Support booting from an unencrypted dataset on a pool with encryption active
grub-probe
fails when called on a dataset in a pool with feature@encryption=active
. When grub2 is booted, it returns an error and drops to the rescue console. See https://github.com/zfsonlinux/zfs/issues/7153 and https://github.com/zfsonlinux/grub/issues/24 for more details.
Make it not reject whole pools with the feature active, but only datasets with encryption enabled.
Other ways of booting from a pool with encrypted datasets (and possibly from an encrypted dataset) are:
- Putting the kernels on a separate pool (outside the BE dataset). Making this work with boot environments (a different set of kernels for each BE) would probably be complex to implement.
- Having a kernel on a separate pool that would open the encrypted pool, load the BE's kernel and
kexec
into it. This also requires some additional work.