Date: Mon, 5 Mar 2012 10:28:04 -0500 From: Robert Simmons <rsimmons0@gmail.com> To: freebsd-hackers@freebsd.org Subject: Re: Where and when /etc/fstab is checking during boot Message-ID: <CA%2BQLa9A-XUc0HubSdyRNCsWk-=UmeGu7jmWp=eBTNutbUAP-wA@mail.gmail.com> In-Reply-To: <20120305101429.59f23f86@ernst.jennejohn.org> References: <CA%2BQLa9B8y7_2wB-7gUZft95O%2BWMYYEArLBRn0DG6fAUFJ%2BszMg@mail.gmail.com> <20120305101429.59f23f86@ernst.jennejohn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Mar 5, 2012 at 4:14 AM, Gary Jennejohn <gljennjohn@googlemail.com> wrote: > On Sun, 4 Mar 2012 19:32:36 -0500 > Robert Simmons <rsimmons0@gmail.com> wrote: > >> I've just finished working though building a FreeBSD box with an >> encrypted root partition as mentioned in the geli(8) man page: "Ask >> for the passphrase on boot, before the root partition is mounted. >> This makes it possible to use an encrypted root partition. =A0One will >> still need bootable unencrypted storage with a /boot/ directory, which >> can be a CD-ROM disc or USB pen-drive, that can be removed after >> boot." >> >> I've noticed something quite interesting about the way that fstab is >> read during boot. =A0If you follow the instructions exactly as they are >> written in the geli(8) man page you soon discover that you also must >> have an /etc/fstab file in that same unencrypted partition. =A0But this >> need not be the complete fstab file. =A0It only needs to have the one >> line that describes /. >> >> Later, after the encrypted partition is mounted, the /etc/fstab inside >> the encrypted partition is then read and all other partitions listed >> in fstab are mounted as written there. >> >> I've tested this by putting empty fstabs and fstabs with just the line >> for / in both locations and booting to see what happens. >> >> Is this the correct behavior? =A0Shouldn't the fstab file be read >> completely once and not twice? >> > > man 5 fstab > > It isn't explicitly stated, but implied, that fsck(8), mount(8) and > umount(8) parse fstab every time they're invoked. > > It's a feature. Got it. I will submit a patch for the geli(8) man page to include that /etc/fstab needs to exist on the unencrypted volume as well as /boot for an encrypted root partition to work properly (as I have gather through trial and error).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BQLa9A-XUc0HubSdyRNCsWk-=UmeGu7jmWp=eBTNutbUAP-wA>