
Tue, 31 Jan 2006 09:44:39 +0000 (GMT) (envelope-from oxy@field.hu)
Received: from green.field.hu (green.field.hu [217.20.130.28])
by mx1.FreeBSD.org (Postfix) with ESMTP id 4501043D45;
Tue, 31 Jan 2006 09:44:39 +0000 (GMT) (envelope-from oxy@field.hu)
Received: from localhost (green.field.hu [217.20.130.28])
by green.field.hu (Postfix) with ESMTP id 0E48C11A50D;
Tue, 31 Jan 2006 10:44:17 +0100 (CET)
Received: from green.field.hu ([217.20.130.28])
by localhost (green.field.hu [217.20.130.28]) (amavisd-new, port 10024)
with ESMTP id 30531-06; Tue, 31 Jan 2006 10:44:16 +0100 (CET)
Received: from oxy (dsl217-197-187-23.pool.tvnet.hu [217.197.187.23])
by green.field.hu (Postfix) with ESMTP id BC11F119C90;
Tue, 31 Jan 2006 10:44:16 +0100 (CET)
Message-ID: <001001c6264a$f391eca0$0201a8c0@oxy>
From: "OxY" <oxy@field.hu>
To: "Pawel Jakub Dawidek" <pjd@FreeBSD.org>
References: <000901c625b8$68954120$0201a8c0@oxy>
<20060130192626.GA928@garage.freebsd.pl>
Date: Tue, 31 Jan 2006 10:44:37 +0100
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-2";
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2670
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
X-Virus-Scanned: by Amavisd-new (Spamassassin+Razor2+Pyzor+DCC+Bayes db,
Clamd Antivirus) at field.hu
Cc: freebsd-geom@freebsd.org
Subject: Re: geli bugreport? fdisk error with non default sector size
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Jan 2006 09:44:39 -0000
i will send it a couple hours later, i am away from the test machine right
now.
i've got one question:
is it neccesary to leave the /boot unencrypted or it has no effect that i
get
non system disk message during boot after encrypted the whole system disk..
On Mon, Jan 30, 2006 at 05:15:37PM +0100, OxY wrote:
+> hi!
+>
+> i tried to encrypt my root partition and the whole hard disk..
+> used this cmd to initalize geli:
+> #geli init -b -s 4096 -l 256 /dev/ad2
+>
+> it succed, but after then i tried to use #fdisk -f part.cfg /dev/ad2.eli
+> and it gave me an error: length must be multiple of sector size..
+> when i gave 4096,8192, so on to length the error was the same..
+> i tried to init the provdier without -s switch, then the fdisk ran
without
+> any error..
+>
+> did i do something wrong or is this a bug?
Could you give me output of:
# diskinfo /dev/ad2 /dev/ad2.eli
--
Pawel Jakub Dawidek http://www.wheel.pl
pjd@FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
----- Original Message -----
From: "Pawel Jakub Dawidek" <pjd@FreeBSD.org>
To: "OxY" <oxy@field.hu>
Cc: <freebsd-geom@freebsd.org>
Sent: Monday, January 30, 2006 8:26 PM
Subject: Re: geli bugreport? fdisk error with non default sector size
From owner-freebsd-geom@FreeBSD.ORG Tue Jan 31 11:19:23 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@FreeBSD.org
Delivered-To: freebsd-geom@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 51C1C16A420
for <freebsd-geom@FreeBSD.org>; Tue, 31 Jan 2006 11:19:23 +0000 (GMT)
(envelope-from Markus.Orebrand@operax.com)
Received: from smtp.operax.com (net-internal.operax.com [213.50.74.197])
by mx1.FreeBSD.org (Postfix) with SMTP id 33BEC43D45
for <freebsd-geom@FreeBSD.org>; Tue, 31 Jan 2006 11:19:21 +0000 (GMT)
(envelope-from Markus.Orebrand@operax.com)
Received: (qmail 36475 invoked by uid 0); 31 Jan 2006 11:19:20 -0000
Received: from lulex02.ad.operax.com (192.168.2.13)
by treo.operax.com with SMTP; 31 Jan 2006 11:19:20 -0000
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Tue, 31 Jan 2006 12:19:20 +0100
Message-ID: <33656995C5C5094A983DE84DA649A92449F99D@lulex02.ad.operax.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Expandable filesystem with more disk
