cryptsetup: automatically order crypt partitions before cryptsetup.target

diff --git a/Makefile.am b/Makefile.am
index 8cc25306f5e49ec16c7556a36f577bb5591a1539..bc7ea9daed4fbf536119fec9cff0f0d7022cc11f 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -188,6 +188,7 @@ dist_systemunit_DATA = \
        units/halt.target \
        units/kexec.target \
        units/local-fs.target \
        units/halt.target \
        units/kexec.target \
        units/local-fs.target \

+       units/cryptsetup.target \

        units/network.target \
        units/nss-lookup.target \
        units/mail-transfer-agent.target \
        units/network.target \
        units/nss-lookup.target \
        units/mail-transfer-agent.target \


@@ -1161,12 +1162,14 @@ install-data-hook:
                        fsck-root.service \
                        remount-rootfs.service \
                        var-run.mount \
                        fsck-root.service \
                        remount-rootfs.service \
                        var-run.mount \

-                       var-lock.mount && \
+                       var-lock.mount \
+                       cryptsetup.target && \

                $(LN_S) ../systemd-remount-api-vfs.service systemd-remount-api-vfs.service && \
                $(LN_S) ../fsck-root.service fsck-root.service && \
                $(LN_S) ../remount-rootfs.service remount-rootfs.service && \
                $(LN_S) ../var-run.mount var-run.mount && \
                $(LN_S) ../systemd-remount-api-vfs.service systemd-remount-api-vfs.service && \
                $(LN_S) ../fsck-root.service fsck-root.service && \
                $(LN_S) ../remount-rootfs.service remount-rootfs.service && \
                $(LN_S) ../var-run.mount var-run.mount && \

-               $(LN_S) ../var-lock.mount var-lock.mount )
+               $(LN_S) ../var-lock.mount var-lock.mount && \
+               $(LN_S) ../cryptsetup.target )

        ( cd $(DESTDIR)$(userunitdir) && \
                rm -f shutdown.target sockets.target local-fs.target swap.target bluetooth.target printer.target && \
                $(LN_S) $(systemunitdir)/shutdown.target shutdown.target && \
        ( cd $(DESTDIR)$(userunitdir) && \
                rm -f shutdown.target sockets.target local-fs.target swap.target bluetooth.target printer.target && \
                $(LN_S) $(systemunitdir)/shutdown.target shutdown.target && \

diff --git a/TODO b/TODO
index 260ce457bde3e0fac08a85cfff908621caf337f0..37833a29828975f1d31bbbe633ba546fa213bc66 100644 (file)
--- a/TODO
+++ b/TODO
@@ -88,12 +88,10 @@
 
 * add to cpu cgroup by default
 
 
 * add to cpu cgroup by default
 

-* introduce crypttab.target
+External:

 
 * make cryptsetup lower --iter-time
 
 
 * make cryptsetup lower --iter-time
 

-External:
-

 * patch kernel for xattr support in /dev, /proc/, /sys and /sys/fs/cgroup.
 
 * patch kernel for cpu feature modalias for autoloading aes/kvm/...
 * patch kernel for xattr support in /dev, /proc/, /sys and /sys/fs/cgroup.
 
 * patch kernel for cpu feature modalias for autoloading aes/kvm/...

diff --git a/src/cryptsetup-generator.c b/src/cryptsetup-generator.c
index a2b398dd156f31fa99751c89c78c546a96e06303..c5e54d0988270a8d657fab064fbc03f71c89b460 100644 (file)
--- a/src/cryptsetup-generator.c
+++ b/src/cryptsetup-generator.c
@@ -102,7 +102,7 @@ static int create_disk(
                 "DefaultDependencies=no\n"
                 "BindTo=%s dev-mapper-%%i.device\n"
                 "After=systemd-readahead-collect.service systemd-readahead-replay.service %s\n"
                 "DefaultDependencies=no\n"
                 "BindTo=%s dev-mapper-%%i.device\n"
                 "After=systemd-readahead-collect.service systemd-readahead-replay.service %s\n"

-                "Before=dev-mapper-%%i.device shutdown.target local-fs.target\n",
+                "Before=dev-mapper-%%i.device shutdown.target cryptsetup.target\n",

                 d, d);
 
         if (password && (streq(password, "/dev/urandom") ||
                 d, d);
 
         if (password && (streq(password, "/dev/urandom") ||


@@ -157,6 +157,25 @@ static int create_disk(
                         r = -errno;
                         goto fail;
                 }
                         r = -errno;
                         goto fail;
                 }

+
+                free(to);
+                to = NULL;
+
+                if (!options || !has_option(options, "nofail")) {
+
+                        if (asprintf(&to, "%s/cryptsetup.target.wants/%s", arg_dest, n) < 0) {
+                                r = -ENOMEM;
+                                goto fail;
+                        }
+
+                        mkdir_parents(to, 0755);
+
+                        if (symlink(from, to) < 0) {
+                                log_error("Failed to create symlink '%s' to '%s': %m", from, to);
+                                r = -errno;
+                                goto fail;
+                        }
+                }

         }
 
         free(to);
         }
 
         free(to);

diff --git a/units/cryptsetup.target b/units/cryptsetup.target
new file mode 100644 (file)
index 0000000..9e4db78
--- /dev/null
+++ b/units/cryptsetup.target
@@ -0,0 +1,14 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2 of the License, or
+#  (at your option) any later version.
+
+# See systemd.special(7) for details
+
+[Unit]
+Description=Encrypted Volumes
+
+[Install]
+WantedBy=local-fs.target