HomeFreeBSD
Diffusion FreeBSD src repository f88d069cbbbd

systemd encryption key support
f88d069cbbbd
Actions

Description

systemd encryption key support

Modify zfs-mount-generator to produce a dependency on new
zfs-import-key-*.service units, dynamically created at boot to call
zfs load-key for the encryption root, before attempting to mount any
encrypted datasets.

These units are created by zfs-mount-generator, and RequiresMountsFor on
the keyfile, if present, or call systemd-ask-password if a passphrase is
requested.

This patch includes suggestions from @Fabian-Gruenbichler, @ryanjaeb and
@rlaager, as well an adaptation of @rlaager's script to retry on
incorrect password entry.

Reviewed-by: Richard Laager <rlaager@wiktel.com>
Reviewed-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Antonio Russo <antonio.e.russo@gmail.com>
Closes #8750
Closes #8848

Details

Provenance
Antonio Russo <antonio.e.russo@gmail.com>Authored on Jun 2 2019, 12:57 PM
Brian Behlendorf <behlendorf1@llnl.gov>Committed on Jul 15 2019, 11:31 PM
Parents
rG6993e012025c: Drop redundant POSIX ACL check in zpl_init_acl()
Branches
Unknown
Tags
Unknown

Event Timeline

Brian Behlendorf <behlendorf1@llnl.gov> committed rGf88d069cbbbd: systemd encryption key support (authored by Antonio Russo <antonio.e.russo@gmail.com>).Jul 15 2019, 11:31 PM

Changes (3)

PathSize
cmd/
zed/
zed.d/
etc/
systemd/
system-generators/
man/
man8/

rGf88d069cbbbd

View Options

cmd/zed/zed.d/history_event-zfs-list-cacher.sh.in

Loading...
View Options

etc/systemd/system-generators/zfs-mount-generator.in

Loading...
View Options

man/man8/zfs-mount-generator.8.in

Loading...