azazar
commented
3 years ago Not sure if it needed, but let it be here: zsys.conf.gz
Open azazar opened 3 years ago
azazar
commented
3 years ago Not sure if it needed, but let it be here: zsys.conf.gz
azazar
commented
3 years ago zsys shouldn't manage filesystems and snapshots that it didn't create, implicitly.
jvcdk
commented
3 years ago I agree with @azazar and would go further and say it shouldn't destroy filesystems at all (only auto-created snapshots).
lathiat
commented
3 years ago I think I hit this today too, all 3 homedirs including all snapshots are gone on my system (Ubuntu Hirsute). Similar looking logs to the reporter. I will try to gather more evidence. Happened on Friday for me.
didrocks
commented
3 years ago First, sorry for your destroyed datasets. We handled at first that USERDATA (which was never used in any ZFS systems we monitor) as a reserved ZSYS datasets and own them. Note that any dataset that you create here without the appropriate zsys metadata won’t be handled and you loose the benefits of being able to revert with user datasets automatically and such. I think in general USERDATA shouldn’t be used manually.
We need to delete datasets there, as after a revert, a dataset without any zsys tag (because of unsucessful revert or a dataset that expired due to garbage collection) would remain forever, filesystem datasets are some kind of a snapshots for it and we need to delete them to not clutter the system.
However, we tried to create some mitigation as you noted on bug #103 and there has been no change since, this is why I am a little bit puzzled (could this be related to your particular encryption setup?) on why it only triggers now. Thanks for the reproducer, I’ll start my investigation from there and keep you posted.
didrocks
commented
3 years ago We unfortunately couldn’t reproduce it with the steps described. I’m really wonder what differed in your case. (Note: I saw you mentioned that it will only GC once the disk is full at 80%, this is not the case but rather this is time-based)
For your information, here are the datasets that are up for deletion in
@autozsys_xxxx) -> manual snapshots are keptcom.ubuntu.zsys:bootfs-datasets). Untagged means that no system dataset is associated with this user filesystem datasets and we limit on clones to ensure that was related to a user dataset managed by zsys (only way to know this was a failed revert OR a user dataset tagged for deletion). Any other filesystem datasets are untouched.In addition to the reproducer, we tried the following (everytime, we advance the date and forced GC to keep 0 datasets) in the USERDATA namespace:
zfs create) with <user>_ or <foo> prefix -> kept@autozsys_ on filesystem dataset tagged via zsys -> deleted@manual (manual user command zfs snapshot) on filesystem dataset tagged via zsys -> keptAll those cases pass on encrypted or unencrypted datasets as we expect (we have found an issue on hirsute due to ZFS packaging, not related to ZSys itself, which makes some datasets not mounted at boot, we are fixing it). Any idea what’s different on your configuration (if you can come with a full reproducer, that would be awesome)? The only reason I can see is that rpool/USERDATA/m_enc was a clone of the unencrypted dataset, never tagged with ZSys, which isn’t what the how-to is doing (it’s creating its own dataset and tag it with ZSys).
azazar
commented
3 years ago If by tagging, do you mean setting com.ubuntu.zsys:bootfs-datasets fs option, then maybe it was the cause problem? When I followed the guide on home fs encryption, I've set it to -.
didrocks
commented
3 years ago Yeah, tagging is about adding that tag, but the manual doesn’t tell to set it to - but to the system dataset it’s associated with:
VAL=$(zfs get com.ubuntu.zsys:bootfs-datasets rpool/USERDATA/jvc_tdssc -H -ovalue)
sudo zfs set com.ubuntu.zsys:bootfs-datasets=$VAL rpool/USERDATA/jvc_enc(ofc, you need to change the dataset names there)
jdavidberger
commented
2 years ago I think this bug hit me today. Normally I wouldn't bother reporting behavior with this sparse of information but the bug deleted my home directory and after a few hours attempting recovery I'm pretty sure it's gone.