Thread-Index: AcYl2+l2Z6N2NymESnytqAwD5wcFzwAejLxA
From: =?iso-8859-1?Q?Markus_=D6rebrand?= <Markus.Orebrand@operax.com>
To: "Pawel Jakub Dawidek" <pjd@FreeBSD.org>
Cc: freebsd-geom@FreeBSD.org
Subject: RE: Expandable filesystem with more disk
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Jan 2006 11:19:23 -0000
> -----Original Message-----
> From: Pawel Jakub Dawidek [mailto:pjd@FreeBSD.org]=20
> Sent: den 30 januari 2006 21:29
> To: Markus =D6rebrand
> Cc: freebsd-geom@FreeBSD.org
> Subject: Re: Expandable filesystem with more disk
>=20
> You can do it with gconcat(8). Create concatenated device with two
> components:
>=20
> # gconcat label NAME ad0s1d ad1
> # newfs /dev/concat/NAME
>=20
> When you want to add another disk:
>=20
> # gconcat label NAME ad0s1d ad1 ad2
> # growfs /dev/concat/NAME
>=20
> With 'label' and 'create' subcommand you need to give at least two
> providers currently, but now I see it will be useful to allow=20
> to specify
> only one. I'll change it soon.
>=20
Thanks for your answer. I sort of figured gconcat would be the way to
go.
And yes, it would be useful to allow creation with only one provider
(sorry for the provider/consumer confusion earlier), especially with a
number of repos of this kind.
Still, what are the chances of data corruption when adding more
providers and then growfs? Growfs comes bundled with warnings at
least...
--
Markus =D6rebrand, Systems administrator @ Operax
From owner-freebsd-geom@FreeBSD.ORG Tue Jan 31 12:01:52 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@FreeBSD.org
Delivered-To: freebsd-geom@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 808D716A420
for <freebsd-geom@FreeBSD.org>; Tue, 31 Jan 2006 12:01:52 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: from mail.garage.freebsd.pl (arm132.internetdsl.tpnet.pl
[83.17.198.132])
by mx1.FreeBSD.org (Postfix) with ESMTP id 8D50A43D49
for <freebsd-geom@FreeBSD.org>; Tue, 31 Jan 2006 12:01:51 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: by mail.garage.freebsd.pl (Postfix, from userid 65534)
id 861D650A7F; Tue, 31 Jan 2006 13:01:49 +0100 (CET)
Received: from localhost (ana50.internetdsl.tpnet.pl [83.17.82.50])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by mail.garage.freebsd.pl (Postfix) with ESMTP id 5320850A3E;
Tue, 31 Jan 2006 13:01:37 +0100 (CET)
Date: Tue, 31 Jan 2006 13:01:30 +0100
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
To: Markus =?iso-8859-2?Q?=D6rebrand?= <Markus.Orebrand@operax.com>
Message-ID: <20060131120130.GC83051@garage.freebsd.pl>
References: <33656995C5C5094A983DE84DA649A92449F99D@lulex02.ad.operax.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="cHMo6Wbp1wrKhbfi"
Content-Disposition: inline
In-Reply-To: <33656995C5C5094A983DE84DA649A92449F99D@lulex02.ad.operax.com>
X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc
X-OS: FreeBSD 7.0-CURRENT i386
User-Agent: mutt-ng/devel-r535 (FreeBSD)
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on
mail.garage.freebsd.pl
X-Spam-Level:
X-Spam-Status: No, score=-5.9 required=3.0 tests=ALL_TRUSTED,BAYES_00
autolearn=ham version=3.0.4
Cc: freebsd-geom@FreeBSD.org
Subject: Re: Expandable filesystem with more disk
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Jan 2006 12:01:52 -0000
--cHMo6Wbp1wrKhbfi
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Jan 31, 2006 at 12:19:20PM +0100, Markus =D6rebrand wrote:
+> And yes, it would be useful to allow creation with only one provider
+> (sorry for the provider/consumer confusion earlier), especially with a
+> number of repos of this kind.
I committed such functionality to HEAD, should be available in 6.1.
