From owner-freebsd-geom@FreeBSD.ORG Sun Feb 2 19:18:17 2014 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2EFC37F2 for ; Sun, 2 Feb 2014 19:18:17 +0000 (UTC) Received: from mail-we0-x22c.google.com (mail-we0-x22c.google.com [IPv6:2a00:1450:400c:c03::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B799515E3 for ; Sun, 2 Feb 2014 19:18:16 +0000 (UTC) Received: by mail-we0-f172.google.com with SMTP id p61so1420721wes.17 for ; Sun, 02 Feb 2014 11:18:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:mime-version :content-type:content-transfer-encoding; bh=8PUkEkcvUdvdy01rkCW/QoTmnYTcYIT7OMO2GViI7Ug=; b=H1vdx8OnCCvV7kVTlsGQ5RfD9qO67Ig9y7LRh7vU6CZ2zrT2qVcRVwVdtenT2iQVRy oZwBiHaiFKUANxL1JoGh1gQfkPxYyx5sy5/yte4negpeBdIG7Tzyx93sOOpfoMJO6EeG XUanioou4IGgFEpITkXaxAzjfQPjhbdONPXRrVtDPSrSePMLdtTiDaRJdqo8Aqkz+EqU ZcPQmsSCpjGoiEG1q0Tjy5go+wHIhLhbZ/bfuDeIVPJg4r378+Y7JRz5L64gbG7pGHIP qxhXjqDOE+EGOWXqiG5eqDd+uKXqZViFb8F0L66nuVp9C9sreGs1s2sVVWWoDeRSFHgW nfuw== X-Received: by 10.194.240.7 with SMTP id vw7mr137242wjc.75.1391368695252; Sun, 02 Feb 2014 11:18:15 -0800 (PST) Received: from gumby.homeunix.com (4e56702c.skybroadband.com. [78.86.112.44]) by mx.google.com with ESMTPSA id gt6sm3141748wib.8.2014.02.02.11.18.14 for (version=SSLv3 cipher=RC4-SHA bits=128/128); Sun, 02 Feb 2014 11:18:14 -0800 (PST) Date: Sun, 2 Feb 2014 19:18:13 +0000 From: RW To: freebsd-geom@freebsd.org Subject: Re: GELI safe to reboot without detach? Message-ID: <20140202191813.3362c508@gumby.homeunix.com> In-Reply-To: <52C1EE92.1020704@delphij.net> References: <52C1EE92.1020704@delphij.net> X-Mailer: Claws Mail 3.9.3 (GTK+ 2.24.22; amd64-portbld-freebsd10.0) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Feb 2014 19:18:17 -0000 On Mon, 30 Dec 2013 14:07:14 -0800 Xin Li wrote: > On 12/30/13 13:40, Isaac Huff wrote: > > Is it necessary from a reliability and/or security standpoint to > > detach GELI volumes before rebooting? Specifically, if I unmount > > the filesystem, but do not detach (and disable auto-detach) - do I > > risk data corruption or leakage of private keys during a normal > > reboot process? > That's ssaid, not detaching geli provider is not a very good idea but > the consequence for average people is very limited. IIRC the detach is done automatically on shutdown, irrespective of "detach on last close".