From owner-svn-src-head@FreeBSD.ORG Sun Jan 18 05:05:00 2015 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E6C0D314 for ; Sun, 18 Jan 2015 05:05:00 +0000 (UTC) Received: from anubis.delphij.net (anubis.delphij.net [IPv6:2001:470:1:117::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "anubis.delphij.net", Issuer "StartCom Class 1 Primary Intermediate Server CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id CA901A12 for ; Sun, 18 Jan 2015 05:05:00 +0000 (UTC) Received: from Xins-MBP.home.us.delphij.net (c-24-5-244-32.hsd1.ca.comcast.net [24.5.244.32]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by anubis.delphij.net (Postfix) with ESMTPSA id E5CD92113; Sat, 17 Jan 2015 21:04:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=delphij.net; s=anubis; t=1421557499; x=1421571899; bh=WfVWdn2/PdGQhVZycWHLWKEj2SNS4arBAXrxZhSaPoA=; h=Date:From:To:Subject:References:In-Reply-To; b=a9A5xUgXHNL7CwAQw83MjsXRrKr1i7lEnOaL72XjuazqgJROVy0f7LkfpVEIj8wuC yuG8cpYa2VRS3oGi2xVMIl9HYan5InHfvZAckcvrRVjS5X/NxoiPkziqpkW5WIzMMS Mzt0JFuhys/AeTm5k8syuNwoFRlYFzYdMwfi4Qb4= Message-ID: <54BB3EF9.2080701@delphij.net> Date: Sat, 17 Jan 2015 21:04:57 -0800 From: Xin Li User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.4.0 MIME-Version: 1.0 To: Steven Hartland , d@delphij.net, svn-src-head@freebsd.org Subject: Re: svn commit: r276123 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs References: <201412230931.sBN9VPMK017968@svn.freebsd.org> <54A35B88.9090102@delphij.net> <54A39153.8040905@freebsd.org> <54A3ACEF.70905@delphij.net> <54A5AC21.5070802@multiplay.co.uk> <54A6DB61.9060607@delphij.net> <54BB2EBB.3090006@multiplay.co.uk> In-Reply-To: <54BB2EBB.3090006@multiplay.co.uk> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jan 2015 05:05:01 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 1/17/15 19:55, Steven Hartland wrote: > > On 02/01/2015 17:54, Xin Li wrote: >> Yes, this fixes the problem, thanks for working on it. I'm not >> fully convinced with the approach though -- shouldn't we update >> the cachefile (again) when the pool become available? > Just been looking at this again and when I import a pool which was > previously unavailable it does write the cache file out. Well technically it's not an explicit import: the encrypted devices do not exist at the time the system boots (when zfs tries to update the cache file, it would not "see" the devices), but they would appear before 'zfs mount -va' runs by /etc/rc.d/zfs. > Do you have some basic reproduction steps for your setup where it > isn't? Yes, it's mostly: - Create an encrypted GELI provider that is protected by key (or passphrase, or both, this shouldn't matter). - Configure in /etc/rc.conf, something like: geli_devices="ada1" geli_default_flags="-k /keys/geli.key -p" geli_autodetach="NO" - Create a pool with ada1.eli (the encrypted provider). - Reboot twice. Cheers, -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJUuz74AAoJEJW2GBstM+nscTwP/jL0rCoamjondX6TXC3uNfKI LoAWOd5++cBcI8/4iBDx8xLF4bZ3lUayP1hAP6i1QTrhV6Ba3l629M49CjADueIx lyrcUvRXfwanb1a7WQGBMr238AF3H0PAlrdeX3szCQT9FYFWKe+kCD24EeKzs6QL CJxewl/5o05Pv3zF/sjbpLC/hgFpqUFreSgN40ohrhMVbTzl45dLy49gwbRuDF5K WQfmWJAL6JnUySobalWcTIkZCZARphyWwMnhjNeswAZnCMbvJXp0nHWbtl7CTven ptvBfJ3phcR9tqGGtInUhS63wrO6PAHxQ+2drsW5nbJOqLFgWyP5ngxyWqQIkYs5 BISR7xBabwMyBlZK9hyKYT29p/aTwTUn1iy51m/KY5soSnyzDE9OSwJqOvLXwQiJ +uG9y7RT3PFqLWYQ5wJiDRt2WwC+GFkK6q6KHoa3I2ox0ohP3Gv8beGI35n3Xxa5 aslCs4cDJaIueaRpDQPdvWmH6qky4dfbsVEDOSSzmXSJA84UVSh8KdXMrfPVFnXT LAK5ocE4nfxLQsaOGl8RzKJHzjhrsqaWoVoMfviVyTVUQ69PZHoRDH7vUOBn8pQx YsZT+XkruHscqTPDAbpJn9Jxxkx5A/xnPW0yE+j/Uyn5im/SOdlqDCjzXw1SrUTq CRB8sixwPgjDJP95oOrp =Yhmr -----END PGP SIGNATURE-----