From owner-freebsd-questions@FreeBSD.ORG Mon Mar 10 05:47:35 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A55E21F5 for ; Mon, 10 Mar 2014 05:47:35 +0000 (UTC) Received: from holgerdanske.com (holgerdanske.com [184.105.128.27]) by mx1.freebsd.org (Postfix) with SMTP id 90718783 for ; Mon, 10 Mar 2014 05:47:35 +0000 (UTC) Received: from ::ffff:184.23.143.12 ([184.23.143.12]) by holgerdanske.com for ; Sun, 9 Mar 2014 22:47:27 -0700 Message-ID: <531D51EF.1080804@holgerdanske.com> Date: Sun, 09 Mar 2014 22:47:27 -0700 From: David Christensen User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131104 Icedove/17.0.10 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: FreeBSD 10 installer and ZFS root References: <53197EF6.4070902@holgerdanske.com> <5319913D.4040207@infracaninophile.co.uk> <10334f5b74b05d9445d071bd08f73a24@dweimer.net> <531A0A0B.3010902@holgerdanske.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Mar 2014 05:47:35 -0000 freebsd-questions: I am testing FreeBSD-10.0-RELEASE-amd64-dvd1.iso on a system with: Intel D945GTPLKR motherboard Intel Pentium 4 640 processor 4 GB RAM Maxtor 5T030H3 30 GB EIDE hard drive I have installed FreeBSD using the encrypted ZFS root option, similar to the screenshot at the bottom of: http://www.bsdnow.tv/tutorials/fde Except that I set Partition Scheme to "MBR" and Swap Size to "4g". Question -- do I need to make swap size equal to or larger than RAM? The system boots and appears to work. Do I understand the following correctly? 1. root@p43200:~ # gpart show -p => 63 60030369 ada0 MBR (29G) 63 60030369 ada0s1 freebsd [active] (29G) => 0 60030369 ada0s1 BSD (29G) 0 4194304 ada0s1a freebsd-zfs (2.0G) 4194304 8388608 ada0s1b freebsd-swap (4.0G) 12582912 47447457 ada0s1d freebsd-zfs (23G) The disk has an MBR partition table and yields five GEOM providers -- ada0, ada0s1, ada0s1a, ada0s1b, and adas1d: ada0 is the raw block device. ada0s1 is a primary partition table entry pointing to an extended partition table. The extended partition table contains partitions ada0s1a, ada0s1b, and ada0s1d. Question -- can I adjust the size of ada0s1a and ada0s1d during installation? 2. root@p43200:~ # swapinfo Device 1K-blocks Used Avail Capacity /dev/ada0s1b 4194304 0 4194304 0% ada0s1b is used for swap. swap is unencrypted. Question -- can I arrange for swap to be encrypted during installation? Question -- if not, is section 18.15 of the FreeBSD handbook correct for FreeBSD 10? http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/swap-encrypting.html E.g. to encrypt swap using a one-time random key at boot, add the following line, or something similar per geli(8), to /etc/rc.conf: geli_swap_flags="-e blowfish -l 128 -s 4096 -d" 3. root@p43200:~ # zpool list -v NAME SIZE ALLOC FREE CAP DEDUP HEALTH ALTROOT bootpool 1.98G 447M 1.55G 21% 1.00x ONLINE - ada0s1a 1.98G 447M 1.55G - zroot 22.5G 1.73G 20.8G 7% 1.00x ONLINE - ada0s1d.eli 22.5G 1.73G 20.8G - There are two ZFS pools, bootpool and zroot. bootpool is based upon ada0s1a. zroot is based upon ada0s1d.eli. Question -- can I set ZFS pool options for bootpool and zroot during installation? 4. root@p43200:~ # zfs list -r -t all bootpool NAME USED AVAIL REFER MOUNTPOINT bootpool 447M 1.52G 446M /bootpool bootpool has only the default file system. Question -- can I set ZFS file system options for bootpool during installation? 5. root@p43200:~ # geli list Geom name: ada0s1d.eli State: ACTIVE EncryptionAlgorithm: AES-XTS KeyLength: 256 Crypto: software Version: 7 UsedKey: 0 Flags: BOOT KeysAllocated: 6 KeysTotal: 6 Providers: 1. Name: ada0s1d.eli Mediasize: 24293097472 (23G) Sectorsize: 4096 Mode: r1w1e1 Consumers: 1. Name: ada0s1d Mediasize: 24293097984 (23G) Sectorsize: 512 Stripesize: 0 Stripeoffset: 2147515904 Mode: r1w1e1 ada0s1d is consumed by geom_eli (GELI) and yields provider ada0s1d.eli. Question -- can I set encryption options for ada0s1d.eli during installation? 6. root@p43200:~ # zfs list -r -t all zroot NAME USED AVAIL REFER MOUNTPOINT zroot 1.73G 20.4G 144K none zroot/ROOT 411M 20.4G 144K none zroot/ROOT/default 411M 20.4G 411M / zroot/tmp 176K 20.4G 176K /tmp zroot/usr 1.33G 20.4G 144K /usr zroot/usr/home 144K 20.4G 144K /usr/home zroot/usr/ports 813M 20.4G 813M /usr/ports zroot/usr/src 545M 20.4G 545M /usr/src zroot/var 1.31M 20.4G 688K /var zroot/var/crash 148K 20.4G 148K /var/crash zroot/var/log 212K 20.4G 212K /var/log zroot/var/mail 144K 20.4G 144K /var/mail zroot/var/tmp 152K 20.4G 152K /var/tmp zroot has many file systems. Question -- can I set ZFS file system options during installation? TIA, David