Clone encrypted Volume won't mount

All your general support questions for OpenZFS on OS X.

Clone encrypted Volume won't mount

Postby Eladio » Wed Aug 04, 2021 12:13 pm

Hi all, thanks for this spectacular piece of software.
I've a problem with cloned volumes when they are encrypted. Full sequence to reproduce my problem is:

Create encrypted sparse volume on zpool 'card'
Code: Select all
sudo zfs create -V 16G -s -o encryption=aes-256-gcm -o keyformat=passphrase -o keylocation=prompt card/dsk1


diskutil list shows:

Code: Select all
/dev/disk3 (internal, virtual):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        +126.7 GB   disk3
   1:                ZFS Dataset card                    126.7 GB   disk3s1

/dev/disk4 (external, virtual):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:                                                   +17.2 GB    disk4


Erase and rename volume:
Code: Select all
diskutil eraseDisk JHFS+ card-dsk1 /dev/disk4
Started erase on disk4
Unmounting disk
Creating the partition map
Waiting for partitions to activate
Formatting disk4s2 as Mac OS Extended (Journaled) with name card-dsk1
Initialized /dev/rdisk4s2 as a 16 GB case-insensitive HFS Plus volume with a 8192k journal
Mounting disk
Finished erase on disk4


And unmount:
Code: Select all
diskutil umountdisk disk4

Create snapshot:
Code: Select all
sudo zfs snap card/dsk1@00

And clone:
Code: Select all
sudo zfs clone card/dsk1@00 card/dsk2

Now diskutil list shows:
Code: Select all
 /dev/disk3 (internal, virtual):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        +126.7 GB   disk3
   1:                ZFS Dataset card                    126.7 GB   disk3s1

/dev/disk4 (external, virtual):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        +17.2 GB    disk4
   1:                        EFI EFI                     209.7 MB   disk4s1
   2:                  Apple_HFS card-dsk1               16.8 GB    disk4s2

/dev/disk5 (external, virtual):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        +17.2 GB    disk5
   1:                        EFI EFI                     209.7 MB   disk5s1
   2:                  Apple_HFS card-dsk1               16.8 GB    disk5s2


Rename second diske (cloned)
Code: Select all
diskutil rename /Volumes/card-dsk1 card-dsk2


Mount the base disk (card-disk1)
Code: Select all
diskutil mount disk4s2


Well, al working, no problem. I've created FolderDSK1 before cloning, and FolderDSK2 on dsk2.
Code: Select all
ls /Volumes/card-*
/Volumes/card-dsk1:
FolderDSK1

/Volumes/card-dsk2:
FolderDSK1   FolderDSK2


Now my problem:
Code: Select all
sudo zpool export card
Password:
Volume card on disk3s1 unmounted
... asking apfs to eject 'disk5s1'
Unmount of all volumes on disk5 was successful
... asking apfs to eject 'disk5s2'
Unmount of all volumes on disk5 was successful
... asking ZVOL to export 'disk5'
Unmount of all volumes on disk5 was successful
... asking apfs to eject 'disk4s1'
Unmount of all volumes on disk4 was successful
... asking apfs to eject 'disk4s2'
Unmount of all volumes on disk4 was successful
... asking ZVOL to export 'disk4'
Unmount of all volumes on disk4 was successful


When i import again card, only dsk1 get listed on diskutil list:
Code: Select all
sudo zpool import card
sudo zfs load-key card/dsk1
Enter passphrase for 'card/dsk1':
diskutil list
/dev/disk3 (internal, virtual):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        +126.7 GB   disk3
   1:                ZFS Dataset card                    126.7 GB   disk3s1

/dev/disk4 (external, virtual):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        +17.2 GB    disk4
   1:                        EFI EFI                     209.7 MB   disk4s1
   2:                  Apple_HFS card-dsk1               16.8 GB    disk4s2


I don't know how get cloned disk card/dsk2 mounted... please help
Eladio
 
Posts: 17
Joined: Fri Feb 05, 2021 11:52 pm

Re: Clone encrypted Volume won't mount

Postby lundman » Sat Aug 07, 2021 11:51 pm

Can we confirm you loaded all the keys, either from "zpool import -l" or "zfs load-key" of both clones?
User avatar
lundman
 
Posts: 1335
Joined: Thu Mar 06, 2014 2:05 pm
Location: Tokyo, Japan

Re: Clone encrypted Volume won't mount

Postby Eladio » Sun Aug 08, 2021 10:42 am

Yes, zpool import don't ask for the second clone, zfs load-key complains

Code: Select all
 ~ sudo zpool import -l card
Enter passphrase for 'card/dsk1':
1 / 1 keys successfully loaded


Code: Select all
 ~ % sudo zfs load-key card/dsk1
Enter passphrase for 'card/dsk1':
~ % sudo zfs load-key card/dsk2
Key load error: Keys must be loaded for encryption root of 'card/dsk2' (card/dsk1).
Eladio
 
Posts: 17
Joined: Fri Feb 05, 2021 11:52 pm

Re: Clone encrypted Volume won't mount

Postby lundman » Tue Aug 10, 2021 1:44 pm

Congratulations, you found an issue affecting all platforms, tracking progress here;

https://github.com/openzfsonosx/openzfs/issues/99

I can make you a pkg if you are willing to try it, what is your preferred OS version?
User avatar
lundman
 
Posts: 1335
Joined: Thu Mar 06, 2014 2:05 pm
Location: Tokyo, Japan

Re: Clone encrypted Volume won't mount

Postby Eladio » Tue Aug 10, 2021 10:18 pm

Thanks!
Mac OS, Intel Big Sur; but do not waste time for me, i can wait!!
Eladio
 
Posts: 17
Joined: Fri Feb 05, 2021 11:52 pm


Return to General Help

Who is online

Users browsing this forum: Google [Bot] and 17 guests