Date: Sat, 2 Mar 2019 23:10:32 -0800 From: David Christensen <dpchrist@holgerdanske.com> To: freebsd-questions@freebsd.org Subject: Re: Moving raw system image to another drive breaks GELI Message-ID: <8aa98903-99e3-04cb-8d2b-a578c86bfd7a@holgerdanske.com> In-Reply-To: <f85da179-d38d-c322-ebdb-27ce9f9ee311@holgerdanske.com> References: <f85da179-d38d-c322-ebdb-27ce9f9ee311@holgerdanske.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/26/19 10:00 AM, David Christensen wrote:
> I have a computer:
>
> 2019-02-26 09:50:14 dpchrist@ragnar ~
> $ freebsd-version ; uname -a
> 11.2-RELEASE-p9
> FreeBSD ragnar 11.2-RELEASE-p9 FreeBSD 11.2-RELEASE-p9 #0: Tue Feb 5
> 15:30:36 UTC 2019
> root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64
>
>
> I installed to a SanDisk Ultra Fit USB 3.0 16 GB flash drive:
>
> Partitioning Auto (ZFS)
> Pool Type/Disks stripe,da0
> Pool Name zroot
> Force 4K Sectors YES
> Encrypt Disks YES
> Partition Scheme MBR (BIOS)
> Swap Size 2g
> Mirror Swap NO
> Encrypt Swap YES
> Install
>
>
> If I do a raw binary copy of the USB flash drive to a Intel 520 Series
> SSD 60 GB with dd(1) and boot the SSD, GELI rejects the passphrase and I
> end up at a "mountroot>" prompt.
>
>
> I would like to be able to move raw FreeBSD system images from drive to
> drive and have them work.
I did another install onto SSD. While comparing the configuration files
between the USB install and the SSD install, I found some interesting
differences in /boot/loader.conf. Here are some lines from the USB install:
geli_da0s1d_keyfile0_load="YES"
geli_da0s1d_keyfile0_name="/boot/encryption.key"
geli_da0s1d_keyfile0_type="da0s1d:geli_keyfile0"
And here are the corresponding lines from the SSD install:
geli_ada0s1d_keyfile0_load="YES"
geli_ada0s1d_keyfile0_name="/boot/encryption.key"
geli_ada0s1d_keyfile0_type="ada0s1d:geli_keyfile0"
So, the device name for the GELI provider containing the root filesystem
is hard-coded into the names of variables set in loader.conf(5).
If I burn the SSD install image to USB, boot a USB FreeBSD installer
into a shell, remount root read-write:
# mount -o rw /dev/ufs/FreeBSD_Install /
Import the bootpool on the USB image:
# zpool import -f -d /dev -R /mnt bootpool
Edit the variables in /mnt/bootpool/boot/loader.conf, move aside
/mnt/bootpool/boot/zfs/zpool.cache, shutdown, remove the USB installer,
and boot the USB image, it works!
David
References:
[1] https://www.freebsd.org/doc/handbook/boot-introduction.html
[2] loader(8)
[3] loader.conf(5)
[4] mount(8)
[5] zpool(8)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8aa98903-99e3-04cb-8d2b-a578c86bfd7a>