Documentation
¶
Index ¶
- func CreateZvolEtcd(log *base.LogObject, datasetName string, zfsKeyFile string, encrypted bool) error
- func CreateZvolVault(log *base.LogObject, datasetName string, zfsKeyFile string, encrypted bool) error
- func DisallowVaultCleanup() error
- func GetOperationalInfo(log *base.LogObject) (info.DataSecAtRestStatus, string)
- func IsVaultCleanupAllowed() bool
- func MountVaultZvol(log *base.LogObject, datasetPath string) error
- type Ext4Handler
- func (h *Ext4Handler) GetOperationalInfo() (info.DataSecAtRestStatus, string)
- func (h *Ext4Handler) GetVaultStatuses() []*types.VaultStatus
- func (h *Ext4Handler) RemoveDefaultVault() error
- func (h *Ext4Handler) SetHandlerOptions(options HandlerOptions)
- func (h *Ext4Handler) SetupDefaultVault() error
- func (h *Ext4Handler) SetupDeprecatedVaults() error
- func (h *Ext4Handler) UnlockDefaultVault() error
- type Handler
- type HandlerOptions
- type UnsupportedHandler
- func (h *UnsupportedHandler) GetOperationalInfo() (info.DataSecAtRestStatus, string)
- func (h *UnsupportedHandler) GetVaultStatuses() []*types.VaultStatus
- func (h *UnsupportedHandler) RemoveDefaultVault() error
- func (h *UnsupportedHandler) SetHandlerOptions(_ HandlerOptions)
- func (h *UnsupportedHandler) SetupDefaultVault() error
- func (h *UnsupportedHandler) SetupDeprecatedVaults() error
- func (h *UnsupportedHandler) UnlockDefaultVault() error
- type ZFSHandler
- func (h *ZFSHandler) GetOperationalInfo() (info.DataSecAtRestStatus, string)
- func (h *ZFSHandler) GetVaultStatuses() []*types.VaultStatus
- func (h *ZFSHandler) RemoveDefaultVault() error
- func (h *ZFSHandler) SetHandlerOptions(options HandlerOptions)
- func (h *ZFSHandler) SetupDefaultVault() error
- func (h *ZFSHandler) SetupDeprecatedVaults() error
- func (h *ZFSHandler) UnlockDefaultVault() error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateZvolEtcd ¶
func CreateZvolEtcd(log *base.LogObject, datasetName string, zfsKeyFile string, encrypted bool) error
CreateZvolEtcd Create and mount an empty vault dataset zvol
func CreateZvolVault ¶
func CreateZvolVault(log *base.LogObject, datasetName string, zfsKeyFile string, encrypted bool) error
CreateZvolVault Create and mount an empty vault dataset zvol
func DisallowVaultCleanup ¶
func DisallowVaultCleanup() error
DisallowVaultCleanup do not allow vault cleanup
func GetOperationalInfo ¶
func GetOperationalInfo(log *base.LogObject) (info.DataSecAtRestStatus, string)
GetOperationalInfo gets the current operational state of encryption tool
func IsVaultCleanupAllowed ¶
func IsVaultCleanupAllowed() bool
IsVaultCleanupAllowed returns true if vault cleanup allowed
Types ¶
type Ext4Handler ¶
type Ext4Handler struct {
// contains filtered or unexported fields
}
Ext4Handler handles vault operations with ext4
func (*Ext4Handler) GetOperationalInfo ¶
func (h *Ext4Handler) GetOperationalInfo() (info.DataSecAtRestStatus, string)
GetOperationalInfo returns status of encryption and string with information
func (*Ext4Handler) GetVaultStatuses ¶
func (h *Ext4Handler) GetVaultStatuses() []*types.VaultStatus
GetVaultStatuses returns statuses of vault(s)
func (*Ext4Handler) RemoveDefaultVault ¶
func (h *Ext4Handler) RemoveDefaultVault() error
RemoveDefaultVault removes vaults from ext4
func (*Ext4Handler) SetHandlerOptions ¶
func (h *Ext4Handler) SetHandlerOptions(options HandlerOptions)
SetHandlerOptions adjust handler options
func (*Ext4Handler) SetupDefaultVault ¶
func (h *Ext4Handler) SetupDefaultVault() error
SetupDefaultVault setups vaults on ext4, using fscrypt
