HomeFreeBSD
Diffusion FreeBSD src repository e81b2348d210

Add zfskeys rc.d script for auto-loading encryption keys
e81b2348d210
Actions

Description

Add zfskeys rc.d script for auto-loading encryption keys

ZFS in 13 supports encryption, but for the use case where keys are
available in plaintext on disk there is no mechanism for automatically
loading keys on startup.

This script will, by default, look for any dataset with encryption and
keylocation prefixed with file://. It will attempt to unlock, timing
out after 10 seconds for each dataset found.
User can optionally specify explicitly which datasets to attempt to
unlock.

Also supports (optionally by force) unmounting filesystems and unloading
associated keys.

Sponsored by: Modirum
Differential Revision: https://reviews.freebsd.org/D30015

(cherry picked from commit 33ff39796ffe469a764e485ac49c31700a51fd6f)

Details

Provenance
ltning-freebsd_anduin.netAuthored on Jul 28 2021, 4:11 PM
allanjudeCommitted on Aug 22 2021, 2:53 PM
Differential Revision
D30015: Add zfskeys script to /etc/rc.d for auto-loading zfs keys
Parents
rG28e22482279f: arm64: HWCAP/HWCAP2 aux args support for 32-bit ARM binaries.
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
libexec/
rc/
rc.d/

rGe81b2348d210

View Options

libexec/rc/rc.d/zfskeys

Loading...