Date: Wed, 10 Apr 2024 13:07:35 +0300 From: Oleksandr Kryvulia <shuriku@shurik.kiev.ua> To: freebsd-fs@freebsd.org Subject: zfs keylocation status Message-ID: <6fabed1f-1e74-4ec6-96b1-a4a672f2efa9@shurik.kiev.ua>
next in thread | raw e-mail | index | archive | help
Dear freebsd-fs, While creating an encrypted dataset with keylocation=https I get an error: # zfs create -o encryption=on -o keyformat=raw -o keylocation=https://_key_URL_ zroot/tmp/enc cannot create 'zroot/tmp/enc': No keylocation=https:// back-end In /usr/src/sys/modules/zfs/zfs_config.h it is disabled by default: /* TBD: fetch(3) support */ #if 0 /* whether the chosen libfetch is to be loaded at run-time */ #define LIBFETCH_DYNAMIC 1 /* libfetch is fetch(3) */ #define LIBFETCH_IS_FETCH 1 /* libfetch is libcurl */ #define LIBFETCH_IS_LIBCURL 0 /* soname of chosen libfetch */ #define LIBFETCH_SONAME "libfetch.so.6" #endif Rebuilding a kernel without #if 0 doesn't change anything. What is a status of keylocation=https/http implementation on freebsd? P.S. To workaround it I am using custom script to fetch and load keys from remote location.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6fabed1f-1e74-4ec6-96b1-a4a672f2efa9>