conf/80158: request configuration option for specifing the GBDE
passphrase.
David Duchscher
daved at tamu.edu
Wed Apr 20 09:30:23 PDT 2005
>Number: 80158
>Category: conf
>Synopsis: request configuration option for specifing the GBDE passphrase.
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Wed Apr 20 16:30:22 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: David Duchscher
>Release: FreeBSD 5.4-RC3
>Organization:
Texas A&M University
>Environment:
FreeBSD backup.net.tamu.edu 5.4-RC3 FreeBSD 5.4-RC3 #0: Tue Apr 19 15:44:06 UTC 2005 root at backup.net.tamu.edu:/usr/obj/data/usr/src/sys/CUSTOM i386
>Description:
I need to encrypt data on a RAID 5 device so that when drive failures happen and the drive is replaced, data on that failed disk is secure. We needed the system to still returned to operation without user intervention. I have modified the /etc/rc.d/gbde script to do what I need and figured I would float the idea of getting this added into the system.
>How-To-Repeat:
>Fix:
Here is the patch to /etc/rc.d/gbde that I have made to add the passphrase to rc.conf.
--- /usr/src/etc/rc.d/gbde Sun Jan 30 05:05:01 2005
+++ /etc/rc.d/gbde Wed Apr 20 11:02:42 2005
@@ -109,10 +109,13 @@
count=1
while [ ${count} -le ${gbde_attach_attempts} ]; do
+ if [ ! -z "${gbde_passphrase}" ]; then
+ passphrase="-p ${gbde_passphrase}"
+ fi
if [ -e "${lock}" ]; then
- gbde attach ${parent} -l ${lock}
+ gbde attach ${parent} -l ${lock} ${passphrase}
else
- gbde attach ${parent}
+ gbde attach ${parent} ${passphrase}
fi
if [ -e "/dev/${parent}.bde" ]; then
break
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list