4000-zsys-support.patch enhances `contrib/initramfs/scripts/zfs` to open
and mount luks keystore for any pools using one. This Ubuntu keystore
convention needs to be ported to Dracut.
Example for this convention:
1. `zfs get keylocation rpool` has file:///run/keystore/rpool/system.key
2. Search for devices in /dev/zvol named keystore
3. Open them with cryptsetup and name them keystore-${pool}
4. Mount keystore-${pool} in /run/keystore/${pool}
Could we get something like that upstream where keylocation would learn
a new URI schema? Idea:
keylocation=crypt+file://rpool/keystore+/run/keystore/rpool/system.key
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2070066
Title:
dracut does not support booting from an encrypted ZFS volume
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dracut/+bug/2070066/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
