Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 1 Apr 2015 02:05:27 +0000 (UTC)
From:      Devin Teske <dteske@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r280939 - in head: sys/boot/forth usr.sbin/bsdinstall/scripts
Message-ID:  <201504010205.t3125R42058126@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: dteske
Date: Wed Apr  1 02:05:26 2015
New Revision: 280939
URL: https://svnweb.freebsd.org/changeset/base/280939

Log:
  Whoops! "arc commit --revision" != "arc diff --update"

Modified:
  head/sys/boot/forth/check-password.4th
  head/sys/boot/forth/check-password.4th.8
  head/sys/boot/forth/loader.conf
  head/usr.sbin/bsdinstall/scripts/zfsboot

Modified: head/sys/boot/forth/check-password.4th
==============================================================================
--- head/sys/boot/forth/check-password.4th	Wed Apr  1 02:01:34 2015	(r280938)
+++ head/sys/boot/forth/check-password.4th	Wed Apr  1 02:05:26 2015	(r280939)
@@ -146,15 +146,6 @@ only forth definitions also password-pro
 		2drop read-reset
 	else drop then
 
-	\ Prompt for GEOM ELI (geli(4)) passphrase if enabled
-	s" geom_eli_passphrase_prompt" getenv dup -1 <> if
-		s" YES" compare-insensitive 0= if
-			s" GELI Passphrase: " read ( prompt -- )
-			readval readlen @ s" kern.geom.eli.passphrase" setenv
-			read-reset
-		then
-	else drop then
-
 	\ Exit if a password was not set
 	s" password" getenv -1 = if exit else drop then
 

Modified: head/sys/boot/forth/check-password.4th.8
==============================================================================
--- head/sys/boot/forth/check-password.4th.8	Wed Apr  1 02:01:34 2015	(r280938)
+++ head/sys/boot/forth/check-password.4th.8	Wed Apr  1 02:05:26 2015	(r280939)
@@ -1,4 +1,4 @@
-.\" Copyright (c) 2011-2015 Devin Teske
+.\" Copyright (c) 2011-2012 Devin Teske
 .\" All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 20, 2015
+.Dd December 10, 2012
 .Dt CHECK-PASSWORD.4TH 8
 .Os
 .Sh NAME
@@ -33,12 +33,8 @@
 .Sh DESCRIPTION
 The file that goes by the name of
 .Nm
-is a set of commands designed to do one or more of the following:
-.Pp
-.Dl o Prevent booting without password
-.Dl o Prevent modification of boot options without password
-.Dl o Provide a password to mount geli(8) encrypted root disk(s)
-.Pp
+is a set of commands designed to either prevent booting or prevent modification
+of boot options without an appropriately configured password.
 The commands of
 .Nm
 by themselves are not enough for most uses.
@@ -62,23 +58,14 @@ The commands provided by it are:
 .Pp
 .Bl -tag -width disable-module_module -compact -offset indent
 .It Ic check-password
-Multi-purpose function that can protect the interactive boot menu,
-prevent boot without password, or prompt for geli(8) passphrase
-.Pq depending on Xr loader.conf 5 settings .
+Dual-purpose function that can either protect the interactive boot menu or
+prevent boot without password (separately).
 .Pp
 First checks
 .Va bootlock_password
 and if-set, the user cannot continue until the correct password is entered.
 .Pp
-Next, checks
-.Va geom_eli_passphrase_prompt
-and if set to
-.Li YES
-.Pq case-insensitive
-prompts the user to enter their GELI password for later mounting of the root
-device(s) during boot.
-.Pp
-Last, checks
+Next checks
 .Va password
 and if-set, tries to
 .Ic autoboot
@@ -94,11 +81,6 @@ The environment variables that effect it
 Sets the bootlock password (up to 16 characters long) that is required by
 .Ic check-password
 to be entered before the system is allowed to boot.
-.It Va geom_eli_passphrase_prompt
-Selects whether loader(8) will prompt for GELI credentials, handing-off to the
-kernel for later mounting of
-.Xr geli 8
-encrypted root device(s).
 .It Va password
 Sets the password (up to 16 characters long) that is required by
 .Ic check-password
@@ -140,16 +122,6 @@ to prevent booting without password:
 .Bd -literal -offset indent -compact
 bootlock_password="boot"
 .Ed
-.Pp
-Add the following to
-.Xr loader.conf 5
-to generate a prompt at boot to collect GELI credentials for mounting
-.Xr geli 8
-encrypted root device(s):
-.Pp
-.Bd -literal -offset indent -compact
-geom_eli_passphrase_prompt="YES"
-.Ed
 .Sh SEE ALSO
 .Xr loader.conf 5 ,
 .Xr loader 8 ,

Modified: head/sys/boot/forth/loader.conf
==============================================================================
--- head/sys/boot/forth/loader.conf	Wed Apr  1 02:01:34 2015	(r280938)
+++ head/sys/boot/forth/loader.conf	Wed Apr  1 02:05:26 2015	(r280939)
@@ -62,7 +62,6 @@ entropy_cache_type="/boot/entropy"	
 				# "NO" to disable autobooting
 #password=""			# Prevent changes to boot options
 #bootlock_password=""		# Prevent booting (see check-password.4th(8))
-#geom_eli_passphrase_prompt="NO" # Prompt for geli(8) passphrase to mount root
 #beastie_disable="NO"		# Turn the beastie boot menu on and off
 #kernels="kernel kernel.old"	# Kernels to display in the boot menu
 #loader_logo="orbbw"		# Desired logo: orbbw, orb, fbsdbw, beastiebw, beastie, none

Modified: head/usr.sbin/bsdinstall/scripts/zfsboot
==============================================================================
--- head/usr.sbin/bsdinstall/scripts/zfsboot	Wed Apr  1 02:01:34 2015	(r280938)
+++ head/usr.sbin/bsdinstall/scripts/zfsboot	Wed Apr  1 02:05:26 2015	(r280939)
@@ -1343,9 +1343,6 @@ zfs_create_boot()
 		$BSDINSTALL_TMPBOOT/loader.conf.aesni || return $FAILURE
 	f_eval_catch $funcname echo "$ECHO_APPEND" 'geom_eli_load=\"YES\"' \
 		$BSDINSTALL_TMPBOOT/loader.conf.geli || return $FAILURE
-	f_eval_catch $funcname echo "$ECHO_APPEND" \
-		'geom_eli_passphrase_prompt=\"YES\"' \
-		$BSDINSTALL_TMPBOOT/loader.conf.geli || return $FAILURE
 	for disk in $disks; do
 		f_eval_catch $funcname printf "$PRINTF_CONF" \
 			geli_%s_keyfile0_load "$disk$targetpart YES" \



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201504010205.t3125R42058126>