Hello,
I'm installing FreeBSD 12.0-Release and I'm using the Shell option in the installer to partition my disk by hand.
I have a swap and a root partition. I'm using GPT label to label them, and GELI for the encryption.
After completing the installation and rebooting the host, I'm asked for the GELI passphrase, then the boot splash screen appears, then the booting process continues but halts later with the following error message:
If I type '?', I can see that gpt/SWAP, gpt/BOOT and da0p3.eli are available. My root partition is indeed da0p3.eli but is not referenced under its GPT label.
If I type the following:
then the system boots normally.
Here are the commands I used during the installation:
How can I tell the bootloader to find the GELI encrypted root partition using its GPT name ?
Also, do I use the -b -g flags for the geli ini command correctly ?
Thanks !
I'm installing FreeBSD 12.0-Release and I'm using the Shell option in the installer to partition my disk by hand.
I have a swap and a root partition. I'm using GPT label to label them, and GELI for the encryption.
After completing the installation and rebooting the host, I'm asked for the GELI passphrase, then the boot splash screen appears, then the booting process continues but halts later with the following error message:
Code:
mountroot: waiting for device /dev/gpt/ROOT.eli…
Mounting from ufs:/dev/gpt/ROOT.eli failed with error 19.
Loader variables:
vfs.root.mountfrom=ufs:/dev/gpt/ROOT.eli
vfs.root.mountfrom.options=rw
mountroot>
If I type '?', I can see that gpt/SWAP, gpt/BOOT and da0p3.eli are available. My root partition is indeed da0p3.eli but is not referenced under its GPT label.
If I type the following:
mountroot> ufs:/dev/da0p3.eli
then the system boots normally.
Here are the commands I used during the installation:
Code:
gpart destroy -F da0
gpart create -s GPT da0
gpart bootcode -b /boot/pmbr da0
gpart add -t freebsd-boot -s 512K -a 4K -l BOOT da0
gpart bootcode -p /boot/gptboot -i 1 da0
gpart add -t freebsd-swap -a 1M -s 1G -l SWAP da0
gpart add -t freebsd-ufs -a 1M -l ROOT da0
geli init -s 4096 -g -b /dev/gpt/ROOT
geli attach /dev/gpt/ROOT
newfs -t -U -L rootfs /dev/gpt/ROOT.eli
mount /dev/gpt/ROOT.eli /mnt
cat << EOF > /tmp/bsdinstall_etc/fstab
# Device Mountpoint FStype Options Dump Pass#
/dev/gpt/SWAP.eli no swap sw,sectorsize=4096 0 0
/dev/gpt/ROOT.eli / ufs rw 1 1
EOF
cat << EOF > /tmp/bsdinstall_boot/loader.conf
aesni_load="YES"
geom_eli_load="YES"
kern.geom.label.disk_ident.enable="0"
kern.geom.label.gptid.enable="0"
kern.geom.label.gpt.enable="1"
EOF
How can I tell the bootloader to find the GELI encrypted root partition using its GPT name ?
Also, do I use the -b -g flags for the geli ini command correctly ?
Thanks !