George Wilson wrote: > Darren J Moffat wrote: >> Is it possible to have dataset properties that are managed using the >> dsl_prop_set() / dsl_prop_get() interfaces that aren't made available >> via zfs(1), in fact I probably don't want them in userland at all. >> > You can set the pd_visible field in the zfs_prop_table[] to indicate > that the property should be not be visible.
Cool! >> Specifically I'm wondering if I can use dsl_prop_set() to store the >> wrapped encryption key for a dataset. I don't want that wrapped key >> being available via zfs(1) as a property, or available to any >> unprivileged userland application via libzfs. >> >> >> > You can set the property attribute to be readonly and invisible which > would keep anybody from touching via the zfs(1) command. Fantastic. If I do that can I inside the zfs kernel module make it readwrite and change its value later ? -- Darren J Moffat
