How to fix 1 unreadable sector

[ovizii]

Solved quickly via the gui:

selected the HD click set offline
selected the HD click wipe
selected HD click replace with itself

checked resilvering status with zpool status
went through the steps recommended here: http://doc.freenas.org/index.php/Volumes =>
Replacing a Failed Drive in an Encrypted Pool


Restarted, bingo, all good.

 

[joeschmuck]

Solved quickly via the gui:

selected the HD click set offline
selected the HD click wipe
selected HD click replace with itself

checked resilvering status with zpool status
went through the steps recommended here: http://doc.freenas.org/index.php/Volumes =>
Replacing a Failed Drive in an Encrypted Pool


Restarted, bingo, all good.

So what is the output now of 'smartctl -a' for that drive after a SMART long test pass? Just want to verify the output is correct.

 

[ovizii]

Here you go:

Code:

[root@boxy] ~# smartctl -a /dev/ada
ada0%      ada0p2%    ada1p1.eli% ada2p1%    ada3%      ada3p2%
ada0p1%    ada1%      ada1p2%    ada2p1.eli% ada3p1%
ada0p1.eli% ada1p1%    ada2%      ada2p2%    ada3p1.eli%
[root@boxy] ~# smartctl -a /dev/ada0
smartctl 6.2 2013-07-26 r3841 [FreeBSD 9.2-RELEASE-p4 amd64] (local build)
Copyright (C) 2002-13, Bruce Allen, Christian Franke, www.smartmontools.org
 
=== START OF INFORMATION SECTION ===
Model Family:    SAMSUNG SpinPoint F3
Device Model:    SAMSUNG HD103SJ
Serial Number:    S246JD2Z919929
LU WWN Device Id: 5 0024e9 00406fa02
Firmware Version: 1AJ10001
User Capacity:    1,000,204,886,016 bytes [1.00 TB]
Sector Size:      512 bytes logical/physical
Rotation Rate:    7200 rpm
Device is:        In smartctl database [for details use: -P show]
ATA Version is:  ATA8-ACS T13/1699-D revision 6
SATA Version is:  SATA 2.6, 3.0 Gb/s
Local Time is:    Sun Jul  6 20:10:11 2014 SAST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled
 
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED
 
General SMART Values:
Offline data collection status:  (0x00)    Offline data collection activity
                    was never started.
                    Auto Offline Data Collection: Disabled.
Self-test execution status:      (  0)    The previous self-test routine completed
                    without error or no self-test has ever
                    been run.
Total time to complete Offline
data collection:        ( 9240) seconds.
Offline data collection
capabilities:              (0x5b) SMART execute Offline immediate.
                    Auto Offline data collection on/off support.
                    Suspend Offline collection upon new
                    command.
                    Offline surface scan supported.
                    Self-test supported.
                    No Conveyance Self-test supported.
                    Selective Self-test supported.
SMART capabilities:            (0x0003)    Saves SMART data before entering
                    power-saving mode.
                    Supports SMART auto save timer.
Error logging capability:        (0x01)    Error logging supported.
                    General Purpose Logging supported.
Short self-test routine
recommended polling time:      (  2) minutes.
Extended self-test routine
recommended polling time:      ( 154) minutes.
SCT capabilities:            (0x003f)    SCT Status supported.
                    SCT Error Recovery Control supported.
                    SCT Feature Control supported.
                    SCT Data Table supported.
 
SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME          FLAG    VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
  1 Raw_Read_Error_Rate    0x002f  100  100  051    Pre-fail  Always      -      1884
  2 Throughput_Performance  0x0026  054  052  000    Old_age  Always      -      8699
  3 Spin_Up_Time            0x0023  071  069  025    Pre-fail  Always      -      8836
  4 Start_Stop_Count        0x0032  099  099  000    Old_age  Always      -      1824
  5 Reallocated_Sector_Ct  0x0033  252  252  010    Pre-fail  Always      -      0
  7 Seek_Error_Rate        0x002e  252  252  051    Old_age  Always      -      0
  8 Seek_Time_Performance  0x0024  252  252  015    Old_age  Offline      -      0
  9 Power_On_Hours          0x0032  100  100  000    Old_age  Always      -      3150
10 Spin_Retry_Count        0x0032  252  252  051    Old_age  Always      -      0
11 Calibration_Retry_Count 0x0032  252  252  000    Old_age  Always      -      0
12 Power_Cycle_Count      0x0032  100  100  000    Old_age  Always      -      626
191 G-Sense_Error_Rate      0x0022  100  100  000    Old_age  Always      -      4
192 Power-Off_Retract_Count 0x0022  252  252  000    Old_age  Always      -      0
194 Temperature_Celsius    0x0002  064  053  000    Old_age  Always      -      23 (Min/Max 14/47)
195 Hardware_ECC_Recovered  0x003a  100  100  000    Old_age  Always      -      0
196 Reallocated_Event_Count 0x0032  252  252  000    Old_age  Always      -      0
197 Current_Pending_Sector  0x0032  252  100  000    Old_age  Always      -      0
198 Offline_Uncorrectable  0x0030  252  252  000    Old_age  Offline      -      0
199 UDMA_CRC_Error_Count    0x0036  200  200  000    Old_age  Always      -      0
200 Multi_Zone_Error_Rate  0x002a  100  100  000    Old_age  Always      -      1706
223 Load_Retry_Count        0x0032  252  252  000    Old_age  Always      -      0
225 Load_Cycle_Count        0x0032  100  100  000    Old_age  Always      -      5808
 
