Re: Is it possible to suspend to disk with geli+Root on ZFS installation

2013-10-13 Thread Ian Smith 
On Sun, 13 Oct 2013 13:17:20 +1000, yudi v wrote:
 > On Mon, Sep 30, 2013 at 2:47 AM, Ian Smith  wrote:
 > > In freebsd-questions Digest, Vol 486, Issue 7, Message: 5
 > > On Sat, 28 Sep 2013 16:25:33 +0200 Roland Smith  wrote:
 > >  > On Fri, Sep 27, 2013 at 05:37:55PM +1000, yudi v wrote:
 > >  > > Hi all,
 > >  > >
 > >  > > Is it possible to suspend to disk (hibernate) when using geli for
 > full disk
 > >  > > encryption.
[..]
 > > I must reiterate, FreeBSD does not support Suspend to Disk (state S4 aka
 > > 'hibernate') on ANY platform, except - perhaps - on machines supporting
 > > S4 in BIOS (hw.acpi.s4bios=1) which are very rarely spotted in the wild.
 > >
 > >  > And even suspend to RAM doesn't work on every machine [2].
 > >  >
 > >  > [2]: https://wiki.freebsd.org/IdeasPage#Suspend_to_disk
 > >
 > > That page IS about Suspend to Disk - but only as a wishlist idea, as it
 > > has been for many years.  Someone did take it on as a Google SoC project
 > > years ago, but nothing ever came of it to my knowledge.
[..]

 > Thanks Ian for clarifying that FreeBSD does not support Suspend to Disk. I
 > just assumed all major distros supported all the suspend states. Now I am
 > looking for a UPS that cleanly shuts down the machine when there is a power
 > outage.

Hi Yudi,

you haven't said what sort of machine (desktop/server/laptop) or how 
long a mains power fail runtime you're after, so it's impossible to 
guess what sort of size UPS you might need ..

 > I am looking at a APC Power-Saving Back-UPS ES 8 Outlet 700VA 230V AS
 > 3112,

I don't know about that model; it makes no mention of shutdown alert / 
control at all, only 'some models' have a USB connector, and I couldn't 
find the manual for it there.  Certainly not all 'desktop' UPSes support 
what's needed to communicate and shutdown cleanly, so check carefully 
both the specs and that software (apcupsd or nut) supports the model.

I gather from your timestamp (and that model) that you may be in 
Australia, in which case you could browse from here for the APCs:

http://www.apc.com/products/category.cfm?id=13&ISOCountryCode=au

[However that page currently throws errors on the various model links of 
'Element CACHE.APCTOSECOUNTRYMAPPINGS is undefined in APPLICATION.' :( ]

 > anyone know if apcupsd daemon works fine under FreeBSD or should I be
 > looking at Network UPS Tools (NUT).

I'm sure there are people here who can advise.  I've only setup Eaton 
and PowerWare UPSes, and those on a Debian linux server, using NUT.

cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Is it possible to suspend to disk with geli+Root on ZFS installation

2013-10-12 Thread yudi v 
On Mon, Sep 30, 2013 at 2:47 AM, Ian Smith  wrote:
> In freebsd-questions Digest, Vol 486, Issue 7, Message: 5
> On Sat, 28 Sep 2013 16:25:33 +0200 Roland Smith  wrote:
>  > On Fri, Sep 27, 2013 at 05:37:55PM +1000, yudi v wrote:
>  > > Hi all,
>  > >
>  > > Is it possible to suspend to disk (hibernate) when using geli for
full disk
>  > > encryption.
>  >
>  > As far as I can tell, FreeBSD doesn't support suspend to disk on all
>  > architectures. On amd64 the necessary infrastructure doesn't exist,
and on
>  > i386 FPU state is lost, there is no multiprocessor support and some
MSRs are
>  > not restored [1].
>  >
>  > [1]: https://wiki.freebsd.org/SuspendResume
>
> Roland, sorry, no; you (and that page) are talking about Suspend to RAM,
> ACPI state S3.  What you've said is correct re Suspend to RAM - though
> some running amd64 have achieved some success on some machines lately;
> most of the issues are with restoring modern video, backlight and such.
>
> Those i386 comments don't apply to my Thinkpad T23s, which suspend and
> resume, in console mode and X, flawlessly on 9.1-R and properly after
> various tweaks on 8.x, 7.x and 6.x - but they're a single core P3-M ..
>
> I must reiterate, FreeBSD does not support Suspend to Disk (state S4 aka
> 'hibernate') on ANY platform, except - perhaps - on machines supporting
> S4 in BIOS (hw.acpi.s4bios=1) which are very rarely spotted in the wild.
>
>  > And even suspend to RAM doesn't work on every machine [2].
>  >
>  > [2]: https://wiki.freebsd.org/IdeasPage#Suspend_to_disk
>
> That page IS about Suspend to Disk - but only as a wishlist idea, as it
> has been for many years.  Someone did take it on as a Google SoC project
> years ago, but nothing ever came of it to my knowledge.
>
> The last laptop I have that will properly hibernate - ie save RAM and
> all state to disk and power off, then reload all RAM and state on power
> return - is a 300MHz Compaq Armada 1500C (mfg '98), but using the older
> APM BIOS rather than ACPI.  (It's still running, 24/7/365 since 2002 :)
>
> cheers, Ian

Thanks Ian for clarifying that FreeBSD does not support Suspend to Disk. I
just assumed all major distros supported all the suspend states. Now I am
looking for a UPS that cleanly shuts down the machine when there is a power
outage.
I am looking at a APC Power-Saving Back-UPS ES 8 Outlet 700VA 230V AS
3112,
anyone know if apcupsd daemon works fine under FreeBSD or should I be
looking at Network UPS Tools (NUT).

