[patch] savecore can't create dump from encrypted swap
    Gleb Kurtsou 
    gleb.kurtsou at gmail.com
       
    Sun Apr 27 12:54:53 UTC 2008
    
    
  
Issue was mentioned recently on stable@
http://docs.freebsd.org/cgi/mid.cgi?47F548D9.8060905
The problem is in order of rc.d scripts.  After encswap finishes it's
impossible to open original (not encrypted) swap device for write so
savecore fails.
The following patch adds 'encswap' target to be run after 'disks' but
before 'swap1'. With the patch order of scripts becomes:
dumpon
geli
savecore
encswap
swap1
instead of:
dumpon
geli
encswap
swap1
savecore
The problem is that savecore looses ability to use syslog. You still get
messages on console. The only solution I see is to use some hackery
magic to inject log messages into kern.msgbuf with the help of
/dev/console. I'm not sure it's really needed.
diff -ur rc.d.orig/encswap rc.d/encswap
--- rc.d.orig/encswap	2008-04-27 14:53:38.000000000 +0300
+++ etc/rc.d/encswap	2008-04-27 14:53:27.000000000 +0300
@@ -4,7 +4,7 @@
 #
 
-# PROVIDE: disks
-# REQUIRE: initrandom
+# PROVIDE: encswap
+# REQUIRE: initrandom disks
 # KEYWORD: nojail
 
 . /etc/rc.subr
diff -ur rc.d.orig/savecore rc.d/savecore
--- rc.d.orig/savecore	2008-04-27 14:53:38.000000000 +0300
+++ etc/rc.d/savecore	2008-04-27 14:53:27.000000000 +0300
@@ -4,8 +4,7 @@
 #
 
 # PROVIDE: savecore
-# REQUIRE: syslogd
-# BEFORE:  SERVERS
+# BEFORE:  encswap
 # KEYWORD: nojail
 
 . /etc/rc.subr
diff -ur rc.d.orig/swap1 rc.d/swap1
--- rc.d.orig/swap1	2008-04-27 14:53:38.000000000 +0300
+++ etc/rc.d/swap1	2008-04-27 14:53:27.000000000 +0300
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: localswap
-# REQUIRE: disks
+# REQUIRE: encswap disks
 # KEYWORD: nojail shutdown
 
 . /etc/rc.subr
    
    
More information about the freebsd-hackers
mailing list