Condensed from <https://github.com/openzfs/zfs/issues/13038> <https://github.com/openzfs/zfs/issues/13038#issuecomment-1063098270> in particular: > Mar 9 15:36:17 mowa219-gjp4-8570p-freebsd kernel: > Key file /usr/home/grahamperrin/Documents/personal/VirtualBox.key > not found, empty or unreadable. Skipping Transcend/VirtualBox.. Workaround: 1. shutdown now 2. enter a shell e.g. the default /bin/sh 3. exit to multi-user mode In other words: the key file _is_ found, but not initially; not when required.
Cross-reference <https://github.com/freebsd/freebsd-doc/commit/24f305c3c644baec1fe12c0ad34c4726ca68aacb#commitcomment-68634628> for release notes for 13.1. Is kern the proper component for this bug? freqlabs@ wrote (in the OpenZFS repo): > The zfskeys script and other zfs rc sripts are part of FreeBSD. … > You'll want to get in touch with whoever wrote that …
I'll take a look at it.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=97aeda2243568b386d792514996a06daec55eece commit 97aeda2243568b386d792514996a06daec55eece Author: Mateusz Piotrowski <0mp@FreeBSD.org> AuthorDate: 2022-03-18 12:35:16 +0000 Commit: Mateusz Piotrowski <0mp@FreeBSD.org> CommitDate: 2022-03-18 13:53:52 +0000 zfskeys: Support autoloading of keys stored on ZFS The zfskeys service script starts before the zfs service script, so that dataset decryption keys are available when `zfs mount -a` is run. One of the potential edge cases of this design is that if a key is stored on ZFS it won't be loaded until `zfs mount -a` is issued. In order to address that let's try to load the additional keys and mount related ZFS datasets after the zfs script finishes its standard mounting procedure. PR: 262468 Reported by: Graham Perrin <grahamperrin@gmail.com> Reviewed by: allanjude Approved by: allanjude (src) Fixes: 33ff39796ffe Add zfskeys rc.d script for auto-loading encryption keys MFC after: 3 days Sponsored by: Modirum Sponsored by: Klara Inc. Differential Revision: https://reviews.freebsd.org/D34601 libexec/rc/rc.d/zfs | 12 ++++++++++++ 1 file changed, 12 insertions(+)
(In reply to commit-hook from comment #3) Thank you! Essentially: fixed. There remains a (debatably) spurious line reporting that the file is not found, before the file is found. From /var/log/console.log – the first of the lines at 08:14:59: ---- … Mar 19 08:08:07 mowa219-gjp4-8570p-freebsd kernel: Stopping devd. Mar 19 08:08:07 mowa219-gjp4-8570p-freebsd kernel: Waiting for PIDS: 81691. Mar 19 08:08:07 mowa219-gjp4-8570p-freebsd kernel: Writing entropy file: . Mar 19 08:08:07 mowa219-gjp4-8570p-freebsd kernel: Writing early boot entropy file: . Mar 19 08:14:59 mowa219-gjp4-8570p-freebsd kernel: Key file /usr/home/grahamperrin/Documents/personal/VirtualBox.key not found, empty or unreadable. Skipping Transcend/VirtualBox.. Mar 19 08:14:59 mowa219-gjp4-8570p-freebsd kernel: Loading key for Transcend/VirtualBox from file:///usr/home/grahamperrin/Documents/personal/VirtualBox.key.. Mar 19 08:14:59 mowa219-gjp4-8570p-freebsd kernel: Loading kernel modules: … ----
A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=2411090f69401998569f24144b08ffc050e3cebc commit 2411090f69401998569f24144b08ffc050e3cebc Author: Mateusz Piotrowski <0mp@FreeBSD.org> AuthorDate: 2022-03-18 12:35:16 +0000 Commit: Mateusz Piotrowski <0mp@FreeBSD.org> CommitDate: 2022-03-21 14:47:20 +0000 zfskeys: Support autoloading of keys stored on ZFS The zfskeys service script starts before the zfs service script, so that dataset decryption keys are available when `zfs mount -a` is run. One of the potential edge cases of this design is that if a key is stored on ZFS it won't be loaded until `zfs mount -a` is issued. In order to address that let's try to load the additional keys and mount related ZFS datasets after the zfs script finishes its standard mounting procedure. PR: 262468 Reported by: Graham Perrin <grahamperrin@gmail.com> Reviewed by: allanjude Approved by: allanjude (src) Fixes: 33ff39796ffe Add zfskeys rc.d script for auto-loading encryption keys MFC after: 3 days Sponsored by: Modirum Sponsored by: Klara Inc. Differential Revision: https://reviews.freebsd.org/D34601 (cherry picked from commit 97aeda2243568b386d792514996a06daec55eece) libexec/rc/rc.d/zfs | 12 ++++++++++++ 1 file changed, 12 insertions(+)
A commit in branch releng/13.1 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=f23b24655f7cb3626d69f64f60b215a4870c3722 commit f23b24655f7cb3626d69f64f60b215a4870c3722 Author: Mateusz Piotrowski <0mp@FreeBSD.org> AuthorDate: 2022-03-18 12:35:16 +0000 Commit: Glen Barber <gjb@FreeBSD.org> CommitDate: 2022-03-23 20:27:44 +0000 zfskeys: Support autoloading of keys stored on ZFS The zfskeys service script starts before the zfs service script, so that dataset decryption keys are available when `zfs mount -a` is run. One of the potential edge cases of this design is that if a key is stored on ZFS it won't be loaded until `zfs mount -a` is issued. In order to address that let's try to load the additional keys and mount related ZFS datasets after the zfs script finishes its standard mounting procedure. PR: 262468 Reported by: Graham Perrin <grahamperrin@gmail.com> Reviewed by: allanjude Approved by: re (delphij) Approved by: allanjude (src) Fixes: 33ff39796ffe Add zfskeys rc.d script for auto-loading encryption keys Sponsored by: Modirum Sponsored by: Klara Inc. Differential Revision: https://reviews.freebsd.org/D34601 (cherry picked from commit 97aeda2243568b386d792514996a06daec55eece) (cherry picked from commit 2411090f69401998569f24144b08ffc050e3cebc) libexec/rc/rc.d/zfs | 12 ++++++++++++ 1 file changed, 12 insertions(+)