From owner-freebsd-current@FreeBSD.ORG Mon Oct 7 19:58:40 2013 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C2C316BA; Mon, 7 Oct 2013 19:58:40 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 366952DD6; Mon, 7 Oct 2013 19:58:39 +0000 (UTC) Received: from mart.js.berklix.net (pD9FBE81A.dip0.t-ipconnect.de [217.251.232.26]) (authenticated bits=128) by land.berklix.org (8.14.5/8.14.5) with ESMTP id r97JwUHR041530; Mon, 7 Oct 2013 19:58:31 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id r97JwHIQ040925; Mon, 7 Oct 2013 21:58:17 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost.js.berklix.net [127.0.0.1]) by fire.js.berklix.net (8.14.4/8.14.4) with ESMTP id r97Jw56I096162; Mon, 7 Oct 2013 21:58:11 +0200 (CEST) (envelope-from jhs@fire.js.berklix.net) Message-Id: <201310071958.r97Jw56I096162@fire.js.berklix.net> To: Gleb Kurtsou Subject: Re: Committing PEFS to CURRENT From: "Julian H. Stacey" Organization: http://berklix.com BSD Unix Linux Consultancy, Munich Germany User-agent: EXMH on FreeBSD http://berklix.com/free/ X-URL: http://www.berklix.com In-reply-to: Your message "Mon, 07 Oct 2013 09:31:11 PDT." <20131007163111.GB1590@reks.swifttest.com> Date: Mon, 07 Oct 2013 21:58:05 +0200 Sender: jhs@berklix.com Cc: freebsd-current@freebsd.org, delphij@freebsd.org, Kris Moore X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Oct 2013 19:58:40 -0000 Hi Gleb & All Gleb Kurtsou wrote: > Hello, > > I would like to ask everybody's opinion regarding committing PEFS to > CURRENT. > > PEFS is a stacked cryptographic file system for FreeBSD. Development > started as Google Summer of Code project in 2009. It has been in ports > since Sept 2011. I maintain the project. > > Conceptually PEFS is similar to nullfs adding encryption layer on top of > it. But it differs technically by not using vop_bypass. Another popular > stacked cryptographic file systems include eCryptfs (linux) and encfs > (fuse). There is also pam_pefs pam module to allow user authentication > with their PEFS-encrypted home directory password. 2 others are also already in FreeBSD src/ (not just ports) gbde & geli. Whether moved from ports to src or not, either way, I sggest add to man section SEE ALSO gbde(8) & geli(8) Also, SEE ALSO of gbde & geli should probably ref ports/sysutils/pefs-kmod ft: Command not found. No pefs yet i SEE ALSO of http://www.freebsd.org/cgi/man.cgi?query=gbde&apropos=0&sektion=8&manpath=FreeBSD+9.2-RELEASE&arch=default&format=html http://www.freebsd.org/cgi/man.cgi?query=geli&apropos=0&sektion=8&manpath=FreeBSD+9.2-RELEASE&arch=default&format=html I suggest add an href inside: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/disks-encrypting.html Even if just a 1 liner to start, to expand to a section later. (None there for 'pefs', I just searched) Personaly I've been using gbde based on top of a file inside a UFS for a long time, I can't remember why I chose gbde rather than geli, I guess because it was there first ? A dummy's guide short notes along the lines of "Which of these 3 should I use?" might also later be nice at the top of that web page :-) Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultant, Munich http://berklix.com Reply below not above, like a play script. Indent old text with "> ". Send plain text. No quoted-printable, HTML, base64, multipart/alternative.