Date: Mon, 30 Aug 2021 08:00:16 -0400 From: Eric McCorkle <eric@metricspace.net> To: "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org> Subject: autounmountd unload ZFS keys Message-ID: <79ba78a2-7125-144a-cff9-41dde28d0599@metricspace.net>
next in thread | raw e-mail | index | archive | help
Hello all, I finally got some free time to hack on FreeBSD again. I have a patch that will enable autounmountd to unload ZFS encryption keys whenever it unmounts a ZFS dataset: https://reviews.freebsd.org/D31725 This is the first of a pair which I'm planning to do, which will enable you to have encrypted ZFS home directories managed by autofs, which will only have the keys loaded while a given user is logged in. (This is a common requirement in standards for high-security systems.) The next one I'm planning to work on is a pam module that will load ZFS keys upon a successful login.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?79ba78a2-7125-144a-cff9-41dde28d0599>