summaryrefslogtreecommitdiffstats
path: root/network/80-container-host0.network
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-12-05 16:26:48 +0100
committerLennart Poettering <lennart@poettering.net>2016-12-07 18:38:41 +0100
commit18b5886e562a3702ed8923e568a7555d2ab1880a (patch)
treef5dd924a0fd9f5e8436b3bf85c72167ac89eae32 /network/80-container-host0.network
parentminor code beautifications (diff)
downloadsystemd-18b5886e562a3702ed8923e568a7555d2ab1880a.tar.xz
systemd-18b5886e562a3702ed8923e568a7555d2ab1880a.zip
dissect: add support for encrypted images
This adds support to the image dissector to deal with encrypted images (only LUKS). Given that we now have a neatly isolated image dissector codebase, let's add a new feature to it: support for automatically dealing with encrypted images. This is then exposed in systemd-dissect and nspawn. It's pretty basic: only support for passphrase-based encryption. In order to ensure that "systemd-dissect --mount" results in mount points whose backing LUKS DM devices are cleaned up automatically we use the DM_DEV_REMOVE ioctl() directly on the device (in DM_DEFERRED_REMOVE mode). libgcryptsetup at the moment doesn't provide a proper API for this. Thankfully, the ioctl() API is pretty easy to use.
Diffstat (limited to 'network/80-container-host0.network')
0 files changed, 0 insertions, 0 deletions