+> Still, what are the chances of data corruption when adding more
+> providers and then growfs? Growfs comes bundled with warnings at
+> least...
Adding more providers with gconcat(8) is safe (as long as you don't
change the order of providers).
I don't know how reliable growfs(8) is...
--=20
Pawel Jakub Dawidek http://www.wheel.pl
pjd@FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
--cHMo6Wbp1wrKhbfi
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFD31GaForvXbEpPzQRAi3BAKC5oBsW4CohjoDguStFYZp5yxmGoACgjhHa
d7+Q7DhNOve+mz+cxZ9y0CA=
=ONcK
-----END PGP SIGNATURE-----
--cHMo6Wbp1wrKhbfi--
From owner-freebsd-geom@FreeBSD.ORG Tue Jan 31 22:04:25 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 3FC3716A422;
Tue, 31 Jan 2006 22:04:25 +0000 (GMT) (envelope-from oxy@field.hu)
Received: from green.field.hu (green.field.hu [217.20.130.28])
by mx1.FreeBSD.org (Postfix) with ESMTP id 9173343D48;
Tue, 31 Jan 2006 22:04:24 +0000 (GMT) (envelope-from oxy@field.hu)
Received: from localhost (green.field.hu [217.20.130.28])
by green.field.hu (Postfix) with ESMTP id 39EB911A50D;
Tue, 31 Jan 2006 23:03:58 +0100 (CET)
Received: from green.field.hu ([217.20.130.28])
by localhost (green.field.hu [217.20.130.28]) (amavisd-new, port 10024)
with ESMTP id 72795-02; Tue, 31 Jan 2006 23:03:58 +0100 (CET)
Received: from oxy (dsl217-197-187-23.pool.tvnet.hu [217.197.187.23])
by green.field.hu (Postfix) with ESMTP id E960B119C90;
Tue, 31 Jan 2006 23:03:57 +0100 (CET)
Message-ID: <002101c626b2$4b850200$0201a8c0@oxy>
From: "OxY" <oxy@field.hu>
To: "Pawel Jakub Dawidek" <pjd@FreeBSD.org>
Date: Tue, 31 Jan 2006 23:04:22 +0100
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-2";
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2670
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
X-Virus-Scanned: by Amavisd-new (Spamassassin+Razor2+Pyzor+DCC+Bayes db,
Clamd Antivirus) at field.hu
Cc: freebsd-geom@freebsd.org
Subject: root partition on geli+gmirror
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Jan 2006 22:04:25 -0000
hi!
now, i'm in the last phase, the encrypted system is bootable, everything
is set, need to go!
booting fs is (/dev/mirror/plex0s1a)
but i can't boot... the system asks for password for the encrypted file
system (/dev/mirror/plex0s2.elia) before mounting the root fs..
after it's done booting sequence prints the usual geli attach msg, then goes
on..
and then..it hangs, mountroot:> line, need to type in the valid path for the
root fs
however i did it before to the fstab..
/dev/mirror/plex0s2.elib none swap sw
0 0
/dev/mirror/plex0s2.elia / ufs rw
1 1
after i type in the: ufs:mirror/plex0s2.elia path then boot goes on,
everythings fine,
system boots up!
did i do anything wrong, or theres something mess around geli+gmirror
combo..
before the mirroring i tested geli alone, and it booted up well, without any
problem..
may i attach any log, output, etc?
thanks for your help in advance!
