1#!@DEFAULT_INIT_SHELL@ 2# 3# zfs-load-key This script will load/unload the zfs filesystems keys. 4# 5# chkconfig: 2345 06 99 6# description: This script will load or unload the zfs filesystems keys during 7# system boot/shutdown. Only filesystems with key path set 8# in keylocation property. See the zfs(8) man page for details. 9# probe: true 10# 11### BEGIN INIT INFO 12# Provides: zfs-load-key 13# Required-Start: $local_fs zfs-import 14# Required-Stop: $local_fs zfs-import 15# Default-Start: 2 3 4 5 16# Default-Stop: 0 1 6 17# X-Start-Before: zfs-mount 18# X-Stop-After: zfs-zed 19# Short-Description: Load ZFS keys for filesystems and volumes 20# Description: Run the `zfs load-key` or `zfs unload-key` commands. 21### END INIT INFO 22# 23# Released under the 2-clause BSD license. 24# 25# This script is based on debian/zfsutils.zfs.init from the 26# Debian GNU/kFreeBSD zfsutils 8.1-3 package, written by Aurelien Jarno. 27 28# Source the common init script 29. @sysconfdir@/zfs/zfs-functions 30 31# ---------------------------------------------------- 32 33do_depend() 34{ 35 # bootmisc will log to /var which may be a different zfs than root. 36 before bootmisc logger zfs-mount 37 38 after zfs-import sysfs 39 keyword -lxc -openvz -prefix -vserver 40} 41 42# Load keys for all datasets/filesystems 43do_load_keys() 44{ 45 zfs_log_begin_msg "Load ZFS filesystem(s) keys" 46 47 "$ZFS" list -Ho name,encryptionroot,keystatus,keylocation | 48 while IFS=" " read -r name encryptionroot keystatus keylocation; do 49 if [ "$encryptionroot" != "-" ] && 50 [ "$name" = "$encryptionroot" ] && 51 [ "$keystatus" = "unavailable" ] && 52 [ "$keylocation" != "prompt" ] && 53 [ "$keylocation" != "none" ] 54 then 55 zfs_action "Load key for $encryptionroot" \ 56 "$ZFS" load-key "$encryptionroot" 57 fi 58 done 59 60 zfs_log_end_msg 0 61 62 return 0 63} 64 65# Unload keys for all datasets/filesystems 66do_unload_keys() 67{ 68 zfs_log_begin_msg "Unload ZFS filesystem(s) key" 69 70 "$ZFS" list -Ho name,encryptionroot,keystatus | sed '1!G;h;$!d' | 71 while IFS=" " read -r name encryptionroot keystatus; do 72 if [ "$encryptionroot" != "-" ] && 73 [ "$name" = "$encryptionroot" ] && 74 [ "$keystatus" = "available" ] 75 then 76 zfs_action "Unload key for $encryptionroot" \ 77 "$ZFS" unload-key "$encryptionroot" 78 fi 79 done 80 81 zfs_log_end_msg 0 82 83 return 0 84} 85 86do_start() 87{ 88 check_boolean "$ZFS_LOAD_KEY" || exit 0 89 90 check_module_loaded "zfs" || exit 0 91 92 do_load_keys 93} 94 95do_stop() 96{ 97 check_boolean "$ZFS_UNLOAD_KEY" || exit 0 98 99 check_module_loaded "zfs" || exit 0 100 101 do_unload_keys 102} 103 104# ---------------------------------------------------- 105 106if [ ! -e /sbin/openrc-run ] 107then 108 case "$1" in 109 start) 110 do_start 111 ;; 112 stop) 113 do_stop 114 ;; 115 force-reload|condrestart|reload|restart|status) 116 # no-op 117 ;; 118 *) 119 [ -n "$1" ] && echo "Error: Unknown command $1." 120 echo "Usage: $0 {start|stop}" 121 exit 3 122 ;; 123 esac 124 125 exit $? 126else 127 # Create wrapper functions since Gentoo don't use the case part. 128 depend() { do_depend; } 129 start() { do_start; } 130 stop() { do_stop; } 131fi 132