http://defect.opensolaris.org/bz/show_bug.cgi?id=671
Summary: key -l needs prompts need to indicate which pool/dataset
nd what type of data
Classification: Development
Product: zfs-crypto
Version: unspecified
Platform: Other
OS/Version: Solaris
Status: NEW
Severity: major
Priority: P2
Component: other
AssignedTo: darrenm at opensolaris.org
ReportedBy: darrenm at opensolaris.org
QAContact: hua.tang at sun.com
CC: zfs-crypto-discuss at opensolaris.org
Estimated Hours: 0.0
If you have multiple pools that need their passphrase entered it is possible
to run zpool key -l with no pool name.
However there is no indication to the user which pool the passphrase is being
requested for.
The prompt is also wrong because it requests the user to "Enter key:" it isn't
a key they are entering in all cases.
This means we need to stop using pkcs11_get_pass() as it won't give the correct
prompts.
The following are the types of prompts required:
keysource=passphrase,prompt
# zpool key -l tank
Enter passphrase for pool "tank":
keysource=raw,prompt
# zpool key -l tank
Enter raw key for pool "tank":
keysource=hex,prompt
# zpool key -l tank
Enter hex key for pool "tank":
Multiple pools with different keysource types
# zpool key -l
Enter passphrase for pool "tank":
Enter hex key for pool "bus":
Enter raw key for pool "car":
Note that in no cases we should NOT be trying a previously entered key, eg
where there are 3 pools all with the same passphrase.
Similarly for dataset prompting:
keyscope=dataset keysource=passphrase,prompt
$ zfs key -l tank/home/bob
Enter passphrase for dataset "tank/home/bob:
I could be convinced that the "for pool" or "for dataset" may not be necessary
since it should be implicit from which command was run but unless there is a
major issue providing it I think it is helpful to the user.
--
Configure bugmail: http://defect.opensolaris.org/bz/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
