Two patches: Have vinum + dm_crypt at boot

Fri Nov 18 03:06:19 PST 2016

I am using a combination of dm_crypt and vinum to keep most of my data
(sans root, which is on a different volume) in an encrypted RAID-1
setup.  Specifically, physical slices are strung together with vinum,
with a single LUKS volume (set up via ‘cryptsetup’) sitting on top.

With the rc-scripts from base, this combination won’t boot on its own,
since the ordering is slightly off:  ‘cryptdisks’ is run before
‘dumpon’, and ‘dumpon’ comes before ‘disks’.  Since ‘vinum’ provides
‘disks‘, rcorder will run it -after ‘cryptdisks‘, and the boot falls
apart.

This is easily solved:  By having ‘cryptdisks‘ explicitely come -after-
‘disks‘ (and not depending on ‘dumpon’), boot now first brings up vinum,
and only -then- cryptdisks, and it -almost- boots:

| ----------------------------- etc/rc.d/cryptdisks -----------------------------
| index 3bc6232..d530437 100644
| @@ -1,7 +1,8 @@
|  #!/bin/sh
|  
|  # PROVIDE: cryptdisks
| -# BEFORE:  mountcritlocal localswap dumpon
| +# BEFORE:  mountcritlocal localswap
| +# REQUIRE: disks
|  
|  $_rc_subr_loaded . /etc/rc.subr

I’m still wondering what exactly I am breaking by not having ‘dumpon’
ready when ‘cryptdisks’ comes up.  I have been running this patch for
half a year and have not yet experienced any weirdness—but then again, I
don’t really know what ‘dumpon’ exactly does…

There‘s yet another glitch:  This early in the boot process, ‘/usr’ is
not yet available, which makes perfect sense, since disks, volumes and
stuff is still being brought up.  But ‘/sbin/vinum’ is dynamically
linked and requires libraries which reside in ‘/usr/lib’:

| Shared object ‘libdevstat.so.3‘ not found, required by ‘vinum’.

I find it very weird that /sbin contains -any- dynamically linked
binaries at all, especially binaries that require /usr already mounted,
so this is perhaps an oversight.  The second patch patches the Makefile
for ‘/sbin/vinum’ and forces static linking.

With both patches, LUKS-on-top-of-Vinum boots like a charm:

| ----------------------------- sbin/vinum/Makefile -----------------------------
| index 9e6de2d..c427e0d 100644
| @@ -7,7 +7,7 @@ WARNS?=	2
|  
|  CFLAGS+=	-I${.CURDIR}/../../lib/libedit -I${.CURDIR}/../../sys
|  DPADD=	${LIBEDIT} ${LIBNCURSES} ${LIBDEVSTAT}
| -LDADD=	-lprivate_edit -lprivate_ncurses -ldevstat
| +LDADD=	-lprivate_edit -lprivate_ncurses -ldevstat -static
|  LDFLAGS+=	${PRIVATELIB_LDFLAGS}
|  
|  .include <bsd.prog.mk>

    Stefan

-- 
▪ Die Internetbleibe.  Schick, magisch, leistungsstark.  https://internetbleibe.de/
▪ medoly media UG (haftungsbeschränkt) | Hausburgstraße 13, 10249 Berlin
▪ info at medolymedia.de | https://medolymedia.de/ | Tel. 030 609 826‒560 | Fax …‒569
▪ Geschäftsführer: Matthias Nothhaft | HRB 131198 (Amtsgericht Berlin-Charlottenburg), Sitz: Berlin, USt-ID: DE275221203
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vinum.patch
Type: text/x-diff
Size: 770 bytes
Desc: not available
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20161118/1e6656a8/attachment-0006.bin>