From owner-freebsd-geom@FreeBSD.ORG Sun Feb 3 04:10:07 2008 Return-Path: Delivered-To: freebsd-geom@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2ECF316A417 for ; Sun, 3 Feb 2008 04:10:05 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 1AB7813C458 for ; Sun, 3 Feb 2008 04:10:05 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m134A4Pg063393 for ; Sun, 3 Feb 2008 04:10:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m134A4oP063392; Sun, 3 Feb 2008 04:10:04 GMT (envelope-from gnats) Date: Sun, 3 Feb 2008 04:10:04 GMT Message-Id: <200802030410.m134A4oP063392@freefall.freebsd.org> To: freebsd-geom@FreeBSD.org From: Yoshihiro Ota Cc: Subject: Re: kern/120091: [GEOM][geli][gjournal] geli does not prompt for password on /dev/concat/XXX.eli.journal X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Yoshihiro Ota List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Feb 2008 04:10:07 -0000 The following reply was made to PR kern/120091; it has been noted by GNATS. From: Yoshihiro Ota To: bug-followup@FreeBSD.org Cc: Volker Subject: Re: kern/120091: [GEOM][geli][gjournal] geli does not prompt for password on /dev/concat/XXX.eli.journal Date: Sat, 2 Feb 2008 23:02:56 -0500 This is a multi-part message in MIME format. --Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit As Volker and I investigated, we found the followings. 1. Use "geli configure -b" option with geom_eli_load="YES" in loader.conf attaches /dev/concat/export.eli correctly at boot time. However, key strokes are lost and password verification fails. There are some other PRs filed already on this case. 2. Use "geli_devices" in rc.conf. Even if this is not a preferred way, this works. 3. Use the patch. The rc facility tries to parse /etc/fstab to find GELI providers. However, it assumes that all provider ends with .eli. It is not the case here and fails. The patch is to detect all eli providers in a given path, i.e. /dev/concat/export.eli in my cause. The #3 is the most preferred way for this problem as the path indicates use of GEOM eli. Thanks, Hiro --Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe Content-Type: text/x-diff; name="rc.subr-geli.diff" Content-Disposition: attachment; filename="rc.subr-geli.diff" Content-Transfer-Encoding: 7bit Index: etc/rc.subr =================================================================== RCS file: /home/ncvs/src/etc/rc.subr,v retrieving revision 1.77 diff -u -r1.77 rc.subr --- etc/rc.subr 9 Oct 2007 07:20:44 -0000 1.77 +++ etc/rc.subr 1 Feb 2008 10:37:45 -0000 @@ -1415,6 +1415,29 @@ } # Creates a list of providers for GELI encryption. +geli_expand_entry() +{ + local devices3 + local entry dev tail + for entry in $@; do + tail="${entry}" + while true; do + dev="${dev}${tail%%.eli*}.eli" + devices3="${devices3} ${dev}" + tail="${entry##${dev}}" + case "${tail}" in + *.eli*) + continue + ;; + *) + break + ;; + esac + done + dev="" + done + echo ${devices3} +} geli_make_list() { local devices devices2 @@ -1435,7 +1458,7 @@ :#*) continue ;; - *.eli) + *.eli*) # Skip swap devices. if [ "${type}" = "swap" -o "${options}" = "sw" -o "${noauto}" = "yes" ]; then continue @@ -1446,7 +1469,7 @@ done < /etc/fstab # Append providers from geli_devices. - devices="${devices} ${geli_devices}" + devices=`geli_expand_entry "${devices} ${geli_devices}"` for provider in ${devices}; do provider=${provider%.eli} --Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe--