zpool-zfs'es on a GELI-encrypted volume are not mounted at boot
[patch included]
Christopher J. Ruwe
cjr at cruwe.de
Sun Jul 10 14:05:17 UTC 2011
On Sun, 10 Jul 2011 16:38:43 +0400
Pan Tsu <inyaoo at gmail.com> wrote:
> "Christopher J. Ruwe" <cjr at cruwe.de> writes:
>
> > Nearly a week ago I posted this question to freebsd-fs, but
> > probalby my question is a) worded too complicatedly, b) not really a
> > filesystem-issue or c) both.
> >
> > To rephrase: In setups requiring one or more ZFS-dataset to be
> > mounted before another service is activated (GELI in my case) and
> > the rest of the ZFS-datasets after that service is activated
> > (because they require GELI), it seems to be necessary to add a `zfs
> > mount -a` to mountcritlocal. Is this considered correct behaviour
> > and wouldn't it make sense to add such a line to mountcritlocal in
> > the standard setup?
> [...]
>
> Have you tried to set zfs_enable=YES in rc.conf? Based on rcorder(8)
> output rc.d/zfs should come just after rc.d/mountcritlocal.
zfs_enable="YES" is set. rcorder gives curious output, so maybe my etcs are wrong?
$> rcorder /etc/rc.d/zfs
rcorder: file `/etc/rc.d/zfs' is before unknown provision `mountlate'
/etc/rc.d/zfs
$> rcorder /etc/rc.d/mountcritlocal
rcorder: requirement `root' in file `/etc/rc.d/mountcritlocal' has no providers.
/etc/rc.d/mountcritlocal
However, I fear I have not made my intent clear. My boot-sequence should be as follows (intermittent steps left out):
1) mount zfs root-fs, which is on plain standard zpool A
2) unlock another, GELI-encrypted zpool B
3) mount all other fs (/usr,...), which reside on zpool B
What my system does is first to mount the fs on zpool A, then GELI-unlock and then halt because the contents of /usr are not accessible (yet)
What I want my system to do is to first mount root, then unlock GELI and then mount all other remaining fs on zpool B.
I could either mount all remaining zfs'es in mountcritlocal, which
requires another line there, which I have added locally as put in my
patch. I cannot shift the order so that GELI-unlock comes first, because
my keys for GELI reside on /boot, which resides on zpool A.
So, is my setup anything from unfortunate to plain stupid or is
mountcritlocal missing a statement catering for such cases as I
described?
Thank you for your help, cheers,
--
Christopher J. Ruwe
TZ GMT + 2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20110710/e4795cdc/signature.pgp
More information about the freebsd-questions
mailing list