diff --git a/tzpfms.pdf b/tzpfms.pdf index d10d7bc..ec69d85 100644 Binary files a/tzpfms.pdf and b/tzpfms.pdf differ diff --git a/tzpfms.ps b/tzpfms.ps index 4cdbdb6..d544560 100644 --- a/tzpfms.ps +++ b/tzpfms.ps @@ -1,6 +1,6 @@ %!PS-Adobe-3.0 %%Creator: groff version 1.22.4 -%%CreationDate: Sat Nov 20 13:28:02 2021 +%%CreationDate: Wed Nov 24 12:24:43 2021 %%DocumentNeededResources: font Times-Roman %%+ font Times-Bold %%+ font Courier-Bold @@ -305,8 +305,8 @@ R 12(awa -)102 606 R 6(available yes)54 F($)102 630 Q F2 1.666 (KEYSTATUS COHERENT)12 F 6(owo/venc TPM2)102 654 R 6(unavailable yes)36 F($)102 678 Q F2 1.666(zfs-tpm-list \255ra)6 F F3(owo)6 E F4 30 (NAME BACK-END)102 690 R 18(KEYSTATUS COHERENT)12 F 6(owo/venc TPM2)102 -702 R 6(unavailable yes)36 F F0(tzpfms 0.1-18)72 750 Q(No)138.745 E -.15 -(ve)-.15 G(mber 20, 2021).15 E(1)189.295 E 0 Cg EP +702 R 6(unavailable yes)36 F F0(tzpfms 0.1-19)72 750 Q(No)138.745 E -.15 +(ve)-.15 G(mber 24, 2021).15 E(1)189.295 E 0 Cg EP %%Page: 2 2 %%BeginPageSetup BP @@ -330,7 +330,7 @@ G 6(vailable yes)-54 F 12(owo/enc TPM1.X)102 204 R 6(available yes)24 F -.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F3(https://lists.sr)2.5 E (.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F3 1.666(SEE ALSO)72 354 R (https://git.sr)102 366 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0 -(tzpfms 0.1-18)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 20, 2021).15 E +(tzpfms 0.1-19)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 24, 2021).15 E (2)189.295 E 0 Cg EP %%Page: 3 3 %%BeginPageSetup @@ -419,8 +419,8 @@ F0(Sa)191 618 Q .806 -.15(ve a b)-.2 H .506(ack-up of the k).15 F .805 (case of a catastrophic e)3.181 F -.15(ve)-.25 G .682(nt, the k).15 F .982 -.15(ey c)-.1 H(an).15 E(be loaded by running)191 642 Q F2 (zfs load-key)221 654 Q F3(dataset)6 E F5(<)6 E F3(backup-file)6 E F1 -(ENVIR)72 678 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F0(tzpfms 0.1-18) -72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 20, 2021).15 E(3)189.295 E 0 +(ENVIR)72 678 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F0(tzpfms 0.1-19) +72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 24, 2021).15 E(3)189.295 E 0 Cg EP %%Page: 4 4 %%BeginPageSetup @@ -429,26 +429,26 @@ BP /F0 10/Times-Roman@0 SF -.834(ZFS-TPM1X-CHANGE-KEY \(8\))72 48 R (System Manager')46.109 E 2.5(sM)-.55 G 41.109 (anual ZFS-TPM1X-CHANGE-KEY)-2.5 F(\(8\))1.666 E/F1 10/Courier@0 SF -(TZPFMS_PASSPHRASE_HELPER)102 96 Q F0 1.134(If set and nonempty)143 108 -R 3.634(,w)-.65 G 1.134(ill be run via)-3.634 F F1(/bin/)3.633 E/F2 10 -/Courier-Bold@0 SF 2.799(sh \255c)B F0 1.133(to pro)3.633 F 1.133 -(vide a passphrase, instead of reading)-.15 F -(from the standard input stream.)143 120 Q .188 -(The standard output stream of the helper is tied to an anon)143 138 R -.189(ymous \214le and used in its entirety as the)-.15 F(passphrase, e) -143 150 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65 -(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F1($1)155 162 Q F0 .803 -(Pre-formatted noun phrase with all the information belo)172 162 R 2.103 --.65(w, l)-.25 H(ik).65 E 3.302(e")-.1 G -.15(Pa)-3.302 G .802 -(ssphrase for tarta-zoot").15 F(or "Ne)172 174 Q 2.5(wp)-.25 G -(assphrase for tarta-zoot \(ag)-2.5 E(ain\)")-.05 E F1($2)155 186 Q F0 -(Either the dataset name or the element of the TPM hierarch)172 186 Q(y) --.05 E F1($3)155 198 Q F0("ne)172 198 Q(w" if this is for a ne)-.25 E -2.5(wp)-.25 G(assphrase)-2.5 E F1($4)155 210 Q F0("ag)172 210 Q -(ain" if it')-.05 E 2.5(st)-.55 G(he second prompt for that passphrase) --2.5 E .181(If the helper doesn')143 228 R 2.681(te)-.18 G 1.847 -(xist \()-2.831 F .181(the shell e)1.666 F .181(xits with)-.15 F/F3 10 -/Times-Bold@0 SF(127)2.681 E F0 -3.151 1.666(\), a d)1.666 H .181 +(TZPFMS_PASSPHRASE_HELPER)102 96 Q F0 .466(By def)143 108 R .466(ault, \ +passphrases are prompted for and read in on the standard output and inp\ +ut streams.)-.1 F(If)5.465 E F1(TZPFMS_PASSPHRASE_HELPER)143 120 Q F0 +.516(is set and nonempty)3.016 F 3.016(,i)-.65 G 3.016(tw)-3.016 G .517 +(ill be run via)-3.016 F F1(/bin/)3.017 E/F2 10/Courier-Bold@0 SF 2.183 +(sh \255c)B F0 .517(to pro-)3.017 F(vide each passphrase, instead.)143 +132 Q .189(The standard output stream of the helper is tied to an anon) +143 150 R .188(ymous \214le and used in its entirety as the)-.15 F +(passphrase, e)143 162 Q(xcept for a trailing ne)-.15 E(w-line, if an) +-.25 E 3.8 -.65(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F1($1)155 +174 Q F0(Pre-formatted noun phrase with all the information belo)172 174 +Q 1.3 -.65(w, f)-.25 H(or use as a prompt).65 E F1($2)155 186 Q F0 +(Either the dataset name or the element of the TPM hierarch)172 186 Q +2.5(yb)-.05 G(eing prompted for)-2.5 E F1($3)155 198 Q F0("ne)172 198 Q +(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank) +-2.5 E F1($4)155 210 Q F0("ag)172 210 Q(ain" if it')-.05 E 2.5(st)-.55 G +(he second prompt for that passphrase, otherwise blank)-2.5 E .181 +(If the helper doesn')143 228 R 2.681(te)-.18 G 1.847(xist \()-2.831 F +.181(the shell e)1.666 F .181(xits with)-.15 F/F3 10/Times-Bold@0 SF +(127)2.681 E F0 -3.151 1.666(\), a d)1.666 H .181 (iagnostic is issued and the normal prompt)-1.666 F(is used as f)143 240 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15 G (ther reason, the prompting is aborted.)-2.5 E F3 1.666 @@ -479,7 +479,7 @@ E(ousers)-.18 E F0(.)A 5.109(The TPM 1.2 main speci\214cation inde)102 -.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F3(https://lists.sr)2.5 E (.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F3 1.666(SEE ALSO)72 546 R (https://git.sr)102 558 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0 -(tzpfms 0.1-18)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 20, 2021).15 E +(tzpfms 0.1-19)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 24, 2021).15 E (4)189.295 E 0 Cg EP %%Page: 5 5 %%BeginPageSetup @@ -531,7 +531,7 @@ E(ousers)-.18 E F0(.)A 5.109(The TPM 1.2 main speci\214cation inde)102 -.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F1(https://lists.sr)2.5 E (.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F1 1.666(SEE ALSO)72 540 R (https://git.sr)102 552 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0 -(tzpfms 0.1-18)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 20, 2021).15 E +(tzpfms 0.1-19)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 24, 2021).15 E (5)189.295 E 0 Cg EP %%Page: 6 6 %%BeginPageSetup @@ -560,40 +560,41 @@ F(roes\); then for the additional passphrase, set when creating the k) 2.679(sa).15 G .179(lready loaded.)