From owner-freebsd-questions@freebsd.org  Fri Sep 30 00:06:00 2016
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E8525C02A4C
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Fri, 30 Sep 2016 00:06:00 +0000 (UTC)
 (envelope-from chris@stankevitz.com)
Received: from mango.stankevitz.com (mango.stankevitz.com [208.79.93.194])
 by mx1.freebsd.org (Postfix) with ESMTP id D9499D91
 for <freebsd-questions@freebsd.org>; Fri, 30 Sep 2016 00:06:00 +0000 (UTC)
 (envelope-from chris@stankevitz.com)
Received: from Chriss-MacBook-Pro.local (209-203-101-124.static.twtelecom.net
 [209.203.101.124])
 by mango.stankevitz.com (Postfix) with ESMTPSA id C5CDD3C1E2
 for <freebsd-questions@freebsd.org>; Thu, 29 Sep 2016 17:05:53 -0700 (PDT)
From: Chris Stankevitz <chris@stankevitz.com>
Subject: Using GPT labels in rc.conf's geli_devices and geli_flags
To: FreeBSD Questions <freebsd-questions@freebsd.org>
Message-ID: <aa8ed612-0626-3a62-d624-b007745b00aa@stankevitz.com>
Date: Thu, 29 Sep 2016 17:05:53 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0)
 Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Sep 2016 00:06:01 -0000

Hi,

My system has a zroot which holds the OS and 36 zfs 'data drives' (in 3 
pools) which are not required for booting.  Never are all of the data 
drives are in the system at the same time.  One zpool is always exported 
(and removed).  The /dev/da* device names are changing all the time so I 
use GPT labels keep everything organized.

Each data drive contains one large GPT partition which is labeled with 
the serial number of the drive.  They appear as /dev/gpt/ABCD, 
/dev/gpt/WXYZ, etc.

I use geli to encrypt these partitions.  The decrypted partitions appear 
as /dev/gpt/ABCD.eli etc.

Questions:

Q1: How do I specify the encrypted "providers" in rc.conf's geli_devices 
variable?

Q2: How do I specify the geli flags in rc.conf?

My Guesses:

A1: geli_devices="/dev/gpt/ABCD /dev/gpt/WXYZ"

A2: geli_/dev/gpt/ABCD_flags="-k /root/ABCD.key" (I'm sure this is wrong)

Thank you,

Chris