From ee21ee1572d40a3b74f18638dae38c1a9ad1e9e3 Mon Sep 17 00:00:00 2001
From: Greg V <greg_unrelenting.technology>
Date: Tue, 2 Mar 2021 06:01:14 -0500
Subject: [PATCH] openzfs: attach pam_zfs_key to build

This PAM module allows unlocking encrypted user home datasets when
logging in (and changing passphrase when changing the account password),
see https://github.com/openzfs/zfs/pull/9903

Also supposed to unload the key when the last session for the user is
done, but there are EBUSY issues:
https://github.com/openzfs/zfs/issues/11222#issuecomment-731897858

Submitted by:	Greg V <greg_unrelenting.technology>
Reviewed by:	mm
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D28018
---
 cddl/lib/Makefile             |  7 ++++++-
 cddl/lib/pam_zfs_key/Makefile | 28 ++++++++++++++++++++++++++++
 2 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 cddl/lib/pam_zfs_key/Makefile

diff --git a/cddl/lib/Makefile b/cddl/lib/Makefile
index 2f360a8684a2..ae6862f70443 100644
--- a/cddl/lib/Makefile
+++ b/cddl/lib/Makefile
@@ -17,7 +17,8 @@ SUBDIR=	drti \
 	${_libzfs} \
 	${_libzfsbootenv} \
 	${_libzpool} \
-	${_libzutil}
+	${_libzutil} \
+	${_pam_zfs_key}
 
 SUBDIR.${MK_TESTS}+= tests
 
@@ -30,6 +31,9 @@ _libzutil=	libzutil
 _libzfsbootenv=	libzfsbootenv
 _libzpool=	libzpool
 _libtpool=	libtpool
+.if ${MK_OPENSSL} != "no"
+_pam_zfs_key=	pam_zfs_key
+.endif
 .endif
 
 SUBDIR_DEPEND_libctf=		libspl
@@ -41,6 +45,7 @@ SUBDIR_DEPEND_libzfs=	libavl libnvpair libumem libuutil libzfs_core libzutil
 SUBDIR_DEPEND_libzpool=	libavl libnvpair libumem libicp
 SUBDIR_DEPEND_libzutil=	libavl libtpool
 SUBDIR_DEPEND_libzfsbootenv= libzfs libnvpair
+SUBDIR_DEPEND_pam_zfs_key= libnvpair libuutil libzfs libzfs_core
 
 SUBDIR_PARALLEL=
 
diff --git a/cddl/lib/pam_zfs_key/Makefile b/cddl/lib/pam_zfs_key/Makefile
new file mode 100644
index 000000000000..cf43802090dd
--- /dev/null
+++ b/cddl/lib/pam_zfs_key/Makefile
@@ -0,0 +1,28 @@
+.PATH: ${SRCTOP}/sys/contrib/openzfs/contrib/pam_zfs_key
+.PATH: ${SRCTOP}/sys/contrib/openzfs/include
+
+PACKAGE=	utilities
+LIB=		pam_zfs_key
+
+SHLIBDIR?=	/usr/lib
+
+LIBADD=		zfs zfs_core nvpair uutil crypto
+
+SRCS= pam_zfs_key.c
+
+WARNS?=	2
+CSTD=	c99
+CFLAGS+= -DIN_BASE
+CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/include
+CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/lib/libspl/include/
+CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/lib/libspl/include/os/freebsd
+CFLAGS+= -I${SRCTOP}/cddl/compat/opensolaris/include
+CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/module/icp/include
+CFLAGS+= -include ${SRCTOP}/sys/contrib/openzfs/include/os/freebsd/spl/sys/ccompile.h
+CFLAGS+= -DHAVE_ISSETUGID
+CFLAGS+= -include ${SRCTOP}/sys/modules/zfs/zfs_config.h
+CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/include/os/freebsd/zfs
+CFLAGS+= -DRUNSTATEDIR=\"/var/run\"
+
+.include "../../lib/libpam/modules/Makefile.inc"
+.include <bsd.lib.mk>