I replaced two encrypted drives recently in an encrypted zraid2 pool. Silvering finished up, and the zpool shows as healthy again.
According to the docs, what should happen next is to re-do the encryption steps, I.E. assign a passphrase, and create a recovery key.
When assigning the passphrase, this error appears in /var/log/messages:
This is the id of a drive that no longer exists.
One hopes that this step completed successfully anyway, but a cleanup step somewhere was missed. (Bug #1)
When attempting to create a recovery key from the web gui, I enter in my root password, but no subsequent download of a recovery key is offered.
/var/log/messaages shows this:
Again, it looks like something wasn't cleaned up as in this case, the id's of two non-existent drives were referenced. This time things are borked enough that the recovery key either isn't created, or just isn't offered via the web gui after creation (Bug #2)
Since the docs recommend doing both the passphrase and recovery key steps before reboot least the data become unavailable, it's possible the system is now in a fragile state.
According to the docs, what should happen next is to re-do the encryption steps, I.E. assign a passphrase, and create a recovery key.
When assigning the passphrase, this error appears in /var/log/messages:
Code:
Feb 5 21:56:53 freenas manage.py: [middleware.exceptions:37] [MiddlewareError: Unable to set passphrase on gptid/5127d49a-3484-11e5-80f0-d050991b6355: geli: Cannot open gptid/5127d49a-3484-11e5-80f0-d050991b6355: No such file or directory.
This is the id of a drive that no longer exists.
One hopes that this step completed successfully anyway, but a cleanup step somewhere was missed. (Bug #1)
When attempting to create a recovery key from the web gui, I enter in my root password, but no subsequent download of a recovery key is offered.
/var/log/messaages shows this:
Code:
Feb 5 21:59:46 freenas manage.py: [middleware.exceptions:37] [MiddlewareError: Unable to set recovery key for 2 devices: [MiddlewareError: Unable to set passphrase on gptid/5127d49a-3484-11e5-80f0-d050991b6355: geli: Cannot open gptid/5127d49a-3484-11e5-80f0-d050991b6355: No such file or directory. ], [MiddlewareError: Unable to set passphrase on gptid/52093a8a-3484-11e5-80f0-d050991b6355: geli: Cannot open gptid/52093a8a-3484-11e5-80f0-d050991b6355: No such file or directory.
Again, it looks like something wasn't cleaned up as in this case, the id's of two non-existent drives were referenced. This time things are borked enough that the recovery key either isn't created, or just isn't offered via the web gui after creation (Bug #2)
Since the docs recommend doing both the passphrase and recovery key steps before reboot least the data become unavailable, it's possible the system is now in a fragile state.