From owner-dev-commits-src-all@freebsd.org Wed Mar 10 09:37:54 2021 Return-Path: Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8AE1A5AAF23; Wed, 10 Mar 2021 09:37:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DwRnr4YPDz4m84; Wed, 10 Mar 2021 09:37:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id F09F35136; Wed, 10 Mar 2021 09:37:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 12A9bpOw014725; Wed, 10 Mar 2021 09:37:51 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 12A9bpaZ014724; Wed, 10 Mar 2021 09:37:51 GMT (envelope-from git) Date: Wed, 10 Mar 2021 09:37:51 GMT Message-Id: <202103100937.12A9bpaZ014724@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Martin Matuska Subject: git: 603f1c3da48c - stable/13 - openzfs: attach pam_zfs_key to build MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mm X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 603f1c3da48c938c4e556760b771fc1a29635b7d Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Mar 2021 09:37:55 -0000 The branch stable/13 has been updated by mm: URL: https://cgit.FreeBSD.org/src/commit/?id=603f1c3da48c938c4e556760b771fc1a29635b7d commit 603f1c3da48c938c4e556760b771fc1a29635b7d Author: Greg V AuthorDate: 2021-03-02 11:01:14 +0000 Commit: Martin Matuska CommitDate: 2021-03-10 01:57:42 +0000 openzfs: attach pam_zfs_key to build This PAM module allows unlocking encrypted user home datasets when logging in (and changing passphrase when changing the account password), see https://github.com/openzfs/zfs/pull/9903 Also supposed to unload the key when the last session for the user is done, but there are EBUSY issues: https://github.com/openzfs/zfs/issues/11222#issuecomment-731897858 Submitted by: Greg V Reviewed by: mm Differential Revision: https://reviews.freebsd.org/D28018 (cherry picked from commit ee21ee1572d40a3b74f18638dae38c1a9ad1e9e3) --- cddl/lib/Makefile | 7 ++++++- cddl/lib/pam_zfs_key/Makefile | 28 ++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/cddl/lib/Makefile b/cddl/lib/Makefile index 2f360a8684a2..ae6862f70443 100644 --- a/cddl/lib/Makefile +++ b/cddl/lib/Makefile @@ -17,7 +17,8 @@ SUBDIR= drti \ ${_libzfs} \ ${_libzfsbootenv} \ ${_libzpool} \ - ${_libzutil} + ${_libzutil} \ + ${_pam_zfs_key} SUBDIR.${MK_TESTS}+= tests @@ -30,6 +31,9 @@ _libzutil= libzutil _libzfsbootenv= libzfsbootenv _libzpool= libzpool _libtpool= libtpool +.if ${MK_OPENSSL} != "no" +_pam_zfs_key= pam_zfs_key +.endif .endif SUBDIR_DEPEND_libctf= libspl @@ -41,6 +45,7 @@ SUBDIR_DEPEND_libzfs= libavl libnvpair libumem libuutil libzfs_core libzutil SUBDIR_DEPEND_libzpool= libavl libnvpair libumem libicp SUBDIR_DEPEND_libzutil= libavl libtpool SUBDIR_DEPEND_libzfsbootenv= libzfs libnvpair +SUBDIR_DEPEND_pam_zfs_key= libnvpair libuutil libzfs libzfs_core SUBDIR_PARALLEL= diff --git a/cddl/lib/pam_zfs_key/Makefile b/cddl/lib/pam_zfs_key/Makefile new file mode 100644 index 000000000000..cf43802090dd --- /dev/null +++ b/cddl/lib/pam_zfs_key/Makefile @@ -0,0 +1,28 @@ +.PATH: ${SRCTOP}/sys/contrib/openzfs/contrib/pam_zfs_key +.PATH: ${SRCTOP}/sys/contrib/openzfs/include + +PACKAGE= utilities +LIB= pam_zfs_key + +SHLIBDIR?= /usr/lib + +LIBADD= zfs zfs_core nvpair uutil crypto + +SRCS= pam_zfs_key.c + +WARNS?= 2 +CSTD= c99 +CFLAGS+= -DIN_BASE +CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/include +CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/lib/libspl/include/ +CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/lib/libspl/include/os/freebsd +CFLAGS+= -I${SRCTOP}/cddl/compat/opensolaris/include +CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/module/icp/include +CFLAGS+= -include ${SRCTOP}/sys/contrib/openzfs/include/os/freebsd/spl/sys/ccompile.h +CFLAGS+= -DHAVE_ISSETUGID +CFLAGS+= -include ${SRCTOP}/sys/modules/zfs/zfs_config.h +CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/include/os/freebsd/zfs +CFLAGS+= -DRUNSTATEDIR=\"/var/run\" + +.include "../../lib/libpam/modules/Makefile.inc" +.include