rc.conf with geli_devices don't work

kira12 · Feb 8, 2014

Hi all,

I use 4 device entries in my rc.conf like:

Code:

geli_devices="daXp1"
geli_daXp1_flags="-p -k /root/daX.key"

But only the last device entry attached after reboot, but only for some seconds. After that says syslog:

Code:

GEOM_ELI: Device da9p1.eli destroyed.
GEOM_ELI: Detached da9p1.eli on last close.

Manually attach works fine. Why this works not in rc.conf?

Thanks ré

tzoi516 · Feb 8, 2014

Re: rc.conf with geli_devices dont work

The only GELI line I put into my rc.conf is

Code:

geli_swap_flags="-d -e aes -l 128 -s 4096 -d"

and that's for an encrypted swap file.

I put this in /boot/loader.conf

Code:

geom_eli_load="YES"

And put these in /etc/fstab

Code:

# Device        Mount   FStype  Options			    Dump  Pass#
/dev/ada0p3.eli /usr    swap    sw                  0       0

kira12 · Feb 8, 2014

Re: rc.conf with geli_devices dont work

Ok, I will try this, but handbook prefer me my method. [ What? ]

regards ré[/b]

tzoi516 · Feb 8, 2014

Re: rc.conf with geli_devices dont work

Don't forget to set the right mount point.

kira12 · Feb 8, 2014

Re: rc.conf with geli_devices dont work

I need these 4 drives for one zpool, how can I do this in fstab?

regards ré

tzoi516 · Feb 8, 2014

Re: rc.conf with geli_devices dont work

You won't use fstab, mine is a UFS filesystem. I don't know on the zpool. Sorry.

tzoi516 · Feb 8, 2014

Re: rc.conf with geli_devices dont work

This should help:
viewtopic.php?&t=2775

asteriskRoss · Feb 8, 2014

Re: rc.conf with geli_devices dont work

@kira12: If I understand correctly, you have two issues. The first is that only one of your GELI devices is being attached on boot. Are you specifying geli_devices="<whatever>" for each device (that is, four times)? From the rc.conf(5) man page:

geli_devices
(str) List of devices to automatically attach on boot. Note
that .eli devices from /etc/fstab are automatically appended
to this list.

You should only specify geli_devices="<whatever>" once. So, given that your post indicated your keys were in /root, your rc.conf should look something like:

Code:

geli_devices="da1p1 da2p1 da3p1 da4p1"
geli_da1p1_flags="-p -k /root/da1p1.key"
geli_da2p1_flags="-p -k /root/da2p1.key"
geli_da3p1_flags="-p -k /root/da3p1.key"
geli_da4p1_flags="-p -k /root/da4p1.key"

Your second issue is that the one device that is attached is immediately detached. I suspect this is because you have several devices forming your ZFS pool and therefore the single device that is attached isn't a valid pool. Since the device isn't being used, it is closed after the initial attempt to read the ZFS pool, due to default behaviour for GELI devices attached through rc.conf. Once all the devices that form part of your ZFS pool are being attached this shouldn't be an issue. From the rc.conf(5) man page:

geli_autodetach
(str) Specifies if GELI devices should be marked for detach
on last close after file systems are mounted. Default is
``YES''. This can be changed for every device separately by
defining geli_<device>_autodetach variable.

Let me know how you get on.

kira12 · Feb 8, 2014

Hello,

Your solution works great. All devices are attached in automatic mode and no devices are detached after initializing all devices.

Thanks to you and all other for your help.