-2.679 F(Equi)5.179 E -.25(va)-.25 G .179(lent to).25 F F2 .179(zfs load-key)2.679 F F0 -.55('s)C F2 4.895 E F0(option.)119 300 Q F1(ENVIR)72 324 Q 1.666(ONMENT V)-.3 F -(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)102 336 Q F0 1.134 -(If set and nonempty)143 348 R 3.634(,w)-.65 G 1.134(ill be run via) --3.634 F F4(/bin/)3.633 E F2 2.799(sh \255c)B F0 1.133(to pro)3.633 F -1.133(vide a passphrase, instead of reading)-.15 F -(from the standard input stream.)143 360 Q .188 -(The standard output stream of the helper is tied to an anon)143 378 R -.189(ymous \214le and used in its entirety as the)-.15 F(passphrase, e) -143 390 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65 -(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)155 402 Q F0 .803 -(Pre-formatted noun phrase with all the information belo)172 402 R 2.103 --.65(w, l)-.25 H(ik).65 E 3.302(e")-.1 G -.15(Pa)-3.302 G .802 -(ssphrase for tarta-zoot").15 F(or "Ne)172 414 Q 2.5(wp)-.25 G -(assphrase for tarta-zoot \(ag)-2.5 E(ain\)")-.05 E F4($2)155 426 Q F0 -(Either the dataset name or the element of the TPM hierarch)172 426 Q(y) --.05 E F4($3)155 438 Q F0("ne)172 438 Q(w" if this is for a ne)-.25 E -2.5(wp)-.25 G(assphrase)-2.5 E F4($4)155 450 Q F0("ag)172 450 Q -(ain" if it')-.05 E 2.5(st)-.55 G(he second prompt for that passphrase) --2.5 E .181(If the helper doesn')143 468 R 2.681(te)-.18 G 1.847 -(xist \()-2.831 F .181(the shell e)1.666 F .181(xits with)-.15 F F1(127) -2.681 E F0 -3.151 1.666(\), a d)1.666 H .181 -(iagnostic is issued and the normal prompt)-1.666 F(is used as f)143 480 -Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15 G -(ther reason, the prompting is aborted.)-2.5 E F1 1.666 -(TPM1.X back-end con\214guration)72 504 R .625(TPM selection)84 516 R F0 -(The)102 528 Q F2(tzpfms)2.768 E F0 .267(suite connects to a local)2.767 -F F4(tcsd)2.767 E F0 .267(\(8\) process)B 1.666(\(a)4.433 G(t)-1.666 E -F4(localhost:30003)2.767 E F0 4.433(\)b)1.666 G 2.767(yd)-4.433 G(ef) --2.767 E 2.767(ault. Use)-.1 F .267(the en-)2.767 F(vironment v)102 540 -Q(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0 -(to specify a remote TCS hostname.)2.5 E .391(The T)102 558 R(rouSerS) --.35 E F4(tcsd)2.891 E F0 .391(\(8\) daemon will try)B F4(/dev/tpm0) -2.892 E F0 2.892(,t)C(hen)-2.892 E F4(/udev/tpm0)2.892 E F0 2.892(,t)C -(hen)-2.892 E F4(/dev/tpm)2.892 E F0 2.892(;b)C 2.892(yo)-2.892 G(ccup) --2.892 E(ying)-.1 E(one of the earlier ones with, for e)102 570 Q +(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)102 336 Q F0 .466(By def) +143 348 R .466(ault, passphrases are prompted for and read in on the st\ +andard output and input streams.)-.1 F(If)5.465 E F4 +(TZPFMS_PASSPHRASE_HELPER)143 360 Q F0 .516(is set and nonempty)3.016 F +3.016(,i)-.65 G 3.016(tw)-3.016 G .517(ill be run via)-3.016 F F4(/bin/) +3.017 E F2 2.183(sh \255c)B F0 .517(to pro-)3.017 F +(vide each passphrase, instead.)143 372 Q .189 +(The standard output stream of the helper is tied to an anon)143 390 R +.188(ymous \214le and used in its entirety as the)-.15 F(passphrase, e) +143 402 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65 +(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)155 414 Q F0 +(Pre-formatted noun phrase with all the information belo)172 414 Q 1.3 +-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)155 426 Q F0 +(Either the dataset name or the element of the TPM hierarch)172 426 Q +2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)155 438 Q F0("ne)172 438 Q +(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank) +-2.5 E F4($4)155 450 Q F0("ag)172 450 Q(ain" if it')-.05 E 2.5(st)-.55 G +(he second prompt for that passphrase, otherwise blank)-2.5 E .181 +(If the helper doesn')143 468 R 2.681(te)-.18 G 1.847(xist \()-2.831 F +.181(the shell e)1.666 F .181(xits with)-.15 F F1(127)2.681 E F0 -3.151 +1.666(\), a d)1.666 H .181(iagnostic is issued and the normal prompt) +-1.666 F(is used as f)143 480 Q 2.5(all-back. If)-.1 F(it f)2.5 E +(ails for an)-.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.) +-2.5 E F1 1.666(TPM1.X back-end con\214guration)72 504 R .625 +(TPM selection)84 516 R F0(The)102 528 Q F2(tzpfms)2.768 E F0 .267 +(suite connects to a local)2.767 F F4(tcsd)2.767 E F0 .267 +(\(8\) process)B 1.666(\(a)4.433 G(t)-1.666 E F4(localhost:30003)2.767 E +F0 4.433(\)b)1.666 G 2.767(yd)-4.433 G(ef)-2.767 E 2.767(ault. Use)-.1 F +.267(the en-)2.767 F(vironment v)102 540 Q(ariable)-.25 E F4 +(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .391 +(The T)102 558 R(rouSerS)-.35 E F4(tcsd)2.891 E F0 .391 +(\(8\) daemon will try)B F4(/dev/tpm0)2.892 E F0 2.892(,t)C(hen)-2.892 E +F4(/udev/tpm0)2.892 E F0 2.892(,t)C(hen)-2.892 E F4(/dev/tpm)2.892 E F0 +2.892(;b)C 2.892(yo)-2.892 G(ccup)-2.892 E(ying)-.1 E +(one of the earlier ones with, for e)102 570 Q (xample, shell redirection, a later one can be selected.)-.15 E F1 .625 (See also)84 594 R F0(The T)102 606 Q(rouSerS project page at)-.35 E F1 (https://sour)2.5 E(cef)-.18 E(or)-.25 E(ge.net/pr)-.1 E(ojects/tr)-.18 @@ -602,8 +603,8 @@ E(ousers)-.18 E F0(.)A 5.109(The TPM 1.2 main speci\214cation inde)102 (oup.or)-.18 E(g/r)-.1 E(esour)-.18 E(ce/tpm-main-)-.18 E (speci\214cation)102 636 Q F0(.)A F1 1.666(SPECIAL THANKS)72 660 R F0 1.6 -.8(To a)102 672 T(ll who support further de).8 E -.15(ve)-.25 G -(lopment, in particular:).15 E(tzpfms 0.1-18)72 750 Q(No)138.745 E -.15 -(ve)-.15 G(mber 20, 2021).15 E(6)189.295 E 0 Cg EP +(lopment, in particular:).15 E(tzpfms 0.1-19)72 750 Q(No)138.745 E -.15 +(ve)-.15 G(mber 24, 2021).15 E(6)189.295 E 0 Cg EP %%Page: 7 7 %%BeginPageSetup BP @@ -618,7 +619,7 @@ BP (rchi)-2.5 E -.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F1(https://lists.sr) 2.5 E(.