Skip to content

Unmount script on zfs-encrypted example fails at unload-key #1139

New issue
New issue
Open
#1140
Open
Unmount script on zfs-encrypted example fails at unload-key#1139
#1140
@Bert-Proesmans

Description

@Bert-Proesmans
Bert-Proesmans
opened on Sep 28, 2025

Error cannot open 'root': dataset does not exist when executing the disko unmount script on the example configuration zfs-encrypted-root.nix.

Image

Reproduction

  1. Deploy the zfs-encrypted-root.nix configuration on top of a (virtual) disk
    • Use the diskoScript attribute script to format+mount
  2. Cleanup the disko managed mounts
    • Use the unmount attribute script to unmount
  3. Observe error message after the zfs unload-key command

Expected to happen

Key for dataset zroot/root is sucessfully unloaded IF it was previously loaded.

What happens

Command zfs unload-key root fails because the filesystem argument is not zroot/root (poolname + dataset path).

Possible fix

I think the filesystem name argument for zfs unload-key has to be changed to become the poolname + dataset path. AKA "${config._parent.name}/${config.name}" ?
RELATED; The zfs load-key in the mount script is also broken probably? This flies under the radar (I guess) due to testing sequence "create" + "mount"; where "create" already does correct encryption setup.

disko/lib/types/zfs_volume.nix

Lines 91 to 100 in 67ff980

_unmount = diskoLib.mkUnmountOption {
inherit config options;
default = {
dev = ''
${lib.optionalString (
config.options.keylocation or "none" != "none"
) "zfs unload-key ${config.name}"}
${config.content._unmount.dev or ""}
'';

Image

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions