As a newbie to zfs, I am having trouble getting an encrypted dataset mounted during boot.
The dataset is protected with a raw key and not a passphrase.
This is how I created the zpool and the dataset:
# zpool list
no pools available
# zpool create ZPOOL -m /media/ZPOOL -o autotrim=on -o failmode=continue /dev/sdb
# zpool list
NAME SIZE ALLOC FREE CKPOINT EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT
ZPOOL 238G 126K 238G - - 0% 0% 1.00x ONLINE -
# dd if=/dev/random of=/key bs=32 count=1
# zfs create -v -o encryption=on -o keyformat=raw -o keylocation=file:///key -o canmount=on -o dedup=on ZPOOL/ZFS
create ZPOOL/ZFS
encryption=on
keyformat=raw
keylocation=file:///key
canmount=on
dedup=on
# df
[...]
ZPOOL 241762176 128 241762048 1% /media/ZPOOL
ZPOOL/ZFS 241762176 128 241762048 1% /media/ZPOOL/ZFS
After a reboot only the pool is present. The dataset is gone:
# reboot
# df
[...]
ZPOOL 241762176 128 241762048 1% /media/ZPOOL
It can be retrieved by hand:
# zfs mount -l ZPOOL/ZFS
# df
[...]
ZPOOL 241762176 128 241762048 1% /media/ZPOOL
ZPOOL/ZFS 241762176 128 241762048 1% /media/ZPOOL/ZFS
So it looks like the key is not passed to zfs mount during boot.
As a workaround I found in the net the hint to include the parameter -l in the boot scripts during the boot process. I hoped that this is possible under Debian in /etc/default/zfs:
# Any additional option to the 'zfs mount' command line?
# Include '-o' for each option wanted.
MOUNT_EXTRA_OPTIONS="-l"
But this did not help at all.
Do any of you have a solution? Thanks a lot for your support!
