boot failure after creating encrypted dataset

luphi

Renowned Member
Nov 9, 2015
82
5
73
Hello all,

fresh PVE6 installation on ZFS. Everything is fine until I created:
Code:
zfs create -o encryption=aes-256-gcm -o keyformat=passphrase rpool/encrypted
After the next reboot , the system hangs at:
Code:
error: unknown filesystem.
Entering rescue mode...
grub rescue>
After removing the encrypted dataset, everything was fine again.

Any thoughts?

Cheers,
luphi
 
This is to be expected.
The ZFS implementation in Grub only supports a subset of the features of ZFS (actually only those that are read-only compatible - see `man zpool-features`)

further explanations can be found in the grub source-code:
http://git.savannah.gnu.org/cgit/grub.git/tree/grub-core/fs/zfs/zfs.c#n276
and the zfs-on-root howtos from ZOL https://github.com/zfsonlinux/zfs/wiki/Debian-Buster-Root-on-ZFS

encryption is not read-only compatible.

PVE has support for booting the kernel directly from an ESP when booting with UEFI (and only in versions of PVE > 6.0) with systemd-boot

see the reference documentation: https://pve.proxmox.com/pve-docs/chapter-sysadmin.html#sysboot


If your system supports booting from UEFI, and you have your disks partitioned with an ESP of appropriate size (>=512M, which the PVE-installer does since 5.3), then switching over to `pve-efiboot-tool` and systemd-boot is probably the most comfortable solution

I hope this helps!
 
Hello all,

fresh PVE6 installation on ZFS. Everything is fine until I created:
Code:
zfs create -o encryption=aes-256-gcm -o keyformat=passphrase rpool/encrypted
After the next reboot , the system hangs at:
Code:
error: unknown filesystem.
Entering rescue mode...
grub rescue>
After removing the encrypted dataset, everything was fine again.

Any thoughts?

Cheers,
luphi

How did you remove that dataset from grub ? or did you use usb drive with the iso to mount it ?
 
To everyone thinking they can do this and ends up in grub like me.
i recovered with a live ubuntu 20.04 imported the dataset with

Code:
zpool import rpool -f
zfs destroy rpool/dataset
zpool export rpool

and then restarted, that worked.
 
Last edited:
To everyone thinking they can do this and ends up in grub like me.
i recovered with a live ubuntu 20.04 imported the dataset with

Code:
zpool import rpool -f
zfs destroy rpool/dataset
zpool export rpool

and then restarted, that worked.
Hi

I ran into the same issue today. Grub tells me directory is encrypted. How exactly did you manage to mount and import it with the live disc? Those commands did not work for me.

Thx a lot

regards,

Dom
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!