Closed zdykstra closed 3 years ago
See https://github.com/oetiker/znapzend/blob/master/lib/ZnapZend/ZFS.pm#L355
-F Force a rollback of the file system to the most recent snap-
shot before performing the receive operation. If receiving an
incremental replication stream (for example, one generated by
"zfs send -R -Fi -iI"), destroy snapshots and file systems
that do not exist on the sending side.
The -F
argument to zfs recv
is always used by znapzend, so it is not possible to back up encrypted datasets into non-encrypted destination, as can be seen from your log:
cannot receive new filesystem stream: zfs receive -F cannot be used to destroy an encrypted filesystem or overwrite an unencrypted one with an encrypted one
See https://github.com/oetiker/znapzend/blob/master/lib/ZnapZend/ZFS.pm#L355
-F Force a rollback of the file system to the most recent snap- shot before performing the receive operation. If receiving an incremental replication stream (for example, one generated by "zfs send -R -Fi -iI"), destroy snapshots and file systems that do not exist on the sending side.
The
-F
argument tozfs recv
is always used by znapzend, so it is not possible to back up encrypted datasets into non-encrypted destination, as can be seen from your log:cannot receive new filesystem stream: zfs receive -F cannot be used to destroy an encrypted filesystem or overwrite an unencrypted one with an encrypted one
Yes, that's the crux of this problem - which is why opened the issue. If I manually create an encrypted filesystem on the remote side zfs create -o encryption=aes-256-gcm -o keylocation=prompt -o keyformat=passphrase zroot/backups/auri
I still get the same error, even though I'm sending an encrypted snapshot to an encrypted filesystem.
Is there any way around this? If not, I don't see how I can use znapzend
to send snapshots of my laptop to a remote host and still have them be encrypted at rest.
I think this is related to the issue I just submitted: #495 . When the destination dataset doesn't exist and you use autoCreation, ZnapZend will create a non encrypted destination dataset. But you can't send encrypted snapshots to a non encrypted dataset. The way around this, is to send the first encrypted snapshot yourself without the -F flag to a destination dataset that doesn't exist yet. After this, ZendZnap can send following snapshots without problems.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
When attempting to use
znapzend
to send a snapshot on a pool that's fully encrypted to a remote pool that is unencrypted, I'm receiving an error, even though the snapshot(s) do arrive on the destination without issue.Sender details: Void Linux, ZFS 0.8.4
Receiver details: Void Linux, ZFS 0.8.4. For the purposes of this test,
zroot/backups
has been destroyed, so we're starting from scratch.Full log of a run
Filesystems on remote host
Is there a step I'm missing or a configuration option I'm otherwise not enabling? Any insight into this would be greatly appreciated.
Edit: As an aside, it's great to see Perl and Mojolicious in use in the wild!