Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 5 Mar 2012 10:28:04 -0500
From:      Robert Simmons <rsimmons0@gmail.com>
To:        freebsd-hackers@freebsd.org
Subject:   Re: Where and when /etc/fstab is checking during boot
Message-ID:  <CA%2BQLa9A-XUc0HubSdyRNCsWk-=UmeGu7jmWp=eBTNutbUAP-wA@mail.gmail.com>
In-Reply-To: <20120305101429.59f23f86@ernst.jennejohn.org>
References:  <CA%2BQLa9B8y7_2wB-7gUZft95O%2BWMYYEArLBRn0DG6fAUFJ%2BszMg@mail.gmail.com> <20120305101429.59f23f86@ernst.jennejohn.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Mar 5, 2012 at 4:14 AM, Gary Jennejohn
<gljennjohn@googlemail.com> wrote:
> On Sun, 4 Mar 2012 19:32:36 -0500
> Robert Simmons <rsimmons0@gmail.com> wrote:
>
>> I've just finished working though building a FreeBSD box with an
>> encrypted root partition as mentioned in the geli(8) man page: "Ask
>> for the passphrase on boot, before the root partition is mounted.
>> This makes it possible to use an encrypted root partition. =A0One will
>> still need bootable unencrypted storage with a /boot/ directory, which
>> can be a CD-ROM disc or USB pen-drive, that can be removed after
>> boot."
>>
>> I've noticed something quite interesting about the way that fstab is
>> read during boot. =A0If you follow the instructions exactly as they are
>> written in the geli(8) man page you soon discover that you also must
>> have an /etc/fstab file in that same unencrypted partition. =A0But this
>> need not be the complete fstab file. =A0It only needs to have the one
>> line that describes /.
>>
>> Later, after the encrypted partition is mounted, the /etc/fstab inside
>> the encrypted partition is then read and all other partitions listed
>> in fstab are mounted as written there.
>>
>> I've tested this by putting empty fstabs and fstabs with just the line
>> for / in both locations and booting to see what happens.
>>
>> Is this the correct behavior? =A0Shouldn't the fstab file be read
>> completely once and not twice?
>>
>
> man 5 fstab
>
> It isn't explicitly stated, but implied, that fsck(8), mount(8) and
> umount(8) parse fstab every time they're invoked.
>
> It's a feature.

Got it.  I will submit a patch for the geli(8) man page to include
that /etc/fstab needs to exist on the unencrypted volume as well as
/boot for an encrypted root partition to work properly (as I have
gather through trial and error).



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BQLa9A-XUc0HubSdyRNCsWk-=UmeGu7jmWp=eBTNutbUAP-wA>