Bug 265221

Summary: /etc/rc.d/zfskeys breaks when /usr is encrypted
Product: Base System Reporter: Ivan <r4>
Component: confAssignee: Mateusz Piotrowski <0mp>
Status: Closed FIXED    
Severity: Affects Some People CC: 0mp, grahamperrin, ltning-freebsd, r4
Priority: --- Flags: 0mp: mfc-stable13+
Version: 13.1-RELEASE   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
boot messages none

Description Ivan 2022-07-14 21:23:14 UTC 
Created attachment 235263 [details]
boot messages

/etc/rc.d/zfskeys requires /usr/sbin/timeout to work. This makes it impossible use encrypted /usr
Comment 1 Eirik Oeverby 2022-07-31 18:29:11 UTC 
Hi,

I'm the original author of this script. Timeout is used there in order to no lock up the boot if key loading is held up by a request for keyboard input or some other unexpected reason.

Possible solutions I can think of include
- check existence of /usr/sbin/timeout and use it only if found
- assume zfs load-key will always return on its own (don't use timeout at all)

Wihout knowing all possible use cases (as I obviously did not, sorry!) I'm not sure what the better way forward is.

Would you have an opinion on this?

/Eirik
Comment 2 Ivan 2022-07-31 23:39:31 UTC 
Hello.

Thank you for your reply.

I think checking for /usr/sbin/timeout is a good solution. If one chooses to encrypt /usr, one should have a good understanding of what one is doing, how booting works, etc. If he gets stuck booting because of a password request, well, freebsd don't forbid you to shoot yourself in the foot.
Comment 3 Mateusz Piotrowski freebsd_committer freebsd_triage 2023-02-01 13:51:12 UTC 
Proposed patch: https://reviews.freebsd.org/D36906
Comment 4 Mateusz Piotrowski freebsd_committer freebsd_triage 2023-02-02 16:36:29 UTC 
Moving timeout to /bin seems like the easiest option. I'm going to commit this patch soon: https://reviews.freebsd.org/D38344
Comment 5 commit-hook freebsd_committer freebsd_triage 2023-02-02 17:36:30 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=e7ab133648a168c4bf7c11da840663c5581771d8

commit e7ab133648a168c4bf7c11da840663c5581771d8
Author:     Mateusz Piotrowski <0mp@FreeBSD.org>
AuthorDate: 2023-02-01 15:24:59 +0000
Commit:     Mateusz Piotrowski <0mp@FreeBSD.org>
CommitDate: 2023-02-02 17:34:35 +0000

    timeout: Move from /usr/bin to /bin

    timeout(1) is used by /etc/rc.d/zfskeys. Unfortunately, having
    timeout(1) installed in /usr/bin causes problems when /usr is an
    encrypted ZFS partition.

    Implementing timeout(1) in sh(1) is not trivial. A more elegant solution
    is to move timeout(1) to /bin so that it is available to early services
    in the boot process.

    PR:             265221
    Reviewed by:    allanjude, des, imp
    Approved by:    allanjude, des, imp
    Reported by:    Ivan <r4@sovserv.ru>
    Fixes:  33ff39796ffe Add zfskeys rc.d script for auto-loading encryption keys
    MFC after:      1 week
    Relnotes:       yes
    Sponsored by:   Modirum MDPay
    Sponsored by:   Klara Inc.
    Differential Revision:  https://reviews.freebsd.org/D38344

 ObsoleteFiles.inc                              | 4 ++++
 bin/Makefile                                   | 1 +
 {usr.bin => bin}/timeout/Makefile              | 2 ++
 {usr.bin => bin}/timeout/Makefile.depend       | 0
 {usr.bin => bin}/timeout/tests/Makefile        | 0
 {usr.bin => bin}/timeout/tests/Makefile.depend | 0
 {usr.bin => bin}/timeout/tests/timeout_test.sh | 0
 {usr.bin => bin}/timeout/timeout.1             | 0
 {usr.bin => bin}/timeout/timeout.c             | 0
 etc/mtree/BSD.tests.dist                       | 4 ++--
 usr.bin/Makefile                               | 1 -
 11 files changed, 9 insertions(+), 3 deletions(-)
Comment 6 commit-hook freebsd_committer freebsd_triage 2023-02-07 17:41:38 UTC 
A commit in branch stable/13 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=0a4f7dbd9e9450cea25af944d47dce578960a1b8

commit 0a4f7dbd9e9450cea25af944d47dce578960a1b8
Author:     Mateusz Piotrowski <0mp@FreeBSD.org>
AuthorDate: 2023-02-01 15:24:59 +0000
Commit:     Mateusz Piotrowski <0mp@FreeBSD.org>
CommitDate: 2023-02-07 17:37:53 +0000

    timeout: Move from /usr/bin to /bin

    timeout(1) is used by /etc/rc.d/zfskeys. Unfortunately, having
    timeout(1) installed in /usr/bin causes problems when /usr is an
    encrypted ZFS partition.

    Implementing timeout(1) in sh(1) is not trivial. A more elegant solution
    is to move timeout(1) to /bin so that it is available to early services
    in the boot process.

    PR:             265221
    Reviewed by:    allanjude, des, imp
    Approved by:    allanjude, des, imp
    Reported by:    Ivan <r4@sovserv.ru>
    Fixes:  33ff39796ffe Add zfskeys rc.d script for auto-loading encryption keys
    Relnotes:       yes
    Sponsored by:   Modirum MDPay
    Sponsored by:   Klara Inc.
    Differential Revision:  https://reviews.freebsd.org/D38344

    (cherry picked from commit e7ab133648a168c4bf7c11da840663c5581771d8)

 ObsoleteFiles.inc                              | 4 ++++
 bin/Makefile                                   | 1 +
 {usr.bin => bin}/timeout/Makefile              | 2 ++
 {usr.bin => bin}/timeout/Makefile.depend       | 0
 {usr.bin => bin}/timeout/tests/Makefile        | 0
 {usr.bin => bin}/timeout/tests/Makefile.depend | 0
 {usr.bin => bin}/timeout/tests/timeout_test.sh | 0
 {usr.bin => bin}/timeout/timeout.1             | 0
 {usr.bin => bin}/timeout/timeout.c             | 0
 etc/mtree/BSD.tests.dist                       | 4 ++--
 usr.bin/Makefile                               | 1 -
 11 files changed, 9 insertions(+), 3 deletions(-)