From owner-freebsd-hackers@FreeBSD.ORG Mon Mar 5 00:57:45 2012 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 24E25106566B for ; Mon, 5 Mar 2012 00:57:45 +0000 (UTC) (envelope-from rsimmons0@gmail.com) Received: from mail-vx0-f182.google.com (mail-vx0-f182.google.com [209.85.220.182]) by mx1.freebsd.org (Postfix) with ESMTP id C98E18FC14 for ; Mon, 5 Mar 2012 00:57:44 +0000 (UTC) Received: by vcmm1 with SMTP id m1so2028233vcm.13 for ; Sun, 04 Mar 2012 16:57:44 -0800 (PST) Received-SPF: pass (google.com: domain of rsimmons0@gmail.com designates 10.52.96.70 as permitted sender) client-ip=10.52.96.70; Authentication-Results: mr.google.com; spf=pass (google.com: domain of rsimmons0@gmail.com designates 10.52.96.70 as permitted sender) smtp.mail=rsimmons0@gmail.com; dkim=pass header.i=rsimmons0@gmail.com Received: from mr.google.com ([10.52.96.70]) by 10.52.96.70 with SMTP id dq6mr31906477vdb.124.1330909064367 (num_hops = 1); Sun, 04 Mar 2012 16:57:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=WIqjV2PmddBpAeJGB9yXSECpKknyNSFuQwseWboqrWY=; b=dYSIYBAZljNwolXXpC6eFeSa6G/sZOTn13WYTx2LMrYyuc+n9N9lnmuTwmYn3kyg4s 3wvy8UGP7fmjaFtTTuGJNTyndVXdDgVPanusCXCB2Jao7MwhY7TLKZwHrnypuLValZvo D/idBN0bkabyn/k28hDu+q0SXThHrW7e4ovhmeV6/3fVuQpOWh4fUg1W9dovhQJj8Zre cagC//gusAGwwUDYvPX16JKM8/vvmUkc16kX7mKihWt9vrh8p7vrKux/8r9BLE49m+xK L9uTNSzKY+hIt5DB7ZSc8crU27QeQ0U0qhZDWUia/W9HTx/foFEk6VV5N745qx+PZaxF bsVw== MIME-Version: 1.0 Received: by 10.52.96.70 with SMTP id dq6mr27289947vdb.124.1330907556711; Sun, 04 Mar 2012 16:32:36 -0800 (PST) Received: by 10.52.65.114 with HTTP; Sun, 4 Mar 2012 16:32:36 -0800 (PST) Date: Sun, 4 Mar 2012 19:32:36 -0500 Message-ID: From: Robert Simmons To: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Subject: Where and when /etc/fstab is checking during boot X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Mar 2012 00:57:45 -0000 I've just finished working though building a FreeBSD box with an encrypted root partition as mentioned in the geli(8) man page: "Ask for the passphrase on boot, before the root partition is mounted. This makes it possible to use an encrypted root partition. One will still need bootable unencrypted storage with a /boot/ directory, which can be a CD-ROM disc or USB pen-drive, that can be removed after boot." I've noticed something quite interesting about the way that fstab is read during boot. If you follow the instructions exactly as they are written in the geli(8) man page you soon discover that you also must have an /etc/fstab file in that same unencrypted partition. But this need not be the complete fstab file. It only needs to have the one line that describes /. Later, after the encrypted partition is mounted, the /etc/fstab inside the encrypted partition is then read and all other partitions listed in fstab are mounted as written there. I've tested this by putting empty fstabs and fstabs with just the line for / in both locations and booting to see what happens. Is this the correct behavior? Shouldn't the fstab file be read completely once and not twice?