This was on ubuntu 21.04, zfs 2.02, Linux 5.11.0-7620 with an encrypted home directory.
Admittedly vague notes:
From that point forward the home directory dataset was gone. Zpool history did not show the deletion but it was there with the -i flag. I have a log file with that in it that I'll post when I have a new system up and running.
I think there is a chance you can exhibit this bug by logging in to a fresh install via recovery mode, unmounting the home filesystem and rebooting but can't be sure other interactions don't play a part.
I can't help but think there should be a tag/flag you can affix to certain datasets that marks them ineligible for destruction except for a very manual cli "zfs destroy -f NAME".
almereyda
commented
2 years ago While you propose that unvoluntary destruction of datasets should be opt-out, I would rather vote for making voluntary destruction of datasets opt-in. This means we would only allow to destroy datasets that have a certain property set, and not the other way round.
But as of #213, I fear we can rather consider ZSYS as abandoned, with ZFS support leaving experimental status on Ubuntu nowadays. I am unable to figure out how this can go well together, but the world is contradictory at times.
darkbasic
commented
1 year ago While I understand zsys is no longer maintained, this issue is scaring the crap out of a lot of people and puts the project under a bad light. I myself have moved to zrepl despite always tagging every dataset. If Ubuntu is not funding this maybe you could try a crowdfunding platform instead (Github Sponsors, patreon, gofundme, whatever)? Development will be slow (I don't see to many people interested, albeit there are surely some) but at least it won't be completely unmaintained with huge bugs eating your data.
runejuhl
commented
1 year ago I have to chime in here, even if it's a bit +1-ish.
Though there hasn't been a formal announcement from Canonical about the status of zsys it seems that the project is dead. That's life for software -- sometimes it lives on, sometimes it dies, and sometimes it gets resurrected by someone with an itch and continues in a new incarnation.
What's problematic here is that this is (was?) a supported installation method, and because of this bug there's a very real risk of data loss -- just ask @jdavidberger. Because zsys is included in official releases it'll continue to affect users until this is properly fixed. I just had a look at the installer for Ubuntu 22.04, and there's no mention of an installation with ZFS being any less supported than a regular installation:
Even if Canonical sees no future in zsys, having such a bug around in Ubuntu it reflects extremely poorly on Canonical and Ubuntu, and I hope that you can be convinced to fix this issue before putting zsys in the grave for good.
almereyda
commented
1 year ago AFAIK Ubuntu 22.04 will install ZFS and set up the datasets through their Ubiquity installer, but it won't install zsys anymore, which is probably good. 🤣
Please see this line, where the installation of zsys is commented out (permalink to latest current LTS ref):
darkbasic
commented
1 year ago but it won't install zsys anymore, which is probably good. rofl
I wouldn't rejoice over zsys being dropped. It's bugged, of course, but it's a really nice and convenient piece of software. In its current state I wouldn't risk using it without replication to another machine, but I'm currently evaluating letting zsys handle snapshotting of BOOT, ROOT and USERDATA while letting zrepl snapshot everything else and replication. Basically zrepl creates bookmarks on top of zsys snapshots and replicates them to another machine and it also manages snapshotting itself for all the other datasets. That way I would still be able to conveniently revert from grub using zsys. The only problem is that zsys is more broken than I suspected and I cannot even revert without breaking the system: https://github.com/ubuntu/zsys/issues/236 I would love to write a detailed guide on how to use zsys in conjunction with zrepl replication, but I'm already in the process of upgrading several servers so I either find a solution to the broken reverts in the short term or I abandon zsys forever :( If you have any idea why reverting breaks your system I'm all ears.
a0c
Describe the bug
When custom datasets are present in the system, they are not recognised by zsys and sceduled for destuction. That's probably a new incarnation of a bug #103 reported earlier.
Before actually deleting filesystem there were two failed attempts:
From
zpool history -il rpooloutput:Filesystem got deleted silently, without any notice:
To Reproduce
general.minfreepoolspaceInstalled versions: