Re: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
On Tue, 12 Jul 2011 00:25:38 +0400 Pan Tsu wrote: > "Christopher J. Ruwe" writes: > > [...] > > In this setup, I should not have any problems. However, I do not > > realize (and very much doubt) that I changed anything in the order > > of the services (lacking the capability to deterministically do so, > > anyway). > > > > From rcorder I understand that all that is required to set rcorder > > right would be to change /etc/rc.d/zfs to include a REQUIRE: geli, > > so that my geli-encrypted volume would be unlocked before all > > zfs-datasets are mounted? > > Yep, or revert to default where rc.d/zfs depends on > rc.d/mountcritlocal. > > $ svn co -qr223699 svn://svn.freebsd.org/base/stable/8/etc/rc.d > $ rcorder rc.d/* | nl | sed /zfs/q >1 rc.d/hostid >2 rc.d/zvol >3 rc.d/dumpon >4 rc.d/ddb >5 rc.d/initrandom >6 rc.d/geli >7 rc.d/gbde >8 rc.d/encswap >9 rc.d/ccd > 10 rc.d/swap1 > 11 rc.d/fsck > 12 rc.d/root > 13 rc.d/hostid_save > 14 rc.d/mdconfig > 15 rc.d/mountcritlocal > 16 rc.d/zfs > > > > If so, what could be the reason that my rcorder-setup deviates from > > the standard and how could I coerce it back to standard? > > No idea. Try basic check with > > $ diff -ur /usr/src/etc/rc.d /etc/rc.d > $ mergemaster > $ mergemaster -s > > unless someone else can reproduce your issue. Please accept my apologies for replying so late, I was stuck up in work and could not find time to test this issue. Your proposed solution of reverting to the default setup worked as expected. My idea of adding a REQUIRE: geli to /etc/rc.d/zfs did not, although rcorder showed geli before zfs then. However, with my problem solved, I have no incentive to research why I deviated from default rc.d in the first place ... the only thing I am sure of is, that it was not intentionally. Anyhow, thank you for your help, it is really appreciated. -- Christopher J. Ruwe TZ GMT + 2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
"Christopher J. Ruwe" writes: [...] > In this setup, I should not have any problems. However, I do not > realize (and very much doubt) that I changed anything in the order of > the services (lacking the capability to deterministically do so, > anyway). > > From rcorder I understand that all that is required to set rcorder > right would be to change /etc/rc.d/zfs to include a REQUIRE: geli, so > that my geli-encrypted volume would be unlocked before all > zfs-datasets are mounted? Yep, or revert to default where rc.d/zfs depends on rc.d/mountcritlocal. $ svn co -qr223699 svn://svn.freebsd.org/base/stable/8/etc/rc.d $ rcorder rc.d/* | nl | sed /zfs/q 1 rc.d/hostid 2 rc.d/zvol 3 rc.d/dumpon 4 rc.d/ddb 5 rc.d/initrandom 6 rc.d/geli 7 rc.d/gbde 8 rc.d/encswap 9 rc.d/ccd 10 rc.d/swap1 11 rc.d/fsck 12 rc.d/root 13 rc.d/hostid_save 14 rc.d/mdconfig 15 rc.d/mountcritlocal 16 rc.d/zfs > > If so, what could be the reason that my rcorder-setup deviates from > the standard and how could I coerce it back to standard? No idea. Try basic check with $ diff -ur /usr/src/etc/rc.d /etc/rc.d $ mergemaster $ mergemaster -s unless someone else can reproduce your issue. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
On Sun, 10 Jul 2011 22:23:36 +0400
Pan Tsu wrote:
> "Christopher J. Ruwe" writes:
>
> [...]
> > /etc/rc.d/zvol
> > /etc/rc.d/zfs
> > /etc/rc.d/dumpon
> > /etc/rc.d/ddb
> > /etc/rc.d/initrandom
> > /etc/rc.d/geli
> > /etc/rc.d/gbde
> > /etc/rc.d/encswap
> > /etc/rc.d/ccd
> > /etc/rc.d/swap1
> > /etc/rc.d/fsck
> > /etc/rc.d/root
> > /etc/rc.d/hostid_save
> > /etc/rc.d/mdconfig
> > /etc/rc.d/mountcritlocal
> >
> > This makes sense to me and reflects the order I assumed in my
> > description. The question remains, however, if my configuration is
> > of any in {unusual, ..., stupid} as I require first zfs mount of /,
> > then GELI-unlock and then zfs mount of {/usr,/usr/local, ...}.
>
> Do you mount the root pool over smth else? Otherwise, root should be
> mounted by kernel before init(8) is started. And /etc/rc.d doesn't
> exist before root is mounted.
I mount root-pool via
zfs_load="YES"
vfs.root.mountfrom="zfs:rpool/root"
in /boot/loader.conf. So far, all is right from what I understand.
