- Fixed description of the "destroy" command options.
- Document the "nuke" command. - Mention which commands correspond to which functions.
This commit is contained in:
parent
da0e67693d
commit
31c3179731
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=141769
@ -31,7 +31,7 @@
|
|||||||
.\"
|
.\"
|
||||||
.\" $FreeBSD$
|
.\" $FreeBSD$
|
||||||
.\"
|
.\"
|
||||||
.Dd October 19, 2002
|
.Dd February 12, 2005
|
||||||
.Dt GBDE 8
|
.Dt GBDE 8
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
@ -51,8 +51,8 @@
|
|||||||
.Ar destination
|
.Ar destination
|
||||||
.Op Fl i
|
.Op Fl i
|
||||||
.Op Fl f Ar filename
|
.Op Fl f Ar filename
|
||||||
.Op Fl L Ar lockfile
|
.Op Fl L Ar new-lockfile
|
||||||
.Op Fl P Ar pass-phrase
|
.Op Fl P Ar new-pass-phrase
|
||||||
.Nm
|
.Nm
|
||||||
.Cm setkey
|
.Cm setkey
|
||||||
.Ar destination
|
.Ar destination
|
||||||
@ -62,12 +62,16 @@
|
|||||||
.Op Fl L Ar new-lockfile
|
.Op Fl L Ar new-lockfile
|
||||||
.Op Fl P Ar new-pass-phrase
|
.Op Fl P Ar new-pass-phrase
|
||||||
.Nm
|
.Nm
|
||||||
.Cm destroy
|
.Cm nuke
|
||||||
.Ar destination
|
.Ar destination
|
||||||
.Op Fl n Ar key
|
.Op Fl n Ar key
|
||||||
.Op Fl l Ar lockfile
|
.Op Fl l Ar lockfile
|
||||||
.Op Fl p Ar pass-phrase
|
.Op Fl p Ar pass-phrase
|
||||||
.Op Fl L Ar lockfile
|
.Nm
|
||||||
|
.Cm destroy
|
||||||
|
.Ar destination
|
||||||
|
.Op Fl l Ar lockfile
|
||||||
|
.Op Fl p Ar pass-phrase
|
||||||
.Sh DESCRIPTION
|
.Sh DESCRIPTION
|
||||||
.Bf -symbolic
|
.Bf -symbolic
|
||||||
NOTICE:
|
NOTICE:
|
||||||
@ -97,12 +101,21 @@ The operational aspect consists of two subcommands:
|
|||||||
one to open and attach
|
one to open and attach
|
||||||
a device to the in-kernel cryptographic
|
a device to the in-kernel cryptographic
|
||||||
.Nm
|
.Nm
|
||||||
module,
|
module
|
||||||
and one to close and detach a device.
|
.Pq Cm attach ,
|
||||||
|
and one to close and detach a device
|
||||||
|
.Pq Cm detach .
|
||||||
.Pp
|
.Pp
|
||||||
The management part allows initialization of the master key and lock sectors
|
The management part allows initialization of the master key and lock sectors
|
||||||
on a device, initialization and replacement of pass-phrases and
|
on a device
|
||||||
key invalidation and blackening functions.
|
.Pq Cm init ,
|
||||||
|
initialization and replacement of pass-phrases
|
||||||
|
.Pq Cm setkey ,
|
||||||
|
and key invalidation
|
||||||
|
.Pq Cm nuke
|
||||||
|
and blackening
|
||||||
|
.Pq Cm destroy
|
||||||
|
functions.
|
||||||
.Pp
|
.Pp
|
||||||
The
|
The
|
||||||
.Fl l Ar lockfile
|
.Fl l Ar lockfile
|
||||||
@ -114,7 +127,11 @@ option is specified, the first sector is used for this purpose.
|
|||||||
The
|
The
|
||||||
.Fl L Ar new-lockfile
|
.Fl L Ar new-lockfile
|
||||||
argument
|
argument
|
||||||
specifies the lock selector file for the key modified with the
|
specifies the lock selector file for the key
|
||||||
|
initialized with the
|
||||||
|
.Cm init
|
||||||
|
subcommand
|
||||||
|
or modified with the
|
||||||
.Cm setkey
|
.Cm setkey
|
||||||
subcommand.
|
subcommand.
