mirror of
https://git.proxmox.com/git/mirror_zfs.git
synced 2025-01-03 23:09:35 +03:00
d76917b2ec
Add new init scripts which allow automatic loading of keys if keylocation property is set to a URI. Reviewed-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Benedikt Neuffer <ogelpre@itfriend.de> Closes #11659 Closes #11662
132 lines
3.0 KiB
Plaintext
Executable File
132 lines
3.0 KiB
Plaintext
Executable File
#!@DEFAULT_INIT_SHELL@
|
|
#
|
|
# zfs-load-key This script will load/unload the zfs filesystems keys.
|
|
#
|
|
# chkconfig: 2345 06 99
|
|
# description: This script will load or unload the zfs filesystems keys during
|
|
# system boot/shutdown. Only filesystems with key path set
|
|
# in keylocation property. See the zfs(8) man page for details.
|
|
# probe: true
|
|
#
|
|
### BEGIN INIT INFO
|
|
# Provides: zfs-load-key
|
|
# Required-Start: $local_fs zfs-import
|
|
# Required-Stop: $local_fs zfs-import
|
|
# Default-Start: 2 3 4 5
|
|
# Default-Stop: 0 1 6
|
|
# X-Start-Before: zfs-mount
|
|
# X-Stop-After: zfs-zed
|
|
# Short-Description: Load ZFS keys for filesystems and volumes
|
|
# Description: Run the `zfs load-key` or `zfs unload-key` commands.
|
|
### END INIT INFO
|
|
#
|
|
# Released under the 2-clause BSD license.
|
|
#
|
|
# This script is based on debian/zfsutils.zfs.init from the
|
|
# Debian GNU/kFreeBSD zfsutils 8.1-3 package, written by Aurelien Jarno.
|
|
|
|
# Source the common init script
|
|
. @sysconfdir@/zfs/zfs-functions
|
|
|
|
# ----------------------------------------------------
|
|
|
|
do_depend()
|
|
{
|
|
# bootmisc will log to /var which may be a different zfs than root.
|
|
before bootmisc logger zfs-mount
|
|
|
|
after zfs-import sysfs
|
|
keyword -lxc -openvz -prefix -vserver
|
|
}
|
|
|
|
# Load keys for all datasets/filesystems
|
|
do_load_keys()
|
|
{
|
|
zfs_log_begin_msg "Load ZFS filesystem(s) keys"
|
|
|
|
"$ZFS" list -Ho name,encryptionroot,keystatus,keylocation |
|
|
while IFS=" " read -r name encryptionroot keystatus keylocation; do
|
|
if [ "$encryptionroot" != "-" ] &&
|
|
[ "$name" = "$encryptionroot" ] &&
|
|
[ "$keystatus" = "unavailable" ] &&
|
|
[ "$keylocation" != "prompt" ] &&
|
|
[ "$keylocation" != "none" ]
|
|
then
|
|
zfs_action "Load key for $encryptionroot" \
|
|
"$ZFS" load-key "$encryptionroot"
|
|
fi
|
|
done
|
|
|
|
zfs_log_end_msg 0
|
|
|
|
return 0
|
|
}
|
|
|
|
# Unload keys for all datasets/filesystems
|
|
do_unload_keys()
|
|
{
|
|
zfs_log_begin_msg "Unload ZFS filesystem(s) key"
|
|
|
|
"$ZFS" list -Ho name,encryptionroot,keystatus | sed '1!G;h;$!d' |
|
|
while IFS=" " read -r name encryptionroot keystatus; do
|
|
if [ "$encryptionroot" != "-" ] &&
|
|
[ "$name" = "$encryptionroot" ] &&
|
|
[ "$keystatus" = "available" ]
|
|
then
|
|
zfs_action "Unload key for $encryptionroot" \
|
|
"$ZFS" unload-key "$encryptionroot"
|
|
fi
|
|
done
|
|
|
|
zfs_log_end_msg 0
|
|
|
|
return 0
|
|
}
|
|
|
|
do_start()
|
|
{
|
|
check_boolean "$ZFS_LOAD_KEY" || exit 0
|
|
|
|
check_module_loaded "zfs" || exit 0
|
|
|
|
do_load_keys
|
|
}
|
|
|
|
do_stop()
|
|
{
|
|
check_boolean "$ZFS_UNLOAD_KEY" || exit 0
|
|
|
|
check_module_loaded "zfs" || exit 0
|
|
|
|
do_unload_keys
|
|
}
|
|
|
|
# ----------------------------------------------------
|
|
|
|
if [ ! -e /sbin/openrc-run ]
|
|
then
|
|
case "$1" in
|
|
start)
|
|
do_start
|
|
;;
|
|
stop)
|
|
do_stop
|
|
;;
|
|
force-reload|condrestart|reload|restart|status)
|
|
# no-op
|
|
;;
|
|
*)
|
|
[ -n "$1" ] && echo "Error: Unknown command $1."
|
|
echo "Usage: $0 {start|stop}"
|
|
exit 3
|
|
;;
|
|
esac
|
|
|
|
exit $?
|
|
else
|
|
# Create wrapper functions since Gentoo don't use the case part.
|
|
depend() { do_depend; }
|
|
start() { do_start; }
|
|
stop() { do_stop; }
|
|
fi
|