From nobody Mon Sep 06 18:53:54 2021
X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id AFC2017BC8C2;
	Tue,  7 Sep 2021 11:29:16 +0000 (UTC)
	(envelope-from steffen@sdaoden.eu)
Received: from sdaoden.eu (sdaoden.eu [217.144.132.164])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4H3jhr3s9yz4X2l;
	Tue,  7 Sep 2021 11:29:16 +0000 (UTC)
	(envelope-from steffen@sdaoden.eu)
Received: from kent.sdaoden.eu (kent.sdaoden.eu [10.5.0.2])
	by sdaoden.eu (Postfix) with ESMTPS id A980F1605B;
	Mon,  6 Sep 2021 20:53:56 +0200 (CEST)
Received: by kent.sdaoden.eu (Postfix, from userid 1000)
	id 8CC13F98; Mon,  6 Sep 2021 20:53:54 +0200 (CEST)
Date: Mon, 06 Sep 2021 20:53:54 +0200
Author: Steffen Nurpmeso <steffen@sdaoden.eu>
From: Steffen Nurpmeso <steffen@sdaoden.eu>
To: Eric McCorkle <eric@metricspace.net>
Cc: freebsd-current@freebsd.org, Greg <greg@unrelenting.technology>,
 FreeBSD Hackers <freebsd-hackers@freebsd.org>
Subject: Re: PAM module for loading ZFS keys on login
Message-ID: <20210906185354.D5ymE%steffen@sdaoden.eu>
In-Reply-To: <e4a853db-f73b-a53d-c18a-22acb22b3d56@metricspace.net>
References: <b4d216da-d4b8-12a6-3873-566e5044678c@metricspace.net>
 <67F44CFE-2496-4B13-8583-8A80D9ED3A4A@unrelenting.technology>
 <b265fa82-53f2-59f4-65c2-b07a9412bf83@metricspace.net>
 <20210906140137.iGt2J%steffen@sdaoden.eu>
 <e4a853db-f73b-a53d-c18a-22acb22b3d56@metricspace.net>
Mail-Followup-To: Eric McCorkle <eric@metricspace.net>,
 freebsd-current@freebsd.org, Greg <greg@unrelenting.technology>,
 FreeBSD Hackers <freebsd-hackers@freebsd.org>
User-Agent: s-nail v14.9.22-175-gc118a4a5c7
OpenPGP: id=EE19E1C1F2F7054F8D3954D8308964B51883A0DD;
 url=https://ftp.sdaoden.eu/steffen.asc; preference=signencrypt
BlahBlahBlah: Any stupid boy can crush a beetle. But all the professors in
 the world can make no bugs.
X-Rspamd-Queue-Id: 4H3jhr3s9yz4X2l
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	none
X-Spamd-Result: default: False [-4.00 / 15.00];
	 REPLY(-4.00)[]
X-Spam: Yes
X-ThisMailContainsUnwantedMimeParts: N
List-Id: Technical discussions relating to FreeBSD <freebsd-hackers.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-hackers
List-Help: <mailto:freebsd-hackers+help@freebsd.org>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Subscribe: <mailto:freebsd-hackers+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-hackers+unsubscribe@freebsd.org>
Sender: owner-freebsd-hackers@freebsd.org

Eric McCorkle wrote in
 <e4a853db-f73b-a53d-c18a-22acb22b3d56@metricspace.net>:
 ...
  >> This patch creates a new PAM module that will load a ZFS key upon a
  >> successful login: https://reviews.freebsd.org/D31844.  It will use the
  >> user's auth token as the key argument to loading a ZFS encryption key on
  >> a user-specific ZFS data set.
  ...

Without knowing about libzfs i personally was stunned about the
simplicity of your patch, having read the upstream one.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)