Date: Sun, 24 Mar 2013 14:37:24 +0100 From: Fabian Keil <freebsd-listen@fabiankeil.de> To: Stephan Schindel <sts@tp1.rub.de> Cc: freebsd-questions@freebsd.org Subject: Re: Attaching GELI device on boot Message-ID: <20130324143724.61268ca2@fabiankeil.de> In-Reply-To: <514D98BF.7090202@tp1.rub.de> References: <514D98BF.7090202@tp1.rub.de>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/MQdrupzwj385m4N4SLKpiTU Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Stephan Schindel <sts@tp1.rub.de> wrote: > i've got a problem attaching a geli device on boot. My setup: >=20 > ada0 and ada1 full geli setup (no partition schemes). ZFS on both. ada0 > is my root device. I can boot into the system there is no problem with > it. But now I want to attach ada1 on boot as well using a single > keyfile. My rc.conf looks like this: >=20 > ... > geli_autodetach=3D"NO" > geli_devices=3D"ada1" > geli_ada1_flags=3D"-p -k /root/ada1.key" > ... >=20 > The problem is that geli does not want to attach the device at first. It > claims about (missing?) metadata and inappropriate file format (I dont > know where geli logs this). It tries to attach the device 3 times which > is the default option with no success. Are you sure that "It" is the geli rc script and not the kernel itself which could happen if the BOOT flag was set on ada1. You can increase the geli log level with kern.geom.eli.debug. For details see "man geli". > BUT once the system is booted up and I can login, I can manually start >=20 > /etc/rc.d/geli onestart >=20 > and it will successfully attach the device. Does this result in the "Configuring Disk Encryption for ..." message? > So configuration seems to be > fine, only the order the services started seems to be wrong (e.g. devd > is being started AFTER geli tries to attach the device, why??) devd is supposed to be started between geli and geli2: fk@r500 ~ $rcorder /etc/rc.d/* | egrep devd\|geli /etc/rc.d/geli /etc/rc.d/devd /etc/rc.d/geli2 > Also there is a problem with sabnzbd which is being started before the > network is set-up, which is wrong as well. That seems to be an unrelated problem so probably it belongs in a different thread. I don't use sabnzbd and thus have no opinion on this. Fabian --Sig_/MQdrupzwj385m4N4SLKpiTU Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlFPAZkACgkQBYqIVf93VJ1UqACeO05887w2ZN3pOqPBhVCQwr7d QhwAoJJo0oTGRhE8fF4BeUedhkAikj81 =109Z -----END PGP SIGNATURE----- --Sig_/MQdrupzwj385m4N4SLKpiTU--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130324143724.61268ca2>