NetBSD Problem Report #47136
From campbell@mumble.net Sun Oct 28 19:00:19 2012
Return-Path: <campbell@mumble.net>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
by www.NetBSD.org (Postfix) with ESMTP id C2C5763CAFB
for <gnats-bugs@gnats.NetBSD.org>; Sun, 28 Oct 2012 19:00:18 +0000 (UTC)
Message-Id: <20121028185936.825ED604B3@jupiter.mumble.net>
Date: Sun, 28 Oct 2012 18:59:36 +0000 (UTC)
From: Taylor R Campbell <campbell+netbsd@mumble.net>
Reply-To: Taylor R Campbell <campbell+netbsd@mumble.net>
To: gnats-bugs@gnats.NetBSD.org
Subject: encrypting swap is too hard
X-Send-Pr-Version: 3.95
>Number: 47136
>Category: kern
>Synopsis: encrypting swap is too hard
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Oct 28 19:05:00 +0000 2012
>Closed-Date: Sun Apr 18 19:37:39 +0000 2021
>Last-Modified: Sun Apr 18 19:37:39 +0000 2021
>Originator: Taylor R Campbell <campbell+netbsd@mumble.net>
>Release: NetBSD 6.99.12
>Organization:
>Environment:
Architecture: any
Machine: any
>Description:
Swap encryption involves no key management or permanent data
storage for the operator to worry about, so it should be
super-easy to turn on with the flick of a switch, but it's
not. I would like to just do
sysctl -w vm.encrypt_swap=1
or put that into /etc/sysctl.conf, but instead I have to
configure a cgd (which uses up a cgd number and therefore
figures the system's administration in various ways such as
/etc/fstab and /etc/cgd/cgd.conf), set up something in
/etc/rc.local or /etc/rc.conf.d to automatically disklabel it
at the right time, and then tell the system to swap onto it.
>How-To-Repeat:
1. Try to enable swap encryption.
2. Realize that there are a bunch of moving parts to mess with.
3. Give up in frustration.
4. Look for another PR on the subject.
5. Wonder why there wasn't one submitted ten years ago.
6. Write recursive PR.
7. ???
8. Profit?
>Fix:
Yes, please!
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed
State-Changed-By: maya@NetBSD.org
State-Changed-When: Sun, 18 Apr 2021 19:37:39 +0000
State-Changed-Why:
Done by riastradh
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.