From owner-freebsd-questions@FreeBSD.ORG Sun Mar 24 13:42:58 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 93BF0D58 for ; Sun, 24 Mar 2013 13:42:58 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay05.ispgateway.de (smtprelay05.ispgateway.de [80.67.31.97]) by mx1.freebsd.org (Postfix) with ESMTP id 2BD8FB1D for ; Sun, 24 Mar 2013 13:42:57 +0000 (UTC) Received: from [84.44.209.129] (helo=fabiankeil.de) by smtprelay05.ispgateway.de with esmtpsa (SSLv3:AES128-SHA:128) (Exim 4.68) (envelope-from ) id 1UJl9B-0002f5-GF; Sun, 24 Mar 2013 14:39:41 +0100 Date: Sun, 24 Mar 2013 14:37:24 +0100 From: Fabian Keil To: Stephan Schindel Subject: Re: Attaching GELI device on boot Message-ID: <20130324143724.61268ca2@fabiankeil.de> In-Reply-To: <514D98BF.7090202@tp1.rub.de> References: <514D98BF.7090202@tp1.rub.de> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/MQdrupzwj385m4N4SLKpiTU"; protocol="application/pgp-signature" X-Df-Sender: Nzc1MDY3 Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: freebsd-questions@freebsd.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Mar 2013 13:42:58 -0000 --Sig_/MQdrupzwj385m4N4SLKpiTU Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Stephan Schindel wrote: > i've got a problem attaching a geli device on boot. My setup: >=20 > ada0 and ada1 full geli setup (no partition schemes). ZFS on both. ada0 > is my root device. I can boot into the system there is no problem with > it. But now I want to attach ada1 on boot as well using a single > keyfile. My rc.conf looks like this: >=20 > ... > geli_autodetach=3D"NO" > geli_devices=3D"ada1" > geli_ada1_flags=3D"-p -k /root/ada1.key" > ... >=20 > The problem is that geli does not want to attach the device at first. It > claims about (missing?) metadata and inappropriate file format (I dont > know where geli logs this). It tries to attach the device 3 times which > is the default option with no success. Are you sure that "It" is the geli rc script and not the kernel itself which could happen if the BOOT flag was set on ada1. You can increase the geli log level with kern.geom.eli.debug. For details see "man geli". > BUT once the system is booted up and I can login, I can manually start >=20 > /etc/rc.d/geli onestart >=20 > and it will successfully attach the device. Does this result in the "Configuring Disk Encryption for ..." message? > So configuration seems to be > fine, only the order the services started seems to be wrong (e.g. devd > is being started AFTER geli tries to attach the device, why??) devd is supposed to be started between geli and geli2: fk@r500 ~ $rcorder /etc/rc.d/* | egrep devd\|geli /etc/rc.d/geli /etc/rc.d/devd /etc/rc.d/geli2 > Also there is a problem with sabnzbd which is being started before the > network is set-up, which is wrong as well. That seems to be an unrelated problem so probably it belongs in a different thread. I don't use sabnzbd and thus have no opinion on this. Fabian --Sig_/MQdrupzwj385m4N4SLKpiTU Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlFPAZkACgkQBYqIVf93VJ1UqACeO05887w2ZN3pOqPBhVCQwr7d QhwAoJJo0oTGRhE8fF4BeUedhkAikj81 =109Z -----END PGP SIGNATURE----- --Sig_/MQdrupzwj385m4N4SLKpiTU--