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F1 1.666(SEE ALSO)72 198 R (https://git.sr)102 210 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0 -(tzpfms 0.1-18)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 20, 2021).15 E +(tzpfms 0.1-19)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 24, 2021).15 E (7)189.295 E 0 Cg EP %%Page: 8 8 %%BeginPageSetup @@ -710,7 +711,7 @@ F(This)5.505 E(back-up)191 630 Q F4(must)3.181 E F0 .681 .682(nt, the k).15 F .982 -.15(ey c)-.1 H(an).15 E(be loaded by running) 191 642 Q F2(zfs load-key)221 654 Q F3(dataset)6 E F5(<)6 E F3 (backup-file)6 E F1(ENVIR)72 678 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E -F0(tzpfms 0.1-18)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 20, 2021).15 +F0(tzpfms 0.1-19)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 24, 2021).15 E(8)189.295 E 0 Cg EP %%Page: 9 9 %%BeginPageSetup @@ -719,26 +720,26 @@ BP /F0 10/Times-Roman@0 SF -.834(ZFS-TPM2-CHANGE-KEY \(8\))72 48 R (System Manager')53.329 E 2.5(sM)-.55 G 48.329 (anual ZFS-TPM2-CHANGE-KEY)-2.5 F(\(8\))1.666 E/F1 10/Courier@0 SF -(TZPFMS_PASSPHRASE_HELPER)102 96 Q F0 1.134(If set and nonempty)143 108 -R 3.634(,w)-.65 G 1.134(ill be run via)-3.634 F F1(/bin/)3.633 E/F2 10 -/Courier-Bold@0 SF 2.799(sh \255c)B F0 1.133(to pro)3.633 F 1.133 -(vide a passphrase, instead of reading)-.15 F -(from the standard input stream.)143 120 Q .188 -(The standard output stream of the helper is tied to an anon)143 138 R -.189(ymous \214le and used in its entirety as the)-.15 F(passphrase, e) -143 150 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65 -(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F1($1)155 162 Q F0 .803 -(Pre-formatted noun phrase with all the information belo)172 162 R 2.103 --.65(w, l)-.25 H(ik).65 E 3.302(e")-.1 G -.15(Pa)-3.302 G .802 -(ssphrase for tarta-zoot").15 F(or "Ne)172 174 Q 2.5(wp)-.25 G -(assphrase for tarta-zoot \(ag)-2.5 E(ain\)")-.05 E F1($2)155 186 Q F0 -(Either the dataset name or the element of the TPM hierarch)172 186 Q(y) --.05 E F1($3)155 198 Q F0("ne)172 198 Q(w" if this is for a ne)-.25 E -2.5(wp)-.25 G(assphrase)-2.5 E F1($4)155 210 Q F0("ag)172 210 Q -(ain" if it')-.05 E 2.5(st)-.55 G(he second prompt for that passphrase) --2.5 E .181(If the helper doesn')143 228 R 2.681(te)-.18 G 1.847 -(xist \()-2.831 F .181(the shell e)1.666 F .181(xits with)-.15 F/F3 10 -/Times-Bold@0 SF(127)2.681 E F0 -3.151 1.666(\), a d)1.666 H .181 +(TZPFMS_PASSPHRASE_HELPER)102 96 Q F0 .466(By def)143 108 R .466(ault, \ +passphrases are prompted for and read in on the standard output and inp\ +ut streams.)-.1 F(If)5.465 E F1(TZPFMS_PASSPHRASE_HELPER)143 120 Q F0 +.516(is set and nonempty)3.016 F 3.016(,i)-.65 G 3.016(tw)-3.016 G .517 +(ill be run via)-3.016 F F1(/bin/)3.017 E/F2 10/Courier-Bold@0 SF 2.183 +(sh \255c)B F0 .517(to pro-)3.017 F(vide each passphrase, instead.)143 +132 Q .189(The standard output stream of the helper is tied to an anon) +143 150 R .188(ymous \214le and used in its entirety as the)-.15 F +(passphrase, e)143 162 Q(xcept for a trailing ne)-.15 E(w-line, if an) +-.25 E 3.8 -.65(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F1($1)155 +174 Q F0(Pre-formatted noun phrase with all the information belo)172 174 +Q 1.3 -.65(w, f)-.25 H(or use as a prompt).65 E F1($2)155 186 Q F0 +(Either the dataset name or the element of the TPM hierarch)172 186 Q +2.5(yb)-.05 G(eing prompted for)-2.5 E F1($3)155 198 Q F0("ne)172 198 Q +(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank) +-2.5 E F1($4)155 210 Q F0("ag)172 210 Q(ain" if it')-.05 E 2.5(st)-.55 G +(he second prompt for that passphrase, otherwise blank)-2.5 E .181 +(If the helper doesn')143 228 R 2.681(te)-.18 G 1.847(xist \()-2.831 F +.181(the shell e)1.666 F .181(xits with)-.15 F/F3 10/Times-Bold@0 SF +(127)2.681 E F0 -3.151 1.666(\), a d)1.666 H .181 (iagnostic is issued and the normal prompt)-1.666 F(is used as f)143 240 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15 G (ther reason, the prompting is aborted.)-2.5 E F3 1.666 @@ -774,7 +775,7 @@ E F0 .576(will be tried,)3.076 F(in order)102 348 Q 1.666(\(s)4.166 G F3(https://lists.sr)2.5 E(.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F3 1.666(SEE ALSO)72 576 R F1(tpm2_unseal)102 588 Q F0(\(1\))A F3 (https://git.sr)102 606 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0 -(tzpfms 0.1-18)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 20, 2021).15 E +(tzpfms 0.1-19)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 24, 2021).15 E (9)189.295 E 0 Cg EP %%Page: 10 10 %%BeginPageSetup @@ -800,39 +801,38 @@ F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM2)2.5 E F0(:)A 6.985 F0 2.5(}p)C(roperties from)-2.5 E F3(dataset)2.5 E F0(.)A(See)102 246 Q F4(zfs-tpm2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1 (ENVIR)72 270 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F4 -(TZPFMS_PASSPHRASE_HELPER)102 282 Q F0 1.133(If set and nonempty)143 294 -R 3.633(,w)-.65 G 1.133(ill be run via)-3.633 F F4(/bin/)3.633 E F2 -2.799(sh \255c)B F0 1.134(to pro)3.633 F 1.134 -(vide a passphrase, instead of reading)-.15 F -(from the standard input stream.)143 306 Q .189 -(The standard output stream of the helper is tied to an anon)143 324 R -.188(ymous \214le and used in its entirety as the)-.15 F(passphrase, e) -143 336 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65 -(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)155 348 Q F0 .803 -(Pre-formatted noun phrase with all the information belo)172 348 R 2.103 --.65(w, l)-.25 H(ik).65 E 3.303(e")-.1 G -.15(Pa)-3.303 G .803 -(ssphrase for tarta-zoot").15 F(or "Ne)172 360 Q 2.5(wp)-.25 G -(assphrase for tarta-zoot \(ag)-2.5 E(ain\)")-.05 E F4($2)155 372 Q F0 -(Either the dataset name or the element of the TPM hierarch)172 372 Q(y) --.05 E F4($3)155 384 Q F0("ne)172 384 Q(w" if this is for a ne)-.25 E -2.5(wp)-.25 G(assphrase)-2.5 E F4($4)155 396 Q F0("ag)172 396 Q -(ain" if it')-.05 E 2.5(st)-.55 G(he second prompt for that passphrase) --2.5 E .181(If the helper doesn')143 414 R 2.681(te)-.18 G 1.847 -(xist \()-2.831 F .181(the shell e)1.666 F .181(xits with)-.15 F F1(127) -2.681 E F0 -3.151 1.666(\), a d)1.666 H .181 -(iagnostic is issued and the normal prompt)-1.666 F(is used as f)143 426 -Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15 G -(ther reason, the prompting is aborted.)