Search the web
Sign In
New User? Sign Up
FreeBSD-rc · Improving FreeBSD startup scripts
  • Members Only
  • Files
  • Photos
  • Database
  • Polls
  • Members
  • Promote
  • Groups Labs (Beta)
? Already a member? Sign in to Yahoo!

Yahoo! Groups Tips

Did you know...
Message search is now enhanced, find messages faster. Take it for a spin.

Best of Y! Groups

   Check them out and nominate your group.
Having problems with message search? Fill out this form to ensure your group is one of the first to be migrated to the new message search system.

Messages

   Messages Help
Message #
Search:
Advanced
Re: 5.0 without swap   Message List  
Reply | Forward Message #41 of 729 |
This is good stuff Geoffrey.... we may just "borrow" it. :) I know
you'ved saved me some work personally, as playing with gdbe is high on my
list of things to do.

Doug


On Sat, 11 Jan 2003, Geoffrey T. Falk wrote:

> For encrypting swap, try this:
>
>
> --- etc/rc.d/Makefile 22 Dec 2002 22:25:53 -0000 1.10
> +++ etc/rc.d/Makefile 12 Jan 2003 03:54:40 -0000
> @@ -4,7 +4,7 @@
> .include <bsd.own.mk>
>
> FILES= DAEMON LOGIN NETWORKING SERVERS abi accounting addswap adjkerntz amd \
> - apm apmd atm1 atm2.sh atm3.sh archdep bgfsck bootparams ccd cleanvar \
> + apm apmd atm1 atm2.sh atm3.sh archdep bdeswap bgfsck bootparams ccd
cleanvar \
> cleartmp cron devd devdb devfs diskless dmesg dumpon fsck inetd \
> initdiskless initrandom ip6fw ipfilter ipfw ipmon ipnat ipsec \
> ipxrouted isdnd kadmind kerberos keyserv ldconfig local \
>
>
>
>
>
>
> ######## etc/rc.d/bdeswap (new file):
>
> #!/bin/sh
> #
> # /usr/src/etc/rc.d/bdeswap
> #
> # Copyright (c) 2003 by Geoffrey T. Falk <gtf@...>.
> # All rights reserved.
> #
> # Prepare encrypted swap devices using GBDE
> #
> # Swap devices must be specified in /etc/fstab
> # as the bde device. This script detects all such
> # devices and configures them before they are
> # activated. Device should be specified with "noauto"
> # so that it is not picked up by swap1.
> # fstab Example:
> #/dev/ad0s1b.bde none swap sw,noauto 0 0
>
> # PROVIDE: bdeswap
> # REQUIRE: mountcritlocal
> # BEFORE: sysctl
> # KEYWORD: FreeBSD
>
> . /etc/rc.subr
>
> name="bdeswap"
> start_cmd="bdeswap_start"
> stop_cmd=":"
>
> # Generate a random password
> #
> randpass() {
> dd if=/dev/random bs=128 count=1 | cat -v
> }
>
> bde_attach()
> {
> DEV="$1"
> echo "Attaching encrypted swap device ${DEV}.bde"
>
> DEVBASE="`basename $DEV`"
> LOCK="/tmp/.gbde_lock.$DEVBASE"
> PASSWORD=`randpass`
> gbde init "$DEV" -P "$PASSWORD" -L "$LOCK"
> gbde attach "$DEV" -l "$LOCK" -p "$PASSWORD"
> }
>
> bdeswap_start()
> {
> case ${bde_swap} in
> [Yy][Ee][Ss])
> # Gather raw device name for each BDE swap device
> grep '^/dev/\w*\.bde\W*none\W*swap' /etc/fstab | \
> awk -F. '{print $1}' | \
> while read DEV; do
> bde_attach "$DEV"
> swapon "$DEV".bde
> done
> ;;
> esac
> }
>
> load_rc_config $name
> run_rc_command "$1"
>
>
>
> ###########
>
> Geoffrey
>
>
>
> To Unsubscribe: send mail to majordomo@...
> with "unsubscribe freebsd-current" in the body of the message
>
>

--
"We have known freedom's price. We have shown freedom's power.
And in this great conflict, ... we will see freedom's victory."
- George W. Bush, President of the United States
State of the Union, January 28, 2002

Do YOU Yahoo!?
Sun Jan 12, 2003 4:43 am

Show Message Option
DougB@...
Send Email Send Email

Forward 		Message #41 of 729 |
Expand Messages Author Sort by Date

This is good stuff Geoffrey.... we may just "borrow" it. :) I know you'ved saved me some work personally, as playing with gdbe is high on my list of things to... 		Doug Barton
DougB@...
Send Email 		Jan 12, 2003
4:43 am
< Prev Topic  |  Next Topic >
Message #
Search:
Advanced
Copyright © 2009 Yahoo! Inc. All rights reserved.
Privacy Policy - Terms of Service - Guidelines - Help