[CFT] Patch to bsdinstall to support root-on-ZFS and GELI

Allan Jude freebsd at allanjude.com
Wed Oct 9 17:46:54 UTC 2013


On 2013-10-09 13:21, Teske, Devin wrote:
> On Oct 8, 2013, at 8:49 PM, Allan Jude wrote:
>
>> On 2013-10-07 15:59, Allan Jude wrote:
>>> Devin Teske and I have been working on a big patch to bsdinstall to
>>> implement installing on a ZFS pool. It supports both GPT and MBR, the 4k
>>> sector gnop trick, and optional GELI encryption. We would like to commit
>>> this in time for 10.0-BETA1 so it needs some testing to work out any
>>> obvious bugs before we send it off to re@ to get it committed.
>>>
>>> It includes a single configuration menu that allows you to select all of
>>> the required details, including which drives to use (gets details from
>>> camcontrol, also includes an inspection utility that presents the
>>> detailed output of camcontrol inquiry/identify, and gpart show), what
>>> ZFS RAID level to use (taking in to consideration the selected number of
>>> drives), GPT/mbr, 4k YES/no, GELI yes/NO, pool name, etc.
>>>
>>>
>>> Additional, it includes some other changes to bsdinstall:
>>> 1. Change the default to the 'non-standard keyboard mapping' prompt to no
>>> 2. Replace the 3 separate dialogs to configure an ipv4 address with just 1
>>> 3. Remove the dialog asking if you wish to enable crash dumps, this
>>> feature has been combined into the regular 'services to enable' dialog
>>> and enabled by default
>>>
>>>
>>> You can browse the patches here:
>>> http://druidbsd.cvs.sf.net/viewvc/druidbsd/bsdinstall_zfs/
>>>
>>> I've built a bootonly.iso (10.0-ALPHA4) to make testing easier,
>>> available compressed (48 MB) or uncompressed (211 MB):
>>>
>>> http://www.allanjude.com/bsd/zfsbootonly_2013-10-06.iso.xz
>>>
>>> http://www.allanjude.com/bsd/zfsbootonly_2013-10-06.iso
>>>
>>>
>>> We look forward to your feedback
>>>
>> We've made more improvements, including corporating most all of the
>> feedback we've gotten so far
>>
>>
>> Outstanding items:
>> 1. Apply the changes to ipv6 config the way we did ipv4
>> 2. improve disk identification (model info and serial # instead of one
>> or the other)
>> 3. Include a helpful message before the GELI step where you have to
>> enter your password many times, the user will be less confused if it is
>> explained why they have to enter their password 3 * number of disks times
> I'm hopeful that we can script the application of a password that we
> first prompt for.
>
> What tool is prompting for a password? Can we not just provide an answer
> on stdin? (e.g., echo "$pass" | tool_that_needs_pass)
>
It is 'geli create' and 'geli attach'. I am not sure if we want to have
the password show up in the process list (obviously in the installer
this is less of an issue, but)

>
>> 4. Validate vdev type choice inside the vdev type menu, and warn the
>> user if they have made an invalid selection, so they can add more disks
>> or chance their selection, without having to try to start the
>> installation first
> This will be done with fanciness ;D (read: ... --and-widget --infobox ... and
> sundry smartness; retaining as much as possible the ability to do things
> out of order but never arise at a point of astonishment).
>

I don't think we need --and-widget, just in the function where we apply
the results of the menu selection, we can add a regular --msgbox telling
them that their config won't work, and they need to either select more
drives or a different vdev type

>> 5. Whatever else you guys find wrong tonight
>>
>> I generated new test images, and attached the patch (which got REALLY
>> big when Devin Teske decided to fix "all of the things":
>>
> And then I merged "all of the things" into HEAD, so the patch-set shrunk
> back to its normal size. Now we have global exit codes which will make
> merging of code that is based off of Thomas Dickey's samples easier.

I am glad to see all of the good ideas, and plans to make everything
wonderful, but my biggest concern is getting this over to re@ so it can
get in to 10.0-BETA1, the deadline for which is looming (like, tomorrow
I think).

As such, I have rolled back the patches to netconfig and netconfig_ipv4
(my stuff to reduce the number of dialogs to configure ipv4, it posed
some problems with the possible usage of xdialog, and didn't actually
offer an option to 'cancel'). I kept Warren's netconfig wireless patch

This leaves the only real outstanding problem the keymap thing. I
propose changing it from a yes/no/other to a --menu, and hopefully we
can find the bug with the display name, or just make it show the keymap
name instead.



-- 
Allan Jude



More information about the freebsd-current mailing list