diff options
| author | simon <simon@FreeBSD.org> | 2004-07-18 18:01:48 +0000 |
|---|---|---|
| committer | simon <simon@FreeBSD.org> | 2004-07-18 18:01:48 +0000 |
| commit | 0fcf2627f6d8eaa33779afeb44b5efe8d7e56fda (patch) | |
| tree | 68e19c3cb68c61298cbc0f27f8ee6e10b1f9031a | |
| parent | 663921669569e0293fdbf9e48f017becabdf499a (diff) | |
| download | FreeBSD-src-0fcf2627f6d8eaa33779afeb44b5efe8d7e56fda.zip FreeBSD-src-0fcf2627f6d8eaa33779afeb44b5efe8d7e56fda.tar.gz | |
For the gbde attach script:
- Ask the user up to X times (3 by default) for the pass-phrase, if
it is incorrect the first time.
- Add support for storing the lockfiles in another other directory
than /etc.
- Document that it is possible to override the location of each single
lockfile.
Approved by: pjd
| -rw-r--r-- | etc/defaults/rc.conf | 2 | ||||
| -rw-r--r-- | etc/rc.d/gbde | 16 | ||||
| -rw-r--r-- | share/man/man5/rc.conf.5 | 25 |
3 files changed, 40 insertions, 3 deletions
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf index c4a94fb..df9bd0c 100644 --- a/etc/defaults/rc.conf +++ b/etc/defaults/rc.conf @@ -50,6 +50,8 @@ rc_conf_files="/etc/rc.conf /etc/rc.conf.local" # Experimental - test before enabling gbde_autoattach_all="NO" # YES automatically mounts gbde devices from fstab gbde_devices="NO" # Devices to automatically attach (list, or AUTO) +gbde_attach_attempts="3" # Number of times to attempt attaching gbde devices +gbde_lockdir="/etc" # Where to look for gbde lockfiles gbde_swap_enable="NO" # Set to YES to automatically initialize gbde swap # devices listed in fstab with a random one-shot key diff --git a/etc/rc.d/gbde b/etc/rc.d/gbde index 25bcd2a..6359f41 100644 --- a/etc/rc.d/gbde +++ b/etc/rc.d/gbde @@ -81,10 +81,20 @@ gbde_start() for device in $gbde_devices; do parentdev=${device%.bde} parent=${parentdev#/dev/} - eval "lock=\${gbde_lock_${parent}-\"/etc/${parent}.lock\"}" - if [ -e $lock ]; then + eval "lock=\${gbde_lock_${parent}-\"${gbde_lockdir}/${parent}.lock\"}" + if [ -e "${lock}" -a ! -e "${device}" ]; then echo "Configuring Disk Encryption for ${device}." - gbde attach ${parentdev} -l ${lock} + + count=1 + while [ ${count} -le ${gbde_attach_attempts} ]; do + gbde attach ${parentdev} -l ${lock} + if [ -e ${device} ]; then + break + fi + echo "Attach failed; attempt ${count} of ${gbde_attach_attempts}." + count=$((${count} + 1)) + done + fi done } diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5 index 6aa9820..844c13e 100644 --- a/share/man/man5/rc.conf.5 +++ b/share/man/man5/rc.conf.5 @@ -1069,6 +1069,31 @@ will attempt to automatically initialize your .bde devices in List the devices that the script should try to attach, or .Dq Li AUTO . +.It Va gbde_lockdir +.Pq Vt str +The directory where the +.Xr gbde 4 +lockfiles are located. +The default lockfile directory is +.Pa /etc . +.Pp +The lockfile for each individual +.Xr gbde 4 +device can be overridden by setting the variable +.Va gbde_lock_ Ns Aq Ar device , +where +.Ar device +is the encrypted device without the +.Dq Pa /dev/ +and +.Dq Pa .bde +parts. +.It Va gbde_attach_attempts +.Pq Vt int +Number of times to attempt attaching to a +.Xr gbde 4 +device, i.e. how many times the user is asked for the pass-phrase. +Default is 3. .It Va gbde_swap_enable .Pq Vt bool If set to |