From owner-freebsd-geom@FreeBSD.ORG Wed Feb 1 00:51:48 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id AB7B716A420
for <freebsd-geom@freebsd.org>; Wed, 1 Feb 2006 00:51:48 +0000 (GMT)
(envelope-from gcubfg-freebsd-geom@m.gmane.org)
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2])
by mx1.FreeBSD.org (Postfix) with ESMTP id BCCB443D49
for <freebsd-geom@freebsd.org>; Wed, 1 Feb 2006 00:51:47 +0000 (GMT)
(envelope-from gcubfg-freebsd-geom@m.gmane.org)
Received: from list by ciao.gmane.org with local (Exim 4.43)
id 1F46Di-0005gP-9I
for freebsd-geom@freebsd.org; Wed, 01 Feb 2006 01:51:38 +0100
Received: from p508c1b93.dip0.t-ipconnect.de ([80.140.27.147])
by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
id 1AlnuQ-0007hv-00
for <freebsd-geom@freebsd.org>; Wed, 01 Feb 2006 01:51:38 +0100
Received: from christian.baer by p508c1b93.dip0.t-ipconnect.de with local
(Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
for <freebsd-geom@freebsd.org>; Wed, 01 Feb 2006 01:51:38 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-geom@freebsd.org
From: Christian Baer <christian.baer@informatik.uni-dortmund.de>
Date: Tue, 31 Jan 2006 11:48:58 +0100 (CET)
Organization: Convenimus Projekt
Lines: 22
Message-ID: <drnfaq$23cb$1@nermal.rz1.convenimus.net>
References: <000901c625b8$68954120$0201a8c0@oxy>
<20060130192626.GA928@garage.freebsd.pl>
<001001c6264a$f391eca0$0201a8c0@oxy>
X-Complaints-To: usenet@sea.gmane.org
X-Gmane-NNTP-Posting-Host: p508c1b93.dip0.t-ipconnect.de
User-Agent: slrn/0.9.8.1 (FreeBSD)
Sender: news <news@sea.gmane.org>
Subject: Re: geli bugreport? fdisk error with non default sector size
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Feb 2006 00:51:48 -0000
On Tue, 31 Jan 2006 10:44:37 +0100 OxY wrote:
> i've got one question:
> is it neccesary to leave the /boot unencrypted or it has no effect
> that i get non system disk message during boot after encrypted the
> whole system disk..
I'm not sure what you are getting at, so I'll just put this in a general
statement:
You cannot boot the kernel from an encrypted file system. This would be
a little like the "chicken or the egg problem". Encrypted filesystems
cannot be read unless attached to the kernel. But without reading from
your encrypted file system, you can't boot the kernel - because it's on
there.
If you really want to encrypt *all* of your disk space, boot the kernel
from something else (CD-ROM, USB-Stick etc.).
Regards
Chris
From owner-freebsd-geom@FreeBSD.ORG Wed Feb 1 08:50:00 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 0781816A420
for <freebsd-geom@freebsd.org>; Wed, 1 Feb 2006 08:50:00 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: from mail.garage.freebsd.pl (arm132.internetdsl.tpnet.pl
[83.17.198.132])
by mx1.FreeBSD.org (Postfix) with ESMTP id 2F46F43D45
for <freebsd-geom@freebsd.org>; Wed, 1 Feb 2006 08:49:53 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: by mail.garage.freebsd.pl (Postfix, from userid 65534)
id 6F54552D03; Wed, 1 Feb 2006 09:49:51 +0100 (CET)
Received: from localhost (pjd.wheel.pl [10.0.1.1])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by mail.garage.freebsd.pl (Postfix) with ESMTP id 9762A51878;
Wed, 1 Feb 2006 09:49:45 +0100 (CET)
Date: Wed, 1 Feb 2006 09:49:40 +0100
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
To: OxY <oxy@field.hu>
Message-ID: <20060201084940.GB764@garage.freebsd.pl>
References: <002101c626b2$4b850200$0201a8c0@oxy>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="+g7M9IMkV8truYOl"
Content-Disposition: inline
In-Reply-To: <002101c626b2$4b850200$0201a8c0@oxy>
X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc
X-OS: FreeBSD 7.0-CURRENT i386
User-Agent: mutt-ng/devel-r535 (FreeBSD)
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on
mail.garage.freebsd.pl
X-Spam-Level:
X-Spam-Status: No, score=-5.9 required=3.0 tests=ALL_TRUSTED,BAYES_00
autolearn=ham version=3.0.4
Cc: freebsd-geom@freebsd.org
Subject: Re: root partition on geli+gmirror
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Feb 2006 08:50:00 -0000
--+g7M9IMkV8truYOl
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Jan 31, 2006 at 11:04:22PM +0100, OxY wrote:
+> hi!
+>=20
+> now, i'm in the last phase, the encrypted system is bootable, everything
+> is set, need to go!
