diff --git a/libexec/rc/rc.conf b/libexec/rc/rc.conf index c91f13bd9812..2bd8af67c602 100644 --- a/libexec/rc/rc.conf +++ b/libexec/rc/rc.conf @@ -86,12 +86,6 @@ zfsd_enable="NO" # Set to YES to automatically start the ZFS fault gptboot_enable="YES" # GPT boot success/failure reporting. -# Experimental - test before enabling -gbde_autoattach_all="NO" # YES automatically mounts gbde devices from fstab -gbde_devices="NO" # Devices to automatically attach (list, or AUTO) -gbde_attach_attempts="3" # Number of times to attempt attaching gbde devices -gbde_lockdir="/etc" # Where to look for gbde lockfiles - # GELI disk encryption configuration. geli_devices="" # List of devices to automatically attach in addition to # GELI devices listed in /etc/fstab. diff --git a/libexec/rc/rc.d/gbde b/libexec/rc/rc.d/gbde deleted file mode 100755 index 295972a5697b..000000000000 --- a/libexec/rc/rc.d/gbde +++ /dev/null @@ -1,119 +0,0 @@ -#!/bin/sh -# -# This file, originally written by Garrett A. Wollman, is in the public -# domain. -# -# - -# PROVIDE: disks -# KEYWORD: nojail - -. /etc/rc.subr - -name="gbde" -desc="GEOM Based Disk Encryption" -start_precmd="find_gbde_devices start" -stop_precmd="find_gbde_devices stop" -start_cmd="gbde_start" -stop_cmd="gbde_stop" - -find_gbde_devices() -{ - case "${gbde_devices-auto}" in - [Aa][Uu][Tt][Oo]) - gbde_devices="" - ;; - *) - return 0 - ;; - esac - - case "$1" in - start) - fstab="/etc/fstab" - ;; - stop) - fstab=$(mktemp /tmp/mtab.XXXXXX) - mount -p >${fstab} - ;; - esac - - # - # We can't use "mount -p | while ..." because when a shell loop - # is the target of a pipe it executes in a subshell, and so can't - # modify variables in the script. - # - while read device mountpt type options dump pass; do - case "$device" in - *.bde) - # Ignore swap devices - case "$type" in - swap) - continue - ;; - esac - - case "$options" in - *noauto*) - if checkyesno gbde_autoattach_all; then - gbde_devices="${gbde_devices} ${device}" - fi - ;; - *) - gbde_devices="${gbde_devices} ${device}" - ;; - esac - ;; - esac - done <${fstab} - - case "$1" in - stop) - rm -f ${fstab} - ;; - esac - - return 0 -} - -gbde_start() -{ - for device in $gbde_devices; do - parent=${device%.bde} - parent=${parent#/dev/} - parent_=`ltr ${parent} '/' '_'` - eval "lock=\${gbde_lock_${parent_}-\"${gbde_lockdir}/${parent_}.lock\"}" - if [ -e "/dev/${parent}" -a ! -e "/dev/${parent}.bde" ]; then - echo "Configuring Disk Encryption for ${parent}." - - count=1 - while [ ${count} -le ${gbde_attach_attempts} ]; do - if [ -e "${lock}" ]; then - gbde attach ${parent} -l ${lock} - else - gbde attach ${parent} - fi - if [ -e "/dev/${parent}.bde" ]; then - break - fi - echo "Attach failed; attempt ${count} of ${gbde_attach_attempts}." - count=$((${count} + 1)) - done - fi - done -} - -gbde_stop() -{ - for device in $gbde_devices; do - parent=${device%.bde} - parent=${parent#/dev/} - if [ -e "/dev/${parent}.bde" ]; then - umount "/dev/${parent}.bde" 2>/dev/null - gbde detach "${parent}" - fi - done -} - -load_rc_config $name -run_rc_command "$1"