From owner-svn-doc-head@FreeBSD.ORG Fri Mar 21 20:34:39 2014 Return-Path: Delivered-To: svn-doc-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 955E2B16; Fri, 21 Mar 2014 20:34:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 75914EB7; Fri, 21 Mar 2014 20:34:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LKYdTA097135; Fri, 21 Mar 2014 20:34:39 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LKYdlg097134; Fri, 21 Mar 2014 20:34:39 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403212034.s2LKYdlg097134@svn.freebsd.org> From: Dru Lavigne Date: Fri, 21 Mar 2014 20:34:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44323 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 20:34:39 -0000 Author: dru Date: Fri Mar 21 20:34:38 2014 New Revision: 44323 URL: http://svnweb.freebsd.org/changeset/doc/44323 Log: Initial prep work for Storage chapter. Many more commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Mar 21 19:53:55 2014 (r44322) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Mar 21 20:34:38 2014 (r44323) @@ -602,9 +602,6 @@ umass0: detached creating - - Introduction - CD media provide a number of features that differentiate them from conventional disks. Initially, they were not writable by the user. They are designed so that they can be @@ -663,7 +660,6 @@ umass0: detached K3b require the ATAPI/CAM module with ATAPI hardware. - <application>mkisofs</application> @@ -1136,9 +1132,6 @@ cd0: Attempt to query device size failed burning - - Introduction - Compared to the CD, the DVD is the next generation of optical media storage technology. The DVD can hold more data than any CD and is the standard for video publishing. @@ -1195,7 +1188,6 @@ cd0: Attempt to query device size failed the DVD-Video player are compatible with the media under consideration. - Configuration @@ -1513,19 +1505,12 @@ cd0: Attempt to query device size failed DVD-RAM - - Configuration - DVD-RAM writers can use either a SCSI or ATAPI interface. For ATAPI devices, DMA access has to be enabled by adding the following line to /boot/loader.conf: hw.ata.atapi_dma="1" - - - - Preparing the Media A DVD-RAM can be seen as a removable hard drive. Like any other hard drive, the DVD-RAM must be formatted before @@ -1538,10 +1523,6 @@ cd0: Attempt to query device size failed The DVD device, acd0, must be changed according to the configuration. - - - - Using the Media Once the DVD-RAM has been formatted, it can be mounted as a normal hard drive: @@ -1550,7 +1531,6 @@ cd0: Attempt to query device size failed Once mounted, the DVD-RAM will be both readable and writeable. - @@ -2660,30 +2640,35 @@ Filesystem 1K-blocks Used Avail Capacity Disk Encryption with <application>gbde</application> - - - Configuring gbde requires - superuser privileges. - - &prompt.user; su - -Password: - + gbde encrypts the sector payload using 128-bit + AES in CBC mode. Each sector on the disk is encrypted with + a different AES key. For more information on the + cryptographic design, including how the sector keys are + derived from the user-supplied passphrase, refer to + &man.gbde.4;. - - If using a custom kernel configuration file, ensure it - contains this line: + + &man.sysinstall.8; is incompatible with + gbde-encrypted devices. All + *.bde + devices must be detached from the kernel before starting + &man.sysinstall.8; or it will crash during its initial + probing for devices. To detach the encrypted device used in + the example, use the following command: - options GEOM_BDE + &prompt.root; gbde detach /dev/ad4s1c + - If the kernel already contains this support, use - kldload to load &man.gbde.4;: + &os; provides a kernel module for + gbde which can be loaded with + this command: &prompt.root; kldload geom_bde - - - - Preparing the Encrypted Hard Drive + If using a custom kernel configuration file, ensure it + contains this line: + + options GEOM_BDE The following example demonstrates adding a new hard drive to a system that will hold a single encrypted @@ -2856,7 +2841,6 @@ Filesystem Size Used Avail Cap /dev/ad4s1c.bde 150G 4.1K 138G 0% /private - Mounting Existing Encrypted File Systems @@ -2900,9 +2884,6 @@ Filesystem Size Used Avail Cap - - Automatically Mounting Encrypted Partitions - It is possible to create a script to automatically attach, check, and mount an encrypted partition, but for security reasons the script should not contain the @@ -2924,34 +2905,6 @@ gbde_lockdir="/etc/gbde"gbde encrypted partition will be mounted automatically. This can be useful when using gbde on laptops. - - - - - Cryptographic Protections Employed by - <command>gbde</command> - - &man.gbde.8; encrypts the sector payload using 128-bit - AES in CBC mode. Each sector on the disk is encrypted with - a different AES key. For more information on the - cryptographic design, including how the sector keys are - derived from the user-supplied passphrase, refer to - &man.gbde.4;. - - - - Compatibility Issues - - &man.sysinstall.8; is incompatible with - gbde-encrypted devices. All - *.bde - devices must be detached from the kernel before starting - &man.sysinstall.8; or it will crash during its initial - probing for devices. To detach the encrypted device used in - the example, use the following command: - - &prompt.root; gbde detach /dev/ad4s1c - @@ -3331,9 +3284,6 @@ Device 1K-blocks Used Av high availability - - Synopsis - High availability is one of the main requirements in serious business applications and highly-available storage is a key component in such environments. Highly Available @@ -3396,7 +3346,6 @@ Device 1K-blocks Used Av GmbH and TransIP BV. - HAST Features @@ -3496,9 +3445,6 @@ Device 1K-blocks Used Av is not up-to-date or an I/O error occurs. In such case, the read operation is sent to the secondary node. - - Synchronization and Replication Modes - HAST tries to provide fast failure recovery. For this reason, it is very important to reduce synchronization time after a node's outage. To provide fast @@ -3539,7 +3485,6 @@ Device 1K-blocks Used Av latency is too high for other modes. - @@ -3912,9 +3857,6 @@ esac Troubleshooting - - General Troubleshooting Tips - HAST should generally work without issues. However, as with any other software product, there may be times when it does not work as supposed. The sources @@ -3930,7 +3872,6 @@ esac obtained this way. Consider also using -F, which starts &man.hastd.8; in the foreground. - Recovering from the Split-brain Condition