From owner-freebsd-current@freebsd.org Sat Apr 24 06:08:42 2021 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 646E05F26B4 for ; Sat, 24 Apr 2021 06:08:42 +0000 (UTC) (envelope-from shoesoft@gmx.net) Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FS11j2FpGz4YJV for ; Sat, 24 Apr 2021 06:08:40 +0000 (UTC) (envelope-from shoesoft@gmx.net) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1619244519; bh=fnJioNWaM1Ys6VQ2ZK2N2NnyCZaRkUn9seRlQI9tcYo=; h=X-UI-Sender-Class:From:To:Subject:Date; b=TpjSH7BkfPH4iPI9QgDy5IAiiQqv7StMaDd/GqsVRruExdHSZ6o/5UDZRlsZmBXkp 5/T5Dkkrohk3nek82EKHLrZwNkrBOPO24tS5NZFjR/vKSaE2Avr4r0WQFGyaJPD4sd av3QyPyaZ6eCOCtUR5HnkVHilGIRhSlqXCujDAEI= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from walrus.pepperland ([81.217.72.171]) by mail.gmx.net (mrgmx104 [212.227.17.168]) with ESMTPSA (Nemesis) id 1Mq2jC-1lDRpd0Ogc-00n9sq for ; Sat, 24 Apr 2021 08:08:39 +0200 From: Stefan Ehmann To: freebsd-current@freebsd.org Subject: geli_groups vs. fstab Date: Sat, 24 Apr 2021 08:08:00 +0200 Message-ID: <2877652.N5ZSAEJcE3@walrus.pepperland> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="us-ascii" X-Provags-ID: V03:K1:FnhtDvjfodexKTtsn903J8qRex2wHbh7jPDmoq9Y866BQHzUpa7 Cj6XSg+GGiZj6/WawSENE3gyAjHqWc2R5Usw/YHvp1QhfQBpbtiewMAGYybQVzgAvMgBh28 UVbh6S2lm4COzrK+Ua8q+s8FcQBdu4PMDgUwffi67xNys8WQcqs2lNwvA3NT5Usc1y6wyPb n012ph5jPPdOu1wMTnusQ== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:ZhvzG/cr8YA=:T9cx6omBf+oesievenxdXU CgyubUVyQCYUGkdmaRUXaVowLVRjh7bfLsN+x1fy1/zpEOR/dyRvX45XKD6Kuqp/oxaOCecTL OQBblpjO51bhXmJmdYDZQLak4+XrSS0Enwi2Q/OinZT2utbKRPBKQJ2ild4IEr7Nc65eD13zN YXBzDR6+fIeJ1eLXGpAiCa1GhlJxnQgSvlmsYZeoqEKD2dZa7G+F4RtNSevWZg/YWSWVOvnpo pzwTbWiQRyEjbDK9h+V+7joEy1HUREsTtWdguhSfbOvIoHubCDa86mV3DeTuCTTc4aTJYblrw KaACLDxaq0MvvwqTBS5BKvDyKEyZ5u0kVTAdef7pES6TX4Bhvfjcd6RYQ4ECU3FkfKzGZZ9NA CqCggnNcAkGETX+1D0IhLt4izl1/PB+Q/A1eJE0Lmwx3/5Z24O233xuVDsOxoeaQgXDF8or72 7V6sagRT4Mhv3KYUZdhGLH1bEwmiTXGga3EekgJwfecKeTvvM7Cslc2BQGXC0AML/sDBV2Zg/ sTaP7/2rZtXVfYhmwAomPHSDA8q4GE4LQkwKbJ4uw1KN3w96AU8UBJxJpR5l+DTQ1A2JFHinm TsKuWmjJBqVGUIy31ppX4wNkrsOYW0oJBGJRbvGvGZSGQaUthJuHnR5mNEeLYOjCQ4NKThrgb Yj7vut90KLd3p+BsSy0XjHVwDU7VuMpogeWALAq+Gj5oYfRq29Wmyu73yPjNOGZsL3xP5KIpk aPoP4F6GR8sctNOI7t/2suE03afghZNczJ6wRL1vays6X0t2LvA33lWQDw8SQwpQqe3pbKYgs U6rKpDq7RwHv6otLw2TBVVBx5uQ4BkgRjrcVf6EJl8dpkVACcNZ0DwAy1CZfkoK+fLcliwwS/ UPjIWhdO4kTokT1KsBtocSTgMvb3Vzdf3uxKtpHZzfQ+OkzCtiWYMiRzbGSc2oq98w4+7yEb+ /7XWKhnaiFtBA/TBjaFADRn0cWx/6jTyrFkvSkCZeHnvbYoDHSd3PuCOxwhHTW/UyXtHgLAUe RCfIX8PymHbmsIz/e2c6pS95zeDtXoLcVUGANBwluBWHdf+VlV5nndzmZejE1EbXSrBzKGw+y m7QlzAGcWhpZsqplkWbPSChXue+LsqLKfD4pqNfxZPm5YylCZjEOvHXCcOs9fUVViC/ULjJoz 5IXpkpxcPiUK3vGC6sBIxy+8i3I8V6oaCSJ9AnrRKhts5zGdK99LU/A61K7uJFoZRmYAU= X-Rspamd-Queue-Id: 4FS11j2FpGz4YJV X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmx.net header.s=badeba3b8450 header.b=TpjSH7Bk; dmarc=pass (policy=none) header.from=gmx.net; spf=pass (mx1.freebsd.org: domain of shoesoft@gmx.net designates 212.227.17.21 as permitted sender) smtp.mailfrom=shoesoft@gmx.net X-Spamd-Result: default: False [-4.10 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEMAIL_FROM(0.00)[gmx.net]; R_SPF_ALLOW(-0.20)[+ip4:212.227.17.0/27]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[gmx.net:+]; DMARC_POLICY_ALLOW(-0.50)[gmx.net,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCVD_IN_DNSWL_LOW(-0.10)[212.227.17.21:from]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmx.net]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; RBL_DBL_DONT_QUERY_IPS(0.00)[212.227.17.21:from]; DWL_DNSWL_NONE(0.00)[gmx.net:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmx.net:s=badeba3b8450]; RECEIVED_SPAMHAUS_PBL(0.00)[81.217.72.171:received]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[212.227.17.21:from:127.0.2.255]; RWL_MAILSPIKE_POSSIBLE(0.00)[212.227.17.21:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-current] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Apr 2021 06:08:42 -0000 I was testing geli_groups with a setup similar to the example here: https://reviews.freebsd.org/D12644 The entries in rc.conf only work if the devices are not also listed in /et= c/ fstab. The rc-script processes fstab entries before trying to attach the geli_groups. As workaround, I've edited /etc/rc.d/geli and exchanged the loops "for group in ${geli_groups}; do" and "for provider in ${devices}; do". Now it works as expected for me. The commit message says: This is helpful when the providers being attached are not used for boo= t, and therefore the existing code to first try the cached password when tasting the providers during boot does not apply. I'm not sure how the "cached password" mechanism works. My rc-change might break it. Disclaimer: Tested on 13.0-RELEASE, but the rc-script ist the same in in current.