-2.5 E F1 1.666 -(TPM2 back-end con\214guration)72 450 R(En)84 462 Q(vir)-.4 E .625 -(onment v)-.18 F(ariables)-.1 E F4(TSS2_LOG)102 474 Q F0(An)155 474 Q -2.5(yo)-.15 G(f:)-2.5 E F1(NONE)2.5 E F0(,)A F1(ERR)2.5 E(OR)-.3 E F0(,) -A F1 -1.2(WA)2.5 G(RNING)1.2 E F0(,)A F1(INFO)2.5 E F0(,)A F1(DEB)2.5 E -(UG)-.1 E F0(,)A F1(TRA)2.5 E(CE)-.55 E F0 5(.D)C(ef)-5 E(ault:)-.1 E F1 --1.2(WA)2.5 G(RNING)1.2 E F0(.)A F1 .625(TPM selection)84 498 R F0 .516 -(The library)102 510 R F2(libtss2-tcti-default.so)3.016 E F0 .516 -(can be link)3.016 F .516(ed to an)-.1 F 3.017(yo)-.15 G 3.017(ft)-3.017 -G(he)-3.017 E F4(libtss2-tcti-)3.017 E/F5 10/Symbol SF(*)A F4(.so)A F0 -(libraries)3.017 E .576(to select the def)102 522 R .576 +(TZPFMS_PASSPHRASE_HELPER)102 282 Q F0 .465(By def)143 294 R .466(ault,\ + passphrases are prompted for and read in on the standard output and in\ +put streams.)-.1 F(If)5.466 E F4(TZPFMS_PASSPHRASE_HELPER)143 306 Q F0 +.517(is set and nonempty)3.017 F 3.017(,i)-.65 G 3.017(tw)-3.017 G .516 +(ill be run via)-3.017 F F4(/bin/)3.016 E F2 2.182(sh \255c)B F0 .516 +(to pro-)3.016 F(vide each passphrase, instead.)143 318 Q .188 +(The standard output stream of the helper is tied to an anon)143 336 R +.189(ymous \214le and used in its entirety as the)-.15 F(passphrase, e) +143 348 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65 +(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)155 360 Q F0 +(Pre-formatted noun phrase with all the information belo)172 360 Q 1.3 +-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)155 372 Q F0 +(Either the dataset name or the element of the TPM hierarch)172 372 Q +2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)155 384 Q F0("ne)172 384 Q +(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank) +-2.5 E F4($4)155 396 Q F0("ag)172 396 Q(ain" if it')-.05 E 2.5(st)-.55 G +(he second prompt for that passphrase, otherwise blank)-2.5 E .181 +(If the helper doesn')143 414 R 2.681(te)-.18 G 1.847(xist \()-2.831 F +.181(the shell e)1.666 F .181(xits with)-.15 F F1(127)2.681 E F0 -3.151 +1.666(\), a d)1.666 H .181(iagnostic is issued and the normal prompt) +-1.666 F(is used as f)143 426 Q 2.5(all-back. If)-.1 F(it f)2.5 E +(ails for an)-.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.) +-2.5 E F1 1.666(TPM2 back-end con\214guration)72 450 R(En)84 462 Q(vir) +-.4 E .625(onment v)-.18 F(ariables)-.1 E F4(TSS2_LOG)102 474 Q F0(An) +155 474 Q 2.5(yo)-.15 G(f:)-2.5 E F1(NONE)2.5 E F0(,)A F1(ERR)2.5 E(OR) +-.3 E F0(,)A F1 -1.2(WA)2.5 G(RNING)1.2 E F0(,)A F1(INFO)2.5 E F0(,)A F1 +(DEB)2.5 E(UG)-.1 E F0(,)A F1(TRA)2.5 E(CE)-.55 E F0 5(.D)C(ef)-5 E +(ault:)-.1 E F1 -1.2(WA)2.5 G(RNING)1.2 E F0(.)A F1 .625(TPM selection) +84 498 R F0 .516(The library)102 510 R F2(libtss2-tcti-default.so)3.016 +E F0 .516(can be link)3.016 F .516(ed to an)-.1 F 3.017(yo)-.15 G 3.017 +(ft)-3.017 G(he)-3.017 E F4(libtss2-tcti-)3.017 E/F5 10/Symbol SF(*)A F4 +(.so)A F0(libraries)3.017 E .576(to select the def)102 522 R .576 (ault, otherwise)-.1 F F4(/dev/tpmrm0)3.076 E F0 3.076(,t)C(hen)-3.076 E F4(/dev/tpm0)3.076 E F0 3.076(,t)C(hen)-3.076 E F4(localhost:2321)3.076 E F0 .575(will be tried,)3.076 F(in order)102 534 Q 1.666(\(s)4.166 G @@ -848,7 +848,7 @@ E F0 .575(will be tried,)3.076 F(in order)102 534 Q 1.666(\(s)4.166 G 1.666(SPECIAL THANKS)72 636 R F0 1.6 -.8(To a)102 648 T (ll who support further de).8 E -.15(ve)-.25 G(lopment, in particular:) .15 E F1<83>122 660 Q F0(ThePhD)2.5 E F1<83>122 672 Q F0(Embark Studios) -2.5 E(tzpfms 0.1-18)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 20, 2021) +2.5 E(tzpfms 0.1-19)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 24, 2021) .15 E(10)184.295 E 0 Cg EP %%Page: 11 11 %%BeginPageSetup @@ -863,7 +863,7 @@ BP (rchi)-2.5 E -.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F1(https://lists.sr) 2.5 E(.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F1 1.666(SEE ALSO)72 174 R (https://git.sr)102 186 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0 -(tzpfms 0.1-18)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 20, 2021).15 E +(tzpfms 0.1-19)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 24, 2021).15 E (11)184.295 E 0 Cg EP %%Page: 12 12 %%BeginPageSetup @@ -890,40 +890,40 @@ G 2.679(ft)-2.679 G .179(he k)-2.679 F .478 -.15(ey i)-.1 H 2.678(sa).15 G .178(lready loaded.)-2.678 F(Equi)5.178 E -.25(va)-.25 G .178(lent to) .25 F F2 .178(zfs load-key)2.678 F F0 -.55('s)C F24.894 E F0 (option.)119 288 Q F1(ENVIR)72 312 Q 1.666(ONMENT V)-.3 F(ARIABLES)-1.35 -E F4(TZPFMS_PASSPHRASE_HELPER)102 324 Q F0 1.133(If set and nonempty)143 -336 R 3.633(,w)-.65 G 1.133(ill be run via)-3.633 F F4(/bin/)3.633 E F2 -2.799(sh \255c)B F0 1.134(to pro)3.633 F 1.134 -(vide a passphrase, instead of reading)-.15 F -(from the standard input stream.)143 348 Q .189 -(The standard output stream of the helper is tied to an anon)143 366 R -.188(ymous \214le and used in its entirety as the)-.15 F(passphrase, e) -143 378 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65 -(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)155 390 Q F0 .803 -(Pre-formatted noun phrase with all the information belo)172 390 R 2.103 --.65(w, l)-.25 H(ik).65 E 3.303(e")-.1 G -.15(Pa)-3.303 G .803 -(ssphrase for tarta-zoot").15 F(or "Ne)172 402 Q 2.5(wp)-.25 G -(assphrase for tarta-zoot \(ag)-2.5 E(ain\)")-.05 E F4($2)155 414 Q F0 -(Either the dataset name or the element of the TPM hierarch)172 414 Q(y) --.05 E F4($3)155 426 Q F0("ne)172 426 Q(w" if this is for a ne)-.25 E -2.5(wp)-.25 G(assphrase)-2.5 E F4($4)155 438 Q F0("ag)172 438 Q -(ain" if it')-.05 E 2.5(st)-.55 G(he second prompt for that passphrase) --2.5 E .181(If the helper doesn')143 456 R 2.681(te)-.18 G 1.847 -(xist \()-2.831 F .181(the shell e)1.666 F .181(xits with)-.15 F F1(127) -2.681 E F0 -3.151 1.666(\), a d)1.666 H .181 -(iagnostic is issued and the normal prompt)-1.666 F(is used as f)143 468 -Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15 G -(ther reason, the prompting is aborted.)-2.5 E F1 1.666 -(TPM1.X back-end con\214guration)72 492 R .625(TPM selection)84 504 R F0 -(The)102 516 Q F2(tzpfms)2.767 E F0 .267(suite connects to a local)2.767 -F F4(tcsd)2.767 E F0 .267(\(8\) process)B 1.666(\(a)4.433 G(t)-1.666 E -F4(localhost:30003)2.767 E F0 4.433(\)b)1.666 G 2.767(yd)-4.433 G(ef) --2.767 E 2.767(ault. Use)-.1 F .268(the en-)2.767 F(vironment v)102 528 -Q(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0 -(to specify a remote TCS hostname.)2.5 E .392(The T)102 546 R(rouSerS) --.35 E F4(tcsd)2.892 E F0 .392(\(8\) daemon will try)B F4(/dev/tpm0) -2.892 E F0 2.892(,t)C(hen)-2.892 E F4(/udev/tpm0)2.892 E F0 2.891(,t)C -(hen)-2.891 E F4(/dev/tpm)2.891 E F0 2.891(;b)C 2.891(yo)-2.891 G(ccup) --2.891 E(ying)-.1 E(one of the earlier ones with, for e)102 558 Q +E F4(TZPFMS_PASSPHRASE_HELPER)102 324 Q F0 .465(By def)143 336 R .466(a\ +ult, passphrases are prompted for and read in on the standard output an\ +d input streams.)