kern/120091: [GEOM][geli][gjournal] geli does not prompt for password on /dev/concat/XXX.eli.journal

Yoshihiro Ota ota at j.email.ne.jp
Sat Feb 2 20:10:07 PST 2008


The following reply was made to PR kern/120091; it has been noted by GNATS.

From: Yoshihiro Ota <ota at j.email.ne.jp>
To: bug-followup at FreeBSD.org
Cc: Volker <volker at vwsoft.com>
Subject: Re: kern/120091: [GEOM][geli][gjournal] geli does not prompt for
 password on /dev/concat/XXX.eli.journal
Date: Sat, 2 Feb 2008 23:02:56 -0500

 This is a multi-part message in MIME format.
 
 --Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe
 Content-Type: text/plain; charset=US-ASCII
 Content-Transfer-Encoding: 7bit
 
 As Volker and I investigated, we found the followings.
 
 1. Use "geli configure -b" option with geom_eli_load="YES" in loader.conf
 attaches /dev/concat/export.eli correctly at boot time.  However, key strokes
 are lost and password verification fails.  There are some other PRs filed already
 on this case.
 
 2. Use "geli_devices" in rc.conf.  Even if this is not a preferred way, this works.
 
 3. Use the patch.  The rc facility tries to parse /etc/fstab to find GELI providers.
 However, it assumes that all provider ends with .eli.  It is not the case here and fails.
 The patch is to detect all eli providers in a given path, i.e. /dev/concat/export.eli
 in my cause.
 
 
 The #3 is the most preferred way for this problem as the path indicates use of GEOM eli.
 
 Thanks,
 Hiro
 
 --Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe
 Content-Type: text/x-diff;
  name="rc.subr-geli.diff"
 Content-Disposition: attachment;
  filename="rc.subr-geli.diff"
 Content-Transfer-Encoding: 7bit
 
 Index: etc/rc.subr
 ===================================================================
 RCS file: /home/ncvs/src/etc/rc.subr,v
 retrieving revision 1.77
 diff -u -r1.77 rc.subr
 --- etc/rc.subr	9 Oct 2007 07:20:44 -0000	1.77
 +++ etc/rc.subr	1 Feb 2008 10:37:45 -0000
 @@ -1415,6 +1415,29 @@
  }
  
  # Creates a list of providers for GELI encryption.
 +geli_expand_entry()
 +{
 +	local devices3
 +	local entry dev tail
 +	for entry in $@; do
 +		tail="${entry}"
 +		while true; do
 +			dev="${dev}${tail%%.eli*}.eli"
 +			devices3="${devices3} ${dev}"
 +			tail="${entry##${dev}}"
 +			case "${tail}" in
 +			*.eli*)
 +				continue
 +				;;
 +			*)
 +				break
 +				;;
 +			esac
 +		done
 +		dev=""
 +	done
 +	echo ${devices3}
 +}
  geli_make_list()
  {
  	local devices devices2
 @@ -1435,7 +1458,7 @@
  		:#*)
  			continue
  			;;
 -		*.eli)
 +		*.eli*)
  			# Skip swap devices.
  			if [ "${type}" = "swap" -o "${options}" = "sw" -o "${noauto}" = "yes" ]; then
  				continue
 @@ -1446,7 +1469,7 @@
  	done < /etc/fstab
  
  	# Append providers from geli_devices.
 -	devices="${devices} ${geli_devices}"
 +	devices=`geli_expand_entry "${devices} ${geli_devices}"`
  
  	for provider in ${devices}; do
  		provider=${provider%.eli}
 
 
 --Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe--


More information about the freebsd-geom mailing list