Using GPT labels in rc.conf's geli_devices and geli_flags

Chris Stankevitz chris at
Fri Sep 30 00:06:01 UTC 2016


My system has a zroot which holds the OS and 36 zfs 'data drives' (in 3 
pools) which are not required for booting.  Never are all of the data 
drives are in the system at the same time.  One zpool is always exported 
(and removed).  The /dev/da* device names are changing all the time so I 
use GPT labels keep everything organized.

Each data drive contains one large GPT partition which is labeled with 
the serial number of the drive.  They appear as /dev/gpt/ABCD, 
/dev/gpt/WXYZ, etc.

I use geli to encrypt these partitions.  The decrypted partitions appear 
as /dev/gpt/ABCD.eli etc.


Q1: How do I specify the encrypted "providers" in rc.conf's geli_devices 

Q2: How do I specify the geli flags in rc.conf?

My Guesses:

A1: geli_devices="/dev/gpt/ABCD /dev/gpt/WXYZ"

A2: geli_/dev/gpt/ABCD_flags="-k /root/ABCD.key" (I'm sure this is wrong)

Thank you,


More information about the freebsd-questions mailing list