vault

package
v0.0.0-...-a6598b8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 1, 2024 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CreateZvolEtcd 

func CreateZvolEtcd(log *base.LogObject, datasetName string, zfsKeyFile string, encrypted bool) error

CreateZvolEtcd Create and mount an empty vault dataset zvol

func CreateZvolVault 

func CreateZvolVault(log *base.LogObject, datasetName string, zfsKeyFile string, encrypted bool) error

CreateZvolVault Create and mount an empty vault dataset zvol

func DisallowVaultCleanup 

func DisallowVaultCleanup() error

DisallowVaultCleanup do not allow vault cleanup

func GetOperationalInfo 

func GetOperationalInfo(log *base.LogObject) (info.DataSecAtRestStatus, string)

GetOperationalInfo gets the current operational state of encryption tool

func IsVaultCleanupAllowed 

func IsVaultCleanupAllowed() bool

IsVaultCleanupAllowed returns true if vault cleanup allowed

func MountVaultZvol 

func MountVaultZvol(log *base.LogObject, datasetPath string) error

MountVaultZvol Wrapper with wait for device

func ReadPersistType 

func ReadPersistType() types.PersistType

ReadPersistType returns the persist filesystem

Types

type Ext4Handler 

type Ext4Handler struct {
	// contains filtered or unexported fields
}

Ext4Handler handles vault operations with ext4

func (*Ext4Handler) GetOperationalInfo 

func (h *Ext4Handler) GetOperationalInfo() (info.DataSecAtRestStatus, string)

GetOperationalInfo returns status of encryption and string with information

func (*Ext4Handler) GetVaultStatuses 

func (h *Ext4Handler) GetVaultStatuses() []*types.VaultStatus

GetVaultStatuses returns statuses of vault(s)

func (*Ext4Handler) RemoveDefaultVault 

func (h *Ext4Handler) RemoveDefaultVault() error

RemoveDefaultVault removes vaults from ext4

func (*Ext4Handler) SetHandlerOptions 

func (h *Ext4Handler) SetHandlerOptions(options HandlerOptions)

SetHandlerOptions adjust handler options

func (*Ext4Handler) SetupDefaultVault 

func (h *Ext4Handler) SetupDefaultVault() error

SetupDefaultVault setups vaults on ext4, using fscrypt

func (*Ext4Handler) SetupDeprecatedVaults 

func (h *Ext4Handler) SetupDeprecatedVaults() error

SetupDeprecatedVaults to support some very old releases (< 5.6.2 )

func (*Ext4Handler) UnlockDefaultVault 

func (h *Ext4Handler) UnlockDefaultVault() error

UnlockDefaultVault cloudKeyOnlyMode=false, useSealedKey=true

type Handler 

type Handler interface {
	RemoveDefaultVault() error
	UnlockDefaultVault() error
	SetupDeprecatedVaults() error
	SetupDefaultVault() error
	GetVaultStatuses() []*types.VaultStatus
	SetHandlerOptions(HandlerOptions)
	GetOperationalInfo() (info.DataSecAtRestStatus, string)
}

Handler is an interface for handling vault operations

func GetHandler 

func GetHandler(log *base.LogObject) Handler

GetHandler returns Handler implementation for the current persist type

type HandlerOptions 

type HandlerOptions struct {
	// TpmKeyOnlyMode will use only TPM key to generate vault key
	TpmKeyOnlyMode bool
}

HandlerOptions defines options for handler

type UnsupportedHandler 

type UnsupportedHandler struct {
	// contains filtered or unexported fields
}

UnsupportedHandler is common handler for filesystems which not support encryption

func (*UnsupportedHandler) GetOperationalInfo 

func (h *UnsupportedHandler) GetOperationalInfo() (info.DataSecAtRestStatus, string)

GetOperationalInfo returns status of encryption and string with information

func (*UnsupportedHandler) GetVaultStatuses 

func (h *UnsupportedHandler) GetVaultStatuses() []*types.VaultStatus

GetVaultStatuses returns statuses of vault(s)

func (*UnsupportedHandler) RemoveDefaultVault 

func (h *UnsupportedHandler) RemoveDefaultVault() error

RemoveDefaultVault is dummy for UnsupportedHandler

func (*UnsupportedHandler) SetHandlerOptions 

func (h *UnsupportedHandler) SetHandlerOptions(_ HandlerOptions)

SetHandlerOptions is dummy for UnsupportedHandler

func (*UnsupportedHandler) SetupDefaultVault 

func (h *UnsupportedHandler) SetupDefaultVault() error

SetupDefaultVault creates directory for UnsupportedHandler

func (*UnsupportedHandler) SetupDeprecatedVaults 

func (h *UnsupportedHandler) SetupDeprecatedVaults() error

SetupDeprecatedVaults is dummy for UnsupportedHandler

func (*UnsupportedHandler) UnlockDefaultVault 

func (h *UnsupportedHandler) UnlockDefaultVault() error

UnlockDefaultVault unlocks vault from zfs

type ZFSHandler 

type ZFSHandler struct {
	// contains filtered or unexported fields
}

ZFSHandler handles vault operations with ZFS

func (*ZFSHandler) GetOperationalInfo 

func (h *ZFSHandler) GetOperationalInfo() (info.DataSecAtRestStatus, string)

GetOperationalInfo returns status of encryption and string with information

func (*ZFSHandler) GetVaultStatuses 

func (h *ZFSHandler) GetVaultStatuses() []*types.VaultStatus

GetVaultStatuses returns statuses of vault(s)

func (*ZFSHandler) RemoveDefaultVault 

func (h *ZFSHandler) RemoveDefaultVault() error

RemoveDefaultVault removes vault from zfs e.g. zfs destroy -fr persist/vault

func (*ZFSHandler) SetHandlerOptions 

func (h *ZFSHandler) SetHandlerOptions(options HandlerOptions)

SetHandlerOptions adjust handler options

func (*ZFSHandler) SetupDefaultVault 

func (h *ZFSHandler) SetupDefaultVault() error

SetupDefaultVault setups vaults on zfs, using zfs native encryption support

func (*ZFSHandler) SetupDeprecatedVaults 

func (h *ZFSHandler) SetupDeprecatedVaults() error

SetupDeprecatedVaults is dummy for ZFSHandler

func (*ZFSHandler) UnlockDefaultVault 

func (h *ZFSHandler) UnlockDefaultVault() error

UnlockDefaultVault e.g. zfs load-key persist/vault followed by zfs mount persist/vault

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.