From owner-freebsd-fs@FreeBSD.ORG Sun Jun 8 19:29:10 2008 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 16AFD106564A; Sun, 8 Jun 2008 19:29:10 +0000 (UTC) (envelope-from mckusick@chez.mckusick.com) Received: from chez.mckusick.com (chez.mckusick.com [64.81.247.49]) by mx1.freebsd.org (Postfix) with ESMTP id AB0F58FC19; Sun, 8 Jun 2008 19:29:09 +0000 (UTC) (envelope-from mckusick@chez.mckusick.com) Received: from chez.mckusick.com (localhost [127.0.0.1]) by chez.mckusick.com (8.14.2/8.14.2) with ESMTP id m58J4Qg7033415; Sun, 8 Jun 2008 12:04:26 -0700 (PDT) (envelope-from mckusick@chez.mckusick.com) Message-Id: <200806081904.m58J4Qg7033415@chez.mckusick.com> To: Bruce Evans Date: Sun, 08 Jun 2008 12:04:26 -0700 From: Kirk McKusick Cc: freebsd-fs@freebsd.org, Ighighi , Julian Elischer , bug-followup@freebsd.org Subject: Re: kern/122047: [ext2fs] incorrect handling of UF_IMMUTABLE / UF_APPEND, flag on EXT2FS (maybe others) X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2008 19:29:10 -0000 Bruce, I concur with your analysis of what should be done here. Disallow manipulation of UF_ flags in ext2 and restrict SF_ flags to appropriate priviledge as is done in both FreeBSD and Linux. The only debate is whether to enforce FreeBSD securelevel for ext2 which I would be inclined to do. Kirk McKusick From owner-freebsd-fs@FreeBSD.ORG Mon Jun 9 11:06:58 2008 Return-Path: Delivered-To: freebsd-fs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D9B3A106571F for ; Mon, 9 Jun 2008 11:06:58 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id C036C8FC26 for ; Mon, 9 Jun 2008 11:06:58 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m59B6wYR070731 for ; Mon, 9 Jun 2008 11:06:58 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m59B6wkV070727 for freebsd-fs@FreeBSD.org; Mon, 9 Jun 2008 11:06:58 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 9 Jun 2008 11:06:58 GMT Message-Id: <200806091106.m59B6wkV070727@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-fs@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-fs@FreeBSD.org X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jun 2008 11:06:58 -0000 Current FreeBSD problem reports Critical problems Serious problems S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/112658 fs [smbfs] [patch] smbfs and caching problems (resolves b o kern/114676 fs [ufs] snapshot creation panics: snapacct_ufs2: bad blo o kern/116170 fs [panic] Kernel panic when mounting /tmp o bin/121072 fs [smbfs] mount_smbfs(8) cannot normally convert the cha o bin/122172 fs [fs]: amd(8) automount daemon dies on 6.3-STABLE i386, o kern/122888 fs [zfs] zfs hang w/ prefetch on, zil off while running t 6 problems total. Non-critical problems S Tracker Resp. Description -------------------------------------------------------------------------------- o bin/113049 fs [patch] [request] make quot(8) use getopt(3) and show o bin/113838 fs [patch] [request] mount(8): add support for relative p o bin/114468 fs [patch] [request] add -d option to umount(8) to detach o kern/114847 fs [ntfs] [patch] [request] dirmask support for NTFS ala o kern/114955 fs [cd9660] [patch] [request] support for mask,dirmask,ui o bin/118249 fs mv(1): moving a directory changes its mtime 6 problems total. From owner-freebsd-fs@FreeBSD.ORG Tue Jun 10 08:15:36 2008 Return-Path: Delivered-To: fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 170C81065672 for ; Tue, 10 Jun 2008 08:15:36 +0000 (UTC) (envelope-from jhs@berklix.org) Received: from flat.berklix.org (flat.berklix.org [83.236.223.115]) by mx1.freebsd.org (Postfix) with ESMTP id 9843E8FC25 for ; Tue, 10 Jun 2008 08:15:35 +0000 (UTC) (envelope-from jhs@berklix.org) Received: from js.berklix.net (p549A759A.dip.t-dialin.net [84.154.117.154]) (authenticated bits=0) by flat.berklix.org (8.13.8/8.13.8) with ESMTP id m5A7qjVN046687 for ; Tue, 10 Jun 2008 09:52:47 +0200 (CEST) (envelope-from jhs@berklix.org) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by js.berklix.net (8.13.8/8.13.8) with ESMTP id m5A7rK88033416 for ; Tue, 10 Jun 2008 09:53:20 +0200 (CEST) (envelope-from jhs@berklix.org) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.13.8/8.13.8) with ESMTP id m5A7rFIY079040 for ; Tue, 10 Jun 2008 09:53:20 +0200 (CEST) (envelope-from jhs@fire.js.berklix.net) Message-Id: <200806100753.m5A7rFIY079040@fire.js.berklix.net> To: fs@freebsd.org From: "Julian Stacey" Organization: http://berklix.com BSD Linux Unix Consultancy, Munich Germany. User-agent: EXMH on FreeBSD http://berklix.com/free/ X-URL: http://berklix.com/~jhs/cv/ Date: Tue, 10 Jun 2008 09:53:15 +0200 Sender: jhs@berklix.org Cc: Subject: CFS Cryptographic file system. X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jun 2008 08:15:36 -0000 fs@freebsd, I asked on ports@ > Is there some replacement of /usr/ports/security/cfs > (encryped file system) for 7.0 ? But maybe wrong list to ask on ? Is a crypting file system being worked on for src/ somewhere ? Or is fixing ports/security/cfs the way to go ? Julian -- Julian Stacey: BSDUnixLinux C Prog Admin SysEng Consult Munich www.berklix.com Mail just Ascii plain text. HTML & Base64 text are spam. From owner-freebsd-fs@FreeBSD.ORG Tue Jun 10 11:21:23 2008 Return-Path: Delivered-To: fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DEEB31065677 for ; Tue, 10 Jun 2008 11:21:23 +0000 (UTC) (envelope-from jhs@berklix.org) Received: from flat.berklix.org (flat.berklix.org [83.236.223.115]) by mx1.freebsd.org (Postfix) with ESMTP id 08B948FC18 for ; Tue, 10 Jun 2008 11:21:22 +0000 (UTC) (envelope-from jhs@berklix.org) Received: from js.berklix.net (p549A763D.dip.t-dialin.net [84.154.118.61]) (authenticated bits=0) by flat.berklix.org (8.13.8/8.13.8) with ESMTP id m5ABLI8l049471; Tue, 10 Jun 2008 13:21:20 +0200 (CEST) (envelope-from jhs@berklix.org) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by js.berklix.net (8.13.8/8.13.8) with ESMTP id m5ABL9Cx035287; Tue, 10 Jun 2008 13:21:09 +0200 (CEST) (envelope-from jhs@berklix.org) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.13.8/8.13.8) with ESMTP id m5ABKWtY005301; Tue, 10 Jun 2008 13:20:37 +0200 (CEST) (envelope-from jhs@fire.js.berklix.net) Message-Id: <200806101120.m5ABKWtY005301@fire.js.berklix.net> To: Lorenzo Perone From: "Julian Stacey" Organization: http://berklix.com BSD Unix Linux Consultancy, Munich Germany User-agent: EXMH on FreeBSD http://berklix.com/free/ X-URL: http://berklix.com In-reply-to: Your message "Tue, 10 Jun 2008 13:11:50 +0200." Date: Tue, 10 Jun 2008 13:20:32 +0200 Sender: jhs@berklix.org Cc: fs@freebsd.org Subject: Re: CFS Cryptographic file system. X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jun 2008 