Two patches: Have vinum + dm_crypt at boot
Stefan Unterweger
232.20711 at chiffre.aleturo.com
Fri Nov 18 03:06:19 PST 2016
I am using a combination of dm_crypt and vinum to keep most of my data
(sans root, which is on a different volume) in an encrypted RAID-1
setup. Specifically, physical slices are strung together with vinum,
with a single LUKS volume (set up via ‘cryptsetup’) sitting on top.
With the rc-scripts from base, this combination won’t boot on its own,
since the ordering is slightly off: ‘cryptdisks’ is run before
‘dumpon’, and ‘dumpon’ comes before ‘disks’. Since ‘vinum’ provides
‘disks‘, rcorder will run it -after ‘cryptdisks‘, and the boot falls
apart.
This is easily solved: By having ‘cryptdisks‘ explicitely come -after-
‘disks‘ (and not depending on ‘dumpon’), boot now first brings up vinum,
and only -then- cryptdisks, and it -almost- boots:
| ----------------------------- etc/rc.d/cryptdisks -----------------------------
| index 3bc6232..d530437 100644
| @@ -1,7 +1,8 @@
| #!/bin/sh
|
| # PROVIDE: cryptdisks
| -# BEFORE: mountcritlocal localswap dumpon
| +# BEFORE: mountcritlocal localswap
| +# REQUIRE: disks
|
| $_rc_subr_loaded . /etc/rc.subr
I’m still wondering what exactly I am breaking by not having ‘dumpon’
ready when ‘cryptdisks’ comes up. I have been running this patch for
half a year and have not yet experienced any weirdness—but then again, I
don’t really know what ‘dumpon’ exactly does…
There‘s yet another glitch: This early in the boot process, ‘/usr’ is
not yet available, which makes perfect sense, since disks, volumes and
stuff is still being brought up. But ‘/sbin/vinum’ is dynamically
linked and requires libraries which reside in ‘/usr/lib’:
| Shared object ‘libdevstat.so.3‘ not found, required by ‘vinum’.
I find it very weird that /sbin contains -any- dynamically linked
binaries at all, especially binaries that require /usr already mounted,
so this is perhaps an oversight. The second patch patches the Makefile
for ‘/sbin/vinum’ and forces static linking.
With both patches, LUKS-on-top-of-Vinum boots like a charm:
| ----------------------------- sbin/vinum/Makefile -----------------------------
| index 9e6de2d..c427e0d 100644
| @@ -7,7 +7,7 @@ WARNS?= 2
|
| CFLAGS+= -I${.CURDIR}/../../lib/libedit -I${.CURDIR}/../../sys
| DPADD= ${LIBEDIT} ${LIBNCURSES} ${LIBDEVSTAT}
| -LDADD= -lprivate_edit -lprivate_ncurses -ldevstat
| +LDADD= -lprivate_edit -lprivate_ncurses -ldevstat -static
| LDFLAGS+= ${PRIVATELIB_LDFLAGS}
|
| .include <bsd.prog.mk>
Stefan
--
▪ Die Internetbleibe. Schick, magisch, leistungsstark. https://internetbleibe.de/
▪ medoly media UG (haftungsbeschränkt) | Hausburgstraße 13, 10249 Berlin
▪ info at medolymedia.de | https://medolymedia.de/ | Tel. 030 609 826‒560 | Fax …‒569
▪ Geschäftsführer: Matthias Nothhaft | HRB 131198 (Amtsgericht Berlin-Charlottenburg), Sitz: Berlin, USt-ID: DE275221203
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vinum.patch
Type: text/x-diff
Size: 770 bytes
Desc: not available
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20161118/1e6656a8/attachment.bin>
More information about the Users
mailing list