SMART Error Log Version: 1
No Errors Logged
 
SMART Self-test log structure revision number 1
Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error
# 1  Extended offline    Completed without error      00%      3117        -
# 2  Short offline      Completed without error      00%      3112        -
# 3  Extended offline    Completed without error      00%      3087        -
# 4  Short offline      Completed: read failure      90%      3078        1953523077
# 5  Extended offline    Completed: read failure      10%      3069        1953523077
# 6  Short offline      Completed without error      00%      3066        -
# 7  Short offline      Completed: read failure      70%      3043        1953523077
# 8  Extended offline    Completed without error      00%      3023        -
# 9  Short offline      Completed without error      00%      3019        -
3 of 3 failed self-tests are outdated by newer successful extended offline self-test # 1
 
SMART Selective self-test log data structure revision number 0
Note: revision number not 1 implies that no selective self-test has ever been run
SPAN  MIN_LBA  MAX_LBA  CURRENT_TEST_STATUS
    1        0        0  Completed [00% left] (0-65535)
    2        0        0  Not_testing
    3        0        0  Not_testing
    4        0        0  Not_testing
    5        0        0  Not_testing
Selective self-test flags (0x0):
  After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.

 

[Yatti420]

Ditch the drive.. Gsensor errors and failing smart I wouldn't reuse.. Someone drop server?

Sent from my SGH-I257M using Tapatalk 2

 

[joeschmuck]

I'm impressed that the sector error was all cleared up and it didn't get listed under ID5. If you do get another error count in IDs 5, 197, or 198, I'd replace the drive. Also run SMART Short Test every night if you are not doing that already.

 

[ovizii]

yeah, weird. anyway, I will replace the HD if errors pop up again. for now, I'm setting this up, learning how freenas works, only test data on the NAS for now...
smart tests and scrubs are scheduled

 

[ovizii]

Still need some help. I followed these instructions but every time I reboot, I need to manually unlock my zfs volume. I'm sure I took all the steps described but I must have done somethign wrong.

I have the geli key, the recovery key and the passphrase, so what now? How can I get my freeNAS to unlock the volumes automatically again?

 

[cyberjock]

Still need some help. I followed these instructions but every time I reboot, I need to manually unlock my zfs volume. I'm sure I took all the steps described but I must have done somethign wrong.

I have the geli key, the recovery key and the passphrase, so what now? How can I get my freeNAS to unlock the volumes automatically again?

Uh, it's not supposed to unlock automatically! That's why its encrypted! If someone stole your machine and it automatically unlocked the volumes why would you even be using encryption.

So no, you didn't do something wrong. You're doing something right and your asking for something wrong.

If you want to script it to auto-decrypt you could do that via a cronjob, but I'd then ask again why the heck you are doing encryption if its going to be coded to auto-unlock. Just don't use encryption if you care that little about the security!

 

[ovizii]

thx for clarifying cyberjock, this: Uh, it's not supposed to unlock automatically! answers my question, the rest of your reply I find quite agitated, take it easy dude...

The heck why I'd like to encrypt my data is that there is still a root password and a bios password and user/pass for the shares that protects the system, so no, encryption isn't completely useless... Or otherwise, a thief could try and steal the NAS while its running and then OMG the data is decrypted and can be copied

Btw. look at OSX's FileVault: full disk encryption and the data is automatically decrypted once the user logs on...

 

[DJ9]

About the bios password, that's pretty useless if someone physically steals the computer.

 

[titan_rw]

As DJ9 mentioned, a bios password is useless. If you have physical access to the box you can circumvent it.

A root password is equally useless. If you have physical access you can override it.

Shares passwords are the same thing. Physical access negates the need to connect via a sharing protocol.

Drive encryption with passphrase needed to mount defeats the physical access thing. Even if it's running at the time, properly secured, any attacker is going to have to reboot the box to gain root access, etc. And since a password is required to mount after every reboot, this verifies the box hasn't compromised or stolen.

The only advantage I see of having encrypted drives without a password (auto-mount on boot) is that you can RMA drives without fear of any of the data being readable.

Thinking about it, if I was running drive encryption with passphrase, I'd make sure to disable the quick launch menu thing that freenas helpfully throws up. As that is an easy way to get root access to a running machine. Assuming you have local console access to begin with. (I don't bother on my nas's. Nothing on them is important enough to encrypt. Even without the quick menu, a simple reboot would be all that's required to gain root access.)

If the box is physically secured (ie datacenter with 24/7 security guards, etc), then I can see not wanting a passphrase and wanting the pool to automount. Then you don't have to worry about wiping drives before rma'ing them.

 

[ovizii]

On another note, is there a definitive how to somewhere on how to secure freeNAS agaisnt physical access?
what I mean is I found out meanwhile how to remove the easy access menu freeNAS pops up when it boots and I have a root password set, anything else that needs secured? (this box is meant to be stored far, far, away in my parents cellar with the primary intention of giving me a secure place to store my backups and vital data while traveling)

 

[danb35]

It's really hard to truly secure a machine against an attacker with physical access to the machine. Disabling the console menu and having a strong root password set are probably your best bets, but even with that, the attacker could simply reboot into single-user mode. Encryption will further protect against the attacker being able to access your data, but I don't think there's any way at all to protect against destruction of data.

 

[IanWorthington]

@danb35, the tests failed on the same sector. I do not know enough about Samsung hard drives to know why it did not reallocate the failed sector yet.

A successful read of that sector, or a write to it, is required to perform a reallocation.