11:21:24 -0000 Reference: > From: Lorenzo Perone > Date: Tue, 10 Jun 2008 13:11:50 +0200 > Message-id: Lorenzo Perone wrote: > On 10.06.2008, at 09:53, Julian Stacey wrote: > > > Is a crypting file system being worked on for src/ somewhere ? > > Did you have a look at gbde / geli? > > http://www.freebsd.org/doc/en/books/handbook/disks-encrypting.html No, (I did have a look at doc index before I posted, but I missed this). Looks like what I need. Thanks Lorenzo Julian -- Julian Stacey: BSDUnixLinux C Prog Admin SysEng Consult Munich www.berklix.com Mail just Ascii plain text. HTML & Base64 text are spam. From owner-freebsd-fs@FreeBSD.ORG Tue Jun 10 11:22:06 2008 Return-Path: Delivered-To: fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E6A711065672 for ; Tue, 10 Jun 2008 11:22:06 +0000 (UTC) (envelope-from lopez.on.the.lists@yellowspace.net) Received: from mail.yellowspace.net (mail.yellowspace.net [80.190.200.164]) by mx1.freebsd.org (Postfix) with ESMTP id 6B54B8FC12 for ; Tue, 10 Jun 2008 11:22:06 +0000 (UTC) (envelope-from lopez.on.the.lists@yellowspace.net) Received: from zeta.intranet ([88.217.69.39]) (AUTH: CRAM-MD5 lopez.on.the.lists@yellowspace.net, TLS: TLSv1/SSLv3, 128bits, AES128-SHA) by mail.yellowspace.net with esmtp; Tue, 10 Jun 2008 13:11:55 +0200 id 00330866.00000000484E617C.00009AF7 Message-Id: From: Lorenzo Perone To: Julian Stacey In-Reply-To: <200806100753.m5A7rFIY079040@fire.js.berklix.net> Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v924) Date: Tue, 10 Jun 2008 13:11:50 +0200 References: <200806100753.m5A7rFIY079040@fire.js.berklix.net> X-Mailer: Apple Mail (2.924) Cc: fs@freebsd.org Subject: Re: CFS Cryptographic file system. X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jun 2008 11:22:07 -0000 On 10.06.2008, at 09:53, Julian Stacey wrote: > Is a crypting file system being worked on for src/ somewhere ? Did you have a look at gbde / geli? http://www.freebsd.org/doc/en/books/handbook/disks-encrypting.html Regards, Lorenzo From owner-freebsd-fs@FreeBSD.ORG Wed Jun 11 01:31:27 2008 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 02971106568C for ; Wed, 11 Jun 2008 01:31:27 +0000 (UTC) (envelope-from amdmi3@amdmi3.ru) Received: from cp65.agava.net (cp65.agava.net [89.108.66.215]) by mx1.freebsd.org (Postfix) with ESMTP id AD6258FC7C for ; Wed, 11 Jun 2008 01:31:26 +0000 (UTC) (envelope-from amdmi3@amdmi3.ru) Received: from [213.148.20.85] (helo=hive.panopticon) by cp65.agava.net with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1K6EUX-0003bP-SI for freebsd-fs@freebsd.org; Wed, 11 Jun 2008 04:47:09 +0400 Received: from hades.panopticon (hades.panopticon [192.168.0.32]) by hive.panopticon (Postfix) with ESMTP id 3ADF27AB4 for ; Wed, 11 Jun 2008 04:40:46 +0400 (MSD) Received: by hades.panopticon (Postfix, from userid 1000) id B63621702D; Wed, 11 Jun 2008 04:40:19 +0400 (MSD) Date: Wed, 11 Jun 2008 04:40:19 +0400 From: Dmitry Marakasov To: freebsd-fs@freebsd.org Message-ID: <20080611004019.GA1119@hades.panopticon> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline User-Agent: Mutt/1.5.18 (2008-05-17) X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - cp65.agava.net X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [26 6] X-AntiAbuse: Sender Address Domain - amdmi3.ru X-Source: X-Source-Args: X-Source-Dir: Subject: ZFS, async-like