GELI disk and glabel label
Jonathan Bond-Caron
jbondc at gdesolutions.com
Tue Oct 10 01:23:08 UTC 2017
>
> > glabel secure /dev/da1
> > glabel backups /dev/da2
> >
> > The problem is now I can't mount them :/ geli attach -k /root/geli.key
> > geli: Cannot read metadata from /dev/da1
>
> As Bernt already explained, that's the expected behaviour.
>
>
> If you have a backup of the whole disk, you can extract the geli metadata
> with "geli backup ..." and restore it with "geli restore ..."
> which will also overwrite the "glabel label".
>
Thanks, thankfully it's a virtualized server so it was easy to mount the backup of the disks and geli backup then restore.
geli backup /dev/da6 /tmp/da1.meta
geli backup /dev/da7 /tmp/da2.meta
geli restore /tmp/da1.meta /dev/da1
geli restore /tmp/da2.meta /dev/da2
No loss of data 😊
It would be nice if glabel would prevent the labelling of a geli disk, if someone is adventurous:
https://github.com/freebsd/freebsd/blob/master/sbin/geom/class/label/geom_label.c#L131
I'm thinking if eli_metadata_decode(buf, &md) is successful, it reports an error:
https://github.com/freebsd/freebsd/blob/386ddae58459341ec567604707805814a2128a57/usr.sbin/fstyp/geli.c
Thanks for feedback!
Jon
More information about the freebsd-questions
mailing list