-.1 F(If)5.466 E F4(TZPFMS_PASSPHRASE_HELPER)143 348 Q +F0 .517(is set and nonempty)3.017 F 3.017(,i)-.65 G 3.017(tw)-3.017 G +.516(ill be run via)-3.017 F F4(/bin/)3.016 E F2 2.182(sh \255c)B F0 +.516(to pro-)3.016 F(vide each passphrase, instead.)143 360 Q .188 +(The standard output stream of the helper is tied to an anon)143 378 R +.189(ymous \214le and used in its entirety as the)-.15 F(passphrase, e) +143 390 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65 +(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F4($1)155 402 Q F0 +(Pre-formatted noun phrase with all the information belo)172 402 Q 1.3 +-.65(w, f)-.25 H(or use as a prompt).65 E F4($2)155 414 Q F0 +(Either the dataset name or the element of the TPM hierarch)172 414 Q +2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)155 426 Q F0("ne)172 426 Q +(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank) +-2.5 E F4($4)155 438 Q F0("ag)172 438 Q(ain" if it')-.05 E 2.5(st)-.55 G +(he second prompt for that passphrase, otherwise blank)-2.5 E .181 +(If the helper doesn')143 456 R 2.681(te)-.18 G 1.847(xist \()-2.831 F +.181(the shell e)1.666 F .181(xits with)-.15 F F1(127)2.681 E F0 -3.151 +1.666(\), a d)1.666 H .181(iagnostic is issued and the normal prompt) +-1.666 F(is used as f)143 468 Q 2.5(all-back. If)-.1 F(it f)2.5 E +(ails for an)-.1 E 2.5(yo)-.15 G(ther reason, the prompting is aborted.) +-2.5 E F1 1.666(TPM1.X back-end con\214guration)72 492 R .625 +(TPM selection)84 504 R F0(The)102 516 Q F2(tzpfms)2.767 E F0 .267 +(suite connects to a local)2.767 F F4(tcsd)2.767 E F0 .267 +(\(8\) process)B 1.666(\(a)4.433 G(t)-1.666 E F4(localhost:30003)2.767 E +F0 4.433(\)b)1.666 G 2.767(yd)-4.433 G(ef)-2.767 E 2.767(ault. Use)-.1 F +.268(the en-)2.767 F(vironment v)102 528 Q(ariable)-.25 E F4 +(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .392 +(The T)102 546 R(rouSerS)-.35 E F4(tcsd)2.892 E F0 .392 +(\(8\) daemon will try)B F4(/dev/tpm0)2.892 E F0 2.892(,t)C(hen)-2.892 E +F4(/udev/tpm0)2.892 E F0 2.891(,t)C(hen)-2.891 E F4(/dev/tpm)2.891 E F0 +2.891(;b)C 2.891(yo)-2.891 G(ccup)-2.891 E(ying)-.1 E +(one of the earlier ones with, for e)102 558 Q (xample, shell redirection, a later one can be selected.)-.15 E F1 .625 (See also)84 582 R F0(The T)102 594 Q(rouSerS project page at)-.35 E F1 (https://sour)2.5 E(cef)-.18 E(or)-.25 E(ge.net/pr)-.1 E(ojects/tr)-.18 @@ -933,7 +933,7 @@ E(ousers)-.18 E F0(.)A 5.108(The TPM 1.2 main speci\214cation inde)102 (speci\214cation)102 624 Q F0(.)A F1 1.666(SPECIAL THANKS)72 648 R F0 1.6 -.8(To a)102 660 T(ll who support further de).8 E -.15(ve)-.25 G (lopment, in particular:).15 E F1<83>122 672 Q F0(ThePhD)2.5 E -(tzpfms 0.1-18)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 20, 2021).15 E +(tzpfms 0.1-19)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 24, 2021).15 E (12)184.295 E 0 Cg EP %%Page: 13 13 %%BeginPageSetup @@ -949,7 +949,7 @@ BP -.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F1(https://lists.sr)2.5 E (.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F1 1.666(SEE ALSO)72 186 R (https://git.sr)102 198 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0 -(tzpfms 0.1-18)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 20, 2021).15 E +(tzpfms 0.1-19)72 750 Q(No)138.745 E -.15(ve)-.15 G(mber 24, 2021).15 E (13)184.295 E 0 Cg EP %%Trailer end diff --git a/zfs-tpm-list.8 b/zfs-tpm-list.8 index 1b99a55..4264437 100644 --- a/zfs-tpm-list.8 +++ b/zfs-tpm-list.8 @@ -1,9 +1,9 @@ .\" SPDX-License-Identifier: MIT . -.Dd November 20, 2021 +.Dd November 24, 2021 .ds doc-volume-operating-system .Dt ZFS-TPM-LIST 8 -.Os tzpfms 0.1-18 +.Os tzpfms 0.1-19 . .Sh NAME .Nm zfs-tpm-list diff --git a/zfs-tpm-list.8.html b/zfs-tpm-list.8.html index 23dc60f..7a1a41d 100644 --- a/zfs-tpm-list.8.html +++ b/zfs-tpm-list.8.html @@ -169,8 +169,8 @@ owo/enc TPM1.X available yes - - + +
November 20, 2021tzpfms 0.1-18November 24, 2021tzpfms 0.1-19
diff --git a/zfs-tpm1x-change-key.8 b/zfs-tpm1x-change-key.8 index ded763d..43b5b5f 100644 --- a/zfs-tpm1x-change-key.8 +++ b/zfs-tpm1x-change-key.8 @@ -1,9 +1,9 @@ .\" SPDX-License-Identifier: MIT . -.Dd November 20, 2021 +.Dd November 24, 2021 .ds doc-volume-operating-system .Dt ZFS-TPM1X-CHANGE-KEY 8 -.Os tzpfms 0.1-18 +.Os tzpfms 0.1-19 . .Sh NAME .Nm zfs-tpm1x-change-key @@ -107,26 +107,28 @@ In case of a catastrophic event, the key can be loaded by running .Sh ENVIRONMENT VARIABLES .Bl -tag -compact -width "TZPFMS" .It Ev TZPFMS_PASSPHRASE_HELPER -If set and nonempty, will be run via +By default, passphrases are prompted for and read in on the standard output and input streams. +If +.Ev TZPFMS_PASSPHRASE_HELPER +is set and nonempty, it will be run via .Pa /bin/ Ns Nm sh Fl c -to provide a passphrase, instead of reading from the standard input stream. +to provide each passphrase, instead. .Pp The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any. The arguments are: .Bl -tag -compact -offset "@@" -width "@@" .It Li $1 -Pre-formatted noun phrase with all the information below, like -.Qq Passphrase for tarta-zoot -or -.Qq New passphrase for tarta-zoot (again) +Pre-formatted noun phrase with all the information below, for use as a prompt +.\" Passphrase for tarta-zoot +.\" New passphrase for tarta-zoot (again) .It Li $2 -Either the dataset name or the element of the TPM hierarchy +Either the dataset name or the element of the TPM hierarchy being prompted for .It Li $3 .Qq new -if this is for a new passphrase +if this is for a new passphrase, otherwise blank .It Li $4 .Qq again -if it's the second prompt for that passphrase +if it's the second prompt for that passphrase, otherwise blank .El .Pp If the helper doesn't exist diff --git a/zfs-tpm1x-change-key.8.html b/zfs-tpm1x-change-key.8.html index 74fffc1..85fd1ed 100644 --- a/zfs-tpm1x-change-key.8.html +++ b/zfs-tpm1x-change-key.8.html @@ -118,25 +118,27 @@ VARIABLES
-
If set and nonempty, will be run via - /bin/sh - -c to provide a passphrase, instead of reading - from the standard input stream. +
By default, passphrases are prompted for and read in on the standard + output and input streams. If + TZPFMS_PASSPHRASE_HELPER is set and nonempty, it + will be run via /bin/sh + -c to provide each passphrase, instead.

