Where and when /etc/fstab is checking during boot

Robert Simmons rsimmons0 at gmail.com
Mon Mar 5 15:28:05 UTC 2012

On Mon, Mar 5, 2012 at 4:14 AM, Gary Jennejohn
<gljennjohn at googlemail.com> wrote:
> On Sun, 4 Mar 2012 19:32:36 -0500
> Robert Simmons <rsimmons0 at gmail.com> wrote:
>> I've just finished working though building a FreeBSD box with an
>> encrypted root partition as mentioned in the geli(8) man page: "Ask
>> for the passphrase on boot, before the root partition is mounted.
>> This makes it possible to use an encrypted root partition.  One will
>> still need bootable unencrypted storage with a /boot/ directory, which
>> can be a CD-ROM disc or USB pen-drive, that can be removed after
>> boot."
>> I've noticed something quite interesting about the way that fstab is
>> read during boot.  If you follow the instructions exactly as they are
>> written in the geli(8) man page you soon discover that you also must
>> have an /etc/fstab file in that same unencrypted partition.  But this
>> need not be the complete fstab file.  It only needs to have the one
>> line that describes /.
>> Later, after the encrypted partition is mounted, the /etc/fstab inside
>> the encrypted partition is then read and all other partitions listed
>> in fstab are mounted as written there.
>> I've tested this by putting empty fstabs and fstabs with just the line
>> for / in both locations and booting to see what happens.
>> Is this the correct behavior?  Shouldn't the fstab file be read
>> completely once and not twice?
> man 5 fstab
> It isn't explicitly stated, but implied, that fsck(8), mount(8) and
> umount(8) parse fstab every time they're invoked.
> It's a feature.

Got it.  I will submit a patch for the geli(8) man page to include
that /etc/fstab needs to exist on the unencrypted volume as well as
/boot for an encrypted root partition to work properly (as I have
gather through trial and error).

More information about the freebsd-hackers mailing list