debcrafters-packages team mailing list archive

Thread
Date

[Bug 2070066] Re: dracut does not support booting from an encrypted ZFS volume

To: debcrafters-packages@xxxxxxxxxxxxxxxxxxx
From: Benjamin Drung <2070066@xxxxxxxxxxxxxxxxxx>
Date: Thu, 04 Sep 2025 19:27:11 -0000
Reply-to: Bug 2070066 <2070066@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

4000-zsys-support.patch enhances `contrib/initramfs/scripts/zfs` to open
and mount luks keystore for any pools using one. This Ubuntu keystore
convention needs to be ported to Dracut.

Example for this convention:

1. `zfs get keylocation rpool` has file:///run/keystore/rpool/system.key
2. Search for devices in /dev/zvol named keystore
3. Open them with cryptsetup and name them keystore-${pool}
4. Mount keystore-${pool} in /run/keystore/${pool}

Could we get something like that upstream where keylocation would learn
a new URI schema? Idea:

keylocation=crypt+file://rpool/keystore+/run/keystore/rpool/system.key

--
You received this bug notification because you are a member of
Debcrafters packages, which is subscribed to dracut in Ubuntu.
https://bugs.launchpad.net/bugs/2070066

Title:
dracut does not support booting from an encrypted ZFS volume

Status in dracut package in Ubuntu:
Invalid
Status in zfs-linux package in Ubuntu:
Confirmed

Bug description:
Dracut does not support booting from an encrypted ZFS volume. Steps to
reproduce:

1. In a VM install Ubuntu 24.10 with an encrypted ZFS volume
2. Install dracut afterwards: sudo apt install dracut zfs-dracut
3. Add rd.shell to the boot arguments
4. Reboot

The boot will fail:

```
dracut-pre-mount[817]: Warning: ZFS: Key /run/keystore/rpool/system.key for rpool hasn't appeared. Trying anyway.
dracut-pre-mount[863]: Key load error: Failed to open key material file: No such file or directory
[FAILED] Failed to mount sysroot.mount - /sysroot.
```

The initrd should have asked for the password, but it did not.

ProblemType: Bug
DistroRelease: Ubuntu 24.10
Package: dracut-core 102-3ubuntu2
ProcVersionSignature: Ubuntu 6.8.0-31.31-generic 6.8.1
Uname: Linux 6.8.0-31-generic x86_64
NonfreeKernelModules: zfs
ApportVersion: 2.28.1-0ubuntu4
Architecture: amd64
CasperMD5CheckResult: pass
CurrentDesktop: ubuntu:GNOME
Date: Fri Jun 21 09:35:42 2024
InstallationDate: Installed on 2024-06-20 (1 days ago)
InstallationMedia: Ubuntu 24.10 "Oracular Oriole" - Daily amd64 (20240617)
ProcEnviron:
LANG=de_DE.UTF-8
PATH=(custom, no user)
SHELL=/bin/bash
TERM=xterm-256color
XDG_RUNTIME_DIR=<set>
SourcePackage: dracut
UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dracut/+bug/2070066/+subscriptions