func (*Ext4Handler) SetupDeprecatedVaults ¶
func (h *Ext4Handler) SetupDeprecatedVaults() error
SetupDeprecatedVaults to support some very old releases (< 5.6.2 )
func (*Ext4Handler) UnlockDefaultVault ¶
func (h *Ext4Handler) UnlockDefaultVault() error
UnlockDefaultVault cloudKeyOnlyMode=false, useSealedKey=true
type Handler ¶
type Handler interface {
RemoveDefaultVault() error
UnlockDefaultVault() error
SetupDeprecatedVaults() error
SetupDefaultVault() error
GetVaultStatuses() []*types.VaultStatus
SetHandlerOptions(HandlerOptions)
GetOperationalInfo() (info.DataSecAtRestStatus, string)
}
Handler is an interface for handling vault operations
func GetHandler ¶
GetHandler returns Handler implementation for the current persist type
type HandlerOptions ¶
type HandlerOptions struct {
// TpmKeyOnlyMode will use only TPM key to generate vault key
TpmKeyOnlyMode bool
}
HandlerOptions defines options for handler
type UnsupportedHandler ¶
type UnsupportedHandler struct {
// contains filtered or unexported fields
}
UnsupportedHandler is common handler for filesystems which not support encryption
func (*UnsupportedHandler) GetOperationalInfo ¶
func (h *UnsupportedHandler) GetOperationalInfo() (info.DataSecAtRestStatus, string)
GetOperationalInfo returns status of encryption and string with information
func (*UnsupportedHandler) GetVaultStatuses ¶
func (h *UnsupportedHandler) GetVaultStatuses() []*types.VaultStatus
GetVaultStatuses returns statuses of vault(s)
func (*UnsupportedHandler) RemoveDefaultVault ¶
func (h *UnsupportedHandler) RemoveDefaultVault() error
RemoveDefaultVault is dummy for UnsupportedHandler
func (*UnsupportedHandler) SetHandlerOptions ¶
func (h *UnsupportedHandler) SetHandlerOptions(_ HandlerOptions)
SetHandlerOptions is dummy for UnsupportedHandler
func (*UnsupportedHandler) SetupDefaultVault ¶
func (h *UnsupportedHandler) SetupDefaultVault() error
SetupDefaultVault creates directory for UnsupportedHandler
func (*UnsupportedHandler) SetupDeprecatedVaults ¶
func (h *UnsupportedHandler) SetupDeprecatedVaults() error
SetupDeprecatedVaults is dummy for UnsupportedHandler
func (*UnsupportedHandler) UnlockDefaultVault ¶
func (h *UnsupportedHandler) UnlockDefaultVault() error
UnlockDefaultVault unlocks vault from zfs
type ZFSHandler ¶
type ZFSHandler struct {
// contains filtered or unexported fields
}
ZFSHandler handles vault operations with ZFS
func (*ZFSHandler) GetOperationalInfo ¶
func (h *ZFSHandler) GetOperationalInfo() (info.DataSecAtRestStatus, string)
GetOperationalInfo returns status of encryption and string with information
func (*ZFSHandler) GetVaultStatuses ¶
func (h *ZFSHandler) GetVaultStatuses() []*types.VaultStatus
GetVaultStatuses returns statuses of vault(s)
func (*ZFSHandler) RemoveDefaultVault ¶
func (h *ZFSHandler) RemoveDefaultVault() error
RemoveDefaultVault removes vault from zfs e.g. zfs destroy -fr persist/vault
func (*ZFSHandler) SetHandlerOptions ¶
func (h *ZFSHandler) SetHandlerOptions(options HandlerOptions)
SetHandlerOptions adjust handler options
func (*ZFSHandler) SetupDefaultVault ¶
func (h *ZFSHandler) SetupDefaultVault() error
SetupDefaultVault setups vaults on zfs, using zfs native encryption support
func (*ZFSHandler) SetupDeprecatedVaults ¶
func (h *ZFSHandler) SetupDeprecatedVaults() error
SetupDeprecatedVaults is dummy for ZFSHandler
func (*ZFSHandler) UnlockDefaultVault ¶
func (h *ZFSHandler) UnlockDefaultVault() error
UnlockDefaultVault e.g. zfs load-key persist/vault followed by zfs mount persist/vault
Source Files