The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any. The arguments are:

-
Pre-formatted noun phrase with all the information below, like - "Passphrase for tarta-zoot" or "New passphrase for - tarta-zoot (again)"
+
Pre-formatted noun phrase with all the information below, for use as a + prompt
-
Either the dataset name or the element of the TPM hierarchy
+
Either the dataset name or the element of the TPM hierarchy being + prompted for
-
"new" if this is for a new passphrase
+
"new" if this is for a new passphrase, otherwise blank
-
"again" if it's the second prompt for that passphrase
+
"again" if it's the second prompt for that passphrase, + otherwise blank

If the helper doesn't exist (the shell exits with @@ -199,8 +201,8 @@ - - + +
November 20, 2021tzpfms 0.1-18November 24, 2021tzpfms 0.1-19
diff --git a/zfs-tpm1x-clear-key.8 b/zfs-tpm1x-clear-key.8 index 73f8494..a4b5bc7 100644 --- a/zfs-tpm1x-clear-key.8 +++ b/zfs-tpm1x-clear-key.8 @@ -1,9 +1,9 @@ .\" SPDX-License-Identifier: MIT . -.Dd November 20, 2021 +.Dd November 24, 2021 .ds doc-volume-operating-system .Dt ZFS-TPM1X-CLEAR-KEY 8 -.Os tzpfms 0.1-18 +.Os tzpfms 0.1-19 . .Sh NAME .Nm zfs-tpm1x-clear-key diff --git a/zfs-tpm1x-clear-key.8.html b/zfs-tpm1x-clear-key.8.html index 059c691..537bc93 100644 --- a/zfs-tpm1x-clear-key.8.html +++ b/zfs-tpm1x-clear-key.8.html @@ -106,8 +106,8 @@ - - + +
November 20, 2021tzpfms 0.1-18November 24, 2021tzpfms 0.1-19
diff --git a/zfs-tpm1x-load-key.8 b/zfs-tpm1x-load-key.8 index e502223..2a22e8f 100644 --- a/zfs-tpm1x-load-key.8 +++ b/zfs-tpm1x-load-key.8 @@ -1,9 +1,9 @@ .\" SPDX-License-Identifier: MIT . -.Dd November 20, 2021 +.Dd November 24, 2021 .ds doc-volume-operating-system .Dt ZFS-TPM1X-LOAD-KEY 8 -.Os tzpfms 0.1-18 +.Os tzpfms 0.1-19 . .Sh NAME .Nm zfs-tpm1x-load-key @@ -45,26 +45,28 @@ option. .Sh ENVIRONMENT VARIABLES .Bl -tag -compact -width "TZPFMS" .It Ev TZPFMS_PASSPHRASE_HELPER -If set and nonempty, will be run via +By default, passphrases are prompted for and read in on the standard output and input streams. +If +.Ev TZPFMS_PASSPHRASE_HELPER +is set and nonempty, it will be run via .Pa /bin/ Ns Nm sh Fl c -to provide a passphrase, instead of reading from the standard input stream. +to provide each passphrase, instead. .Pp The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any. The arguments are: .Bl -tag -compact -offset "@@" -width "@@" .It Li $1 -Pre-formatted noun phrase with all the information below, like -.Qq Passphrase for tarta-zoot -or -.Qq New passphrase for tarta-zoot (again) +Pre-formatted noun phrase with all the information below, for use as a prompt +.\" Passphrase for tarta-zoot +.\" New passphrase for tarta-zoot (again) .It Li $2 -Either the dataset name or the element of the TPM hierarchy +Either the dataset name or the element of the TPM hierarchy being prompted for .It Li $3 .Qq new -if this is for a new passphrase +if this is for a new passphrase, otherwise blank .It Li $4 .Qq again -if it's the second prompt for that passphrase +if it's the second prompt for that passphrase, otherwise blank .El .Pp If the helper doesn't exist diff --git a/zfs-tpm1x-load-key.8.html b/zfs-tpm1x-load-key.8.html index c47f6b2..37a51b1 100644 --- a/zfs-tpm1x-load-key.8.html +++ b/zfs-tpm1x-load-key.8.html @@ -59,25 +59,27 @@ VARIABLES

