From owner-freebsd-fs@FreeBSD.ORG Tue Sep 7 10:33:29 2010 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E5BAA10656A4 for ; Tue, 7 Sep 2010 10:33:29 +0000 (UTC) (envelope-from jdc@koitsu.dyndns.org) Received: from qmta14.westchester.pa.mail.comcast.net (qmta14.westchester.pa.mail.comcast.net [76.96.59.212]) by mx1.freebsd.org (Postfix) with ESMTP id 801BC8FC20 for ; Tue, 7 Sep 2010 10:33:29 +0000 (UTC) Received: from omta23.westchester.pa.mail.comcast.net ([76.96.62.74]) by qmta14.westchester.pa.mail.comcast.net with comcast id 3lvr1f0021c6gX85EmZVEP; Tue, 07 Sep 2010 10:33:29 +0000 Received: from koitsu.dyndns.org ([98.248.41.155]) by omta23.westchester.pa.mail.comcast.net with comcast id 3mZU1f0083LrwQ23jmZVy4; Tue, 07 Sep 2010 10:33:29 +0000 Received: by icarus.home.lan (Postfix, from userid 1000) id 5C0329B425; Tue, 7 Sep 2010 03:33:27 -0700 (PDT) Date: Tue, 7 Sep 2010 03:33:27 -0700 From: Jeremy Chadwick To: Carl Message-ID: <20100907103327.GA12222@icarus.home.lan> References: <4C834D1A.2010405@telus.net> <20100905150344.GD1900@garage.freebsd.pl> <4C860FAC.5070700@telus.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4C860FAC.5070700@telus.net> User-Agent: Mutt/1.5.20 (2009-06-14) Cc: freebsd-fs@freebsd.org, Pawel Jakub Dawidek Subject: Re: geli'd swap and core dumps X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Sep 2010 10:33:30 -0000 On Tue, Sep 07, 2010 at 03:10:52AM -0700, Carl wrote: > On 2010-09-05 8:03 AM, Pawel Jakub Dawidek wrote: > >>What are best practices for achieving encrypted swap and functional core > >>dump recovery? Or are these mutually exclusive goals? > > > >Well, the idea to encrypt swap is to prevent any sensitive data to be > >stored on disk unencrypted where it might last for a long time. > >If you configure to dump kernel memory to a disk (kernel dumps are not > >encrypted) you kinda miss the point, as kernel memory can contain a lot > >of sensitive data. > > It makes sense that best practice would be to disable the dump > device, yet it appears dumpdev is set to AUTO as the default on > current versions of FreeBSD. Does AUTO imply a behaviour that will > intelligently recognize the lack of a functional dumpdev in the case > of a geli'd swap or do I need to explicitly set dumpdev to NO to > avoid errors on normal startups or even bad behaviour during a > kernel panic? dumpdev="auto" results in the system rc scripts examining /etc/fstab to look for any swap slices you've defined there. If there are none listed in /etc/fstab, then you should set the dump device explicitly using dumpdev="/dev/xxx" syntax. If there are some in /etc/fstab which you don't want to use, apply the same advice. -- | Jeremy Chadwick jdc@parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |