Public bug reported:
I wanted to combine zfs encryption with dropbear and remote unlock.
1. I installed dropbear-initramfs and set that up. That works no problem.
2. I boot up the machine, connect via ssh no problem.
3. I am able to do zfs load-key rpool no problem.
4. Then... I need to kill the plymouth ask-for-password 3 times in a row so it
runs out of retries - and then it boots just fine.
I'm a little bit worried about the reliability of that last step. It
works, but I'm, abusing retries in a way I'm fairly sure they weren't
intended to be used..
I'd love a zfs-unlock script or something like that that combines the
zfs load-key with a signal to the decrypt_fs function that it can
unblock and keep going. But maybe at least in that function stick in
some logic for "if the pool has been decrypted in the background, stop
retrying"?
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: zfs-initramfs 0.8.3-1ubuntu12.12
ProcVersionSignature: Ubuntu 5.11.0-27.29~20.04.1-generic 5.11.22
Uname: Linux 5.11.0-27-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia zfs zunicode zavl icp zcommon
znvpair
ApportVersion: 2.20.11-0ubuntu27.18
Architecture: amd64
CasperMD5CheckResult: skip
CurrentDesktop: KDE
Date: Sun Aug 22 13:50:39 2021
InstallationDate: Installed on 2019-08-15 (738 days ago)
InstallationMedia: Ubuntu 18.04.3 LTS "Bionic Beaver" - Release amd64 (20190805)
SourcePackage: zfs-linux
UpgradeStatus: Upgraded to focal on 2020-04-22 (486 days ago)
modified.conffile..etc.default.apport:
# set this to 0 to disable apport, or to 1 to enable it
# you can temporarily override this with
# sudo service apport start force_start=1
enabled=0
mtime.conffile..etc.default.apport: 2020-03-23T10:46:45.197962
** Affects: zfs-linux (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug focal third-party-packages
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to zfs-linux in Ubuntu.
https://bugs.launchpad.net/bugs/1940769
Title:
zfs initramfs and encrypted volume compatibility
Status in zfs-linux package in Ubuntu:
New
Bug description:
I wanted to combine zfs encryption with dropbear and remote unlock.
1. I installed dropbear-initramfs and set that up. That works no problem.
2. I boot up the machine, connect via ssh no problem.
3. I am able to do zfs load-key rpool no problem.
4. Then... I need to kill the plymouth ask-for-password 3 times in a row so
it runs out of retries - and then it boots just fine.
I'm a little bit worried about the reliability of that last step. It
works, but I'm, abusing retries in a way I'm fairly sure they weren't
intended to be used..
I'd love a zfs-unlock script or something like that that combines the
zfs load-key with a signal to the decrypt_fs function that it can
unblock and keep going. But maybe at least in that function stick in
some logic for "if the pool has been decrypted in the background, stop
retrying"?
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: zfs-initramfs 0.8.3-1ubuntu12.12
ProcVersionSignature: Ubuntu 5.11.0-27.29~20.04.1-generic 5.11.22
Uname: Linux 5.11.0-27-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia zfs zunicode zavl icp zcommon
znvpair
ApportVersion: 2.20.11-0ubuntu27.18
Architecture: amd64
CasperMD5CheckResult: skip
CurrentDesktop: KDE
Date: Sun Aug 22 13:50:39 2021
InstallationDate: Installed on 2019-08-15 (738 days ago)
InstallationMedia: Ubuntu 18.04.3 LTS "Bionic Beaver" - Release amd64
(20190805)
SourcePackage: zfs-linux
UpgradeStatus: Upgraded to focal on 2020-04-22 (486 days ago)
modified.conffile..etc.default.apport:
# set this to 0 to disable apport, or to 1 to enable it
# you can temporarily override this with
# sudo service apport start force_start=1
enabled=0
mtime.conffile..etc.default.apport: 2020-03-23T10:46:45.197962
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/zfs-linux/+bug/1940769/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