> I think the correct order is
>
> 0 vfs_mountroot*
> ..
> 2 rc.d/zvol (pre v28)
> ..
> 6 rc.d/geli
> ..
> 15 rc.d/mountcritlocal
> 16 rc.d/zfs
>
> where extra datasets from the root pool can be mounted via fstab at
> rc.d/mountcritlocal time. Not sure if you import geli pool during boot
> or not and leak its configuration via zpool.cache.
In this setup, I should not have any problems. However, I do not realize (and
very much doubt) that I changed anything in the order of the services (lacking
the capability to deterministically do so, anyway).
From rcorder I understand that all that is required to set rcorder right would
be to change /etc/rc.d/zfs to include a REQUIRE: geli, so that my
geli-encrypted volume would be unlocked before all zfs-datasets are mounted?
If so, what could be the reason that my rcorder-setup deviates from the
standard and how could I coerce it back to standard?
Thank you for your help so far, cheers
--
Christopher J. Ruwe
TZ GMT + 2
signature.asc
Description: PGP signature
Re: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
On 07/10/2011 07:05, Christopher J. Ruwe wrote: > $> rcorder /etc/rc.d/zfs You want to use: service -r -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
"Christopher J. Ruwe" writes:
[...]
> /etc/rc.d/zvol
> /etc/rc.d/zfs
> /etc/rc.d/dumpon
> /etc/rc.d/ddb
> /etc/rc.d/initrandom
> /etc/rc.d/geli
> /etc/rc.d/gbde
> /etc/rc.d/encswap
> /etc/rc.d/ccd
> /etc/rc.d/swap1
> /etc/rc.d/fsck
> /etc/rc.d/root
> /etc/rc.d/hostid_save
> /etc/rc.d/mdconfig
> /etc/rc.d/mountcritlocal
>
> This makes sense to me and reflects the order I assumed in my
> description. The question remains, however, if my configuration is of
> any in {unusual, ..., stupid} as I require first zfs mount of /, then
> GELI-unlock and then zfs mount of {/usr,/usr/local, ...}.
Do you mount the root pool over smth else? Otherwise, root should be
mounted by kernel before init(8) is started. And /etc/rc.d doesn't exist
before root is mounted.
I think the correct order is
0 vfs_mountroot*
..
2 rc.d/zvol (pre v28)
..
6 rc.d/geli
..
15 rc.d/mountcritlocal
16 rc.d/zfs
where extra datasets from the root pool can be mounted via fstab at
rc.d/mountcritlocal time. Not sure if you import geli pool during boot
or not and leak its configuration via zpool.cache.
>
> Anyhow, thanks for setting me up on the proper usage of rcorder.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
On Sun, 10 Jul 2011 07:50:44 -0700
Jeremy Chadwick wrote:
> On Sun, Jul 10, 2011 at 04:05:04PM +0200, Christopher J. Ruwe wrote:
> > On Sun, 10 Jul 2011 16:38:43 +0400
> > Pan Tsu wrote:
> >
> > > "Christopher J. Ruwe" writes:
> > >
> > > > Nearly a week ago I posted this question to freebsd-fs, but
> > > > probalby my question is a) worded too complicatedly, b) not
> > > > really a filesystem-issue or c) both.
> > > >
> > > > To rephrase: In setups requiring one or more ZFS-dataset to be
> > > > mounted before another service is activated (GELI in my case)
> > > > and the rest of the ZFS-datasets after that service is activated
> > > > (because they require GELI), it seems to be necessary to add a
> > > > `zfs mount -a` to mountcritlocal. Is this considered correct
> > > > behaviour and wouldn't it make sense to add such a line to
> > > > mountcritlocal in the standard setup?
> > > [...]
> > >
> > > Have you tried to set zfs_enable=YES in rc.conf? Based on
> > > rcorder(8) output rc.d/zfs should come just after
> > > rc.d/mountcritlocal.
> >
> > zfs_enable="YES" is set. rcorder gives curious output, so maybe my
> > etcs are wrong?
> >
> > $> rcorder /etc/rc.d/zfs
> > rcorder: file `/etc/rc.d/zfs' is before unknown provision
> > `mountlate' /etc/rc.d/zfs
> >
> > $> rcorder /etc/rc.d/mountcritlocal
> > rcorder: requirement `root' in file `/etc/rc.d/mountcritlocal' has
> > no providers. /etc/rc.d/mountcritlocal
>
> You're using rcorder wrong here. "rcorder /etc/rc.d/*" will get you
> what you're looking for. Yes, literally an asterisk.
