Package: zfsutils-linux Version: 0.8.4-1 Severity: important Dear Maintainer,
When cloning/copying/restoring multiple copies of the same Debian system, the /etc/hostid/ is not regenerated. Thus the same disk can be imported ("zpool import tank") on multiple cloned systems simultaneously and instantaneously destroy the disk's data since both systems can write to the disk. This can happen on local or cloud environments where systems are often cloned and also in a situation where a system is restored multiple times (clones) during a disaster recovery and reconnected to the same underlying storage. This unsafe situation may be a results of Debian does not have the genhostid as part of the system, thus less safe default behavior with respects to /etc/hostid? Maybe systems running native genhostid regenerate the hostid on cloning? The workaround and permanent Debian/zfs solution is simple. As soon as a new copy of a system is created, a new hostid should be created to be safe. If the intention is to continue using the zpool on the new clone, the import can be explicitly forced by the user or the clone can be reverted to the previous hostid. The current default behavior is very dangerous for data corruption, it should be a much safer default behavior. For example, every clone of a Debian system has a UUID (eg command "dmidecode -t 1"), thus it would be simple to generate a new hostid (possibly keeping the old one backed up) when the system uuid has been observed to have changed. Manual workaround: rm /etc/hostid (or maybe "mv /etc/hostid /etc/hostid.bak") zgenhostid Kind regards, Real Carbonneau -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.6.0-1-amd64 (SMP w/12 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages zfsutils-linux depends on: ii libblkid1 2.35.1-5 ii libc6 2.30-8 ii libnvpair1linux 0.8.4-1 ii libuuid1 2.35.1-5 ii libuutil1linux 0.8.4-1 ii libzfs2linux 0.8.4-1 ii libzpool2linux 0.8.4-1 ii python3 3.8.2-3 Versions of packages zfsutils-linux recommends: ii lsb-base 11.1.0 ii zfs-dkms [zfs-modules] 0.8.4-1 ii zfs-zed 0.8.4-1 Versions of packages zfsutils-linux suggests: pn nfs-kernel-server <none> pn samba-common-bin <none> pn zfs-initramfs | zfs-dracut <none> -- Configuration Files: /etc/sudoers.d/zfs [Errno 13] Permission denied: '/etc/sudoers.d/zfs' -- no debconf information