openzfs: attach pam_zfs_key to build

This PAM module allows unlocking encrypted user home datasets when logging in (and changing passphrase when changing the account password), see openzfs/zfs#9903 Also supposed to unload the key when the last session for the user is done, but there are EBUSY issues: openzfs/zfs#11222 (comment) Submitted by: Greg V <greg_unrelenting.technology> Reviewed by: mm MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D28018
mmatuska · Mar 2, 2021 · ee21ee1 · ee21ee1
1 parent 99adf23
commit ee21ee1
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 1 deletion.
diff --git a/cddl/lib/Makefile b/cddl/lib/Makefile
@@ -17,7 +17,8 @@ SUBDIR=	drti \
 	${_libzfs} \
 	${_libzfsbootenv} \
 	${_libzpool} \
-	${_libzutil}
+	${_libzutil} \
+	${_pam_zfs_key}
 
 SUBDIR.${MK_TESTS}+= tests
 
@@ -30,6 +31,9 @@ _libzutil=	libzutil
 _libzfsbootenv=	libzfsbootenv
 _libzpool=	libzpool
 _libtpool=	libtpool
+.if ${MK_OPENSSL} != "no"
+_pam_zfs_key=	pam_zfs_key
+.endif
 .endif
 
 SUBDIR_DEPEND_libctf=		libspl
@@ -41,6 +45,7 @@ SUBDIR_DEPEND_libzfs=	libavl libnvpair libumem libuutil libzfs_core libzutil
 SUBDIR_DEPEND_libzpool=	libavl libnvpair libumem libicp
 SUBDIR_DEPEND_libzutil=	libavl libtpool
 SUBDIR_DEPEND_libzfsbootenv= libzfs libnvpair
+SUBDIR_DEPEND_pam_zfs_key= libnvpair libuutil libzfs libzfs_core
 
 SUBDIR_PARALLEL=
 

diff --git a/cddl/lib/pam_zfs_key/Makefile b/cddl/lib/pam_zfs_key/Makefile
@@ -0,0 +1,28 @@
+.PATH: ${SRCTOP}/sys/contrib/openzfs/contrib/pam_zfs_key
+.PATH: ${SRCTOP}/sys/contrib/openzfs/include
+
+PACKAGE=	utilities
+LIB=		pam_zfs_key
+
+SHLIBDIR?=	/usr/lib
+
+LIBADD=		zfs zfs_core nvpair uutil crypto
+
+SRCS= pam_zfs_key.c
+
+WARNS?=	2
+CSTD=	c99
+CFLAGS+= -DIN_BASE
+CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/include
+CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/lib/libspl/include/
+CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/lib/libspl/include/os/freebsd
+CFLAGS+= -I${SRCTOP}/cddl/compat/opensolaris/include
+CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/module/icp/include
+CFLAGS+= -include ${SRCTOP}/sys/contrib/openzfs/include/os/freebsd/spl/sys/ccompile.h
+CFLAGS+= -DHAVE_ISSETUGID
+CFLAGS+= -include ${SRCTOP}/sys/modules/zfs/zfs_config.h
+CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/include/os/freebsd/zfs
+CFLAGS+= -DRUNSTATEDIR=\"/var/run\"
+
+.include "../../lib/libpam/modules/Makefile.inc"
+.include <bsd.lib.mk>