Bug 243261 - geli manpage needs to add detail about the loader variables
Summary: geli manpage needs to add detail about the loader variables
Status: New
Alias: None
Product: Documentation
Classification: Unclassified
Component: Manual Pages (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-bugs mailing list
Keywords: patch
Depends on:
Reported: 2020-01-11 02:54 UTC by johannes
Modified: 2020-01-11 04:23 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description johannes 2020-01-11 02:54:42 UTC
The geli manpage has an example for preloading keyfiles during boot.
There is no detail though on how the lookup of these variables actually works.

There seems to be some magic "geli_$device_..." pattern.

I've checked the source to find out how it works because i've wasted quite a bit of time trying to make sense and come up with the correct magic of the geli/device/keyfile combination.

Turns out none of that matters.

I propose to add something like (sorry I know nothing about manpage syntax):

diff --git a/lib/geom/eli/geli.8 b/lib/geom/eli/geli.8
index 43ca9a2928c..ee994d544cf 100644
--- a/lib/geom/eli/geli.8
+++ b/lib/geom/eli/geli.8
@@ -1013,6 +1013,12 @@ geli_da1s3a_keyfile_type="da1s3a:geli_keyfile"
+By convention, these loader variables are called geli_$device_load. However, the
+actual name prefix before _load/_type/_name does not matter. At boot time, the
+geli module will search through all $something_type that have a value of
+"$device:geli_keyfile", leading to $something_name with has the path to the keyfile.
+In the example above, $something is "geli_da1s3a_keyfile".
 Not only configure encryption, but also data integrity verification using
 .Nm HMAC/SHA256 .
 .Bd -literal -offset indent