[Bug 264174] Use of redaction bookmarks or redacted datasets on a boot pool renders the pool unbootable

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264174

            Bug ID: 264174
           Summary: Use of redaction bookmarks or redacted datasets on a
                    boot pool renders the pool unbootable
           Product: Base System
           Version: 13.1-STABLE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: astralblue@gmail.com

src/stand/libsa/zfs/zfsimpl.c defines features_for_read, which contains a set
of whitelisted zpool features.  If any other read-only-incompatible feature is
active on a boot pool (that is, enabled and in use) the boot loader will fail
to boot from the pool.

With ZoR, it is easy to shoot oneself in the foot by accidentally activating a
read-only-incompatible feature.  Currently these include redaction_bookmarks
and redacted_datasets, activated by creating redaction bookmarks and receiving
redacted send streams.

It would be nice if zfs redact and zfs receive commands checked the feature
activation and warned the (unsuspecting) user about this if the pool is a boot
pool.

Suggested message for zfs redact:

    WARNING: A redaction bookmark was created on a boot pool.  Currently
FreeBSD
    cannot boot from a pool with redaction bookmarks or redacted datasets.

    To undo this change, run:

        zfs destroy zroot/test/base#redacted

    To identify all redaction bookmarks and redacted snapshots on the pool,
run:

        zfs get -rHp -t bookmark,snapshot -o name redact_snaps zroot

-- 
You are receiving this mail because:
You are the assignee for the bug.