Date: Sun, 3 Feb 2008 04:10:04 GMT From: Yoshihiro Ota <ota@j.email.ne.jp> To: freebsd-geom@FreeBSD.org Subject: Re: kern/120091: [GEOM][geli][gjournal] geli does not prompt for password on /dev/concat/XXX.eli.journal Message-ID: <200802030410.m134A4oP063392@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/120091; it has been noted by GNATS. From: Yoshihiro Ota <ota@j.email.ne.jp> To: bug-followup@FreeBSD.org Cc: Volker <volker@vwsoft.com> Subject: Re: kern/120091: [GEOM][geli][gjournal] geli does not prompt for password on /dev/concat/XXX.eli.journal Date: Sat, 2 Feb 2008 23:02:56 -0500 This is a multi-part message in MIME format. --Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit As Volker and I investigated, we found the followings. 1. Use "geli configure -b" option with geom_eli_load="YES" in loader.conf attaches /dev/concat/export.eli correctly at boot time. However, key strokes are lost and password verification fails. There are some other PRs filed already on this case. 2. Use "geli_devices" in rc.conf. Even if this is not a preferred way, this works. 3. Use the patch. The rc facility tries to parse /etc/fstab to find GELI providers. However, it assumes that all provider ends with .eli. It is not the case here and fails. The patch is to detect all eli providers in a given path, i.e. /dev/concat/export.eli in my cause. The #3 is the most preferred way for this problem as the path indicates use of GEOM eli. Thanks, Hiro --Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe Content-Type: text/x-diff; name="rc.subr-geli.diff" Content-Disposition: attachment; filename="rc.subr-geli.diff" Content-Transfer-Encoding: 7bit Index: etc/rc.subr =================================================================== RCS file: /home/ncvs/src/etc/rc.subr,v retrieving revision 1.77 diff -u -r1.77 rc.subr --- etc/rc.subr 9 Oct 2007 07:20:44 -0000 1.77 +++ etc/rc.subr 1 Feb 2008 10:37:45 -0000 @@ -1415,6 +1415,29 @@ } # Creates a list of providers for GELI encryption. +geli_expand_entry() +{ + local devices3 + local entry dev tail + for entry in $@; do + tail="${entry}" + while true; do + dev="${dev}${tail%%.eli*}.eli" + devices3="${devices3} ${dev}" + tail="${entry##${dev}}" + case "${tail}" in + *.eli*) + continue + ;; + *) + break + ;; + esac + done + dev="" + done + echo ${devices3} +} geli_make_list() { local devices devices2 @@ -1435,7 +1458,7 @@ :#*) continue ;; - *.eli) + *.eli*) # Skip swap devices. if [ "${type}" = "swap" -o "${options}" = "sw" -o "${noauto}" = "yes" ]; then continue @@ -1446,7 +1469,7 @@ done < /etc/fstab # Append providers from geli_devices. - devices="${devices} ${geli_devices}" + devices=`geli_expand_entry "${devices} ${geli_devices}"` for provider in ${devices}; do provider=${provider%.eli} --Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200802030410.m134A4oP063392>