Am 07/05/17 um 17:59 schrieb Joel Sing:
> On Tuesday 04 July 2017 20:55:25 Paul de Weerd wrote:
>> On Tue, Jul 04, 2017 at 08:34:56PM +0200, Stefan Wollny wrote:
>> | Hi there!
>> |
>> | Sorry if this may sound like a rather stupid question:
>> | (Referencing the examples section of man installboot(8))
>> |
>> | Can s.o. verifiy that instead of
>> | # installboot sd0
>> |
>> | it is equally safe to issue
>> | # installboot <DUID>
>> | (the DUID itself, of course)?
>> |
>> | My system is fully encrypted with sd1 usually being the (unencrypted)
>> | boot disk - but if external USB disks are attached that number seems not
>> | to be quaranteed.
>>
>> simply `installboot $(df -h / | grep -o -E '[ws]d[0-9]+')`
>>
>> There's definitely a difference between using the device name and the
>> DUID:
>>
>> [weerd@pom] $ doas installboot -v `awk -F. '/ \/ / {print $1}' /etc/fstab`
>> Using / as root
>> installing bootstrap on /dev/rsd14c
>> using first-stage /usr/mdec/biosboot, second-stage /usr/mdec/boot
>> 5c0d9a38cc895a7d: softraid volume with 0 disk(s)
>> 5c0d9a38cc895a7d: installing boot loader on softraid volume
>> /usr/mdec/boot is 6 blocks x 16384 bytes
>>
>> [weerd@pom] $ doas installboot -v $(df -h / | grep -o -E '[ws]d[0-9]+')
>> Using / as root
>> installing bootstrap on /dev/rsd14c
>> using first-stage /usr/mdec/biosboot, second-stage /usr/mdec/boot
>> sd14: softraid volume with 1 disk(s)
>> sd14: installing boot loader on softraid volume
>> /usr/mdec/boot is 6 blocks x 16384 bytes
>> sd0a: installing boot blocks on /dev/rsd0c, part offset 144
>> master boot record (MBR) at sector 0
>> partition 3: type 0xA6 offset 64 size 1953520001
>> /usr/mdec/biosboot will be written at sector 64
>>
>> So if I were you, I'd continue using the device for now.
>
> Note that this will only apply in the case where the disk is a bootable
> softraid volume - in the non-softraid case either is fine and the DUID is
> likely preferable.
>
Hi Joel,
THANK YOU for caring.
This is actually a bootable softraid volume (key-based encryption of the
entire disk of the laptop):
This is the physical disk:u
$ dmesg | grep sd0
sd0 at scsibus1 targ 5 lun 0: <ATA, Samsung SSD 850, EXM0> SCSI3
0/direct fixed naa.500253887007d4c5
sd0: 976762MB, 512 bytes/sector, 2000409264 sectors, thin
And this is the softraid volume I boot from:
sd1 at scsibus3 targ 1 lun 0: <OPENBSD, SR CRYPTO, 006> SCSI2 0/direct fixed
sd1: 976756MB, 512 bytes/sector, 2000397143 sectors
I have set up a little script for updating to the latest published
version of ~current-amd64. In the course of the discussions related to
KARL I noticed that I didn't run installboot at the end of the process.
This is why I asked.
Following your advice I will adjust the script I use at home with my
(unencrypted) backup server to use the DUID.
Best,
STEFAN
