Hi Team As my first bug report, I'll take the opportunity to say thanks! to everyone who contributes. I have a fresh install of Free 11.1 in a Parallels VM on my Mac. I used ZFS auto-layout on installation; ZFS seems unrelated to the problem described here. Problem 1: Everything is fine until I add 'password="test"' to the /boot/loader.conf. Rebooting then fails: Loading /boot/defaults/loader.conf can't load 'kernel' no valid kernel found ...and then I'm dropped into the (Forth I think) shell/interpreter. At this point, if I try to "autoboot", I get these errors again: can't load 'kernel' no valid kernel found But if I simply "boot", everything proceeds correctly. The "show" command reveals: kernel=kernel kernel_options= ...and the mystic variable "kernelname" is not set at this point (added to boot.c in Git revision https://github.com/freebsd/freebsd/commit/475f83c70ca2a39eacdb9dfe774681a8e8c2f305#diff-337b216f8bcf5c9351318742f496b65e). This seems to be a problem beyond just my experience: https://forums.freebsd.org/threads/58292/. It seems to be unrelated to the previous problem described in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=170110. I don't know if it makes a difference that line 80 of sys/boot/common/boot.c calls loadakernel(0, argc - 1, argv + 1); in the boot case, but only loadakernel(0, 0, argv); in the autoboot case? (Sorry, I don't have the understanding to try to debug further). ---- Problem 2: Once we've failed to boot, and dropped to the interpreter, a simple "show" will reveal the boot password in plain text as one of the environment variables. I suppose it would be a kludgy workaround to filter out the password variables from "command_show" in sys/boot/common/commands.c; but that would have other unintended consequences for debugging? Is it not possible to integrate a lightweight hashing function to rather hash the password in loader.conf for comparison in the boot loader? Thanks!
Some additional notes: a. If I remove the 'password="test"' from loader.conf, everything works again. So it does seem to be that when we go through the sys/boot/forth/check-password.4th code path that the environment for autoboot is subtly different. b. Regarding problem 2, I also noticed that the /boot directory and loader.conf are world-readable by default, which leaks the boot password in plain text to any user on the system. Should I raise a separate issue for that?
This is tracked in bug #207069 You can try solution mentioned there https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207069#c1 It would be great if you can comment afterwards if it did solve your problems.
*** This bug has been marked as a duplicate of bug 207069 ***