updates to handle encryption better

Author: jonmatifa

lang/en

@@ -10,15 +10,6 @@ sub property_desc
 	 ditto copy of this block is automatically stored. Default setting is
 	 0.',
 
-	'feature@allocation_classes' => 'GUID                   org.zfsonlinux:allocation_classes
-           READ-ONLY COMPATIBLE   yes
-           DEPENDENCIES           none
-
-           This feature enables support for separate allocation classes.
-
-           This  feature becomes active when a dedicated allocation class vdev (dedup or special) is created with the zpool create or zpool add
-           subcommands. With device removal, it can be returned to the enabled state if all the dedicated allocation class vdevs are removed.',
-
 	 'feature@async_destroy' => 'GUID                   com.delphix:async_destroy
            READ-ONLY COMPATIBLE   yes
            DEPENDENCIES           none
@@ -336,322 +327,17 @@ sub property_desc
 
            Booting off of zstd-compressed root pools is not yet supported.',
 
-		'normalization' => 'Indicates whether the file system should perform a unicode normal-
-	   ization of file names whenever two file names are compared, and
-	   which normalization algorithm should be used. File names are always
-	   stored unmodified, names are normalized as part of any comparison
-	   process. If this property is set to a legal value other than none,
-	   and the utf8only property was left unspecified, the utf8only prop-
-	   erty is automatically set to on.  The default value of the
-	   normalization property is none.  This property cannot be changed
-	   after the file system is created.',
-	   
-	   'nbmand' => 'Controls  whether  the  file system should be mounted with "nbmand"
-	   (Non Blocking mandatory locks). This  is  used  for	CIFS  clients.
-	   Changes  to	this property only take effect when the file system is
-	   umounted and remounted.  See  mount(1M)  for  more  information  on
-	   "nbmand" mounts.',
-	   
-	   'origin' => 'For cloned file systems or volumes, the snapshot from which the clone
-	 was created. See also the clones property.',
-	 
-	 'overlay' => 'Allow  mounting  on  a  busy  directory  or a directory which already contains files/directories. This is the
-           default mount behavior for Linux filesystems.  However, for consistency with ZFS on other  platforms  overlay
-           mounts are disabled by default.  Set overlay=on to enable overlay mounts.',
-	   
-	   'primarycache' => 'Controls  what  is cached in the primary cache (ARC). If this prop-
-	   erty is set to "all", then both user data and metadata  is  cached.
-	   If this property is set to "none", then neither user data nor meta-
-	   data is cached. If this property is set to  "metadata",  then  only
-	   metadata is cached. The default value is "all".',
-
-	   'referenced' => 'The amount of data that is accessible by this dataset, which may or
-	 may not be shared with other datasets in the pool. When a snapshot or
-	 clone is created, it initially references the same amount of space as
-	 the file system or snapshot it was created from, since its contents
-	 are identical.<br />
-	<br />
-	 This property can also be referred to by its shortened column name,
-	 refer.',
-	 
-	 'refquota' => 'Limits the amount of space a dataset can consume. This property enforces a hard limit  on  the
-           amount  of  space  used. This hard limit does not include space used by descendents, including
-           file systems and snapshots.',
-		   
-		'refreservation' => 'The minimum amount of space guaranteed to a dataset, not including
-	 its descendents. When the amount of space used is below this value,
-	 the dataset is treated as if it were taking up the amount of space
-	 specified by refreservation.  The refreservation reservation is
-	 accounted for in the parent datasets\' space used, and counts against
-	 the parent datasets\' quotas and reservations.<br />
-	<br />
-	 If refreservation is set, a snapshot is only allowed if there is
-	 enough free pool space outside of this reservation to accommodate the
-	 current number of "referenced" bytes in the dataset.<br />
-	<br />
-	 This property can also be referred to by its shortened column name,
-	 refreserv.',
-	 
-	 'reservation' => 'The minimum amount of space guaranteed to a dataset and its descen-
-	 dents. When the amount of space used is below this value, the dataset
-	 is treated as if it were taking up the amount of space specified by
-	 its reservation. Reservations are accounted for in the parent
-	 datasets\' space used, and count against the parent datasets\' quotas
-	 and reservations.<br />
-	<br />
-	 This property can also be referred to by its shortened column name,
-	 reserv.',
-	 
-	 'rootcontext' => 'This flag sets the SELinux context for the root inode of the filesystem.  See selinux(8)  for  more  information.',
-	   
-	   'secondarycache' => 'Controls what is cached in the secondary  cache  (L2ARC).  If  this
-	   property  is  set  to  "all",  then	both user data and metadata is
-	   cached. If this property is set to "none", then neither  user  data
-	   nor metadata is cached. If this property is set to "metadata", then
-	   only metadata is cached. The default value is "all".',
-	   
-	   'shareiscsi' => 'Like  the "sharenfs" property, "shareiscsi" indicates whether a ZFS
-	   volume is exported as an iSCSI target. The  acceptable  values  for
-	   this  property  are "on", "off", and "type=disk". The default value
-	   is "off". In the future, other target types might be supported. For
-	   example, "tape".
-
-	   You might want to set "shareiscsi=on" for a file system so that all
-	   ZFS volumes within the file system are shared by  default.  Setting
-	   this property on a file system has no direct effect, however.',
-	   
-	   'sharenfs' => 'Controls whether the file system is shared via NFS, and what options
-	 are used. A file system with a sharenfs property of off is managed
-	 the traditional way via exports(5).  Otherwise, the file system is
-	 automatically shared and unshared with the "zfs share" and "zfs
-	 unshare" commands. If the property is set to on no NFS export options
-	 are used. Otherwise, NFS export options are equivalent to the con-
-	 tents of this property. The export options may be comma-separated.
-	 See exports(5) for a list of valid options.<br />
-	<br />
-	 When the sharenfs property is changed for a dataset, the mountd(8)
-	 daemon is reloaded.',
-	 
-	 'sharesmb' => 'Controls whether the file system is shared by using Samba USERSHARES, and what options are  to
-           be  used.  Otherwise,  the file system is automatically shared and unshared with the zfs share
-           and zfs unshare commands. If the property is set to on, the net(8) command is invoked to  cre‐
-           ate a USERSHARE.<br />
-			<br />
-           Because  SMB  shares  requires a resource name, a unique resource name is constructed from the
-           dataset name. The constructed name is a copy of the dataset name except that the characters in
-           the  dataset  name,  which would be illegal in the resource name, are replaced with underscore
-           (_) characters. The ZFS On Linux driver does not (yet) support additional options which  might
-           be availible in the Solaris version.<br />
-			<br />
-           If the sharesmb property is set to off, the file systems are unshared.<br />
-			<br />
-           In Linux, the share is created with the ACL (Access Control List) "Everyone:F" ("F" stands for
-           "full permissions", ie. read and write permissions) and no guest  access  (which  means  samba
-           must  be  able  to authenticate a real user, system passwd/shadow, ldap or smbpasswd based) by
-           default. This means that any additional access control (dissalow specific user specific access
-           etc) must be done on the underlaying filesystem.<br />
-			<br />
-             Example  to  mount  a  SMB  filesystem  shared through ZFS (share/tmp): Note that a user and
-             his/her password must be given!<br />
-			<br />
-               smbmount //127.0.0.1/share_tmp /mnt/tmp -o user=workgroup/turbo,password=obrut,uid=1000<br />
-			<br />
-           Minimal /etc/samba/smb.conf configuration<br />
-			<br />
-             * Samba will need to listen to \'localhost\' (127.0.0.1) for the zfs utilities to communitate
-             with samba.  This is the default behavior for most Linux distributions.<br />
-			<br />
-             * Samba must be able to authenticate a user. This can be done in a number of ways, depending
-             on if using the system password file, LDAP or the Samba specific smbpasswd file. How to do
-             this is outside the scope of this manual. Please refer to the smb.conf(5) manpage for more
-             information.<br />
-			<br />
-             * See the USERSHARE section of the smb.conf(5) man page for all configuration options in
-             case you need to modify any options to the share afterwards. Do note that any changes done
-             with the \'net\' command will be undone if the share is every unshared (such as at a reboot
-             etc). In the future, ZoL will be able to set specific options directly using
-             sharesmb=&#60;option&#62;.',
-			 
-	'size' => 'Total size of the storage pool.',
-
-		'snapdir' => 'Controls  whether  the ".zfs" directory is hidden or visible in the
-	   root of the file system as discussed in  the  "Snapshots"  section.
-	   The default value is "hidden".',
-	   
-	   'snapdev' => 'Controls whether the snapshots devices of zvol\'s are hidden or visible. The default value is hidden.',
-	   
-	   'snapshot_count' => 'The total number of snapshots that exist under this location in the
-           dataset tree.  This value is only available when  a  snapshot_limit
-           has been set somewhere in the tree under which the dataset resides.',
-	   
-	   'snapshot_limit' => '  Limits the number of snapshots that can be created on a dataset and
-           its descendents. Setting a snapshot_limit  on  a  descendent  of  a
-           dataset  that  already  has  a snapshot_limit does not override the
-           ancestor\'s snapshot_limit, but rather imposes an additional  limit.
-           The  limit  is  not  enforced  if the user is allowed to change the
-           limit. For example, this means that recursive snapshots taken  from
-           the global zone are counted against each delegated dataset within a
-           zone. This feature must be  enabled  to  be  used  (see  zpool-fea‐
-           tures(5)).',
 
