autounmountd unload ZFS keys

From: Eric McCorkle <eric_at_metricspace.net>
Date: Mon, 30 Aug 2021 07:55:23 -0400
Hello all,

I finally got some free time to hack on FreeBSD again.  I have a patch
that will enable autounmountd to unload ZFS encryption keys whenever it
unmounts a ZFS dataset:

https://reviews.freebsd.org/D31725

This is the first of a pair which I'm planning to do, which will enable
you to have encrypted ZFS home directories managed by autofs, which will
only have the keys loaded while a given user is logged in.  (This is a
common requirement in standards for high-security systems.)  The next
one I'm planning to work on is a pam module that will load ZFS keys upon
a successful login.
Received on Mon Aug 30 2021 - 11:55:23 UTC

Original text of this message