Where and when /etc/fstab is checking during boot
Robert Simmons
rsimmons0 at gmail.com
Mon Mar 5 15:28:05 UTC 2012
On Mon, Mar 5, 2012 at 4:14 AM, Gary Jennejohn
<gljennjohn at googlemail.com> wrote:
> On Sun, 4 Mar 2012 19:32:36 -0500
> Robert Simmons <rsimmons0 at gmail.com> wrote:
>
>> I've just finished working though building a FreeBSD box with an
>> encrypted root partition as mentioned in the geli(8) man page: "Ask
>> for the passphrase on boot, before the root partition is mounted.
>> This makes it possible to use an encrypted root partition. One will
>> still need bootable unencrypted storage with a /boot/ directory, which
>> can be a CD-ROM disc or USB pen-drive, that can be removed after
>> boot."
>>
>> I've noticed something quite interesting about the way that fstab is
>> read during boot. If you follow the instructions exactly as they are
>> written in the geli(8) man page you soon discover that you also must
>> have an /etc/fstab file in that same unencrypted partition. But this
>> need not be the complete fstab file. It only needs to have the one
>> line that describes /.
>>
>> Later, after the encrypted partition is mounted, the /etc/fstab inside
>> the encrypted partition is then read and all other partitions listed
>> in fstab are mounted as written there.
>>
>> I've tested this by putting empty fstabs and fstabs with just the line
>> for / in both locations and booting to see what happens.
>>
>> Is this the correct behavior? Shouldn't the fstab file be read
>> completely once and not twice?
>>
>
> man 5 fstab
>
> It isn't explicitly stated, but implied, that fsck(8), mount(8) and
> umount(8) parse fstab every time they're invoked.
>
> It's a feature.
Got it. I will submit a patch for the geli(8) man page to include
that /etc/fstab needs to exist on the unencrypted volume as well as
/boot for an encrypted root partition to work properly (as I have
gather through trial and error).
More information about the freebsd-hackers
mailing list