Linked by Thom Holwerda on Wed 18th Jan 2017 21:49 UTC
Oracle and SUN

Early December of last year, I posted the rumour that Oracle was going to end Solaris development. While the company denied these rumours at the time, there still seems to be something going on.

Rumors have been circulating since late last year that Oracle was planning to kill development of the Solaris operating system, with major layoffs coming to the operating system's development team. Others speculated that future versions of the Unix platform Oracle acquired with Sun Microsystems would be designed for the cloud and built for the Intel platform only and that the SPARC processor line would meet its demise. The good news, based on a recently released Oracle roadmap for the SPARC platform, is that both Solaris and SPARC appear to have a future.

The bad news is that the next major version of Solaris - Solaris 12 - has apparently been cancelled, as it has disappeared from the roadmap. Instead, it's been replaced with "Solaris 11.next" - and that version is apparently the only update planned for the operating system through 2021.

Read into that what you will. Sounds like maintenance mode to me.

Thread beginning with comment 639795
To read all comments associated with this story, please click here.
ZFS encryption
by evert on Thu 19th Jan 2017 17:46 UTC
evert
Member since:
2005-07-06

Solaris is still the only OS that has ZFS encryption (fs-level). Even automount using an external key (over https) is possible. I like it a lot.

Maybe HAMMER2 (DragonflyBSD) will be the future for my use-case.

Reply Score: 3

RE: ZFS encryption
by oiaohm on Thu 19th Jan 2017 20:05 in reply to "ZFS encryption"
oiaohm Member since:
2009-05-30

https://github.com/zfsonlinux/zfs/commit/0b04990a5de594659d2cf204589...

evert need to reword you statement its slightly out of date.

Solaris is the only OS that has stable ZFS encryption at this stage. Zfs on Linux has not fully audited prototype ZFS encryption. So maybe in 2017 ZFS encryption will be production ready on Linux.

Of course for ZFS encryption to be production ready on Linux the full partition keys of ZFS being storable in LUKS is kind of a requirement.

Automounting with a remote key file for encrypted drives that is something that can be done under Linux or Freebsd but is horible. If this is a feature you like it something to at least put in a feature bug requesting on be it either Linux or BSD. Do remember hadoop if someone says we are not doing key files remote due to some security reason. Yes hadoop supports http and https as well as being a fuse mountable file system that you can stuff a keyfile into. Both freebsd and linux has definable encryption keyfile path for auto-mounting drives so key file over http is doable just its super big hack.

https://gitlab.com/cryptsetup/cryptsetup/
https://github.com/shpedoikal/tpm-luks

Under Linux it would be a feature request for cryptsetup or independent project to make it neat and tidy. BSD I cannot remember that the particular parts are called.


There is always a mix up between what is a unique OS feature and what is something that has just been made simple. Linux and BSD both can be made do keyfiles for auto-mount drives over https neither make the process user-friendly. Solaris tools are more user-friendly to do the https keyfile. So if this is a critical feature to your operations placing some feature request to either the BSD tools or the Linux tools would be a good idea.

Remember when something can be done horible this does limit arguments against implementing the feature in a better way.

Reply Parent Score: 2

RE[2]: ZFS encryption
by rhavenn on Thu 19th Jan 2017 21:11 in reply to "RE: ZFS encryption"
rhavenn Member since:
2006-05-12

FreeBSD uses GELI for its disk block encryption.

There is also a OpenZFS 2016 Summit video talking about the ZFS encryption implementation. Video is here:

https://www.youtube.com/watch?v=frnLiXclAMo

I think some of the Illumos vendors Delphix / Datto are already rolling it in for future releases.

I haven't seen anything regarding FreeBSD picking it up, but I haven't been looking too hard either. However, I hope they do.

Reply Parent Score: 2

RE[2]: ZFS encryption
by evert on Thu 19th Jan 2017 21:44 in reply to "RE: ZFS encryption"
evert Member since:
2005-07-06

Thanks a lot for the info! :-)

Reply Parent Score: 2

RE: ZFS encryption
by FlyingJester on Sat 21st Jan 2017 08:25 in reply to "ZFS encryption"
FlyingJester Member since:
2016-05-11

Ignore how FreeBSD has ZFS and geli natively, and sure.

Edited 2017-01-21 08:25 UTC

Reply Parent Score: 2

RE[2]: ZFS encryption
by evert on Mon 23rd Jan 2017 13:12 in reply to "RE: ZFS encryption"
evert Member since:
2005-07-06

Ignore how FreeBSD has ZFS and geli natively, and sure.


Ignore how I talked about filesystem-level encryption. Geli is another layer.

Reply Parent Score: 2