ZFS Worrisome geli warnings after detaching

R

royskatt

Hello,

I have a geli(8) encrypted ZFS mirror in my NAS, so two disks for that and one unencrypted UFS drive for the OS partition.

Before shutting down I detach the ZFS drives performing the following commands:
Code: 
zpool export mypool
geli detach ada1
geli detach ada2

After detaching, for each disk I get following error messages resp. warnings:

Code: 
GEOM: diskid/DISK-WD-WMC1T2215521: corrupt or invalid GPT detected.
GEOM: diskid/DISK-WD-WMC1T2215521: GPT rejected -- may not be recoverable.
GEOM_ELI: Device ada2.eli destroyed.
GEOM: ada2: corrupt or invalid GPT detected.
GEOM: ada2: GPT rejected -- may not be recoverable.
GEOM: diskid/DISK-WD-WMC1T1950958: corrupt or invalid GPT detected.
GEOM: diskid/DISK-WD-WMC1T1950958: GPT rejected -- may not be recoverable.

Though, I had now problems with that until now, it looks a little bit worrying to me and I'm afraid that could lead to data loss. Am I doing it right? Does it work "as designed"? Probably the OS just sees "garbage" due to the encrypted data and sends out warnings but I'm not sure.

Thank you very much in advance.
 
Last edited by a moderator:
Did you wipe your disks before encrypting them? FreeBSD probably sees remnants of the disks' old partition tables. This is ugly, but IMHO nothing to worry about.

royskatt said:
Before shutting down I detach the ZFS drives performing the following commands:
Click to expand...
Why?
 
Probably I didn't wipe them cleanly, could be the reason for that. Why do I detach the drives? I did the setup according to this tutorial:
https://jonatanhal.github.io/2014/10/22/Encrypted-ZFS-on-FreeBSD-using-GELI.html:

"Note that since geli is detaching any attached drive when we reboot our machine. We wouldn’t want to not be ready for that. So before we reboot, power-off our machine or detach any geli-attached drive, we export our pool"
Click to expand...

It has been proposed to do. Maybe in order not lose not yet written data?
 
Last edited by a moderator:
Seems overly complicated. I just have these entries in /etc/rc.conf for this:
Code: 
geli_devices="diskid/DISK-WD-WMC1S123456789"
geli_diskid_DISK_WD_WMC1S123456789_flags="-p -k /etc/geli/wd_wmc1s12345679.key"
zfs_enable="YES"
 
There's never any reason to export the ZFS pools manually on shutdown, the rc(8) scripts and the kernel will do whatever is needed to flush any pending writes to the disks.
 
But only if that happens before the geli detachment, right? Because if geli detaches it before, then we would have an unclean umounting of the ZFS pool.
 
You must log in or register to reply here.
Back
Top