I have been trying to get FreeBSD installed on an encrypted volume and I've run into an annoying problem. Before I describe the problem, let me explain what I have done so far.
first I used gpart to make GPT partitions: one freebsd-boot, two freebsd-ufs. The freebsd-boot is 64k and the following command installed the boot code: # gpart bootcode -b /mnt2/boot/pmbr -p /mnt2/boot/gptboot -i 1 ad0 The second freebsd-ufs is 200M for /boot and the third is for the GELI based encrypted swap and /. I used geli to encrypt ad0p3 and again used gpart to carve it into two BSD slices, one 512m for swap and the other the rest of the disk for /. After everything is newfs'd and ad0p1 and ad0p3.elib are mounted as /mnt/boot and /mnt/root respectively, I did "export DESTDIR=/mnt/root" and ran the install.sh scripts in /dest/8.2-RELEASE/base and /dest/8.2-RELEASE/kernels. The next thing I did was to modify the /mnt/root/boot/loader.conf file so that it loads the geom_eli module and edit the /mnt/root/boot/device.hints file so that the password on boot works correctly for the encrypted volume. And I moved /mnt/root/boot/GENERIC to /mnt/root/boot/kernel. Then I copied the contents of /mnt/root/boot to /mnt/boot. I created a directory /mnt/boot/etc and made a fstab and put one copy there and another copy in /mnt/root/etc This works great, however, I am left with /boot in two different places and /etc/fstab in two places as well. I would like to know if someone can come up wth a more elegant solution to this. At the moment I am mounting /dev/ad0p2 as /bootdir and whenever I update the system, once the update is done, I just do an archival copy of the contents of /boot into /bootdir/boot and if there is a change to fstab I make the change in both places. I understand that /boot cannot be encrypted (at the moment, until things change). But I would like to have /boot mounted directly from /dev/ad0p2 so there is only one copy of it. Any thoughts? _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"