>
I see. Thank you. That gives me (I skip the rest after mountcritlocal)
/etc/rc.d/zvol
/etc/rc.d/zfs
/etc/rc.d/dumpon
/etc/rc.d/ddb
/etc/rc.d/initrandom
/etc/rc.d/geli
/etc/rc.d/gbde
/etc/rc.d/encswap
/etc/rc.d/ccd
/etc/rc.d/swap1
/etc/rc.d/fsck
/etc/rc.d/root
/etc/rc.d/hostid_save
/etc/rc.d/mdconfig
/etc/rc.d/mountcritlocal
This makes sense to me and reflects the order I assumed in my description. The
question remains, however, if my configuration is of any in {unusual, ...,
stupid} as I require first zfs mount of /, then GELI-unlock and then zfs mount
of {/usr,/usr/local, ...}.
Anyhow, thanks for setting me up on the proper usage of rcorder.
Cheers,
--
Christopher J. Ruwe
TZ GMT + 2
signature.asc
Description: PGP signature
Re: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
On Sun, Jul 10, 2011 at 04:05:04PM +0200, Christopher J. Ruwe wrote: > On Sun, 10 Jul 2011 16:38:43 +0400 > Pan Tsu wrote: > > > "Christopher J. Ruwe" writes: > > > > > Nearly a week ago I posted this question to freebsd-fs, but > > > probalby my question is a) worded too complicatedly, b) not really a > > > filesystem-issue or c) both. > > > > > > To rephrase: In setups requiring one or more ZFS-dataset to be > > > mounted before another service is activated (GELI in my case) and > > > the rest of the ZFS-datasets after that service is activated > > > (because they require GELI), it seems to be necessary to add a `zfs > > > mount -a` to mountcritlocal. Is this considered correct behaviour > > > and wouldn't it make sense to add such a line to mountcritlocal in > > > the standard setup? > > [...] > > > > Have you tried to set zfs_enable=YES in rc.conf? Based on rcorder(8) > > output rc.d/zfs should come just after rc.d/mountcritlocal. > > zfs_enable="YES" is set. rcorder gives curious output, so maybe my etcs are > wrong? > > $> rcorder /etc/rc.d/zfs > rcorder: file `/etc/rc.d/zfs' is before unknown provision `mountlate' > /etc/rc.d/zfs > > $> rcorder /etc/rc.d/mountcritlocal > rcorder: requirement `root' in file `/etc/rc.d/mountcritlocal' has no > providers. > /etc/rc.d/mountcritlocal You're using rcorder wrong here. "rcorder /etc/rc.d/*" will get you what you're looking for. Yes, literally an asterisk. -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, US | | Making life hard for others since 1977. PGP 4BD6C0CB | ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
On Sun, 10 Jul 2011 16:38:43 +0400 Pan Tsu wrote: > "Christopher J. Ruwe" writes: > > > Nearly a week ago I posted this question to freebsd-fs, but > > probalby my question is a) worded too complicatedly, b) not really a > > filesystem-issue or c) both. > > > > To rephrase: In setups requiring one or more ZFS-dataset to be > > mounted before another service is activated (GELI in my case) and > > the rest of the ZFS-datasets after that service is activated > > (because they require GELI), it seems to be necessary to add a `zfs > > mount -a` to mountcritlocal. Is this considered correct behaviour > > and wouldn't it make sense to add such a line to mountcritlocal in > > the standard setup? > [...] > > Have you tried to set zfs_enable=YES in rc.conf? Based on rcorder(8) > output rc.d/zfs should come just after rc.d/mountcritlocal. zfs_enable="YES" is set. rcorder gives curious output, so maybe my etcs are wrong? $> rcorder /etc/rc.d/zfs rcorder: file `/etc/rc.d/zfs' is before unknown provision `mountlate' /etc/rc.d/zfs $> rcorder /etc/rc.d/mountcritlocal rcorder: requirement `root' in file `/etc/rc.d/mountcritlocal' has no providers. /etc/rc.d/mountcritlocal However, I fear I have not made my intent clear. My boot-sequence should be as follows (intermittent steps left out): 1) mount zfs root-fs, which is on plain standard zpool A 2) unlock another, GELI-encrypted zpool B 3) mount all other fs (/usr,...), which reside on zpool B What my system does is first to mount the fs on zpool A, then GELI-unlock and then halt because the contents of /usr are not accessible (yet) What I want my system to do is to first mount root, then unlock GELI and then mount all other remaining fs on zpool B. I could either mount all remaining zfs'es in mountcritlocal, which requires another line there, which I have added locally as put in my patch. I cannot shift the order so that GELI-unlock comes first, because my keys for GELI reside on /boot, which resides on zpool A. So, is my setup anything from unfortunate to plain stupid or is mountcritlocal missing a statement catering for such cases as I described? Thank you for your help, cheers, -- Christopher J. Ruwe TZ GMT + 2 signature.asc Description: PGP signature
