mirror of
https://github.com/libguestfs/libguestfs.git
synced 2026-03-21 22:53:37 +00:00
9a3e9a6c03
Introduce a new guestfs API called "clevis_luks_unlock". At the libguestfs level, it is quite simple; it wraps the "clevis luks unlock" guest command (implemented by the "clevis-luks-unlock" executable, which is in fact a shell script). The complexity is instead in the network-based disk encryption (Clevis/Tang) scheme. Useful documentation: - https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/security_hardening/index#configuring-automated-unlocking-of-encrypted-volumes-using-policy-based-decryption_security-hardening - https://github.com/latchset/clevis#clevis - https://github.com/latchset/tang#tang The package providing "clevis-luks-unlock" is usually called "clevis-luks", occasionally "clevis". Some distros don't package clevis at all. Add the new API under a new option group (which may not be available) called "clevisluks". Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Message-Id: <20220630122048.19335-3-lersek@redhat.com> Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
Libguestfs is tools and a library for accessing and modifying guest disk images. For more information see the home page: http://libguestfs.org/ For discussion, development, patches, etc. please use the mailing list: http://www.redhat.com/mailman/listinfo/libguestfs To find out how to build libguestfs from source, read: docs/guestfs-building.pod http://libguestfs.org/guestfs-building.1.html man docs/guestfs-building.1 Copyright (C) 2009-2020 Red Hat Inc. The library is distributed under the LGPLv2+. The programs are distributed under the GPLv2+. Please see the files COPYING and COPYING.LIB for full license information. The examples are under a very liberal license.