|
||||||
.Pp
|
.Pp
|
||||||
|
@ -130,19 +130,19 @@ g_hexdump(void *ptr, int length)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
static void __dead2
|
static void __dead2
|
||||||
usage(const char *reason)
|
usage(void)
|
||||||
{
|
{
|
||||||
const char *p;
|
|
||||||
|
|
||||||
p = getprogname();
|
(void)fprintf(stderr,
|
||||||
fprintf(stderr, "Usage error: %s", reason);
|
"usage: gbde attach destination [-l lockfile] [-p pass-phrase]\n"
|
||||||
fprintf(stderr, "Usage:\n");
|
" gbde detach destination\n"
|
||||||
fprintf(stderr, "\t%s attach dest [-l lockfile] [-p pass-phrase]\n", p);
|
" gbde init destination [-i] [-f filename] [-L new-lockfile]\n"
|
||||||
fprintf(stderr, "\t%s detach dest\n", p);
|
" [-P new-pass-phrase]\n"
|
||||||
fprintf(stderr, "\t%s init /dev/dest [-i] [-f filename] [-L lockfile] [-P pass-phrase]\n", p);
|
" gbde setkey destination [-n key] [-l lockfile] [-p pass-phrase]\n"
|
||||||
fprintf(stderr, "\t%s setkey dest [-n key] [-l lockfile] [-p pass-phrase] [-L new-lockfile] [-P new-pass-phrase]\n", p);
|
" [-L new-lockfile] [-P new-pass-phrase]\n"
|
||||||
fprintf(stderr, "\t%s destroy dest [-n key] [-l lockfile] [-p pass-phrase] [-L lockfile]\n", p);
|
" gbde nuke destination [-n key] [-l lockfile] [-p pass-phrase]\n"
|
||||||
exit (1);
|
" gbde destroy destination [-l lockfile] [-p pass-phrase]\n");
|
||||||
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
void *
|
void *
|
||||||
@ -720,12 +720,12 @@ main(int argc, char **argv)
|
|||||||
struct g_bde_softc sc;
|
struct g_bde_softc sc;
|
||||||
|
|
||||||
if (argc < 3)
|
if (argc < 3)
|
||||||
usage("Too few arguments\n");
|
usage();
|
||||||
|
|
||||||
if ((i = modfind("g_bde")) < 0) {
|
if ((i = modfind("g_bde")) < 0) {
|
||||||
/* need to load the gbde module */
|
/* need to load the gbde module */
|
||||||
if (kldload(GBDEMOD) < 0 || modfind("g_bde") < 0)
|
if (kldload(GBDEMOD) < 0 || modfind("g_bde") < 0)
|
||||||
usage(GBDEMOD ": Kernel module not available\n");
|
err(1, GBDEMOD ": Kernel module not available");
|
||||||
}
|
}
|
||||||
doopen = 0;
|
doopen = 0;
|
||||||
if (!strcmp(argv[1], "attach")) {
|
if (!strcmp(argv[1], "attach")) {
|
||||||
@ -751,7 +751,7 @@ main(int argc, char **argv)
|
|||||||
doopen = 1;
|
doopen = 1;
|
||||||
opts = "l:n:p:";
|
opts = "l:n:p:";
|
||||||
} else {
|
} else {
|
||||||
usage("Unknown sub command\n");
|
usage();
|
||||||
}
|
}
|
||||||
argc--;
|
argc--;
|
||||||
argv++;
|
argv++;
|
||||||
@ -784,9 +784,9 @@ main(int argc, char **argv)
|
|||||||
case 'n':
|
case 'n':
|
||||||
n_opt = strtoul(optarg, &q, 0);
|
n_opt = strtoul(optarg, &q, 0);
|
||||||
if (!*optarg || *q)
|
if (!*optarg || *q)
|
||||||
usage("-n argument not numeric\n");
|
errx(1, "-n argument not numeric");
|
||||||
if (n_opt < -1 || n_opt > G_BDE_MAXKEYS)
|
if (n_opt < -1 || n_opt > G_BDE_MAXKEYS)
|
||||||
usage("-n argument out of range\n");
|
errx(1, "-n argument out of range");
|
||||||
break;
|
break;
|
||||||
case 'p':
|
case 'p':
|
||||||
p_opt = optarg;
|
p_opt = optarg;
|
||||||
@ -795,7 +795,7 @@ main(int argc, char **argv)
|
|||||||
P_opt = optarg;
|
P_opt = optarg;
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
usage("Invalid option\n");
|
usage();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (doopen) {
|
if (doopen) {
|
||||||
@ -858,7 +858,7 @@ main(int argc, char **argv)
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
usage("Internal error\n");
|
errx(1, "internal error");
|
||||||
}
|
}
|
||||||
|
|
||||||
return(0);
|
return(0);
|
||||||
|
Loading…
Reference in New Issue
Block a user