diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-12-05 16:26:48 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-12-07 18:38:41 +0100 |
commit | 18b5886e562a3702ed8923e568a7555d2ab1880a (patch) | |
tree | f5dd924a0fd9f5e8436b3bf85c72167ac89eae32 /network/80-container-host0.network | |
parent | minor code beautifications (diff) | |
download | systemd-18b5886e562a3702ed8923e568a7555d2ab1880a.tar.xz systemd-18b5886e562a3702ed8923e568a7555d2ab1880a.zip |
dissect: add support for encrypted images
This adds support to the image dissector to deal with encrypted images (only
LUKS). Given that we now have a neatly isolated image dissector codebase, let's
add a new feature to it: support for automatically dealing with encrypted
images. This is then exposed in systemd-dissect and nspawn.
It's pretty basic: only support for passphrase-based encryption.
In order to ensure that "systemd-dissect --mount" results in mount points whose
backing LUKS DM devices are cleaned up automatically we use the DM_DEV_REMOVE
ioctl() directly on the device (in DM_DEFERRED_REMOVE mode). libgcryptsetup at
the moment doesn't provide a proper API for this. Thankfully, the ioctl() API
is pretty easy to use.
Diffstat (limited to 'network/80-container-host0.network')
0 files changed, 0 insertions, 0 deletions