From 221e67040fc47c15b3da2afb09bb48f1e9700fb9 Mon Sep 17 00:00:00 2001
From: felixdoerre <felixdoerre@users.noreply.github.com>
Date: Thu, 25 Jun 2020 03:45:44 +0200
Subject: pam: implement a zfs_key pam module
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Implements a pam module for automatically loading zfs encryption keys
for home datasets. The pam module:

  - loads a zfs key and mounts the dataset when a session opens.
  - unmounts the dataset and unloads the key when the session closes.
  - when the user is logged on and changes the password, the module
    changes the encryption key.

Reviewed-by: Richard Laager <rlaager@wiktel.com>
Reviewed-by: @jengelh <jengelh@inai.de>
Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Felix Dörre <felix@dogcraft.de>
Closes #9886
Closes #9903
---
 config/zfs-build.m4 | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'config/zfs-build.m4')

diff --git a/config/zfs-build.m4 b/config/zfs-build.m4
index 016c0fc09..93bef19ff 100644
--- a/config/zfs-build.m4
+++ b/config/zfs-build.m4
@@ -223,6 +223,7 @@ AC_DEFUN([ZFS_AC_CONFIG], [
 	    [test "x$qatsrc" != x ])
 	AM_CONDITIONAL([WANT_DEVNAME2DEVID], [test "x$user_libudev" = xyes ])
 	AM_CONDITIONAL([WANT_MMAP_LIBAIO], [test "x$user_libaio" = xyes ])
+	AM_CONDITIONAL([PAM_ZFS_ENABLED], [test "x$enable_pam" = xyes])
 ])
 
 dnl #
@@ -284,6 +285,7 @@ AC_DEFUN([ZFS_AC_RPM], [
 	RPM_DEFINE_UTIL+=' $(DEFINE_INITRAMFS)'
 	RPM_DEFINE_UTIL+=' $(DEFINE_SYSTEMD)'
 	RPM_DEFINE_UTIL+=' $(DEFINE_PYZFS)'
+	RPM_DEFINE_UTIL+=' $(DEFINE_PAM)'
 	RPM_DEFINE_UTIL+=' $(DEFINE_PYTHON_VERSION)'
 	RPM_DEFINE_UTIL+=' $(DEFINE_PYTHON_PKG_VERSION)'
 
-- 
cgit v1.2.3