From owner-freebsd-questions@FreeBSD.ORG Thu Oct 25 15:59:20 2007 Return-Path: Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4895416A468; Thu, 25 Oct 2007 15:59:20 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (lurza.secnetix.de [IPv6:2001:1b20:1:3::1]) by mx1.freebsd.org (Postfix) with ESMTP id 9C0D313C4C8; Thu, 25 Oct 2007 15:59:19 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (localhost [127.0.0.1]) by lurza.secnetix.de (8.14.1/8.14.1) with ESMTP id l9PFxCIt067332; Thu, 25 Oct 2007 17:59:18 +0200 (CEST) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.14.1/8.14.1/Submit) id l9PFxCqa067331; Thu, 25 Oct 2007 17:59:12 +0200 (CEST) (envelope-from olli) Date: Thu, 25 Oct 2007 17:59:12 +0200 (CEST) Message-Id: <200710251559.l9PFxCqa067331@lurza.secnetix.de> From: Oliver Fromme To: freebsd-questions@FreeBSD.ORG, pjd@FreeBSD.ORG In-Reply-To: <20071025151838.GB4511@garage.freebsd.pl> X-Newsgroups: list.freebsd-questions User-Agent: tin/1.8.3-20070201 ("Scotasay") (UNIX) (FreeBSD/6.2-STABLE-20070808 (i386)) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.2 (lurza.secnetix.de [127.0.0.1]); Thu, 25 Oct 2007 17:59:18 +0200 (CEST) Cc: Subject: Re: Booting a GELI encrypted hard disk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-questions@FreeBSD.ORG, pjd@FreeBSD.ORG List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Oct 2007 15:59:20 -0000 Pawel Jakub Dawidek wrote: > On Thu, Oct 25, 2007 at 03:53:34PM +0200, Oliver Fromme wrote: > > Are you saying that the USB pen-drive can be removed while > > the system is running (after it has booted)? I remember > > that it was impossible in the past to remove the root vnode > > (which in this case would be the /boot file system from the > > pen-drive). Did that change recently? Or is there a way > > to change the system's root vnode from the pen-drive to the > > root file system on the encrypted disk? If so, then how? > > The boot directory is different that root file system. /boot/ directory > is only accessed by loader before root file system is mounted. Ah, right. I forgot that the /boot directory is only accessed by the boot blocks and loader(8) during boot, but not by the kernel, so it isn't actually mounted. Once the kernel mounts its root file system, it will be the "real" one from the encrypted disk. Thanks for clearing up my confusion. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "That's what I love about GUIs: They make simple tasks easier, and complex tasks impossible." -- John William Chambless