On Thu, Jan 25, 2024 at 08:29:43PM +0000, Chris Narkiewicz wrote:
> On Thu, Jan 25, 2024 at 05:59:25PM +0000, Klemens Nanni wrote:
> > How did you test?
> 
> 1. built bsd.rd and booted intaller from it
> 2. installed manually with full disk encryption and recorded answers file
> 3. added new answer with password for encryption to autoinstall file
> 4. booted again and selected autoinstall
> 5. after installation booted again and verified system asks
>    for disk password and boots
> 
> > ask_password() may return the empty string, but bioctl(8) won't accept it.
> 
> Ok, I need to make sure non-empty password is required.

Untested idea:  ask_passphrase() question (match interactive bioctl prompt)
in unattended install only.

_autorespond() already requires non-empty answers, i.e. it fails on
	Encrypt the root disk with a (p)assphrase or (k)eydisk = p
where  'New passphrase = secret' is missing or invalid.

> > DISK_PASS serves no purpose.
> 
> Right. I'll remove it.
> 
> > A different interactive prompt is certainly the only effective change.
> > 
> > Unattended installations won't be able to run this code as you left this
> > up in encrypt_root():
> 
> Hm... I remember that my autoinstall failed because of it and I had
> to rebuild with this line commented out. Then it worked. I can't
> remember how I ended up with invalid diff.
> 
> Sorry, I'll come up with an updated patch including requested changes.

I think the (k)eydisk answer would then need $AI handling also;
(unattended) upgrades should not be effected.

What do you think?
Could you give it a try?

> Thanks for feedback.
> 
> Best regards,
> Chris Narkiewicz

Index: install.sub
===================================================================
RCS file: /cvs/src/distrib/miniroot/install.sub,v
diff -u -p -r1.1257 install.sub
--- install.sub	24 Oct 2023 18:03:53 -0000	1.1257
+++ install.sub	26 Jan 2024 01:09:38 -0000
@@ -917,7 +917,7 @@ ask_password() {
 }
 
 # Ask for a passphrase once showing prompt $1. Ensure input is not empty
-# save it in $_passphrase.
+# and save it in $_passphrase.
 ask_passphrase() {
 	local _q=$1
 
@@ -3104,9 +3104,6 @@ encrypt_root() {
 
 	[[ $MDBOOTSR == y ]] || return
 
-	# The interactive bioctl(8) passphrase prompt requires a TTY.
-	$AI && return
-
 	[[ -x /sbin/bioctl ]] || return
 
 	# Do not even try if softraid is in use already,
@@ -3122,8 +3119,14 @@ encrypt_root() {
 			_args=-k$KEYDISK
 			break
 			;;
-		# Do nothing, bioctl(8) will handle the passphrase.
-		[pP]*)	break
+		[pP]*)
+			if $AI; then
+				ask_passphrase 'New passphrase?'
+				PASSFILE=/tmp/i/passfile
+				(umask 077; print -r -- "$_passphrase" > $PASSFILE)
+				_args=-p$PASSFILE
+			fi
+			break
 			;;
 		[nN]*)	return
 			;;
@@ -3137,6 +3140,7 @@ encrypt_root() {
 	echo 'RAID *' | disklabel -w -A -T- $_chunk
 
 	bioctl -Cforce -cC -l${_chunk}a $_args softraid0 >/dev/null
+	rm -f $PASSFILE
 
 	# No volumes existed before asking, but we just created one.
 	ROOTDISK=$(get_softraid_volumes)