UPDATE: I feel stupid now, I just figured out that the ZFS pool is only for the data, and not the actual system

Hi,

I did a mistake when reconfiguring my incus os network, and set its ipv4 address to a /32 subnet, so it is not possible to reach it even by tweaking the network of a laptop directly connected to my baremetal machine.

I’ve put back a GPU in it, disabled secure boot, booted an ubuntu desktop iso because it has ZFS support, but when running zpool import it fails with this message (retyped by hand):

the pool can only be accessed in read only mode on this system. It cannot e accessed in read write mode because it uses the following features not supported on this system:
comm.truenas:block_cloning_endian (fixes BRT ZAP endianness on new pools.)

Any idea how to get access to the system in write mode, I think I’m going to try a recent FreeBSD live system, but then I’m not sure it will work with TPM encryption

Does it sound stupid to open a feature request to add a check for people like me would may add a /32 ipv4 on their incus os after spending a day on firewall rules?

Update: it seems I need something fresher than Ubuntu 25.10 to have OpenZFS 2.4.1 on it Feature Flags — OpenZFS documentation

Some progress, it was really puzzling, I’m on a kubuntu 26.04-beta livecd with a remote ssh

apt install zfsutils-linux
echo ‘$the pool recovery key’ | openssl base64 -d > /root/keyfile
zpool import -f local
zfs load-key -L file:///root/keyfile local

it’s ongoing, I’m updating this post so people do not waste hours like me and this could be turned into documentation maybe?

Failures

Using the text key, while zfs expects a 32 bytes key

# zfs load-key local -L file://key2.txt
Key load error: Raw key too long (expected 32).

it turns out we need to convert it using base64 decoding

Using the encryption_recovery_keys

I needed the pool_recovery_keys

This tutorial was useful to me to restore my system: Emergency Procedure for a Lost Client Certificate - IncusOS documentation

I have no idea how to change the IP address for the next boot once I have access to the root partition though

Update: I modified a textfile named state something (I’ve lost the console history ), replaced the /32 by a /24 in it, rebooted, the system pings and connected to my headscale network but it does not reply on the API anymore. It’s a bit better but not great. I didn’t expect this file to have any use, except storing the last state of display purpose (like, when editing a configuration, eveything in state: is discarded)

Update2: I’ve let the GPU, and the screen shows that the pool was not exported when I was done with it, so it can’t import it, seems like something easy to fix

Update3: after rebooting kubuntu and importing / exporting the zpool, I rebooted with secure boot and it’s working again