Bug 102700 - [geli] [patch] Add encrypted /tmp support to GELI/GBDE rc.d scripts
Summary: [geli] [patch] Add encrypted /tmp support to GELI/GBDE rc.d scripts
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: conf (show other bugs)
Version: 6.1-STABLE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-08-30 18:50 UTC by Shaun Amott
Modified: 2017-12-31 22:37 UTC (History)
0 users

See Also:


Attachments
encswap.diff (8.33 KB, patch)
2006-08-30 18:50 UTC, Shaun Amott
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Shaun Amott freebsd_committer 2006-08-30 18:50:20 UTC
The following patch adds support to the geli and gbde rc.d scripts for
one-time encrypted /tmp partitions, much like the "encswap" partitions
that are already supported.

I have been doing this successfully via rc.{early,local} for some time
now, but I feel it would be a useful addition to the standard scripts.


How to use it?

1) Change your /tmp device in /etc/fstab:

   From...
     /dev/ad0s2e      /tmp   ufs  rw   2  2

   To one of...
     /dev/ad0s2e.eli  /tmp  ufs   rw   2  2
     /dev/ad0s2e.bde  /tmp  ufs   rw   2  2

2) Tell the script about it:

   geli_enctmp_devices="ad0s2e"

3) Reboot to find a secure, encrypted /tmp


There was also (it seems) a typo in 'gbde', which has been fixed as part
of the patch:

-	case "${gbde_devices-auto}" in
+	case "${gbde_devices:-enctmp}" in
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2006-08-30 22:29:52 UTC
Responsible Changed
From-To: freebsd-bugs->freebsd-rc

Over to maintainer(s).
Comment 2 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 07:58:27 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped