Bug 102700

Summary: [geli] [patch] Add encrypted /tmp support to GELI/GBDE rc.d scripts
Product: Base System Reporter: Shaun Amott <shaun>
Component: confAssignee: freebsd-bugs (Nobody) <bugs>
Status: Open ---    
Severity: Affects Only Me    
Priority: Normal    
Version: 6.1-STABLE   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
encswap.diff none

Description Shaun Amott freebsd_committer 2006-08-30 18:50:20 UTC
The following patch adds support to the geli and gbde rc.d scripts for
one-time encrypted /tmp partitions, much like the "encswap" partitions
that are already supported.

I have been doing this successfully via rc.{early,local} for some time
now, but I feel it would be a useful addition to the standard scripts.


How to use it?

1) Change your /tmp device in /etc/fstab:

   From...
     /dev/ad0s2e      /tmp   ufs  rw   2  2

   To one of...
     /dev/ad0s2e.eli  /tmp  ufs   rw   2  2
     /dev/ad0s2e.bde  /tmp  ufs   rw   2  2

2) Tell the script about it:

   geli_enctmp_devices="ad0s2e"

3) Reboot to find a secure, encrypted /tmp


There was also (it seems) a typo in 'gbde', which has been fixed as part
of the patch:

-	case "${gbde_devices-auto}" in
+	case "${gbde_devices:-enctmp}" in
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2006-08-30 22:29:52 UTC
Responsible Changed
From-To: freebsd-bugs->freebsd-rc

Over to maintainer(s).
Comment 2 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 07:58:27 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped