Date: Sat, 17 Jan 2015 21:04:57 -0800 From: Xin Li <delphij@delphij.net> To: Steven Hartland <steven@multiplay.co.uk>, d@delphij.net, svn-src-head@freebsd.org Subject: Re: svn commit: r276123 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs Message-ID: <54BB3EF9.2080701@delphij.net> In-Reply-To: <54BB2EBB.3090006@multiplay.co.uk> References: <201412230931.sBN9VPMK017968@svn.freebsd.org> <54A35B88.9090102@delphij.net> <54A39153.8040905@freebsd.org> <54A3ACEF.70905@delphij.net> <54A5AC21.5070802@multiplay.co.uk> <54A6DB61.9060607@delphij.net> <54BB2EBB.3090006@multiplay.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 1/17/15 19:55, Steven Hartland wrote: > > On 02/01/2015 17:54, Xin Li wrote: >> Yes, this fixes the problem, thanks for working on it. I'm not >> fully convinced with the approach though -- shouldn't we update >> the cachefile (again) when the pool become available? > Just been looking at this again and when I import a pool which was > previously unavailable it does write the cache file out. Well technically it's not an explicit import: the encrypted devices do not exist at the time the system boots (when zfs tries to update the cache file, it would not "see" the devices), but they would appear before 'zfs mount -va' runs by /etc/rc.d/zfs. > Do you have some basic reproduction steps for your setup where it > isn't? Yes, it's mostly: - Create an encrypted GELI provider that is protected by key (or passphrase, or both, this shouldn't matter). - Configure in /etc/rc.conf, something like: geli_devices="ada1" geli_default_flags="-k /keys/geli.key -p" geli_autodetach="NO" - Create a pool with ada1.eli (the encrypted provider). - Reboot twice. Cheers, -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJUuz74AAoJEJW2GBstM+nscTwP/jL0rCoamjondX6TXC3uNfKI LoAWOd5++cBcI8/4iBDx8xLF4bZ3lUayP1hAP6i1QTrhV6Ba3l629M49CjADueIx lyrcUvRXfwanb1a7WQGBMr238AF3H0PAlrdeX3szCQT9FYFWKe+kCD24EeKzs6QL CJxewl/5o05Pv3zF/sjbpLC/hgFpqUFreSgN40ohrhMVbTzl45dLy49gwbRuDF5K WQfmWJAL6JnUySobalWcTIkZCZARphyWwMnhjNeswAZnCMbvJXp0nHWbtl7CTven ptvBfJ3phcR9tqGGtInUhS63wrO6PAHxQ+2drsW5nbJOqLFgWyP5ngxyWqQIkYs5 BISR7xBabwMyBlZK9hyKYT29p/aTwTUn1iy51m/KY5soSnyzDE9OSwJqOvLXwQiJ +uG9y7RT3PFqLWYQ5wJiDRt2WwC+GFkK6q6KHoa3I2ox0ohP3Gv8beGI35n3Xxa5 aslCs4cDJaIueaRpDQPdvWmH6qky4dfbsVEDOSSzmXSJA84UVSh8KdXMrfPVFnXT LAK5ocE4nfxLQsaOGl8RzKJHzjhrsqaWoVoMfviVyTVUQ69PZHoRDH7vUOBn8pQx YsZT+XkruHscqTPDAbpJn9Jxxkx5A/xnPW0yE+j/Uyn5im/SOdlqDCjzXw1SrUTq CRB8sixwPgjDJP95oOrp =Yhmr -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54BB3EF9.2080701>