-- 
Kind regards,
Yudi
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Is it possible to suspend to disk with geli+Root on ZFS installation

2013-09-29 Thread Ian Smith 
In freebsd-questions Digest, Vol 486, Issue 7, Message: 5
On Sat, 28 Sep 2013 16:25:33 +0200 Roland Smith  wrote:
 > On Fri, Sep 27, 2013 at 05:37:55PM +1000, yudi v wrote:
 > > Hi all,
 > > 
 > > Is it possible to suspend to disk (hibernate) when using geli for full disk
 > > encryption. 
 > 
 > As far as I can tell, FreeBSD doesn't support suspend to disk on all
 > architectures. On amd64 the necessary infrastructure doesn't exist, and on
 > i386 FPU state is lost, there is no multiprocessor support and some MSRs are
 > not restored [1].
 > 
 > [1]: https://wiki.freebsd.org/SuspendResume

Roland, sorry, no; you (and that page) are talking about Suspend to RAM, 
ACPI state S3.  What you've said is correct re Suspend to RAM - though 
some running amd64 have achieved some success on some machines lately; 
most of the issues are with restoring modern video, backlight and such.

Those i386 comments don't apply to my Thinkpad T23s, which suspend and 
resume, in console mode and X, flawlessly on 9.1-R and properly after 
various tweaks on 8.x, 7.x and 6.x - but they're a single core P3-M ..

I must reiterate, FreeBSD does not support Suspend to Disk (state S4 aka 
'hibernate') on ANY platform, except - perhaps - on machines supporting 
S4 in BIOS (hw.acpi.s4bios=1) which are very rarely spotted in the wild.

 > And even suspend to RAM doesn't work on every machine [2].
 > 
 > [2]: https://wiki.freebsd.org/IdeasPage#Suspend_to_disk

That page IS about Suspend to Disk - but only as a wishlist idea, as it 
has been for many years.  Someone did take it on as a Google SoC project 
years ago, but nothing ever came of it to my knowledge.

The last laptop I have that will properly hibernate - ie save RAM and 
all state to disk and power off, then reload all RAM and state on power 
return - is a 300MHz Compaq Armada 1500C (mfg '98), but using the older 
APM BIOS rather than ACPI.  (It's still running, 24/7/365 since 2002 :)

cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Is it possible to suspend to disk with geli+Root on ZFS installation

2013-09-28 Thread Roland Smith 
On Fri, Sep 27, 2013 at 05:37:55PM +1000, yudi v wrote:
> Hi all,
> 
> Is it possible to suspend to disk (hibernate) when using geli for full disk
> encryption. 

As far as I can tell, FreeBSD doesn't support suspend to disk on all
architectures. On amd64 the necessary infrastructure doesn't exist, and on
i386 FPU state is lost, there is no multiprocessor support and some MSRs are
not restored [1].

[1]: https://wiki.freebsd.org/SuspendResume

And even suspend to RAM doesn't work on every machine [2].

[2]: https://wiki.freebsd.org/IdeasPage#Suspend_to_disk


Roland
-- 
R.F.Smith   http://rsmith.home.xs4all.nl/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)


pgpR3yscCbfXL.pgp
Description: PGP signature

Is it possible to suspend to disk with geli+Root on ZFS installation

2013-09-28 Thread Ian Smith 
In freebsd-questions Digest, Vol 486, Issue 5, Message: 18
On Fri, 27 Sep 2013 17:37:55 +1000 yudi v  wrote:

 > Hi all,
 > 
 > Is it possible to suspend to disk (hibernate) when using geli for full disk
 > encryption. My set-up is listed below. So I am going to have an encrypted
 > container and ZFS on top. There are two options for the swap with this
 > set-up, either use a swap file on the ZFS pool or use a separate partition
 > for swap and encrypt that. What I want to know is will either of this work
 > with suspend to disk.

FreeBSD does not support suspend to disk (ACPI state S4) at all.  It's 
been some years since I last heard of any attempts to implement STD.

Suspend to RAM (state S3) works on some machines, including mine.  If it 
works on yours then I suspect use of ZFS shouldn't be an extra issue.

I haven't used ZFS, so can't comment on the rest of your message(s).

cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Is it possible to suspend to disk with geli+Root on ZFS installation

2013-09-27 Thread yudi v 
Hi all,

Is it possible to suspend to disk (hibernate) when using geli for full disk
encryption. My set-up is listed below. So I am going to have an encrypted
container and ZFS on top. There are two options for the swap with this
set-up, either use a swap file on the ZFS pool or use a separate partition
for swap and encrypt that. What I want to know is will either of this work
with suspend to disk.

Reading geli(8)  man page does not say
anything about suspending to disk. Geli itself has suspend and resume
commands but looks like they cannot be used on the file system where
geliutility is stored (so the root pool cannot be suspended?)

And the onetime option does not support geli suspend.

Thank you.
Yudi

PS. I haven't received any response to the email below, if someone would
still like to answer some of the questions at the end, that would be
wonderful.


-- Forwarded message --
From: yudi v 
Date: Fri, Sep 20, 2013 at 7:09 PM
Subject: geli+Root on ZFS installation
To: freebsd-questions@freebsd.org


Hi,

I managed to install with "geli+root on ZFS" setup but have a few
questions.  Most of the instructions just list commands but offer very
little explanation.
I adapted the instructions in
https://wiki.freebsd.org/RootOnZFS/GPTZFSBoot/9.0-RELEASE  to suit my needs.

Here's the process I used for the test on a VM:

2 GB RAM
two HDDs 8 GB each mirrored - three partitions

for boot code 128 KB
for /boot 2 GB
for the rest of the system and encrypted

no key file for encrypted partitions, only passphrase
using 9.1-RELEASE
there will be no swap or handling of 4k drives, just to keep it as simple
as possible.

*Create the basic three partitions:*


gpart destroy -F da0
gpart destroy -F da1
gpart create -s gpt da0
gpart create -s gpt da1
gpart add -s 128 -t freebsd-boot da0
gpart add -s 128 -t freebsd-boot da1
gpart add -s 2G -t freebsd-zfs da0
gpart add -s 2G -t freebsd-zfs da1
gpart add -t freebsd-zfs da0
gpart add -t freebsd-zfs da1

*Write boot code to both disks:*

gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 da0
gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 da1

*Load necessary modules:*

kldload zfs
kldload geom_eli
*
Encrypt the disks with only a passphrase:*

geli init -b -s 4096 /dev/da0p3
geli init -b -s 4096 /dev/da1p3

geli attach /dev/da0p3
geli attach /dev/da1p3

*Creating ZFS datasets:*

zpool create bootdir mirror /dev/da0p2 /dev/da1p2
zpool set bootfs=bootdir bootdir

zpool create -R /mnt -O canmount=off tank mirror /dev/da0p3.eli
/dev/da1p3.eli
zfs create -o mountpoint=/tank/ROOT
zfs set mountpoint=/mnt/bootdirbootdir
zfs mount bootdir

*Then exit out of the shell and go back to bsdinstall. Install as normal
and then get back to the shell after bsdinstall finishes ( do not reboot
yet).*

Once in the newly installed system:

mount -t devfs devfs /dev   ( to use ZFS commands in the new environment)

*Add the necessary variables/settings:*

echo ‘zfs_enable=”YES”‘ >> /etc/rc.conf
echo ‘vfs.root.mountfrom=”zfs:tank/ROOT”‘  >> /boot/loader.conf
echo ‘zfs_load=”YES”‘ >> /boot/loader.conf
echo ‘geom_eli_load=”YES”‘ >> /boot/loader.conf

*Then create a zpool cache file:*

 zpool set cachefile=/boot/zfs/zpool.cache tank.

*Then move the boot folder to the second partition under the bootdir
dataset:*

mv boot bootdir/
*
Then set the final mount points:*

zfs set mountpoint=legacy tank
zfs set mountpoint=/bootdir bootdir

*then reboot.*
It should boot fine into the new system.

-  My questions:  -

*1.*   Almost all the guides  I came across, do not install to the root
dataset, they only seem to use it to derive/mount other
datasets/filesystems.
One of the reasons is to user boot environments, what are the other
possible reasons for doing this?



*2*.   Is it necessary to create a symbolic link to the /boot dir? Again
one of the howtos on the web had this step (
https://www.dan.me.uk/blog/2012/05/06/full-disk-encryption-with-zfs-root-for-freebsd-9-x/
).

ln -fs bootdir/boot

*3*.   This below option is where I had most trouble. This definitely needs
to be present when using geli+ZFS, if it's only ZFS, then I think the
bootfs flag suffices. Can someone with more knowledge of this please shed
some light on when this entry is needed.

vfs.root.mountfrom=”zfs:tank/ROOT”

*4.* In the wiki link above, what is the purpose of:

# zfs set mountpoint=/  zroot/ROOT
# zfs set mountpoint=/zroot zroot

I cannot understand the logic behind the second command.
Does that mean zroot  will display under / (root of the filesystem)?  and
Why?

looking at the rest of the commands:

# zfs set mountpoint=/tmp zroot/tmp
 # zfs set mountpoint=/usr zroot/usr
 # zfs set mountpoint=/var zroot/var

so if ROOT is set to /
then tmp, usr and var all appear under ROOT, is that right?


*5.* There seems to be lot of variation on how the system directories are
mounted under ZFS. In the above wiki link, th