Date: Mon, 30 Aug 2021 07:55:23 -0400 From: Eric McCorkle <eric@metricspace.net> To: "freebsd-hackers@FreeBSD.org" <freebsd-hackers@freebsd.org> Subject: autounmountd unload ZFS keys Message-ID: <aaba1332-efd0-f359-029d-c43774b0d5ba@metricspace.net>
next in thread | raw e-mail | index | archive | help
Hello all, I finally got some free time to hack on FreeBSD again. I have a patch that will enable autounmountd to unload ZFS encryption keys whenever it unmounts a ZFS dataset: https://reviews.freebsd.org/D31725 This is the first of a pair which I'm planning to do, which will enable you to have encrypted ZFS home directories managed by autofs, which will only have the keys loaded while a given user is logged in. (This is a common requirement in standards for high-security systems.) The next one I'm planning to work on is a pam module that will load ZFS keys upon a successful login.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?aaba1332-efd0-f359-029d-c43774b0d5ba>