per-filesystem option X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2008 01:31:27 -0000 Hi! There are cases when you don't care about safeness and integrity of your files at all, but still you need to store them on hdd. The example is massive ports building: I use WRKDIRPREFIX=/usr/work so all workdirs reside in the same place, and I absolutely don't care if I lose the whole directory on blackout. Still I can't use md(4) or tmpfs for it, as those are limited by memory+swap sizes, and, having 2Gb mem + 2Gb swap I'm likely to run out of space. Using ZFS for /usr/work makes my disks make horrible noise during build, and I can also guess that performance drops significantly because processes are likely to wait more time to read from disk, thus 2 CPU cures are not 100% loaded most time with 3 parallel builds. As ZFS heavily uses caching, I thought that it may be ideal solution if it had something like `async' (or more corretly, `nosync') property for filesysems. Turning it on will make specific filesystem completely ignore fsync() calls, so files will stay in memory until they are pushed out of cache by newer/more recently used/more frequently used data. That should reduce disk load, increase performance and free me from thinking how much size I need for md(4). So, my questions are: - Is something like that planned or already implemented upstream? - How hard would it be to implement it? The easy way seems to make zfs_freebsd_fsync() no-op, but I'm not sure of side-effects. The correct way I guess is to bypass ZIL conditionally. -- Dmitry A. Marakasov | jabber: amdmi3@jabber.ru amdmi3@amdmi3.ru | http://www.amdmi3.ru From owner-freebsd-fs@FreeBSD.ORG Wed Jun 11 08:19:49 2008 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 871FF106567C for ; Wed, 11 Jun 2008 08:19:49 +0000 (UTC) (envelope-from ndenev@gmail.com) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.233]) by mx1.freebsd.org (Postfix) with ESMTP id 6168B8FC1A for ; Wed, 11 Jun 2008 08:19:49 +0000 (UTC) (envelope-from ndenev@gmail.com) Received: by rv-out-0506.google.com with SMTP id b25so3607321rvf.43 for ; Wed, 11 Jun 2008 01:19:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender :to:subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references :x-google-sender-auth; bh=HL70VsJMM1OdLW/c2X7AgVPPdMG2zKAahdKPbNgLYmY=; b=tP3vsfaBL4rE6VFmvLbaGldt3Ick7Yq2ysMujv7FcjWnYWJcZByUi7Zti5RXkkx0g7 HTgF/BJWMpqGWG2H+YrPIScpHCAikdXVP221rweL+6nBKL8cIj2SxOHtCqP+osf4xRQI fzDWrf8JnYrwGy7KkD5OrfPBnzvkVad4NwWfQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references:x-google-sender-auth; b=k/yMtxMl5JGCnFyOZ8q4uiRjkinwLxdzdh9u/HIKmpf8kRGWhu9R2HEPITpt8bvEUR mEkEBzfMT27c1mVpv9Jz3HsDWD5eVxfJV9tkMFuWrTJY3G8IEzbIIlT3n/9e3kLKuLRh rhspwsOaIAl0WLXKyNTTYqc439IqbK3Flr93M= Received: by 10.115.58.1 with SMTP id l1mr6135556wak.27.1213172389159; Wed, 11 Jun 2008 01:19:49 -0700 (PDT) Received: by 10.114.161.7 with HTTP; Wed, 11 Jun 2008 01:19:49 -0700 (PDT) Message-ID: <2e77fc10806110119r39cf3725u610887954326955b@mail.gmail.com> Date: Wed, 11 Jun 2008 11:19:49 +0300 From: "Niki Denev" Sender: ndenev@gmail.com To: "Dmitry Marakasov" In-Reply-To: <20080611004019.GA1119@hades.panopticon> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20080611004019.GA1119@hades.panopticon> X-Google-Sender-Auth: 52858b36881613b3 Cc: freebsd-fs@freebsd.org Subject: Re: ZFS, async-like per-filesystem option X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2008 08:19:49 -0000 On Wed, Jun 11, 2008 at 3:40 AM, Dmitry Marakasov wrote: > Hi! > > There are cases when you don't care about safeness and integrity > of your files at all, but still you need to store them on hdd. The > example is massive ports building: I use WRKDIRPREFIX=/usr/work so > all workdirs reside in the same place, and I absolutely don't care > if I lose the whole directory on blackout. Still I can't use md(4) > or tmpfs for it, as those are limited by memory+swap sizes, and, > having 2Gb mem + 2Gb swap I'm likely to run out of space. Using > ZFS for /usr/work makes my disks make horrible noise during build, > and I can also guess that performance drops significantly because > processes are likely to wait more time to read from disk, thus 2 CPU > cures are not 100% loaded most time with 3 parallel builds. > > As ZFS heavily uses caching, I thought that it may be ideal solution > if it had something like `async' (or more corretly, `nosync') property > for filesysems. Turning it on will make specific filesystem completely > ignore fsync() calls, so files will stay in memory until they are pushed > out of cache by newer/more recently used/more frequently used data. > That should reduce disk load, increase performance and free me from > thinking how much size I need for md(4). > > So, my questions are: > - Is something like that planned or already implemented upstream? > > - How hard would it be to implement it? The easy way seems to make > zfs_freebsd_fsync() no-op, but I'm not sure of side-effects. The > correct way I guess is to bypass ZIL conditionally. > > -- > Dmitry A. Marakasov | jabber: amdmi3@jabber.ru > amdmi3@amdmi3.ru | http://www.amdmi3.ru Hi, You can try to disable ZIL with the following sysctl : vfs.zfs.zil_disable But this will disable it completely, not only for given pool/dataset Regards, Niki From owner-freebsd-fs@FreeBSD.ORG Wed Jun 11 21:52:06 2008 Return-Path: Delivered-To: fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8B847106566C for ; Wed, 11 Jun 2008 21:52:06 +0000 (UTC) (envelope-from jhs@berklix.org) Received: from flat.berklix.org (flat.berklix.org [83.236.223.115]) by mx1.freebsd.org (Postfix) with ESMTP id EE55A8FC12 for ; Wed, 11 Jun 2008 21:52:05 +0000 (UTC) (envelope-from jhs@berklix.org) Received: from js.berklix.net (p549A54EC.dip.t-dialin.net [84.154.84.236]) (authenticated bits=0) by flat.berklix.org (8.13.8/8.13.8) with ESMTP id m5BLq3Kk075849; Wed, 11 Jun 2008 23:52:04 +0200 (CEST) (envelope-from jhs@berklix.org) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by js.berklix.net (8.13.8/8.13.8) with ESMTP id m5BLpmPX048717; Wed, 11 Jun 2008 23:51:48 +0200 (CEST) (envelope-from jhs@berklix.org) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.13.8/8.13.8) with ESMTP id m5BLpFKK055158; Wed, 11 Jun 2008 23:51:35 +0200 (CEST) (envelope-from jhs@fire.js.berklix.net) Message-Id: <200806112151.m5BLpFKK055158@fire.js.berklix.net> To: Howard Goldstein , Lorenzo Perone From: "Julian Stacey" Organization: http://berklix.com BSD Unix Linux Consultancy, Munich Germany User-agent: EXMH on FreeBSD http://berklix.com/free/ X-URL: http://berklix.com In-reply-to: Your message "Wed, 11 Jun 2008 14:00:55 EDT." <485012D7.6060107@queue.to> Date: Wed, 