encrypted root triggers file system check after each boot

To: netbsd-users%netbsd.org@localhost
Subject: encrypted root triggers file system check after each boot
From: Pouya Tafti <pouya+lists.netbsd%nohup.io@localhost>
Date: Mon, 4 Oct 2021 18:08:00 +0200

I followed a guide [1] inspired by the wiki [2] with small deviations
[3] to set up cgd-on-root on 9.2_STABLE.  It seems to work well, with
the minor annoyance that a root filesystem check is triggered after
each (re)boot.  

Looking at /var/log/messages I can guess why: the cgd device is
destroyed before the root fs is (forcefully) unmounted:

	$ cat /var/log/messages
	...
	... dk4 at cgd0 (cgdroot) deleted
	... cgd0: detached
	...
	... forcefully unmounted /dev/dk4 on /altroot/ type ffs
	... forcefully unmounted root_device on / type ffs
	... rebooting...
	...
	$ uname -v
	NetBSD 9.2_STABLE (GENERIC) #0: Thu Sep 23 10:13:28 UTC 2021  mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/amd64/compile/GENERIC

I wonder if my Frankenstein setup [3] might be the reason.

[1] <https://www.unitedbsd.com/d/461-netbsd-full-disk-encryption-with-cgd>

[2] <https://wiki.netbsd.org/security/cgdroot/>

[3] Where I went off track was to use gpt on cgd on gpt (rather than
disklabel on cgd on gpt). For cgdroot to be able to mount root from
gpt, I then pulled the unlock script from -current and recompiled the
ramdisk/cgdroot.kmod with the updated script:

<http://cvsweb.netbsd.org/bsdweb.cgi/src/distrib/common/cgdroot.rc?rev=1.5>

Follow-Ups:
- Re: encrypted root triggers file system check after each boot
  - From: Pouya Tafti

Prev by Date: Re: old thinkpad running hot
Next by Date: Re: encrypted root triggers file system check after each boot
Previous by Thread: Editing PDFs
Next by Thread: Re: encrypted root triggers file system check after each boot
Indexes:

Home | Main Index | Thread Index | Old Index