diff options
| author | Ben Woods <woodsb02@FreeBSD.org> | 2018-06-26 18:07:16 +0000 |
|---|---|---|
| committer | Ben Woods <woodsb02@FreeBSD.org> | 2018-06-26 18:07:16 +0000 |
| commit | 217df2da0805f63e8d35787929aeaf92815a4c17 (patch) | |
| tree | 4378f61f959ddf39cdd9109c9062f73a9b2bbccd /share/man/man5/rc.conf.5 | |
| parent | 96fa53869c833944247fe2d3e95f7bb4931c1d4d (diff) | |
| download | src-217df2da0805f63e8d35787929aeaf92815a4c17.tar.gz src-217df2da0805f63e8d35787929aeaf92815a4c17.zip | |
geli attach multiple providers
Allow attaching of multiple geli providers at once if they use same
passphrase and keyfiles.
This is helpful when the providers being attached are not used for boot,
and therefore the existing code to first try the cached password when
tasting the providers during boot does not apply.
Multiple providers with the same passphrase and keyfiles can be attached
at the same time during system start-up by adding the following to
rc.conf:
geli_groups="storage backup"
geli_storage_flags="-k /etc/geli/storage.keys"
geli_storage_devices="ada0 ada1"
geli_backup_flags="-j /etc/geli/backup.passfile -k /etc/geli/backup.keys"
geli_backup_devices="ada2 ada3"
Reviewed by: wblock, delphij, jilles
Approved by: sobomax (src), bcr (doc)
Differential Revision: https://reviews.freebsd.org/D12644
Notes
Notes:
svn path=/head/; revision=335673
Diffstat (limited to 'share/man/man5/rc.conf.5')
| -rw-r--r-- | share/man/man5/rc.conf.5 | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5 index 6ad29a639e55..da21c4c94bdb 100644 --- a/share/man/man5/rc.conf.5 +++ b/share/man/man5/rc.conf.5 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd April 21, 2018 +.Dd June 27, 2018 .Dt RC.CONF 5 .Os .Sh NAME @@ -2011,6 +2011,13 @@ List of devices to automatically attach on boot. Note that .eli devices from .Pa /etc/fstab are automatically appended to this list. +.It Va geli_groups +.Pq Vt str +List of groups containing devices to automatically attach on boot with the same +keyfiles and passphrase. +This must be accompanied with a corresponding +.Va geli_ Ns Ao Ar group Ac Ns Va _devices +variable. .It Va geli_tries .Pq Vt int Number of times user is asked for the pass-phrase. @@ -2022,8 +2029,10 @@ sysctl variable. Default flags to use by .Xr geli 8 when configuring disk encryption. -Flags can be configured for every device separately by defining +Flags can be configured for every device separately by defining the .Va geli_ Ns Ao Ar device Ac Ns Va _flags +variable, and for every group separately by defining the +.Va geli_ Ns Ao Ar group Ac Ns Va _flags variable. .It Va geli_autodetach .Pq Vt str @@ -2031,7 +2040,7 @@ Specifies if GELI devices should be marked for detach on last close after file systems are mounted. Default is .Dq Li YES . -This can be changed for every device separately by defining +This can be changed for every device separately by defining the .Va geli_ Ns Ao Ar device Ac Ns Va _autodetach variable. .It Va root_rw_mount |