-
If set and nonempty, will be run via - /bin/sh - -c to provide a passphrase, instead of reading - from the standard input stream. +
By default, passphrases are prompted for and read in on the standard + output and input streams. If + TZPFMS_PASSPHRASE_HELPER is set and nonempty, it + will be run via /bin/sh + -c to provide each passphrase, instead.

The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any. The arguments are:

-
Pre-formatted noun phrase with all the information below, like - "Passphrase for tarta-zoot" or "New passphrase for - tarta-zoot (again)"
+
Pre-formatted noun phrase with all the information below, for use as a + prompt
-
Either the dataset name or the element of the TPM hierarchy
+
Either the dataset name or the element of the TPM hierarchy being + prompted for
-
"new" if this is for a new passphrase
+
"new" if this is for a new passphrase, otherwise blank
-
"again" if it's the second prompt for that passphrase
+
"again" if it's the second prompt for that passphrase, + otherwise blank

If the helper doesn't exist (the shell exits with @@ -140,8 +142,8 @@ - - + +
November 20, 2021tzpfms 0.1-18November 24, 2021tzpfms 0.1-19
diff --git a/zfs-tpm2-change-key.8 b/zfs-tpm2-change-key.8 index dcee6b3..859d25c 100644 --- a/zfs-tpm2-change-key.8 +++ b/zfs-tpm2-change-key.8 @@ -1,9 +1,9 @@ .\" SPDX-License-Identifier: MIT . -.Dd November 20, 2021 +.Dd November 24, 2021 .ds doc-volume-operating-system .Dt ZFS-TPM2-CHANGE-KEY 8 -.Os tzpfms 0.1-18 +.Os tzpfms 0.1-19 . .Sh NAME .Nm zfs-tpm2-change-key @@ -104,26 +104,28 @@ In case of a catastrophic event, the key can be loaded by running .Sh ENVIRONMENT VARIABLES .Bl -tag -compact -width "TZPFMS" .It Ev TZPFMS_PASSPHRASE_HELPER -If set and nonempty, will be run via +By default, passphrases are prompted for and read in on the standard output and input streams. +If +.Ev TZPFMS_PASSPHRASE_HELPER +is set and nonempty, it will be run via .Pa /bin/ Ns Nm sh Fl c -to provide a passphrase, instead of reading from the standard input stream. +to provide each passphrase, instead. .Pp The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any. The arguments are: .Bl -tag -compact -offset "@@" -width "@@" .It Li $1 -Pre-formatted noun phrase with all the information below, like -.Qq Passphrase for tarta-zoot -or -.Qq New passphrase for tarta-zoot (again) +Pre-formatted noun phrase with all the information below, for use as a prompt +.\" Passphrase for tarta-zoot +.\" New passphrase for tarta-zoot (again) .It Li $2 -Either the dataset name or the element of the TPM hierarchy +Either the dataset name or the element of the TPM hierarchy being prompted for .It Li $3 .Qq new -if this is for a new passphrase +if this is for a new passphrase, otherwise blank .It Li $4 .Qq again -if it's the second prompt for that passphrase +if it's the second prompt for that passphrase, otherwise blank .El .Pp If the helper doesn't exist diff --git a/zfs-tpm2-change-key.8.html b/zfs-tpm2-change-key.8.html index 07dc9fd..1b988ed 100644 --- a/zfs-tpm2-change-key.8.html +++ b/zfs-tpm2-change-key.8.html @@ -117,25 +117,27 @@ VARIABLES

-
If set and nonempty, will be run via - /bin/sh - -c to provide a passphrase, instead of reading - from the standard input stream. +
By default, passphrases are prompted for and read in on the standard + output and input streams. If + TZPFMS_PASSPHRASE_HELPER is set and nonempty, it + will be run via /bin/sh + -c to provide each passphrase, instead.