+> booting fs is (/dev/mirror/plex0s1a)
+> but i can't boot... the system asks for password for the encrypted file =
system (/dev/mirror/plex0s2.elia) before mounting the root fs..
+> after it's done booting sequence prints the usual geli attach msg, then =
goes on..
+> and then..it hangs, mountroot:> line, need to type in the valid path for=
the root fs
+> however i did it before to the fstab..
+> /dev/mirror/plex0s2.elib none swap sw 0 0
+> /dev/mirror/plex0s2.elia / ufs rw 1 1
+>=20
+> after i type in the: ufs:mirror/plex0s2.elia path then boot goes on, e=
verythings fine,
+> system boots up!
+> did i do anything wrong, or theres something mess around geli+gmirror co=
mbo..
+> before the mirroring i tested geli alone, and it booted up well, without=
any problem..
+> may i attach any log, output, etc?
Can you try to add /etc/fstab file to the device from which you are
booting (where you have /boot/ directory)?
--=20
Pawel Jakub Dawidek http://www.wheel.pl
pjd@FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
--+g7M9IMkV8truYOl
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFD4HYjForvXbEpPzQRAmJaAKDakD2+u0lghFfUwXyJY71CzD8KcACglj10
g6ccrt/kW75sW67x6i+wLzA=
=9/BE
-----END PGP SIGNATURE-----
--+g7M9IMkV8truYOl--
From owner-freebsd-geom@FreeBSD.ORG Wed Feb 1 22:35:22 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: geom@freebsd.org
Delivered-To: freebsd-geom@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 7F5E316A420
for <geom@freebsd.org>; Wed, 1 Feb 2006 22:35:22 +0000 (GMT)
(envelope-from gbaratto@superb.net)
Received: from smail2.superb.net (smail2.superb.net [64.251.80.10])
by mx1.FreeBSD.org (Postfix) with ESMTP id 1E48B43D46
for <geom@freebsd.org>; Wed, 1 Feb 2006 22:35:21 +0000 (GMT)
(envelope-from gbaratto@superb.net)
Received: from [64.251.80.100] (100.80.251.64.yvr1.superb.net [64.251.80.100])
by smail2.superb.net (Postfix) with ESMTP id C56C41F8EE3
for <geom@freebsd.org>; Wed, 1 Feb 2006 14:35:20 -0800 (PST)
Message-ID: <43E137A9.9060701@superb.net>
Date: Wed, 01 Feb 2006 14:35:21 -0800
From: "Gustavo A. Baratto" <gbaratto@superb.net>
User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: geom@freebsd.org
References: <013c01c622cb$43256ef0$6450fb40@guinness>
<43D97268.2030700@fer.hr> <01a601c622eb$f5d62970$6450fb40@guinness>
<20060127085517.GA789@garage.freebsd.pl>
In-Reply-To: <20060127085517.GA789@garage.freebsd.pl>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc:
Subject: Re: gmirror + ggate
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Feb 2006 22:35:22 -0000
Hey all...
ggate doesnt seem to have a start script like other geom classes.
What's the best way to mount a gmirrored ggated device at start up?
Before gmirror was running in this server, I just created a simple
script in /usr/local/etc/rc.d to mount the ggate devices:
---------
#!/bin/sh
/sbin/ggatec create -R 262144 -S 262144 -o rw 10.10.10.3 /dev/da0s1g
/sbin/ggatec create -R 262144 -S 262144 -o rw 10.10.10.4 /dev/da0s1g
/sbin/mount /dev/ggate0 /mount_point_0
/sbin/mount /dev/ggate1 /mount_point_1
---------
Now... If at boot time I want to startup these two ggate devices
gmirrored, what's the best approach?
I was thinking I could add 'geom_mirror_load="YES"' in loader.conf, then
then run 'gmirror configure -h gm0'
Is that the recommended approach? If yes, do I still need to run the
script above to plumb the ggate devices, or -h does that for us?
Cheers all ;)
Pawel Jakub Dawidek wrote:
> On Thu, Jan 26, 2006 at 06:47:06PM -0800, Gustavo A. Baratto wrote:
> +> Thanks for the links Ivan...
> +>
> +> They answered some of my questions, but mostly they don't really describe what I wanna do, because they mostly refer to more than one client mounting a gmirrored+ggated
> +> device. I want just one server to mount a gmirrored device, exported from two different boxes through ggated.
