Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 20 Apr 2005 16:20:55 GMT
From:      David Duchscher <daved@tamu.edu>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   conf/80158: request configuration option for specifing the GBDE passphrase.
Message-ID:  <200504201620.j3KGKtB9031757@www.freebsd.org>
Resent-Message-ID: <200504201630.j3KGUMDl003507@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         80158
>Category:       conf
>Synopsis:       request configuration option for specifing the GBDE passphrase.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Apr 20 16:30:22 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     David Duchscher
>Release:        FreeBSD 5.4-RC3
>Organization:
Texas A&M University
>Environment:
FreeBSD backup.net.tamu.edu 5.4-RC3 FreeBSD 5.4-RC3 #0: Tue Apr 19 15:44:06 UTC 2005     root@backup.net.tamu.edu:/usr/obj/data/usr/src/sys/CUSTOM  i386
>Description:
      I need to encrypt data on a RAID 5 device so that when drive failures happen and the drive is replaced, data on that failed disk is secure.  We needed the system to still returned to operation without user intervention.  I have modified the /etc/rc.d/gbde script to do what I need and figured I would float the idea of getting this added into the system.

>How-To-Repeat:
      
>Fix:
      Here is the patch to /etc/rc.d/gbde that I have made to add the passphrase to rc.conf.

--- /usr/src/etc/rc.d/gbde      Sun Jan 30 05:05:01 2005
+++ /etc/rc.d/gbde      Wed Apr 20 11:02:42 2005
@@ -109,10 +109,13 @@
 
                        count=1
                        while [ ${count} -le ${gbde_attach_attempts} ]; do
+                               if [ ! -z "${gbde_passphrase}" ]; then
+                                       passphrase="-p ${gbde_passphrase}"
+                               fi
                                if [ -e "${lock}" ]; then
-                                       gbde attach ${parent} -l ${lock}
+                                       gbde attach ${parent} -l ${lock} ${passphrase}
                                else
-                                       gbde attach ${parent}
+                                       gbde attach ${parent} ${passphrase}
                                fi
                                if [ -e "/dev/${parent}.bde" ]; then
                                        break

>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504201620.j3KGKtB9031757>