Update default pool/path in pam_zfs_key.c #1305
Conversation
While 'rpool' is the default name throughout OpenZFS codebase -- in comments and tests, primarily -- this instance directly impacts the ease of use of pam_zfs_key, improving POLA. With this change, the default value for the pam_zfs_key paramater homes=... matches what bsdinstall creates by default on a zfs install: zroot/home.
| @@ -449,7 +449,7 @@ static int | |||
| zfs_key_config_load(pam_handle_t *pamh, zfs_key_config_t *config, | |||
| int argc, const char **argv) | |||
| { | |||
| config->homes_prefix = strdup("rpool/home"); | |||
| config->homes_prefix = strdup("zroot/home"); | |||
There was a problem hiding this comment.
Though it's ok, it would be better to have a FreeBSD ifdef and bring in the change via upstream.
There was a problem hiding this comment.
Should I just take this directly (with ifdefs) to OpenZFS, then? (Am I reading that right?) It doesn't seem super robust on FreeBSD to begin with; I can get it to mostly work with console logins, but SSH appears to be a non-starter (session complains about being unable to get password from PAM stack.)
There was a problem hiding this comment.
My apologies for the tardy response.... I've been away due to some personal issues...
I think that you likely should... But I'm not familiar with all the bits that are needed to make this functionality work completely on FreeBSD.
I've not tried this feature out at all...
There was a problem hiding this comment.
For upstream should we have a more extensive change to use zroot rather than rpool generally on FreeBSD?
bsdimp
added
the
please-upstream
|
Sorry for the long delay. I think the best way forward is to submit it upstream, #ifdef'd for FreeBSD, and we'll bring it into the tree that way. Once it's upstreamed, we'll figure out the best way to land it. |
|
Ping? What's the status of this upstream? |
Sorry; out of sight, out of mind... I'll try to do this and link back. |
As described in freebsd/freebsd-src#1305 : FreeBSD's installer defaults to zroot/home for user home directories. For FreeBSD only, set the default prefix for pam_zfs_key to match.
|
Fiinally got back to this and submitted an upstream PR. openzfs/zfs#17600 |
Thanks |
While rpool is the default name throughout OpenZFS codebase -- in comments and tests, primarily -- this instance directly impacts the ease of use of pam_zfs_key, improving POLA.
With this change, the default value for the pam_zfs_key paramater
homes=...matches what bsdinstall (https://cgit.freebsd.org/src/tree/usr.sbin/bsdinstall/scripts/zfsboot#n44) creates by default on a zfs install: zroot/home.