 	   'setuid' => 'Controls whether the set-UID bit is respected for the file  system.
 	   The default value is "on".',
 
-	   'sync' => 'Controls the behavior of synchronous requests (e.g.  fsync(2),
-	 O_DSYNC). This property accepts the following values:
-
-	     standard  This is the POSIX specified behavior of ensuring all
-		       synchronous requests are written to stable storage and
-		       all devices are flushed to ensure data is not cached by
-		       device controllers (this is the default).
-
-	     always    All file system transactions are written and flushed
-		       before their system calls return. This has a large per-
-		       formance penalty.
-
-	     disabled  Disables synchronous requests. File system transactions
-		       are only committed to stable storage periodically. This
-		       option will give the highest performance.  However, it
-		       is very dangerous as ZFS would be ignoring the synchro-
-		       nous transaction demands of applications such as data-
-		       bases or NFS.  Administrators should only use this
-		       option when the risks are understood.',
-	
-		'type' => 'The type of dataset: filesystem, volume, or snapshot.',
-		
-		'used' => 'The amount of space consumed by this dataset and all its descendents.
-	 This is the value that is checked against this dataset\'s quota and
-	 reservation. The space used does not include this dataset\'s reserva-
-	 tion, but does take into account the reservations of any descendent
-	 datasets. The amount of space that a dataset consumes from its par-
-	 ent, as well as the amount of space that are freed if this dataset is
-	 recursively destroyed, is the greater of its space used and its
-	 reservation.<br />
-	<br />
-	 When snapshots (see the "Snapshots" section) are created, their space
-	 is initially shared between the snapshot and the file system, and
-	 possibly with previous snapshots. As the file system changes, space
-	 that was previously shared becomes unique to the snapshot, and
-	 counted in the snapshot\'s space used. Additionally, deleting snap-
-	 shots can increase the amount of space unique to (and used by) other
-	 snapshots.<br />
-	<br />
-	 The amount of space used, available, or referenced does not take into
-	 account pending changes. Pending changes are generally accounted for
-	 within a few seconds. Committing a change to a disk using fsync(2) or
-	 O_SYNC does not necessarily guarantee that the space usage informa-
-	 tion is updated immediately.',
-		
-		'usedbychildren' => 'The amount of space used by children of this dataset, which would be
-	 freed if all the dataset\'s children were destroyed.',
-	 
-		'usedbydataset' => 'The amount of space used by this dataset itself, which would be freed
-	 if the dataset were destroyed (after first removing any
-	 refreservation and destroying any necessary snapshots or descen-
-	 dents).',
-	 
-		'usedbysnapshots' => 'The amount of space consumed by snapshots of this dataset. In partic-
-	 ular, it is the amount of space that would be freed if all of this
-	 dataset\'s snapshots were destroyed. Note that this is not simply the
-	 sum of the snapshots\' used properties because space can be shared by
-	 multiple snapshots.',
-	 
-		'usedbyrefreservation' => 'The amount of space used by a refreservation set on this dataset,
-	 which would be freed if the refreservation was removed.',
-	 
-	 'userrefs' => 'This property is set to the number of user holds on this snapshot. User holds are set by using the zfs hold command.
-groupused@group
-The amount of space consumed by the specified group in this dataset. Space is charged to the group of each file, as displayed by ls -l. See the userused@user property for more information.
-Unprivileged users can only access their own groups\' space usage. The root user, or a user who has been granted the groupused privilege with zfs allow, can access all groups\' usage.',
-	   
-	   'utf8only' => 'Indicates whether the file system should reject file names that
-	   include characters that are not present in the UTF-8 character code
-	   set. If this property is explicitly set to off, the normalization
-	   property must either not be explicitly set or be set to none.  The
-	   default value for the utf8only property is off.  This property can-
-	   not be changed after the file system is created.',
-	   
-	   'version' => 'The current on-disk version of the pool. This can be increased, but
-	 never decreased. The preferred method of updating pools is with the
-	 "zpool upgrade" command, though this property can be used when a spe-
-	 cific version is needed for backwards compatibility.  Once feature
-	 flags is enabled on a pool this property will no longer have a value.',
-	 
-	 'volblocksize' => 'For volumes, specifies	the block size of the volume. The blocksize
-	 cannot	be changed once	the volume has been written, so	it should be
-	 set at	volume creation	time. The default blocksize for	volumes	is 8
-	 Kbytes. Any power of 2	from 512 bytes to 128 Kbytes is	valid.
-
-	 This property can also	be referred to by its shortened	column name,
-	 volblock.',
 
