Solved FreeBSD-12.0R-p10 ZFS encrypted root, creation of backup BE fails reading entropy

[semi-ambivalent]

I tested a backup BE and the boot froze while looking for the NTP server. I checked the beadm man page and I had created the BE using the active BE as the source for the cloning. So I rebooted, selected the backup BE, jumped back to the first screen, selected 'boot single user' and it booted to the backup BE fine. But when I then tried to create another BE using 'beadm create -e' and the now-inactive good BE the cloning failed because ZFS couldn't read the something-or-other/entropy file.

I didn't see anything in the man page for switches not to include things so I'm at a loss here. Just grateful I found this now while the normal BE is fine. This is full disk encryption during initial install on a ZFS 2-disk mirror with a hot spare. How can I get around this?

thanks.

 

[SirDice]

If you boot to single user mode only the root filesystem is mounted and is mounted read-only. You normally have to do zfs set readonly=off zroot/DEFAULT/root and a zfs mount -a in order to mount everything and make it writable. You will need to adjust the commands for your environment.

 

[semi-ambivalent]

It's working now. Here's how I got there:
Before rebooting pre-set the use of backup-BE on next boot with beadm activate backup-BE
Boot into full state then do shutdown now and open a prompt.
Create a new BE using the de-activated good BE beadm create -e good-BE new-BE
Re-activate the good BE beadm activate good-BE and reboot to full system.
Use beadm to delete the intermediate BE if desired beadm destroy backup-BE

I only tried once but selecting the backup BE from the boot screen didn't stick; I still ended up in the good BE. This would be problematic if your only functional BE was the backup as you had no choice but to select it at the boot screen. I suppose I fat fingered something but I'm letting it go for now. I tested the new backup-BE and everything I tried worked fine except Firefox couldn't find my user's bookmarks. I think this has to do with the NFS /home and file locking, but I have had Firefox do this before and BEs had nothing to do with it.

My BE names above are instructional only. There's probably mistakes somewhere.