Booting a GELI encrypted hard disk
Oliver Fromme
olli at lurza.secnetix.de
Thu Oct 25 08:59:20 PDT 2007
Pawel Jakub Dawidek wrote:
> On Thu, Oct 25, 2007 at 03:53:34PM +0200, Oliver Fromme wrote:
> > Are you saying that the USB pen-drive can be removed while
> > the system is running (after it has booted)? I remember
> > that it was impossible in the past to remove the root vnode
> > (which in this case would be the /boot file system from the
> > pen-drive). Did that change recently? Or is there a way
> > to change the system's root vnode from the pen-drive to the
> > root file system on the encrypted disk? If so, then how?
>
> The boot directory is different that root file system. /boot/ directory
> is only accessed by loader before root file system is mounted.
Ah, right. I forgot that the /boot directory is only
accessed by the boot blocks and loader(8) during boot,
but not by the kernel, so it isn't actually mounted.
Once the kernel mounts its root file system, it will
be the "real" one from the encrypted disk.
Thanks for clearing up my confusion.
Best regards
Oliver
--
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart
FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd
"That's what I love about GUIs: They make simple tasks easier,
and complex tasks impossible."
-- John William Chambless
More information about the freebsd-questions
mailing list