freebsd-nq/contrib/pam_zfs_key/zfs_key
felixdoerre 221e67040f
pam: implement a zfs_key pam module
Implements a pam module for automatically loading zfs encryption keys 
for home datasets. The pam module:

  - loads a zfs key and mounts the dataset when a session opens.
  - unmounts the dataset and unloads the key when the session closes.
  - when the user is logged on and changes the password, the module
    changes the encryption key.

Reviewed-by: Richard Laager <rlaager@wiktel.com>
Reviewed-by: @jengelh <jengelh@inai.de>
Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Felix Dörre <felix@dogcraft.de>
Closes #9886
Closes #9903
2020-06-24 18:45:44 -07:00

14 lines
265 B
Plaintext

Name: Unlock zfs datasets for user
Default: yes
Priority: 128
Auth-Type: Additional
Auth:
optional pam_zfs_key.so
Session-Interactive-Only: yes
Session-Type: Additional
Session:
optional pam_zfs_key.so
Password-Type: Additional
Password:
optional pam_zfs_key.so