From owner-freebsd-questions@FreeBSD.ORG  Thu Mar 22 11:02:37 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id A0E6916A527
	for <freebsd-questions@freebsd.org>;
	Thu, 22 Mar 2007 11:02:37 +0000 (UTC)
	(envelope-from cpghost@cordula.ws)
Received: from fw.farid-hajji.net (fw.farid-hajji.net [213.146.115.42])
	by mx1.freebsd.org (Postfix) with ESMTP id 437C413C4C3
	for <freebsd-questions@freebsd.org>;
	Thu, 22 Mar 2007 11:02:37 +0000 (UTC)
	(envelope-from cpghost@cordula.ws)
Received: from epia-2.farid-hajji.net (epia-2 [192.168.254.11])
	by fw.farid-hajji.net (Postfix) with ESMTP id 89ED8DF533;
	Thu, 22 Mar 2007 12:02:19 +0100 (CET)
Date: Thu, 22 Mar 2007 12:02:40 +0100
From: cpghost <cpghost@cordula.ws>
To: freebsd-questions@freebsd.org
Message-ID: <20070322110240.GA10099@epia-2.farid-hajji.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.14 (2007-02-12)
Subject: Crash dumps and encrypted swap
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Mar 2007 11:02:37 -0000

How do you enable crash dumps when the swap partition is GBDE-
(or GELI-) encrypted? A setting of:

dumpdev="/dev/ad0s1b.bde"

in /etc/rc.conf seems silly, because /etc/rc.d/encswap initializes
the swap partition with a new random passphrase on every reboot,
so savecore(8) won't be able to read the previous crash dump.

Is it possible to set dumpdev to "/dev/ad0s1b" (eventhough swap
is /dev/ad0s1b.bde), and make sure that /etc/rc.d/savecore is
called *before* /etc/rc.d/encswap to fetch the (unencrypted)
crash dump?

Or is it better to manually encrypt swap with a known (not one-time)
passphrase -- therefore bypassing /etc/rc.d/encswap completely --,
so that crash dumps are saved on the encrypted swap, but can still
be read back on next reboot?

Oh, and btw, is it at all possible to crash dump on an .bde or .eli
special device? Is it reliable (crash dumping on a regular file is
not possible for reliability reasons)?

(Of course, it's always possible to set aside a special non-encrypted
partition just for crash dumps, but this means reinstalling everything
from scratch...)

Thanks,
-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/