11 Jun 2008 23:51:15 +0200 Sender: jhs@berklix.org Cc: fs@freebsd.org Subject: Re: CFS Cryptographic file system. X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2008 21:52:06 -0000 To: Howard Goldstein , Lorenzo Perone cc: fs@freebsd.org bcc: freebsd-ports@freebsd.org (bcc to avoid list dups, any follow up to fs@ I suggest) Howard Goldstein wrote: > Date: Wed, 11 Jun 2008 14:00:55 -0400 (20:00 CEST) > Cc: freebsd-ports@freebsd.org > Julian Stacey wrote: > > Is there some replacement of /usr/ports/security/cfs > > (encryped file system) for 7.0 ? > > It's not fully responsive to your question, and it's a little clunky, > but the technique at this blog entry > https://www.endries.org/josh/blog/posts/5 seems to show a way to run > geli on a file-based backingstore using the the md driver as a geom > provider. I haven't tried it. Thanks Howard, As I was in a rush & no quick reply to ports@, I posted a similar question to fs@freebsd 12 hours or so later & later replied: > > From: Lorenzo Perone > > Date: Tue, 10 Jun 2008 13:11:50 +0200 > > To: Julian Stacey > > Cc: fs@freebsd.org > > > Is a crypting file system being worked on for src/ somewhere ? > > > > Did you have a look at gbde / geli? > > > > http://www.freebsd.org/doc/en/books/handbook/disks-encrypting.html > > No, (I did have a look at doc index before I posted, but I missed this). > Looks like what I need. > Thanks Lorenzo So I did this, which worked: dd if=/dev/zero of=CRYPT_FS_IMAGE bs=10k count=50k mdconfig -a -t vnode -f CRYPT_FS_IMAGE mkdir /etc/gbde gbde init /dev/md0 -i -L /etc/gbde/md0.lock 2048 random_flush uncommented # long wait gbde attach /dev/md0 -l /etc/gbde/md0.lock newfs -U -O2 /dev/md0.bde mount /dev/md0.bde /mnt .... umount /mnt gbde detach md0 mdconfig -d -u 0 I havent tried geli yet, though it has interesting extras for later. Thanks Lorenzo & Howard. Julian -- Julian Stacey: BSDUnixLinux C Prog Admin SysEng Consult Munich www.berklix.com Mail just Ascii plain text. HTML & Base64 text are spam. From owner-freebsd-fs@FreeBSD.ORG Fri Jun 13 13:31:27 2008 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7C131106567D for ; Fri, 13 Jun 2008 13:31:27 +0000 (UTC) (envelope-from patpro@patpro.net) Received: from smtp.univ-lyon2.fr (smtp.univ-lyon2.fr [159.84.143.102]) by mx1.freebsd.org (Postfix) with ESMTP id 07E458FC12 for ; Fri, 13 Jun 2008 13:31:26 +0000 (UTC) (envelope-from patpro@patpro.net) Received: from localhost (localhost [127.0.0.1]) by smtp.univ-lyon2.fr (Postfix) with ESMTP id 262F07BCAA7F for ; Fri, 13 Jun 2008 15:05:15 +0200 (CEST) X-Virus-Scanned: amavisd-new at univ-lyon2.fr Received: from smtp.univ-lyon2.fr ([127.0.0.1]) by localhost (smtp.univ-lyon2.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dnghYJ6NMLWL for ; Fri, 13 Jun 2008 15:05:11 +0200 (CEST) Received: from [159.84.148.59] (unknown [159.84.148.59]) by smtp.univ-lyon2.fr (Postfix) with ESMTP id 2CCC37BCAA6E for ; Fri, 13 Jun 2008 15:05:11 +0200 (CEST) Message-Id: <396AA358-5DB7-4182-8FCC-D6AA80B542A7@patpro.net> From: Patrick Proniewski To: freebsd-fs@freebsd.org Content-Type: multipart/signed; boundary=Apple-Mail-11-979393979; micalg=sha1; protocol="application/pkcs7-signature" Mime-Version: 1.0 (Apple Message framework v924) Date: Fri, 13 Jun 2008 15:05:11 +0200 X-Mailer: Apple Mail (2.924) X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: freebsd boot manager X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2008 13:31:27 -0000 --Apple-Mail-11-979393979 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Hello, I'm running FreeBSD 6.3 on intel. My box has 2 HDs (SATA). FreeBSD is installed on the first SATA HD. At boot time, I'm prompted with the FreeBSD bootmanager interface (F1 : FreeBSD, F5 : Drive 1) I have plugged a CF card on a dedicated slot of the motherboard (Tyan i7520SD), and installed a nanoBSD on this compact flash card. Now I want many things: - being able to choose between my SATA bootable HD and the CF, at boot time, whatever system was previously booted (SATA or CF) - the box must always boot by default on the SATA HD - in case SATA is not available (HD failure, ...), the box must boot on the CF card. So my first question is: is it possible? My second question is: how do I make this happen? I can't find any relevant explanation about manipulations/settings of the FreeBSD bootmanager, and I've asked my questions on french usenet group with no luck, so I'm quite lost. Any help greatly appreciated. patpro --Apple-Mail-11-979393979-- From owner-freebsd-fs@FreeBSD.ORG Fri Jun 13 16:04:01 2008 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5F0571065670 for ; Fri, 13 Jun 2008 16:04:01 +0000 (UTC) (envelope-from lists.freebsd.org@sbeh.de) Received: from bunesko.ategram.com (mx0.ategram.com [78.47.22.65]) by mx1.freebsd.org (Postfix) with ESMTP id 9AB428FC12 for ; Fri, 13 Jun 2008 16:04:00 +0000 (UTC) (envelope-from lists.freebsd.org@sbeh.de) Received: (qmail 21569 invoked from network); 13 Jun 2008 17:37:46 +0200 Received: from aef.wh.uni-dortmund.de (HELO ?172.20.74.172?) (129.217.129.132) by mx0.ategram.com with (DHE-RSA-AES256-SHA encrypted) SMTP; 13 Jun 2008 17:37:46 +0200 Message-ID: <4852942E.6050309@sbeh.de> Date: Fri, 13 Jun 2008 17:37:18 +0200 From: Stan Behrens User-Agent: Thunderbird 2.0.0.14 (X11/20080510) MIME-Version: 1.0 To: Patrick Proniewski References: <396AA358-5DB7-4182-8FCC-D6AA80B542A7@patpro.net> In-Reply-To: <396AA358-5DB7-4182-8FCC-D6AA80B542A7@patpro.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-fs@freebsd.org Subject: Re: freebsd boot manager X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2008 16:04:01 -0000 Hello Mr. Proniewski, enabling Legacy-USB-Mode in BIOS should give you an additional 'HDD' (CF) to boot from. I'm sorry, I don't know how to specify fallback-devices in FBSD's Bootloader, you can use grub from ports instead, which has the ability to fallback on another device. Regards, Stan Behrens. From owner-freebsd-fs@FreeBSD.ORG Fri Jun 13 17:01:47 2008 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B46811065677 for ; Fri, 13 Jun 2008 17:01:47 +0000 (UTC) (envelope-from patpro@patpro.net) Received: from postfix1-g20.free.fr (postfix1-g20.free.fr [212.27.60.42]) by mx1.freebsd.org (Postfix) with ESMTP id B6A118FC17 for ; Fri, 13 Jun 2008 17:01:46 +0000 (UTC) (envelope-from patpro@patpro.net) Received: from smtp1-g19.free.fr (smtp1-g19.free.fr [212.27.42.27]) by postfix1-g20.free.fr (Postfix) with ESMTP id 7E438273DF2F for ; Fri, 13 Jun 2008 18:42:51 +0200 (CEST) Received: from smtp1-g19.free.fr (localhost.localdomain [127.0.0.1]) by smtp1-g19.free.fr (Postfix) with ESMTP id B1DA51AB2F8; Fri, 13 Jun 2008 18:42:49 +0200 (CEST) Received: from boleskine.patpro.net (boleskine.patpro.net [82.235.12.223]) by smtp1-g19.free.fr (Postfix) with ESMTP id 7762B1AB306; Fri, 13 Jun 2008 18:42:49 +0200 (CEST) Received: from [192.168.0.2] (unknown [192.168.0.2]) by boleskine.patpro.net (Postfix) with ESMTP id 2B5151CC10; Fri, 13 Jun 2008 18:42:49 +0200 (CEST) Message-Id: From: Patrick Proniewski To: Stan Behrens In-Reply-To: <4852942E.6050309@sbeh.de> Content-Type: multipart/signed; boundary=Apple-Mail-1-992451552; micalg=sha1; protocol="application/pkcs7-signature" Mime-Version: 1.0 (Apple Message framework v924) Date: Fri, 13 Jun 2008 18:42:48 +0200 References: <396AA358-5DB7-4182-8FCC-D6AA80B542A7@patpro.net> <4852942E.6050309@sbeh.de> X-Mailer: Apple Mail (2.924) X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-fs@freebsd.org Subject: Re: freebsd boot manager X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2008 17:01:47 -0000 --Apple-Mail-1-992451552 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Stan, thank you for your reply On 13 juin 2008, at 17:37, Stan Behrens wrote: > enabling Legacy-USB-Mode in BIOS should give you an additional > 'HDD' (CF) to boot from. May be I'm missing something here, because I don't see any relation between USB and the CF card. I should have mentioned that my CF card is plugged in a dedicated CF slot on the motherboard. It's on a UDMA bus: CF card: ad0: 1953MB at ata0-master UDMA66 SATA #1 (boot): ad4: 239372MB at ata2-master SATA150 SATA #2: ad6: 239372MB at ata3-master SATA150 > I'm sorry, I don't know how to specify fallback-devices in FBSD's > Bootloader, you can use grub from ports instead, which has the > ability to fallback on another device. If I want to go with grub, should I install it on both systems ? (FreeBSD on ad4 and nanoBSD on ad0) thanks, patpro --Apple-Mail-1-992451552-- From owner-freebsd-fs@FreeBSD.ORG Sat Jun 14 01:40:22 2008 Return-Path: Delivered-To: freebsd-fs@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1AC39106564A for ; Sat, 14 Jun 2008 01:40:22 +0000 (UTC) (envelope-from randy@psg.com) Received: from rip.psg.com (rip.psg.com [IPv6:2001:418:1::39]) by mx1.freebsd.org (Postfix) with ESMTP id 0746C8FC0A for ; Sat, 14 Jun 2008 01:40:22 +0000 (UTC) (envelope-from randy@psg.com) Received: from 50.216.138.210.bn.2iij.net ([210.138.216.50] helo=rmac.psg.com) by rip.psg.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1K7Kkf-000BCw-6Q for freebsd-fs@FreeBSD.ORG; Sat, 14 Jun 2008 01:40:21 +0000 Message-ID: <48532183.2040306@psg.com> Date: Sat, 14 Jun 2008 10:40:19 +0900 From: Randy Bush User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: freebsd-fs@FreeBSD.ORG X-Enigmail-Version: 0.95.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Subject: zfs dump to non-zfs host X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Jun 2008 01:40:22 -0000 currently, my dump server is a large non-zfs raid to which i use dump over ssh to a remote host, as in /sbin/dump 0Luaf - /dev/twed0s1a | $SSH $BSYS "/bin/cat > $DDIR/base" now i have a zfs host that i want to dump to this server. yes, i know i can snapshot on the zfs system itself. but what if it goes completely dead? it is in an earthquake zone, ... /sbin/dump does not work, of course. files created with zsend might not be decodable in a future version, so i can not zsend | to it. clue bat, please. randy