Date: Sun, 3 Feb 2008 04:10:04 GMT From: Yoshihiro Ota <ota@j.email.ne.jp> To: freebsd-geom@FreeBSD.org Subject: Re: kern/120091: [GEOM][geli][gjournal] geli does not prompt for password on /dev/concat/XXX.eli.journal Message-ID: <200802030410.m134A4oP063392@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/120091; it has been noted by GNATS.
From: Yoshihiro Ota <ota@j.email.ne.jp>
To: bug-followup@FreeBSD.org
Cc: Volker <volker@vwsoft.com>
Subject: Re: kern/120091: [GEOM][geli][gjournal] geli does not prompt for
password on /dev/concat/XXX.eli.journal
Date: Sat, 2 Feb 2008 23:02:56 -0500
This is a multi-part message in MIME format.
--Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
As Volker and I investigated, we found the followings.
1. Use "geli configure -b" option with geom_eli_load="YES" in loader.conf
attaches /dev/concat/export.eli correctly at boot time. However, key strokes
are lost and password verification fails. There are some other PRs filed already
on this case.
2. Use "geli_devices" in rc.conf. Even if this is not a preferred way, this works.
3. Use the patch. The rc facility tries to parse /etc/fstab to find GELI providers.
However, it assumes that all provider ends with .eli. It is not the case here and fails.
The patch is to detect all eli providers in a given path, i.e. /dev/concat/export.eli
in my cause.
The #3 is the most preferred way for this problem as the path indicates use of GEOM eli.
Thanks,
Hiro
--Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe
Content-Type: text/x-diff;
name="rc.subr-geli.diff"
Content-Disposition: attachment;
filename="rc.subr-geli.diff"
Content-Transfer-Encoding: 7bit
Index: etc/rc.subr
===================================================================
RCS file: /home/ncvs/src/etc/rc.subr,v
retrieving revision 1.77
diff -u -r1.77 rc.subr
--- etc/rc.subr 9 Oct 2007 07:20:44 -0000 1.77
+++ etc/rc.subr 1 Feb 2008 10:37:45 -0000
@@ -1415,6 +1415,29 @@
}
# Creates a list of providers for GELI encryption.
+geli_expand_entry()
+{
+ local devices3
+ local entry dev tail
+ for entry in $@; do
+ tail="${entry}"
+ while true; do
+ dev="${dev}${tail%%.eli*}.eli"
+ devices3="${devices3} ${dev}"
+ tail="${entry##${dev}}"
+ case "${tail}" in
+ *.eli*)
+ continue
+ ;;
+ *)
+ break
+ ;;
+ esac
+ done
+ dev=""
+ done
+ echo ${devices3}
+}
geli_make_list()
{
local devices devices2
@@ -1435,7 +1458,7 @@
:#*)
continue
;;
- *.eli)
+ *.eli*)
# Skip swap devices.
if [ "${type}" = "swap" -o "${options}" = "sw" -o "${noauto}" = "yes" ]; then
continue
@@ -1446,7 +1469,7 @@
done < /etc/fstab
# Append providers from geli_devices.
- devices="${devices} ${geli_devices}"
+ devices=`geli_expand_entry "${devices} ${geli_devices}"`
for provider in ${devices}; do
provider=${provider%.eli}
--Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200802030410.m134A4oP063392>