Linux Init processes – and zfs autoimport
Collection of resources on Linux init-demons. It covers the (historical) demons system V, and upstart, as well as the current one: systemd: see digitalocean.com – How To Configure a Linux Service to Start Automatically After a Crash or Reboot – Part 1: Practical Examples
However as stated, systemd is “more than an init daemon: systemd is a framework that encompasses many components of a modern Linux system.” (digitalocean.com). See also this talk from Benno Rice at linux.conf.auf about “The Tragedy of systemd“.
A comprehensive tutorial about systemctl can be found at digitalocean.com – how to use systemctl to manage systemd services and units.
As for my system it’s important to load ZFS at boot-time as the file-system of my home-directory – these are the needed steps:
1) Install zfs modules
sudo pacman -S linux-headers linux-lts-headers dkms
yay -S zfs-dkms zfs-utils
2) Ignore these packages on regular upgrade:
in /etc/pacman.conf add
[options]
IgnorePkg=zfs-dkms
3) Autostart
systemctl enable zfs-import-cache.service
systemctl enable zfs-mount.service
systemctl enable zfs.target
systemctl enable zfs-import.target
4) Create pool and encrypted dataset
use the id, otherwise autoload from cache at boot will not work!
ls -lh /dev/disk/by-id/
sudo zpool create -f -o ashift=12 -O compression=lz4 -O mountpoint=none -O normalization=formD data
zpool status -v
dd if=/dev/random of=/opt/daniel-home-key bs=1 count=32
zfs create -o encryption=on -o keyformat=raw -o keylocation=file:///opt/daniel-home-key data/home
zfs get keylocation data/home
touch /mnt/data/home/test.txt
zpool set cachefile=/etc/zfs/zpool.cache data
In case there is an error message “The ZFS modules are not loaded”:
make sure dkms and linux-headers, linux-lts-headers are installed.
see: https://www.reddit.com/r/zfs/comments/ar0wcj/the_zfs_modules_are_not_loaded_centos7/
5) Unlock at login-time: PAM
see: https://wiki.archlinux.org/title/ZFS#Unlock_at_login_time:_PAM
zfs set mountpoint=/mnt/test data/home
in /etc/fstab
data/home /mnt/test zfs rw,xattr,posixacl,noauto 0 0
create /sbin/mount-zfs-homedir
#!/bin/bash
# simplified from https://talldanestale.dk/2020/04/06/zfs-and-homedir-encryption/
set -eu
VOLNAME="data/home"
# Unlock and mount the volume
zfs load-key "$VOLNAME" <<< file:///path_to_keyfile || continue
zfs mount "$VOLNAME" || true # ignore errors
chmod a+x /sbin/mount-zfs-homedir
Add to /etc/pam.d/system-auth
auth optional pam_exec.so expose_authtok /sbin/mount-zfs-homedir
In case: zfs dataset/pool dissappears on reboot:
https://serverfault.com/questions/732184/zfs-datasets-dissappear-on-reboot
https://github.com/openzfs/zfs/issues/8885
be sure this one is started: systemctl enable zfs-import.target
6) Change mountpoint to /home/daniel/
- Prerequisite: Have another user present, which can login, wg. root, in case home of daniel cannot be mounted.
- Login as root and copy data from /home/daniel to /mnt/test/
cp -a -r /home/daniel /mnt/test/
- Change mountpoint to legacy
zfs set mountpoint=legacy /data/home
- edit /etc/fstab to mount to /home/daniel and reboot.
- Backup the keyfile (not on home ;-)!
- Change the keyfile place to /etc/
7) Add new user
Because the default-user has his home on a zfs-pool, if this one cannot be mounted, the user cannot login. To troubleshoot i'd like to have a "backup"-user called fallback - besides root:
sudo useradd fallback -m -s /usr/bin/zsh -g users -c "backup user"
sudo passwd fallback
su - fallback
Test login and configure zsh