The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any. The arguments are:

-
Pre-formatted noun phrase with all the information below, like - "Passphrase for tarta-zoot" or "New passphrase for - tarta-zoot (again)"
+
Pre-formatted noun phrase with all the information below, for use as a + prompt
-
Either the dataset name or the element of the TPM hierarchy
+
Either the dataset name or the element of the TPM hierarchy being + prompted for
-
"new" if this is for a new passphrase
+
"new" if this is for a new passphrase, otherwise blank
-
"again" if it's the second prompt for that passphrase
+
"again" if it's the second prompt for that passphrase, + otherwise blank

If the helper doesn't exist (the shell exits with @@ -212,8 +214,8 @@ - - + +
November 20, 2021tzpfms 0.1-18November 24, 2021tzpfms 0.1-19
diff --git a/zfs-tpm2-clear-key.8 b/zfs-tpm2-clear-key.8 index 047bc46..9497fff 100644 --- a/zfs-tpm2-clear-key.8 +++ b/zfs-tpm2-clear-key.8 @@ -1,9 +1,9 @@ .\" SPDX-License-Identifier: MIT . -.Dd November 20, 2021 +.Dd November 24, 2021 .ds doc-volume-operating-system .Dt ZFS-TPM2-CLEAR-KEY 8 -.Os tzpfms 0.1-18 +.Os tzpfms 0.1-19 . .Sh NAME .Nm zfs-tpm2-clear-key @@ -42,26 +42,28 @@ for a detailed description. .Sh ENVIRONMENT VARIABLES .Bl -tag -compact -width "TZPFMS" .It Ev TZPFMS_PASSPHRASE_HELPER -If set and nonempty, will be run via +By default, passphrases are prompted for and read in on the standard output and input streams. +If +.Ev TZPFMS_PASSPHRASE_HELPER +is set and nonempty, it will be run via .Pa /bin/ Ns Nm sh Fl c -to provide a passphrase, instead of reading from the standard input stream. +to provide each passphrase, instead. .Pp The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any. The arguments are: .Bl -tag -compact -offset "@@" -width "@@" .It Li $1 -Pre-formatted noun phrase with all the information below, like -.Qq Passphrase for tarta-zoot -or -.Qq New passphrase for tarta-zoot (again) +Pre-formatted noun phrase with all the information below, for use as a prompt +.\" Passphrase for tarta-zoot +.\" New passphrase for tarta-zoot (again) .It Li $2 -Either the dataset name or the element of the TPM hierarchy +Either the dataset name or the element of the TPM hierarchy being prompted for .It Li $3 .Qq new -if this is for a new passphrase +if this is for a new passphrase, otherwise blank .It Li $4 .Qq again -if it's the second prompt for that passphrase +if it's the second prompt for that passphrase, otherwise blank .El .Pp If the helper doesn't exist diff --git a/zfs-tpm2-clear-key.8.html b/zfs-tpm2-clear-key.8.html index ad945dd..49fac86 100644 --- a/zfs-tpm2-clear-key.8.html +++ b/zfs-tpm2-clear-key.8.html @@ -60,25 +60,27 @@ VARIABLES

-
If set and nonempty, will be run via - /bin/sh - -c to provide a passphrase, instead of reading - from the standard input stream. +
By default, passphrases are prompted for and read in on the standard + output and input streams. If + TZPFMS_PASSPHRASE_HELPER is set and nonempty, it + will be run via /bin/sh + -c to provide each passphrase, instead.

The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any. The arguments are:

-
Pre-formatted noun phrase with all the information below, like - "Passphrase for tarta-zoot" or "New passphrase for - tarta-zoot (again)"
+
Pre-formatted noun phrase with all the information below, for use as a + prompt
-
Either the dataset name or the element of the TPM hierarchy
+
Either the dataset name or the element of the TPM hierarchy being + prompted for
-
"new" if this is for a new passphrase
+
"new" if this is for a new passphrase, otherwise blank
-
"again" if it's the second prompt for that passphrase
+
"again" if it's the second prompt for that passphrase, + otherwise blank

If the helper doesn't exist (the shell exits with @@ -154,8 +156,8 @@ - - + +
November 20, 2021tzpfms 0.1-18November 24, 2021tzpfms 0.1-19
diff --git a/zfs-tpm2-load-key.8 b/zfs-tpm2-load-key.8 index 72e6950..547e577 100644 --- a/zfs-tpm2-load-key.8 +++ b/zfs-tpm2-load-key.8 @@ -1,9 +1,9 @@ .\" SPDX-License-Identifier: MIT . -.Dd November 20, 2021 +.Dd November 24, 2021 .ds doc-volume-operating-system .Dt ZFS-TPM2-LOAD-KEY 8 -.Os tzpfms 0.1-18 +.Os tzpfms 0.1-19 . .Sh NAME .Nm zfs-tpm2-load-key @@ -44,26 +44,28 @@ option. .Sh ENVIRONMENT VARIABLES .Bl -tag -compact -width "TZPFMS" .It Ev TZPFMS_PASSPHRASE_HELPER -If set and nonempty, will be run via +By default, passphrases are prompted for and read in on the standard output and input streams. +If +.Ev TZPFMS_PASSPHRASE_HELPER +is set and nonempty, it will be run via .Pa /bin/ Ns Nm sh Fl c -to provide a passphrase, instead of reading from the standard input stream. +to provide each passphrase, instead. .Pp The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any. The arguments are: .Bl -tag -compact -offset "@@" -width "@@" .It Li $1 -Pre-formatted noun phrase with all the information below, like -.Qq Passphrase for tarta-zoot -or -.Qq New passphrase for tarta-zoot (again) +Pre-formatted noun phrase with all the information below, for use as a prompt +.\" Passphrase for tarta-zoot +.\" New passphrase for tarta-zoot (again) .It Li $2 -Either the dataset name or the element of the TPM hierarchy +Either the dataset name or the element of the TPM hierarchy being prompted for .It Li $3 .Qq new -if this is for a new passphrase +if this is for a new passphrase, otherwise blank .It Li $4 .Qq again -if it's the second prompt for that passphrase +if it's the second prompt for that passphrase, otherwise blank .El .Pp If the helper doesn't exist diff --git a/zfs-tpm2-load-key.8.html b/zfs-tpm2-load-key.8.html index cba8955..747ab74 100644 --- a/zfs-tpm2-load-key.8.html +++ b/zfs-tpm2-load-key.8.html @@ -58,25 +58,27 @@ VARIABLES

-
If set and nonempty, will be run via - /bin/sh - -c to provide a passphrase, instead of reading - from the standard input stream. +
By default, passphrases are prompted for and read in on the standard + output and input streams. If + TZPFMS_PASSPHRASE_HELPER is set and nonempty, it + will be run via /bin/sh + -c to provide each passphrase, instead.

The standard output stream of the helper is tied to an anonymous file and used in its entirety as the passphrase, except for a trailing new-line, if any. The arguments are:

-
Pre-formatted noun phrase with all the information below, like - "Passphrase for tarta-zoot" or "New passphrase for - tarta-zoot (again)"
+
Pre-formatted noun phrase with all the information below, for use as a + prompt
-
Either the dataset name or the element of the TPM hierarchy
+
Either the dataset name or the element of the TPM hierarchy being + prompted for
-
"new" if this is for a new passphrase
+
"new" if this is for a new passphrase, otherwise blank
-
"again" if it's the second prompt for that passphrase
+
"again" if it's the second prompt for that passphrase, + otherwise blank

If the helper doesn't exist (the shell exits with @@ -139,8 +141,8 @@ - - + +
November 20, 2021tzpfms 0.1-18November 24, 2021tzpfms 0.1-19