> +>
> +> Being more specific:
> +>
> +> - Servers X and Y will be file server. They will have big sized identical partitions (for example /dev/da0s1f), that will be exported through ggated, and of course not
> +> mounted on servers X and Y.
> +>
> +> - Server A will ggatec the remote /dev/da0s1f devices from both servers X and Y (/dev/ggate0 and /dev/ggate1).
> +> Then, server A will create the mirror with the devices ggate0 and ggate1:
> +> # gmirror label -v -b round-robin data ggate0
> +> # gmirror insert data ggate1
> +> # mount /dev/mirror/data /mnt
> +>
> +> Just server A will mount /dev/mirror/data RW (or even RO).
>
> There will be a problem when you lost connection to one of the servers -
> ggate will return EIO (or ENXIO) on every I/O request, so gmirror will
> mark this component as broken and will remove it from the mirror so it
> won't be automatically reconnected when the connection come back.
>
> I was wondering how to handle this better. I think we can return ENXIO
> from ggate and just disconnect provider on error != EIO (without marking
> it as broken).
>
From owner-freebsd-geom@FreeBSD.ORG Thu Feb 2 02:23:29 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: geom@freebsd.org
Delivered-To: freebsd-geom@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id E51EE16A422
for <geom@freebsd.org>; Thu, 2 Feb 2006 02:23:29 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: from mail.garage.freebsd.pl (arm132.internetdsl.tpnet.pl
[83.17.198.132])
by mx1.FreeBSD.org (Postfix) with ESMTP id EDDBA43D45
for <geom@freebsd.org>; Thu, 2 Feb 2006 02:23:26 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: by mail.garage.freebsd.pl (Postfix, from userid 65534)
id 532FF50A7F; Thu, 2 Feb 2006 03:23:25 +0100 (CET)
Received: from localhost (dlu224.neoplus.adsl.tpnet.pl [83.24.50.224])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by mail.garage.freebsd.pl (Postfix) with ESMTP id A2C4350A3E;
Thu, 2 Feb 2006 03:23:18 +0100 (CET)
Date: Thu, 2 Feb 2006 03:23:11 +0100
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
To: "Gustavo A. Baratto" <gbaratto@superb.net>
Message-ID: <20060202022310.GA7770@garage.freebsd.pl>
References: <013c01c622cb$43256ef0$6450fb40@guinness>
<20060127085517.GA789@garage.freebsd.pl>
<02d901c623c2$3cb54ca0$6450fb40@guinness>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="ZGiS0Q5IWpPtfppv"
Content-Disposition: inline
In-Reply-To: <02d901c623c2$3cb54ca0$6450fb40@guinness>
X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc
X-OS: FreeBSD 7.0-CURRENT i386
User-Agent: mutt-ng/devel-r535 (FreeBSD)
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on
mail.garage.freebsd.pl
X-Spam-Level:
X-Spam-Status: No, score=-0.5 required=3.0 tests=BAYES_00,RCVD_IN_NJABL_DUL,
RCVD_IN_SORBS_DUL autolearn=no version=3.0.4
Cc: geom@freebsd.org
Subject: Re: gmirror + ggate
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Feb 2006 02:23:30 -0000
--ZGiS0Q5IWpPtfppv
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Jan 27, 2006 at 08:20:57PM -0800, Gustavo A. Baratto wrote:
+> Hi Pawel...
+>=20
+> Is there any patch available for that out there? or it is something in t=
he "to be done" queue?
