挂载加密的 zfs 分区

挂载加密的 zfs 分区

因此,我必须安装加密的 zfs 分区来修复我的计算机。我到处都找过了,但无法使用找到的信息安装它。每次我sudo zfs set mountpoint=/mnt/k/ rpool这样做都不会失败,但我无法获取文件。如果我将它安装在磁盘中,我会得到error mounting /dev/sda4 to /media/ubuntu/rpool2: unknown filesystem type zfs_member (udisk-error-quark, 0)。很可能分区未安装,因为它已加密。我该如何安装它?

答案1

您可以使用以下示例工作流程执行以下操作:

  1. 安装 ZFS 并验证安装
  2. 从磁盘分区找到并导入 ZFS 池
  3. 设置所需 ZFS 池和/或数据集的挂载点
  4. 解密 ZFS 池密钥库
  5. 挂载密钥并加载到ZFS中
  6. 将 ZFS 池和/或数据集挂载到所需点
ZFS_DISK='/dev/sdX'
ZFS_POOL_PARTITION='/dev/sdXn'
ZFS_POOL='rpool'
ZFS_POOL_DATASET='DATA'  # 'ROOT' or 'USERDATA' for Ubuntu
MOUNTPOINT='/mnt'

# install zfs (using apt-get, yum, dnf, pacman, etc)
sudo apt-get install zfsutils-linux
sudo zfs --version

# locate zfs disk and pool
sudo lsblk -af "$ZFS_DISK"
sudo fdisk -l "$ZFS_DISK"
 
# create mountpoint directories for zfs pool and cipher key
sudo mkdir -p "$MOUNTPOINT"
sudo mkdir -p /zfskey
 
# import pool from partition
sudo zpool import -d "$ZFS_POOL_PARTITION" "$ZFS_POOL"
sudo zpool list
sudo zpool status -P "$ZFS_POOL"

# get and set the mountpoint for our zfs pool/dataset
# NOTE: mountpoints may collide with current filesystem,
# as mountpoints inherit from higher-level mountpoints
sudo zfs get mounted "$ZFS_POOL" -t filesystem -r
sudo zfs get mountpoint "$ZFS_POOL" -t filesystem -r
sudo zfs get mountpoint "$ZFS_POOL/$ZFS_POOL_DATASET"  # BACKUP THIS VALUE
sudo zfs set mountpoint="$MOUNTPOINT" "$ZFS_POOL/$ZFS_POOL_DATASET"
 
# decrypt zfs keystore and load cipher key
sudo cryptsetup open "/dev/zvol/$ZFS_POOL/keystore" zfskey  # creates /dev/dm-0 dm-1 dm-2
ls -l /dev/mapper/zfskey  # /dev/mapper/zfskey -> /dev/dm-n
sudo cryptsetup -v status zfskey
sudo mount /dev/mapper/zfskey /zfskey
df -H
ls -l /zfskey
sudo cat /zfskey/system.key | sudo zfs load-key -L prompt "$ZFS_POOL"

# mount the decrypted pool and/or dataset
sudo zfs mount "$ZFS_POOL/$ZFS_POOL_DATASET"
sudo zfs list
ls -la "$MOUNTPOINT"

您的目录现在应该已被挂载并且可见。

相关内容