[patch] savecore can't create dump from encrypted swap
Gleb Kurtsou
gleb.kurtsou at gmail.com
Sun Apr 27 12:54:53 UTC 2008
Issue was mentioned recently on stable@
http://docs.freebsd.org/cgi/mid.cgi?47F548D9.8060905
The problem is in order of rc.d scripts. After encswap finishes it's
impossible to open original (not encrypted) swap device for write so
savecore fails.
The following patch adds 'encswap' target to be run after 'disks' but
before 'swap1'. With the patch order of scripts becomes:
dumpon
geli
savecore
encswap
swap1
instead of:
dumpon
geli
encswap
swap1
savecore
The problem is that savecore looses ability to use syslog. You still get
messages on console. The only solution I see is to use some hackery
magic to inject log messages into kern.msgbuf with the help of
/dev/console. I'm not sure it's really needed.
diff -ur rc.d.orig/encswap rc.d/encswap
--- rc.d.orig/encswap 2008-04-27 14:53:38.000000000 +0300
+++ etc/rc.d/encswap 2008-04-27 14:53:27.000000000 +0300
@@ -4,7 +4,7 @@
#
-# PROVIDE: disks
-# REQUIRE: initrandom
+# PROVIDE: encswap
+# REQUIRE: initrandom disks
# KEYWORD: nojail
. /etc/rc.subr
diff -ur rc.d.orig/savecore rc.d/savecore
--- rc.d.orig/savecore 2008-04-27 14:53:38.000000000 +0300
+++ etc/rc.d/savecore 2008-04-27 14:53:27.000000000 +0300
@@ -4,8 +4,7 @@
#
# PROVIDE: savecore
-# REQUIRE: syslogd
-# BEFORE: SERVERS
+# BEFORE: encswap
# KEYWORD: nojail
. /etc/rc.subr
diff -ur rc.d.orig/swap1 rc.d/swap1
--- rc.d.orig/swap1 2008-04-27 14:53:38.000000000 +0300
+++ etc/rc.d/swap1 2008-04-27 14:53:27.000000000 +0300
@@ -4,7 +4,7 @@
#
# PROVIDE: localswap
-# REQUIRE: disks
+# REQUIRE: encswap disks
# KEYWORD: nojail shutdown
. /etc/rc.subr
More information about the freebsd-hackers
mailing list