d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

For the gbde attach script:

Browse Source 
- Ask the user up to X times (3 by default) for the pass-phrase, if
  it is incorrect the first time.
- Add support for storing the lockfiles in another other directory
  than /etc.
- Document that it is possible to override the location of each single
  lockfile.

Approved by:	pjd
This commit is contained in:
Simon L. B. Nielsen 2004-07-18 18:01:48 +00:00
parent 726cb09fbc
commit 64785dbd46
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=132356
3 changed files with 40 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
etc/defaults/rc.conf
View File

@ -50,6 +50,8 @@ rc_conf_files="/etc/rc.conf /etc/rc.conf.local"
# Experimental - test before enabling
gbde_autoattach_all="NO" # YES automatically mounts gbde devices from fstab
gbde_devices="NO" # Devices to automatically attach (list, or AUTO)
gbde_attach_attempts="3" # Number of times to attempt attaching gbde devices
gbde_lockdir="/etc" # Where to look for gbde lockfiles
gbde_swap_enable="NO" # Set to YES to automatically initialize gbde swap
# devices listed in fstab with a random one-shot key

14
etc/rc.d/gbde
View File

@ -81,10 +81,20 @@ gbde_start()
for device in $gbde_devices; do
parentdev=${device%.bde}
parent=${parentdev#/dev/}
eval "lock=\${gbde_lock_${parent}-\"/etc/${parent}.lock\"}"
if [ -e $lock ]; then
eval "lock=\${gbde_lock_${parent}-\"${gbde_lockdir}/${parent}.lock\"}"
if [ -e "${lock}" -a ! -e "${device}" ]; then
echo "Configuring Disk Encryption for ${device}."
count=1
while [ ${count} -le ${gbde_attach_attempts} ]; do
gbde attach ${parentdev} -l ${lock}
if [ -e ${device} ]; then
break
fi
echo "Attach failed; attempt ${count} of ${gbde_attach_attempts}."
count=$((${count} + 1))
done
fi
done
}

25
share/man/man5/rc.conf.5
View File

@ -1069,6 +1069,31 @@ will attempt to automatically initialize your .bde devices in
List the devices that the script should try to attach,
or
.Dq Li AUTO .
.It Va gbde_lockdir
.Pq Vt str
The directory where the
.Xr gbde 4
lockfiles are located.
The default lockfile directory is
.Pa /etc .
.Pp
The lockfile for each individual
.Xr gbde 4
device can be overridden by setting the variable
.Va gbde_lock_ Ns Aq Ar device ,
where
.Ar device
is the encrypted device without the
.Dq Pa /dev/
and
.Dq Pa .bde
parts.
.It Va gbde_attach_attempts
.Pq Vt int
Number of times to attempt attaching to a
.Xr gbde 4
device, i.e. how many times the user is asked for the pass-phrase.
Default is 3.
.It Va gbde_swap_enable
.Pq Vt bool
If set to