-	 'volsize' => 'For volumes, specifies	the logical size of the	volume.	By default,
-	 creating a volume establishes a reservation of	equal size. For	storage 
-	 pools with	a version number of 9 or higher, a refreservation is
-	 set instead. Any changes to volsize are reflected in an equivalent
-	 change	to the reservation (or refreservation).	 The volsize can only
-	 be set	to a multiple of volblocksize, and cannot be zero.
-
-	 The reservation is kept equal to the volume\'s logical size to prevent
-	 unexpected behavior for consumers. Without the	reservation, the volume 
-	 could run out of space, resulting in undefined behavior or	data
-	 corruption, depending on how the volume is used. These	effects	can
-	 also occur when the volume size is changed while it is	in use (particularly 
-	 when	shrinking the size). Extreme care should be used when
-	 adjusting the volume size.
-
-	 Though	not recommended, a "sparse volume" (also known as "thin	provisioning") 
-	 can be created by specifying	the -s option to the "zfs
-	 create	-V" command, or	by changing the	reservation after the volume
-	 has been created. A "sparse volume" is	a volume where the reservation
-	 is less then the volume size.	Consequently, writes to	a sparse volume 
-	 can fail with ENOSPC when the pool	is low on space. For a sparse
-	 volume, changes to volsize are	not reflected in the reservation.',
-	   
 	   'vscan' => 'Controls whether regular files should be scanned for viruses when a
 	   file  is  opened and closed. In addition to enabling this property,
 	   the virus scan service must also be enabled for virus  scanning  to
 	   occur. The default value is "off".',
 
-	   'written' => 'The amount of referenced space	written	to this	dataset	since the previous snapshot.',
-	   
-	   'xattr' => 'Controls whether extended attributes are enabled for this file system. The default value is on.',
-	   
-	   'zoned' => 'Controls whether the dataset is managed from a non-global zone. See
-	   the	"Zones"  section  for  more  information. The default value is
-	   "off".<br /><br />
-	   
-	   <h4>Zones</h4>
-	   A  ZFS file system can be added to a non-global zone by using zonecfg\'\s
-       "add fs" subcommand. A ZFS file system that is added  to  a  non-global
-       zone must have its mountpoint property set to legacy.
-
-       The  physical  properties of an added file system are controlled by the
-       global administrator. However, the zone administrator can create,  mod-
-       ify,  or  destroy  files within the added file system, depending on how
-       the file system is mounted.
-
-       A dataset can also be delegated to a non-global zone by using zonecfg\'\s
-       "add dataset" subcommand. You cannot delegate a dataset to one zone and
-       the children of the same dataset to another zone. The zone  administra-
-       tor  can  change properties of the dataset or any of its children. How-
-       ever, the "quota" property is controlled by the global administrator.
-
-       A ZFS volume can be added as a device to a  non-global  zone  by  using
-       zonecfg\'\s "add device" subcommand. However, its physical properties can
-       only be modified by the global administrator.
-
-       For more information about zonecfg syntax, see zonecfg(1M).
-
-       After a dataset is delegated to a non-global zone, the "zoned" property
-       is  automatically  set.	A  zoned  file system cannot be mounted in the
-       global zone, since the zone administrator might have to set  the  mount
-       point to an unacceptable value.
-
-       The  global  administrator  can	forcibly  clear  the "zoned" property,
-       though this should be done with extreme care. The global  administrator
-       should  verify that all the mount points are acceptable before clearing
-       the property.');
+	);
 return %hash;
 }
 

property-list-en.pl

@@ -42,12 +42,17 @@ if ($text{'prop_'.$in{'property'}})
 }
 print ui_table_end();
 
+#this is where we see if we can/and how to edit zfs properties
 if (can_edit($in{'zfs'}, $in{'property'}) =~ 1) {
 print ui_form_start('cmd.cgi', 'post');
 print ui_hidden('property', $in{'property'});
 print ui_hidden('zfs', $in{'zfs'});
 print ui_hidden('pool', $in{'pool'});
-if ($in{'property'} =~ 'mountpoint') {
+if ($in{'property'} =~ 'keystatus' and $get{$in{'zfs'}}{$in{'property'}}{value} =~ 'unavailable') {
+        print ui_hidden('cmd', 'load-key');
+        print "<a href='cmd.cgi?zfs=$in{'zfs'}&cmd=zfsact&action=load-key'>Load key</a>";
+        #print ui_submit('submit'), "<br />";
+} elsif ($in{'property'} =~ 'mountpoint') {
 	print ui_hidden('cmd', 'setzfs');
 	print ui_filebox('set', $get{$in{'zfs'}}{$in{'property'}}{value}, 0, undef, undef, 1);
 	print ui_submit('submit'), "<br />";

property.cgi

@@ -9,8 +9,8 @@ sub properties_list
 #return hash of properties that can be set manually and their data type
 {
 my %list = ('atime' => 'boolean', 'devices' => 'boolean', 'exec' => 'boolean', 'nbmand' => 'boolean', 'readonly' => 'boolean', 'setuid' => 'boolean', 'shareiscsi' => 'boolean', 'utf8only' => 'boolean', 'vscan' => 'boolean', 'zoned' => 'boolean', 'relatime' => 'boolean', 'overlay' => 'boolean',
-			'aclinherit' => 'discard, noallow, restricted, passthrough, passthrough-x', 'aclmode' => 'discard, groupmaks, passthrough', 'casesensitivity' => 'sensitive, insensitive, mixed', 'checksum' => 'on, off, fletcher2, fletcher4, sha256', 'compression' => 'on, off, lzjb, lz4, gzip, gzip-1, gzip-2, gzip-3, gzip-4, gzip-5, gzip-6, gzip-7, gzip-8, gzip-9, zle', 'copies' => '1, 2, 3', 'dedup' => 'on, off, verify, sha256', 'logbias' => 'latency, throughput', 'normalization' => 'none, formC, formD, formKC, formKD', 'primarycache' => 'all, none, metadata', 'secondarycache' => 'all, none, metadata', 'snapdir' => 'hidden, visible', 'snapdev' => 'hidden, visible', 'sync' => 'standard, always, disabled', 'xattr' => 'on, off, sa', 'com.sun:auto-snapshot' => 'true, false', 'acltype' => 'noacl, posixacl', 'redundant_metadata' => 'all, most', 'recordsize' => '512, 1K, 2K, 4K, 8K, 16K, 32K, 64K, 128K, 256K, 512K, 1M', 'canmount' => 'on, off, noauto',
-			'quota' => 'text', 'refquota' => 'text', 'reservation' => 'text', 'refreservation' => 'text', 'volsize' => 'text', 'filesystem_limit' => 'text', 'snapshot_limit' => 'text', 
+			'aclinherit' => 'discard, noallow, restricted, passthrough, passthrough-x', 'aclmode' => 'discard, groupmaks, passthrough', 'casesensitivity' => 'sensitive, insensitive, mixed', 'checksum' => 'on, off, fletcher2, fletcher4, sha256', 'compression' => 'on, off, lzjb, lz4, gzip, gzip-1, gzip-2, gzip-3, gzip-4, gzip-5, gzip-6, gzip-7, gzip-8, gzip-9, zle, zstd', 'copies' => '1, 2, 3', 'dedup' => 'on, off, verify, sha256', 'logbias' => 'latency, throughput', 'normalization' => 'none, formC, formD, formKC, formKD', 'primarycache' => 'all, none, metadata', 'secondarycache' => 'all, none, metadata', 'snapdir' => 'hidden, visible', 'snapdev' => 'hidden, visible', 'sync' => 'standard, always, disabled', 'xattr' => 'on, off, sa', 'com.sun:auto-snapshot' => 'true, false', 'acltype' => 'noacl, posixacl', 'redundant_metadata' => 'all, most', 'recordsize' => '512, 1K, 2K, 4K, 8K, 16K, 32K, 64K, 128K, 256K, 512K, 1M', 'canmount' => 'on, off, noauto',
+			'keylocation' => 'text', 'keystatus' => 'special','quota' => 'text', 'refquota' => 'text', 'reservation' => 'text', 'refreservation' => 'text', 'volsize' => 'text', 'filesystem_limit' => 'text', 'snapshot_limit' => 'text', 
 			'mountpoint' => 'special', 'sharesmb' => 'special', 'sharenfs' => 'special', 'mounted' => 'special', 'context' => 'special', 'defcontext' => 'special', 'fscontext' => 'special', 'rootcontext' => 'special');
 return %list;
 }