]> xenbits.xensource.com Git - people/royger/freebsd.git/commit
projects / people / royger / freebsd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fed248a) | patch
Add zfskeys rc.d script for auto-loading encryption keys
authorEirik Øverby <ltning-freebsd@anduin.net>
Wed, 28 Jul 2021 16:11:35 +0000 (16:11 +0000)
committerAllan Jude <allanjude@FreeBSD.org>
Wed, 28 Jul 2021 16:26:45 +0000 (16:26 +0000)
commit33ff39796ffe469a764e485ac49c31700a51fd6f
treea6449100a9943b82ec6447cd247a2f24e3388433tree
parentfed248a6acb33cf6d51880be8d5c774d89e75110commit | diff
Add zfskeys rc.d script for auto-loading encryption keys

ZFS in 13 supports encryption, but for the use case where keys are
available in plaintext on disk there is no mechanism for automatically
loading keys on startup.

This script will, by default, look for any dataset with encryption and
keylocation prefixed with file://. It will attempt to unlock, timing
out after 10 seconds for each dataset found.
User can optionally specify explicitly which datasets to attempt to
unlock.

Also supports (optionally by force) unmounting filesystems and unloading
associated keys.

Sponsored by: Modirum
Differential Revision: https://reviews.freebsd.org/D30015
libexec/rc/rc.d/zfskeys [new file with mode: 0755] blob
Unnamed repository; edit this file 'description' to name the repository.