#!@DEFAULT_INIT_SHELL@ # shellcheck disable=SC2154 # # zfs-load-key This script will load/unload the zfs filesystems keys. # # chkconfig: 2345 06 99 # description: This script will load or unload the zfs filesystems keys during # system boot/shutdown. Only filesystems with key path set # in keylocation property. See the zfs(8) man page for details. # probe: true # ### BEGIN INIT INFO # Provides: zfs-load-key # Required-Start: $local_fs zfs-import # Required-Stop: $local_fs zfs-import # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # X-Start-Before: zfs-mount # X-Stop-After: zfs-zed # Short-Description: Load ZFS keys for filesystems and volumes # Description: Run the `zfs load-key` or `zfs unload-key` commands. ### END INIT INFO # # Released under the 2-clause BSD license. # # This script is based on debian/zfsutils.zfs.init from the # Debian GNU/kFreeBSD zfsutils 8.1-3 package, written by Aurelien Jarno. # Source the common init script . @sysconfdir@/zfs/zfs-functions # ---------------------------------------------------- do_depend() { # bootmisc will log to /var which may be a different zfs than root. before bootmisc logger zfs-mount after zfs-import sysfs keyword -lxc -openvz -prefix -vserver } # Load keys for all datasets/filesystems do_load_keys() { zfs_log_begin_msg "Load ZFS filesystem(s) keys" "$ZFS" list -Ho name,encryptionroot,keystatus,keylocation | while IFS=" " read -r name encryptionroot keystatus keylocation; do if [ "$encryptionroot" != "-" ] && [ "$name" = "$encryptionroot" ] && [ "$keystatus" = "unavailable" ] && [ "$keylocation" != "prompt" ] && [ "$keylocation" != "none" ] then zfs_action "Load key for $encryptionroot" \ "$ZFS" load-key "$encryptionroot" fi done zfs_log_end_msg 0 return 0 } # Unload keys for all datasets/filesystems do_unload_keys() { zfs_log_begin_msg "Unload ZFS filesystem(s) key" "$ZFS" list -Ho name,encryptionroot,keystatus | sed '1!G;h;$!d' | while IFS=" " read -r name encryptionroot keystatus; do if [ "$encryptionroot" != "-" ] && [ "$name" = "$encryptionroot" ] && [ "$keystatus" = "available" ] then zfs_action "Unload key for $encryptionroot" \ "$ZFS" unload-key "$encryptionroot" fi done zfs_log_end_msg 0 return 0 } do_start() { check_boolean "$ZFS_LOAD_KEY" || exit 0 check_module_loaded "zfs" || exit 0 do_load_keys } do_stop() { check_boolean "$ZFS_UNLOAD_KEY" || exit 0 check_module_loaded "zfs" || exit 0 do_unload_keys } # ---------------------------------------------------- if [ ! -e /sbin/openrc-run ] then case "$1" in start) do_start ;; stop) do_stop ;; force-reload|condrestart|reload|restart|status) # no-op ;; *) [ -n "$1" ] && echo "Error: Unknown command $1." echo "Usage: $0 {start|stop}" exit 3 ;; esac exit $? else # Create wrapper functions since Gentoo don't use the case part. depend() { do_depend; } start() { do_start; } stop() { do_stop; } fi