No patch yet, but I'm slowly moving to that direction:)
--=20
Pawel Jakub Dawidek http://www.wheel.pl
pjd@FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
--ZGiS0Q5IWpPtfppv
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFD4W0OForvXbEpPzQRAlAoAKCnjALyK1ZrbGWO2mOBikG9IFlDyACeN/FO
vsMFIEE+YVj3C5EpLEB12Xw=
=1Eh6
-----END PGP SIGNATURE-----
--ZGiS0Q5IWpPtfppv--
From owner-freebsd-geom@FreeBSD.ORG Thu Feb 2 02:29:17 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: geom@freebsd.org
Delivered-To: freebsd-geom@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 4C07416A420
for <geom@freebsd.org>; Thu, 2 Feb 2006 02:29:17 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: from mail.garage.freebsd.pl (arm132.internetdsl.tpnet.pl
[83.17.198.132])
by mx1.FreeBSD.org (Postfix) with ESMTP id 90F0543D45
for <geom@freebsd.org>; Thu, 2 Feb 2006 02:29:16 +0000 (GMT)
(envelope-from pjd@garage.freebsd.pl)
Received: by mail.garage.freebsd.pl (Postfix, from userid 65534)
id C2FC650A7F; Thu, 2 Feb 2006 03:29:14 +0100 (CET)
Received: from localhost (dlu224.neoplus.adsl.tpnet.pl [83.24.50.224])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by mail.garage.freebsd.pl (Postfix) with ESMTP id 0F86A50A3E;
Thu, 2 Feb 2006 03:29:08 +0100 (CET)
Date: Thu, 2 Feb 2006 03:29:01 +0100
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
To: "Gustavo A. Baratto" <gbaratto@superb.net>
Message-ID: <20060202022901.GB7770@garage.freebsd.pl>
References: <013c01c622cb$43256ef0$6450fb40@guinness> <43D97268.2030700@fer.hr>
<01a601c622eb$f5d62970$6450fb40@guinness>
<20060127085517.GA789@garage.freebsd.pl>
<43E137A9.9060701@superb.net>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="PmA2V3Z32TCmWXqI"
Content-Disposition: inline
In-Reply-To: <43E137A9.9060701@superb.net>
X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc
X-OS: FreeBSD 7.0-CURRENT i386
User-Agent: mutt-ng/devel-r535 (FreeBSD)
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on
mail.garage.freebsd.pl
X-Spam-Level:
X-Spam-Status: No, score=-0.5 required=3.0 tests=BAYES_00,RCVD_IN_NJABL_DUL,
RCVD_IN_SORBS_DUL autolearn=no version=3.0.4
Cc: geom@freebsd.org
Subject: Re: gmirror + ggate
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Feb 2006 02:29:17 -0000
--PmA2V3Z32TCmWXqI
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Feb 01, 2006 at 02:35:21PM -0800, Gustavo A. Baratto wrote:
+> Hey all...
+>=20
+> ggate doesnt seem to have a start script like other geom classes.
+>=20
+> What's the best way to mount a gmirrored ggated device at start up?
+>=20
+> Before gmirror was running in this server, I just created a simple scrip=
t in /usr/local/etc/rc.d to mount the ggate devices:
+> ---------
+> #!/bin/sh
+>=20
+> /sbin/ggatec create -R 262144 -S 262144 -o rw 10.10.10.3 /dev/da0s1g
+> /sbin/ggatec create -R 262144 -S 262144 -o rw 10.10.10.4 /dev/da0s1g
+>=20
+> /sbin/mount /dev/ggate0 /mount_point_0
+> /sbin/mount /dev/ggate1 /mount_point_1
+> ---------
+>=20
+> Now... If at boot time I want to startup these two ggate devices gmirror=
ed, what's the best approach?
+>=20
+> I was thinking I could add 'geom_mirror_load=3D"YES"' in loader.conf, th=
en then run 'gmirror configure -h gm0'
So just has to create ggate provider (with ggatec), gmirror(8) will
handle the rest automatically.
+> Is that the recommended approach? If yes, do I still need to run the scr=
ipt above to plumb the ggate devices, or -h does that for us?
You don't need -h and you don't need to use gmirror in your script at
all.
There is currently no rc.d/ scripts for ggate, but you can check out
freebsd-geom@ archives, I think someone post such scripts some time ago,
but I haven't had time to look into it yet.
--=20
Pawel Jakub Dawidek http://www.wheel.pl
pjd@FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
--PmA2V3Z32TCmWXqI
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFD4W5tForvXbEpPzQRAgc6AKDOq+jn1dEl7gFlVoZivpt0rHdjXACdH7Fv
/ksfe0xK+6fJ8DlJ7zNvx2M=
=C22M
-----END PGP SIGNATURE-----
--PmA2V3Z32TCmWXqI--