From owner-freebsd-geom@freebsd.org Sun May 28 05:38:09 2017 Return-Path: Delivered-To: freebsd-geom@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 04A8CD85B87 for ; Sun, 28 May 2017 05:38:09 +0000 (UTC) (envelope-from woodsb02@gmail.com) Received: from mail-wm0-x22c.google.com (mail-wm0-x22c.google.com [IPv6:2a00:1450:400c:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9199D96E for ; Sun, 28 May 2017 05:38:08 +0000 (UTC) (envelope-from woodsb02@gmail.com) Received: by mail-wm0-x22c.google.com with SMTP id e127so22592988wmg.1 for ; Sat, 27 May 2017 22:38:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=5xQyHRgMm/tR3lO2hD69cHkcex2ZMXURM4e4iLeWvwg=; b=taXrj2gi3KwQ3rxoc+b6Gfxk4ISpbrUUAI6tLg2jAZ+Mc878nKqNa6lvfDE5Lu0lG+ sHgW5zsnGtYXwP3XakJqUHXsNwbeHnFkRF3/PTpepYcCldpfWJhFOnmc26KG5Y+XHPvH zgSNpT10sQ7lqWqPa6BkpIWwtRuTqA1GCQ/t6ZLptYwuxf5VhgicOleAjgFzdPcQrwh2 W7y+va1LxPCPHL0HdZsjQEtWG28QC/RXZoxMFrhhTpbmUe/IDx/y8bwK0FIuRL0tltFI Mnia2zZK7Puwh2z1Vu6oAFyVG7mswhI5KvWDuEsh8rRF5JAuIWWaXQj0/u4JLtJD6p4e rkLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=5xQyHRgMm/tR3lO2hD69cHkcex2ZMXURM4e4iLeWvwg=; b=rNuOcnD+skGF/8I3Tg5wxotzLSYh1SUl5cNDeFrSJcTuZNQHabMCKUoN2bTkUTy6xk VWagw3ZzQbQHFouHZlOyfp/xYbk4gycFC7TZEjvEVBwEtRJxZc6j+z4/sgOp5+nje62G h/kwt4fO7MANYvJBmJOKBIDQKc7ydXoay32MwxiQ14FkSwirql/i6vgh0oJJ2BD7MypJ saGx7Zi7y4hCh2YQgY/mXuPv4Z5xaQF3ZOneVDgftOBHqHLbXWwLCec632jW1fTsgbG1 PLLuFKLWsD4arEEQgv9Tqux9Mtys/3cx/c6T5YYb/+FhZo6LiOSpj+W1bMoH0lym5bSQ 3mpQ== X-Gm-Message-State: AODbwcBCchQCzU91qDYKmKzcDGZlamo9QOk41TlPR2+vkHVyaf7CQF+T tTi5GcGopW4sYRKDJBg30cuEr73FyunYSZE= X-Received: by 10.80.143.227 with SMTP id y90mr8293564edy.131.1495949886543; Sat, 27 May 2017 22:38:06 -0700 (PDT) MIME-Version: 1.0 Received: by 10.80.151.34 with HTTP; Sat, 27 May 2017 22:38:06 -0700 (PDT) From: Ben Woods Date: Sun, 28 May 2017 13:38:06 +0800 Message-ID: Subject: [RFC] geli - Allow attaching multiple providers To: freebsd-geom@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 May 2017 05:38:09 -0000 Hi everyone, I would like to propose a patch to geli to allow multiple providers to be attached in a single command if they use the same passphrase/keyfiles. This is helpful when the providers being attached are not used for boot, and therefore the existing code to first try the cached password when tasting the providers during boot does not apply. Multiple providers with the same passphrase and keyfiles can be attached at the same time during system start-up by adding the following to /etc/rc.conf: geli_groups="storage backup" geli_storage_flags="-k /etc/geli/storage.keys" geli_storage_devices="ada0 ada1" geli_backup_flags="-j /etc/geli/backup.passfile -k /etc/geli/backup.keys" geli_backup_devices="ada2 ada3" The patch is up for review on phabricator here: https://reviews.freebsd.org/D9396 Regards, Ben -- From: Benjamin Woods woodsb02@gmail.com