Feature request: Enable use of ZFS datasets and optionally GELI
Daniel Jensen
debdrup at gmail.com
Mon Nov 20 19:58:26 CET 2017
So it’s probably better to fork pass into zpass or something similar, since it’ll be exclusively for ZFS datasets and can optionally use GELI instead of GPG.
Will give it some thought, but perhaps it wasn’t really a good idea for a feature request after-all.
For reference, here are some links that should work:
https://man.freebsd.org/geli(8) <https://man.freebsd.org/geli(8)>
https://man.freebsd.org/ggatel(8) <https://man.freebsd.org/ggatel(8)>
> On 20 Nov 2017, at 19.51, Kenny Evitt <kenny.evitt at gmail.com> wrote:
>
> (Don't forget to 'reply all' to keep the thread on the list.)
>
> Those links don't work for me. But I was able to get at least a sense of what `geli` and `ggatel` are based on some cursory review of Google search results for those terms. Basically, FreeBSD can encrypt arbitrary filesystems.
>
> I can't think of what support Pass could have that would be relevant to these features. What specifically do you want to do with Pass and these features that you can't currently?
>
> First, being only available on FreeBSD seems pretty limiting. Why would Pass add features only available on one platform?
>
> Second, why would you want to combine those features with Pass? Or are you requesting that Pass be modified to (optionally?) make use of the FreeBSD filesystem encryption features *instead* of using GPG (and any other extensions available)?
>
> I don't speak for the author and maintainer, but I'd guess this would make more sense as a Pass-like or Pass-inspired project.
>
> Pass repos are just directories with GPG-encrypted files. (There's some conventions about what keys should be used to encrypt which files based on *.gpg-id* files in the root directory or sub-directories.) They can also be a Git repo for tracking changes. But besides that they're (perfectly?) independent of any specific filesystem. Would adding support for the FreeBSD GEOM features change that?
>
> On Mon, Nov 20, 2017 at 8:15 AM, Daniel Jensen <debdrup at gmail.com <mailto:debdrup at gmail.com>> wrote:
> Well, it’s a feature that’ll pretty much only work on FreeBSD since it requires GEOM.
>
> GEOM ELI (https://man.freebsd.org/geli(8)) <https://man.freebsd.org/geli(8))> and GGATEL (https://man.freebsd.org/ggatel(8)) <https://man.freebsd.org/ggatel(8))> can be used to mount a disk image as a directory, which is where pass stores its data structure.
>
>
>> On 20 Nov 2017, at 14.09, Kenny Evitt <kenny.evitt at gmail.com <mailto:kenny.evitt at gmail.com>> wrote:
>>
>> I'm using ZFS on some servers, but not with Pass. What kind of features would you want to add to Pass related to ZFS or ZFS datasets?
>>
>> What's GELI?
>>
>> Depending on what it is exactly that you want, it could probably be implemented as a Pass extension. I'm pretty skeptical that these features, whatever they are, would be sensibly added to Pass itself.
>>
>> On Sun, Nov 19, 2017 at 12:22 PM D. Ebdrup <debdrup at gmail.com <mailto:debdrup at gmail.com>> wrote:
>> ZFS datasets and GELI are really powerful things and would be a great
>>
>> addition to password-store, so I’m wondering if it’s possible to
>>
>> implement this.
>>
>>
>>
>>
>>
>> Alternative, if it’s something I can figure out to do, or find someone
>>
>> with the skill to add it, is it a feature that would be accepted?
>>
>>
>> _______________________________________________
>>
>> Password-Store mailing list
>>
>> Password-Store at lists.zx2c4.com <mailto:Password-Store at lists.zx2c4.com>
>>
>> https://lists.zx2c4.com/mailman/listinfo/password-store <https://lists.zx2c4.com/mailman/listinfo/password-store>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20171120/cefb3a00/attachment-0001.html>
More information about the Password-Store
mailing list