something seems different about mount_vnd vs vnconfig:
# Setup
I set some vars to ensure consistency:
# KEYFILE=/path/to/keyfile
# ENCRYPTED_DISK=sd2
# DEST=/mnt/data
If you haven't already partitioned $ENCRYPTED_DISK (this happened to be
a USB drive):
# dd if=/dev/urandom of=/dev/r${ENCRYPTED_DISK}c bs=1m
# fdisk -iy $ENCRYPTED_DISK
# disklabel -E $ENCRYPTED_DISK
sd2> a
partition to add: [a]
offset: [64]
size: [...]
FS type: [4.2BSD] RAID
sd2*> q
Write new label?: [y]
I created the key-file as a vnd(4) "disk"
# dd if=/dev/random of=$KEYFILE bs=1m count=5
# KEYDISK=$(vnconfig $KEYFILE)
# echo $KEYDISK # just for information purposes
vnd0
# fdisk -iy $KEYDISK
# disklabel -E $KEYDISK
vnd0> a
partition to add: [a]
offset: [128]
size: [10112] 1M
FS type: [4.2BSD] RAID
vnd0*> q
Write new label?: [y]
I created the encrypted drive (sd3 here as reported from bioctl output):
# bioctl -c C -k /dev/${KEYDISK}a -l ${ENCRYPTED_DISK}a softraid0
softraid0: CRYPTO volume attached as sd3
# DECRYPTED_DISK=sd3
# dd if=/dev/zero of=/dev/r${DECRYPTED_DISK}c bs=1m count=1
# fdisk -iy $DECRYPTED_DISK
# disklabel -E $DECRYPTED_DISK
partition to add: [a]
offset: [64]
size: [...]
FS type: [4.2BSD]
sd3*> q
Write new label?: [y]
# newfs ${DECRYPTED_DISK}a
# mount /dev/${DECRYPTED_DISK}a $DEST
# Success (thus far)
Great, everything worked as expected. So I put them in various startup
files:
# DUID="$(disklabel $DECRYPTED_OTHER_DISK | awk '$1 == "duid:"{print $2}')"
# echo "$KEYFILE /dev/${KEYDISK}c vnd rw,noauto 0 0" >> /etc/fstab
# echo "${DUID}.a $DEST ffs rw,noauto 0 0" >> /etc/fstab
# cat >> /etc/rc.local <<EOF
mount /dev/${KEYDISK}c
bioctl -c C -k /dev/${KEYDISK}a -l ${ENCRYPTED_OTHER_DISK}a softraid0
mount "$DEST"
EOF
Trying to manually tear it down **before rebooting** works fine:
# umount $DEST
# bioctl -d $DECRYPTED_DISK
# vnconfig -u vnd0
Now I reboot. Great, I enter my FDE password for the root disk, the
system boots, rc.local creates the vnd0, decrypts the disk-device, using
the keyfile "device", and mounts $DEST as desired. Perfect.
# Problem start here
Time to tear it down after the reboot:
# umount $DEST
# bioctl -d $DECRYPTED_DISK
# vnconfig -u vnd0
vnconfig: VNDIOCCLR: Device busy
Figuring it was something mount_vnd(8) related, I tried unmounting by
its names from my /etc/fstab
# umount $KEYFILE
umount: /root/keyfile: not a directory or special device
# umount /dev/vnd0c
umount: /dev/vnd0c: not currently mounted
How can I tell what is holding the vnd0 device busy? The same set of
commands worked just fine previously. The only difference I can tell is
that vnd0 was created at startup by mount_vnd rather than vncontrol. If
I change my rc.local to use vnconfig instead of mount
KEYDISK=$(vnconfig $KEYFILE)
bioctl -c C -k /dev/${KEYDISK}a -l ${ENCRYPTED_DISK}a softraid0
mount /dev/sd3a
My teardown procedure works just fine (vnconfig doesn't complain that
the device is busy)
Is this a bug in mount_vnd(8) that prevents teardown holding it busy? or
am I misunderstanding something?
-tkc
--
