Enhancement to gbde rc.d script (try 2)

Simon L. Nielsen simon at FreeBSD.org
Sun Jul 11 04:52:41 PDT 2004 

Hey

I posted this patch in January without getting much response so I'm
trying again with an updated version which works with recent
-CURRENT's.

The functionality is the same as the last time... :

I have enhanced the gbde rc.d script a bit, so it asks the user X
times (normally 3) for the pass-phrase.  I have also added support for
having the lockfiles in another other directories than /etc.  Both
features are documented, and the existing feature of specifying the
exact filename of a lockfile is also documented in this patch.

Could someone commit or approve this ?

Thanks.

-- 
Simon L. Nielsen
FreeBSD Documentation Team
-------------- next part --------------
Index: etc/rc.d/gbde
===================================================================
RCS file: /home/ncvs/src/etc/rc.d/gbde,v
retrieving revision 1.4
diff -u -d -r1.4 gbde
--- etc/rc.d/gbde	8 Mar 2004 12:25:05 -0000	1.4
+++ etc/rc.d/gbde	11 Jul 2004 10:41:40 -0000
@@ -81,10 +81,20 @@
 	for device in $gbde_devices; do
 		parentdev=${device%.bde}
 		parent=${parentdev#/dev/}
-		eval "lock=\${gbde_lock_${parent}-\"/etc/${parent}.lock\"}"
-		if [ -e $lock ]; then
+		eval "lock=\${gbde_lock_${parent}-\"${gbde_lockdir}/${parent}.lock\"}"
+		if [ -e "${lock}" -a ! -e "${device}" ]; then
 			echo "Configuring Disk Encryption for ${device}."
-			gbde attach ${parentdev} -l ${lock}
+
+			count=1
+			while [ ${count} -le ${gbde_attach_attempts} ]; do
+				gbde attach ${parentdev} -l ${lock}
+				if [ -e ${device} ]; then
+					break
+				fi
+				echo "Attach failed; attempt ${count} of ${gbde_attach_attempts}."
+				count=$((${count} + 1))
+			done
+
 		fi
 	done
 }
Index: etc/defaults/rc.conf
===================================================================
RCS file: /home/ncvs/src/etc/defaults/rc.conf,v
retrieving revision 1.210
diff -u -d -r1.210 rc.conf
--- etc/defaults/rc.conf	30 Jun 2004 15:58:46 -0000	1.210
+++ etc/defaults/rc.conf	3 Jul 2004 11:00:23 -0000
@@ -50,6 +50,8 @@
 # Experimental - test before enabling
 gbde_autoattach_all="NO" # YES automatically mounts gbde devices from fstab
 gbde_devices="NO" 	# Devices to automatically attach (list, or AUTO)
+gbde_attach_attempts="3" # Number of times to attempt attaching gbde devices.
+gbde_lockdir="/etc"	# Where to look for gbde lockfiles.
 gbde_swap_enable="NO"	# Set to YES to automatically initialize gbde swap
 			# devices listed in fstab with a random one-shot key
 
Index: share/man/man5/rc.conf.5
===================================================================
RCS file: /home/ncvs/src/share/man/man5/rc.conf.5,v
retrieving revision 1.220
diff -u -d -r1.220 rc.conf.5
--- share/man/man5/rc.conf.5	3 Jul 2004 18:29:23 -0000	1.220
+++ share/man/man5/rc.conf.5	11 Jul 2004 11:44:39 -0000
@@ -1069,6 +1069,31 @@
 List the devices that the script should try to attach,
 or
 .Dq Li AUTO .
+.It Va gbde_lockdir
+.Pq Vt str
+The directory where the
+.Xr gbde 4
+lockfiles are located.
+The default lockfile directory is
+.Pa /etc .
+.Pp
+The lockfile for each individual
+.Xr gbde 4
+device can be overridden by setting the variable
+.Va gbde_lock_ Ns Aq Ar device ,
+where
+.Ar device
+is the encrypted device without the
+.Dq Pa /dev/
+and
+.Dq Pa .bde
+parts.
+.It Va gbde_attach_attempts
+.Pq Vt int
+Number of times to attempt attaching to a
+.Xr gbde 4
+device, i.e. how many times the user is asked for the pass-phrase.
+Default is 3.
 .It Va gbde_swap_enable
 .Pq Vt bool
 If set to
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-rc/attachments/20040711/9b33f011/attachment.bin

More information about the freebsd-rc mailing list