Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 25 Jan 2011 15:29:37 +0100
From:      Rolf Nielsen <listreader@lazlarlyricon.com>
To:        "J. Porter Clark" <jpc@porterclark.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: How to label a GELI device
Message-ID:  <4D3EDE51.6070404@lazlarlyricon.com>
In-Reply-To: <20110125140705.GA20041@auricle.charter.net>
References:  <20110125014223.GA13385@auricle.charter.net>	<4D3E8DC0.9060605@gmx.com> <20110125140705.GA20041@auricle.charter.net>

next in thread | previous in thread | raw e-mail | index | archive | help
2011-01-25 15:07, J. Porter Clark skrev:
> On Tue, Jan 25, 2011 at 10:45:52AM +0200, Nikos Vassiliadis wrote:
>> J. Porter Clark wrote:
>>> I have an encrypted partition, /dev/da0s1d.  I can use geli
>>> attach da0s1d and obtain a device /dev/da0s1d.eli, which is a
>>> UFS filesystem.  All that works just fine.
>>>
>>> I'd like to label /dev/da0s1d so that I don't have to refer to
>>> the exact drive number, etc., which might change if I reboot
>>> with a USB stick in the system or whatever.  But glabel puts the
>>> label in the last sector, which is where GELI stores metadata.
>>
>> You don't have to worry about this. geli uses the last sector for
>> its metadata and creates a device with one sector less to its clients.
>> The original device is 2048 sectors, the device geli provides is 2047
>> sectors:
>>> moby# diskinfo /dev/md0 /dev/md0.eli
>>> /dev/md0        512     1048576 2048    0       0
>>> /dev/md0.eli    512     1048064 2047    0       0
>>
>> There is no way for the "internal" GEOM to mess with the "external's"
>> metadata.
>
> That's fine, but I want to label the "external" /dev/md0, not
> the "internal" /dev/md0.eli.
>
> What I eventually want to do is to "geli attach" the device
> using a name that doesn't depend on drive numbering.
>

Correct me if I'm wrong anyone.
You need to first label da0s1d

e.g. like so

glabel label data da0s1d

then geli init the labeled device

e.g. like so

geli init -l 256 -s 4096 label/data

then

geli attach label/data

That will give you a device node called /dev/label/data.eli, that you 
can newfs and mount. Unfortunately, since you already encrypted da0s1d, 
you may have to back it up, and restore the data after you've redone it. 
I had this problem a few years ago, and I had to back up and restore, 
but perhaps it's been made simpler now? Though I doubt it.

Rolf Nielsen



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D3EDE51.6070404>