From owner-dev-commits-src-all@freebsd.org Tue Mar 2 12:27:30 2021 Return-Path: Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EB576567F7D; Tue, 2 Mar 2021 12:27:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DqbxG6Jr7z3pDS; Tue, 2 Mar 2021 12:27:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C827E16A5E; Tue, 2 Mar 2021 12:27:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 122CRUum011302; Tue, 2 Mar 2021 12:27:30 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 122CRUDH011301; Tue, 2 Mar 2021 12:27:30 GMT (envelope-from git) Date: Tue, 2 Mar 2021 12:27:30 GMT Message-Id: <202103021227.122CRUDH011301@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Ryan Moeller Subject: git: ee21ee1572d4 - main - openzfs: attach pam_zfs_key to build MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: freqlabs X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: ee21ee1572d40a3b74f18638dae38c1a9ad1e9e3 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Mar 2021 12:27:31 -0000 The branch main has been updated by freqlabs: URL: https://cgit.FreeBSD.org/src/commit/?id=ee21ee1572d40a3b74f18638dae38c1a9ad1e9e3 commit ee21ee1572d40a3b74f18638dae38c1a9ad1e9e3 Author: Greg V AuthorDate: 2021-03-02 11:01:14 +0000 Commit: Ryan Moeller CommitDate: 2021-03-02 12:26:59 +0000 openzfs: attach pam_zfs_key to build This PAM module allows unlocking encrypted user home datasets when logging in (and changing passphrase when changing the account password), see https://github.com/openzfs/zfs/pull/9903 Also supposed to unload the key when the last session for the user is done, but there are EBUSY issues: https://github.com/openzfs/zfs/issues/11222#issuecomment-731897858 Submitted by: Greg V Reviewed by: mm MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D28018 --- cddl/lib/Makefile | 7 ++++++- cddl/lib/pam_zfs_key/Makefile | 28 ++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/cddl/lib/Makefile b/cddl/lib/Makefile index 2f360a8684a2..ae6862f70443 100644 --- a/cddl/lib/Makefile +++ b/cddl/lib/Makefile @@ -17,7 +17,8 @@ SUBDIR= drti \ ${_libzfs} \ ${_libzfsbootenv} \ ${_libzpool} \ - ${_libzutil} + ${_libzutil} \ + ${_pam_zfs_key} SUBDIR.${MK_TESTS}+= tests @@ -30,6 +31,9 @@ _libzutil= libzutil _libzfsbootenv= libzfsbootenv _libzpool= libzpool _libtpool= libtpool +.if ${MK_OPENSSL} != "no" +_pam_zfs_key= pam_zfs_key +.endif .endif SUBDIR_DEPEND_libctf= libspl @@ -41,6 +45,7 @@ SUBDIR_DEPEND_libzfs= libavl libnvpair libumem libuutil libzfs_core libzutil SUBDIR_DEPEND_libzpool= libavl libnvpair libumem libicp SUBDIR_DEPEND_libzutil= libavl libtpool SUBDIR_DEPEND_libzfsbootenv= libzfs libnvpair +SUBDIR_DEPEND_pam_zfs_key= libnvpair libuutil libzfs libzfs_core SUBDIR_PARALLEL= diff --git a/cddl/lib/pam_zfs_key/Makefile b/cddl/lib/pam_zfs_key/Makefile new file mode 100644 index 000000000000..cf43802090dd --- /dev/null +++ b/cddl/lib/pam_zfs_key/Makefile @@ -0,0 +1,28 @@ +.PATH: ${SRCTOP}/sys/contrib/openzfs/contrib/pam_zfs_key +.PATH: ${SRCTOP}/sys/contrib/openzfs/include + +PACKAGE= utilities +LIB= pam_zfs_key + +SHLIBDIR?= /usr/lib + +LIBADD= zfs zfs_core nvpair uutil crypto + +SRCS= pam_zfs_key.c + +WARNS?= 2 +CSTD= c99 +CFLAGS+= -DIN_BASE +CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/include +CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/lib/libspl/include/ +CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/lib/libspl/include/os/freebsd +CFLAGS+= -I${SRCTOP}/cddl/compat/opensolaris/include +CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/module/icp/include +CFLAGS+= -include ${SRCTOP}/sys/contrib/openzfs/include/os/freebsd/spl/sys/ccompile.h +CFLAGS+= -DHAVE_ISSETUGID +CFLAGS+= -include ${SRCTOP}/sys/modules/zfs/zfs_config.h +CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/include/os/freebsd/zfs +CFLAGS+= -DRUNSTATEDIR=\"/var/run\" + +.include "../../lib/libpam/modules/Makefile.inc" +.include