Support for geli onetime encryption for /tmp?
dthiele at gmx.net
Sun Dec 13 16:15:48 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Simon L. Nielsen wrote:
> On 2009.12.12 23:07:58 +0100, Daniel Thiele wrote:
>> Is there maybe another way to achieve onetime /tmp encryption that
>> I am missing? Preferably one that does not involve huge changes to
> Well, I use the simple one - make /tmp a memory file system. locate
> is sometimes not too happy with an e.g. 50MB /tmp, but otherwise it
> works very well for me.
> [simon at arthur:~] grep tmp /etc/rc.conf
Using a memory file system (together, of course, with an encrypted swap
partition) also crossed my mind. While a small memory based /tmp may be
sufficient for most desktop workloads, I don't think that I can chum up
with it. Especially when you consider that disk space is orders of
magnitudes cheaper than RAM.
Since the tmpmfs option does not scale well with growing /tmp space
requirements (at least not in a cost-effective way), I am keen to know
why the patch I dug up in my first mail has never been committed. Was it
solely a lack of interest or time, or have there been other reasons?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.13 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the freebsd-current