Date: Sat, 17 Jan 2004 14:53:58 -0500 From: Allan Fields <bsd@afields.ca> To: phk@freebsd.org Cc: shamrock@cypherpunks.to Subject: Status GBDE attach at boot Message-ID: <20040117195358.GH34696@afields.ca>
next in thread | raw e-mail | index | archive | help
Hi, I'm interested to know what may be in the pipeline as far as GBDE boot time attach/automation support. Has anyone committed to implementing these features? (I don't see it anymore (on the 5.3 todo list) in releng pages.) As a fstab is concerned with mount hack, this is the right approach I feel. Snapshots use a mount hack too. To do this a small hack to mount(8) with stub for fstype of geom which calls specific command gbde(8) directly or a mount_geom(8) with similar operations to gbde, plus also full geom classes support. # XXX Example fstab of geom entries: # # GBDE swap #/dev/ad0s1b none swap sw 0 0 /dev/ad0s1b bde geom rw,attach,temp 0 0 /dev/ad0s1b.bde none swap sw 0 0 # Normal filesystem /dev/ad0s1a / ufs rw 1 1 /dev/ad0s1f /var ufs rw 2 2 /dev/ad0s1g /usr ufs rw 2 2 # GBDE tmp dir /dev/ad0s1e bde geom rw,temp 0 0 /dev/ad0s1e.bde /tmp ufs rw 0 1 # GBDE home dir (prompt on console; block on ttyin, before getty spawned) #/dev/ad0s1h /dev/ad0s1h.bde geom rw,attach 0 0 #<-long form /dev/ad0s1h bde geom rw,attach 0 0 #<-shorter /dev/ad0s1h.bde /home ufs rw 2 2 # # fs_spec is device # fs_file is GEOM class to instantiate with fs_spec as provider # if using long form split on dot to determine class or specify # class in mntopts (class=<class> or <class>) # fs_vfstype has new type: ``geom'' # fs_mntops has standard form, plus: # attach: default action for class bde: to attach, so can be omitted # temp: mntopt says init as temporary gbde # init: initialize only # noauto: don't automatically instantiate / attach # level=<lvl>: level at which to attempt to instantiate geom (def: 1) # 0: in single-user/after root -1: same as noauto # 1: before going multi-user (before getty runs on tty) # 2: after going multi-user (bde needs own tty?) # prompt=<ttydev>: prompt for pass phrases/user input on tty # # insert: insert geom instance (default) #XX remove: remove geom instance - use umount(8) # ...: other class options here # Example prompts on console: # (user can ^C here to skip attaching it) !! GEOM/gbde: Passphrase required for attach of /dev/adNsM.. Enter passphrase: -- GEOM/gbde: Attach sucessful. !! GEOM/gbde: Passphrase required for attach of /dev/da0s1a.. Enter passphrase: gbde: Attach to da0s1a failed: Invalid argument -- GEOM/gbde: Attach failed. -- GEOM/gbde: Done. Jan 17 14:22:03 testhost mount[178]: GEOM/gbde Attach to da0s1a failed: Invalid argument FreeBSD/i386 (testhost) (ttyv0) login: _ Another question, about key entry: should there be an option to allow keys to be read directly from a file/file descriptor instead of on the command line. In this way keys could be piped into the gbde command for attach, etc. from a secure source. Would this prove a significant vulnerability compared to tty input? This might be used in conjunction with other authentication mechanisms and if it proves more secure than -p, could be something to look at. Currently: gbde in readpassphrase(3) prevents reading passphrases on stdin by setting RPP_REQUIRE_TTY and also readpassphrase() isn't designed to accommodate key entry from fd if associated tty. So this would need a command line option to run as a pipeline from an interactive shell. Thanks.. -- Allan Fields BSDCan 2004: May 2004, Ottawa See http://www.bsdcan.org for details.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040117195358.GH34696>