Hello forum,

ive tried to install 8.0 on my recent buyed t400s. sadly after several tries i run into the same error with the installation. currently i cannot figure out the problem, i did the same for other versions like 6.x or 7.x.

so after installing fbsd with an encrypted root filesystem using mainly the steps described in this howto:

http://www.wanda25.de/geli.html

i get a "ROOT MOUNT ERROR"

anybody already built 8.0 with encrypted rootfilesys? or has any ideas what the reason for this problem could be?

checking for a list of devices at this point

>mountroot?

acd0 ufsid/<someid> ad4s1a ad4s2 ad4s1 ad4

Thank you for your response.

Yes, i'm running geli encrypted disks....

you're problem is that your geli isn't started....
you're disk should look like this ad4s1a.eli or ad4.elis1a or ad4s1.elia.

Since you said ad4s1a, when geli attach disk it should be ad4s1a.eli

you probably forgot to set -b flag when you did geli init


[thinking how to fix quickly...]

Ok, i figured it out.... [if this is the case]

you'll need to boot to fixit mode [use DVD, livefs cd or usb flash]
there you need to
# ln -s /dist/boot/kernel /boot/kernel
# ln -s /dist/lib /lib
# kldload geom_eli
# geli configure -b /dev/ad0s1a
....

repeat geli configure for all disks/slices/labels depending on how you initialized geli in first place} that are encrypted and should be mounted on root, except swap

reboot and report

or you forgot to create custom kernel or

echo geom_eli_load=\"YES\" >> /mnt/boot/loader.conf


or more scenarios... that I'll tell after you tell if things mentioned here helped already or not

or more scenarios... that I'll tell after you tell if things mentioned here helped already or not

thank you for responding. so. those did not solve the problem. ive created the device ad4s2.eli via geli -b [...] before, but also ran some "configure" on it now -> no result, i put the geom eli load to the loader on the first slice already and checked for it again, no spelling errors. also on /boot/etc/ an rc.conf exists with the entry of:

geli_devices="ad4s2"

before i forget:

ad4s1a is /boot
ad4s2 consists of the whole geli crypto device

also on /boot in etc the fstab exists with:

/dev/ad4s2.elia / ufs rw 1 1
/dev/ad4s2.elib none swap sw 0 0

ok, iam interested in the next steps :)

Do you boot using flash?

yes, ive got a ssd device in here

do you use password? Keyfile? both? to encrypt/decrypt

do you use password? Keyfile? both? to encrypt/decrypt

was the line i used:
geli init -b -v -e aes -l 128 /dev/ad4s2

so, only password encryption here currently.

OK please show /boot/loader.conf and /etc/fstab on your flash.

also show ls output of / and /boot of flash you're using to boot from

oh no :( iam sorry. i put the loader.conf to the slash of /boot and not /boot/boot

recognized this during cat'ing the file. thank you for your help! :) :)

It's not /boot/boot. It's boot on your flash root (/) ==> /boot

yes yes :) we talking about the same, thanx again works like a charm now