Darren J Moffat wrote:
> Why does genkey not allow a pathname for outfile= instead I have to
> specify both outfile= and dir=. This is very non UNIX like and makes
> scripting much harder than it should be.
>
> This has already confused one person using pktool to generate keys for
> ZFS Crypto.
A follow up on this, not only is it confusing it has led to a very
confusing bug:
braveheart# mkdir tank
braveheart# pwd
/
braveheart# ls -ld tank
drwxr-xr-x 2 root root 512 Oct 5 11:39 tank
braveheart# truss -t open pktool genkey keystore=file keytype=aes
keylen=256 dir=/etc/zfs/keys outkey=tank
....
open("tank", O_RDONLY|O_CREAT|O_EXCL, 0600) Err#17 EEXIST
Cannot write the indicated output key file (tank).
Error generating key:
libkmf error: KMF_ERR_BAD_PARAMETER
Note that the cwd has a "directory" named tank but I told pktool to put
the keyfile named tank in a different directory to the current one.
This bug is a direct result of the strange UI and would not have
happened had outfile be able to accept a full path as is normal in UNIX.
--
Darren J Moffat
