Booting a GELI encrypted hard disk

Steve Bertrand iaccounts at ibctech.ca
Thu Oct 25 11:05:15 PDT 2007


Oliver Fromme wrote:
> Steve Bertrand wrote:
>  > I haven't tried it yet, but I don't think that /boot on the encrypted
>  > disk is necessary. I will rename the directory and reboot and see if it
>  > barfs.
> 
> It shouldn't be necessary.  Once the kernel is loaded, the
> system never looks at /boot again.
> 
> Unless, of course, you want to load a kernel module.  Those
> are located in /boot/kernel by default, but you can change
> the if needed (see sysctl kern.module_path).
> 
> Also, some system utilities that use KVM functions (vmstat,
> top, ps) might require access to the kernel file.  But that
> can be changed, too:  sysctl kern.bootfile.
> 
> Other than that, the /boot directory isn't used at all
> during normal operation.

This is correct, I tested it.

Also, this system (with GEOM_ELI built into kernel) successfully
upgraded from 6.2 to 7.0 with ULE scheduler enabled with no problems at all.

Cheers!

Steve



More information about the freebsd-questions mailing list