fix(zfs): Make sure root dataset cannot be mounted on accident (#3)

README.md

@@ -297,6 +297,7 @@ The ZFS pool and dataset setup that makes this tick, explained in plain English.
     1. `-O keylocation=file://...`: This property is only set for encrypted datasets which are encryption roots. Controls where the user's encryption key will be loaded from by default for commands such as `zfs load-key`.
     1. `-O keyformat=passphrase`: Controls what format the user's encryption key will be provided as. Passphrases must be between 8 and 512 bytes long.
 1. At this time the newly created zpool is not mounted anywhere. Next we create the "root" dataset, that's an arbitary term for the parent dataset of all boot environments. Boot environments in your case may be for example different operating systems all of which live on separate datasets underneath the root.
+    1. `-o canmount=off`: Same as above, the root dataset can - just like the pool - not be mounted.
     1. `-o mountpoint=none`: Same as above, the root dataset has - just like the pool - no mountpoint configured.
     1. `zfs set org.zfsbootmenu:commandline=...`: Set a common kernel command line for all boot environments such as `"ro quiet"`.
 1. Neither the root dataset nor the pool are mounted at this time. We now create one boot environment dataset where we want to install Arch Linux.

setup.sh

@@ -196,7 +196,7 @@ function create_pool () {
 }
 
 function create_root_dataset () {
-    zfs create -o mountpoint=none "${zpool_name}"'/root'
+    zfs create -o mountpoint=none -o canmount=off "${zpool_name}"'/root'
     # zfs set org.zfsbootmenu:commandline="ro quiet" "${zpool_name}"'/root'
     zfs set org.zfsbootmenu:commandline="ro" "${zpool_name}"'/root'
 }