mirror of
https://git.proxmox.com/git/mirror_zfs.git
synced 2026-05-22 10:37:35 +03:00
Fix incremental recursive encrypted receive
Currently, incremental recursive encrypted receives fail to work for any snapshot after the first. The reason for this is because the check in zfs_setup_cmdline_props() did not properly realize that when the user attempts to use '-x encryption' in this situation, they are not really overriding the existing encryption property and instead are attempting to prevent it from changing. This resulted in an error message stating: "encryption property 'encryption' cannot be set or excluded for raw or incremental streams". This problem is fixed by updating the logic to expect this use case. Reviewed-by: loli10K <ezomori.nozomu@gmail.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Igor Kozhukhov <igor@dilos.org> Signed-off-by: Tom Caputi <tcaputi@datto.com> Closes #9494
This commit is contained in:
Tom Caputi
committed by
Brian Behlendorf
Brian Behlendorf
parent
28f7427ab1
commit
b4238327b4
@@ -58,7 +58,8 @@ log_assert "'zfs recv' must properly handle encryption properties"
|
||||
|
||||
typeset keyfile=/$TESTPOOL/pkey
|
||||
typeset sendfile=/$TESTPOOL/sendfile
|
||||
typeset snap=$TESTPOOL/ds@snap
|
||||
typeset snap=$TESTPOOL/ds@snap1
|
||||
typeset snap2=$TESTPOOL/ds@snap2
|
||||
typeset esnap=$TESTPOOL/crypt@snap1
|
||||
typeset esnap2=$TESTPOOL/crypt@snap2
|
||||
|
||||
@@ -78,6 +79,7 @@ log_must cp /$TESTPOOL/ds/$TESTFILE0 /$TESTPOOL/crypt/$TESTFILE0
|
||||
typeset cksum=$(md5digest /$TESTPOOL/ds/$TESTFILE0)
|
||||
|
||||
log_must zfs snap -r $snap
|
||||
log_must zfs snap -r $snap2
|
||||
log_must zfs snap -r $esnap
|
||||
log_must zfs snap -r $esnap2
|
||||
|
||||
@@ -193,6 +195,20 @@ recv_cksum=$(md5digest /$ds/$TESTFILE0)
|
||||
log_must test "$recv_cksum" == "$cksum"
|
||||
log_must zfs destroy -r $ds
|
||||
|
||||
# Test that we can override an unencrypted, incremental, recursive stream's
|
||||
# encryption settings, receiving all datasets as encrypted children.
|
||||
log_note "Must be able to receive recursive stream to encrypted child"
|
||||
ds=$TESTPOOL/crypt/recv
|
||||
log_must eval "zfs send -R $snap2 > $sendfile"
|
||||
log_must eval "zfs recv -x encryption $ds < $sendfile"
|
||||
log_must test "$(get_prop 'encryptionroot' $ds)" == "$TESTPOOL/crypt"
|
||||
log_must test "$(get_prop 'encryption' $ds)" == "aes-256-ccm"
|
||||
log_must test "$(get_prop 'keyformat' $ds)" == "passphrase"
|
||||
log_must test "$(get_prop 'mounted' $ds)" == "yes"
|
||||
recv_cksum=$(md5digest /$ds/$TESTFILE0)
|
||||
log_must test "$recv_cksum" == "$cksum"
|
||||
log_must zfs destroy -r $ds
|
||||
|
||||
# Check that we haven't printed the key to the zpool history log
|
||||
log_mustnot eval "zpool history -i | grep -q 'wkeydata'"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user