Proposal: zfs mount -a behavior for pam_zfs_key

[verschmelzen]

Should pam_zfs_key attempt to mount all the children? I would be willing to complete a patch according to the contribution guidelines in case this change is desired here. Let me know.

Motivation and Context

If dataset structure doesn't mirror file system structure (e.g. based on backup policy) it is possible that nothing is mounted in current implementation of mount_dataset.

For example, here ssh and gnupg directories would not be mounted in current implementation:

tank/home/myuser                       mountpoint=/home/myuser
tank/home/myuser/secrets          mountpoint=none
tank/home/myuser/secrets/ssh    mountpoint=/home/myuser/.ssh
tank/home/myuser/secrets/gpg    mountpoint=/home/myuser/.gnupg

Description

Small patch with proposed changes is provided.

How Has This Been Tested?

Will add tests if this is a desired change here.

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Performance enhancement (non-breaking change which improves efficiency)
• Code cleanup (non-breaking change which makes code smaller or more readable)
• Quality assurance (non-breaking change which makes the code more robust against bugs)
• Breaking change (fix or feature that would cause existing functionality to change)
• Library ABI change (libzfs, libzfs_core, libnvpair, libuutil and libzfsbootenv)
• Documentation (a change to man pages or other documentation)

Checklist:

• My code follows the OpenZFS code style requirements.
• I have updated the documentation accordingly.
• I have read the contributing document.
• I have added tests to cover my changes.
• I have run the ZFS Test Suite with this change applied.
• All commit messages are properly formatted and contain Signed-off-by.

[verschmelzen]

I also noticed that libzfs already has internal procedures to collect and sort mountable filesystems in appropriate order. I believe the same behavior should be implemented in pam_zfs_key for the sake of consistency.

It can be done by copying the code, but I also wonder if there is a proper way to expose required procedures as part of libzfs'es interface.

[verschmelzen]

Pushed another proposal in separate commit. Idea is to keep as close to the behavior of zfs mount -a as possible.

In my case it is needed because I the encryption root is at tank/myuser, and actual mountpoint=/home/myuser is at tank/myuser/state. This allows me to configure backup policy where i don't backup unnecessary state, but backup the encryption root.

In the current state the patches are just for my personal use. But if the upstream wants it i would be happy to make a single patch for submission with tests.

[verschmelzen]

Also sorry for the CI. I haven't figured out how to stop it :(

[verschmelzen]

I copied this comment from the reference code as is, but i would like to update it based on how this check would be useful in the context of pam