diff options
author | Chih-Hsuan Yen <yan12125@gmail.com> | 2022-08-04 18:45:33 +0200 |
---|---|---|
committer | Luca Boccassi <luca.boccassi@gmail.com> | 2022-08-08 18:03:28 +0200 |
commit | 7aa0b0121e2eef5d4caa676e746faed99d9ab097 (patch) | |
tree | 50c65700ac5a6a4d32ab10f31b56110bc38ca9c7 /src/cryptsetup/cryptsetup-generator.c | |
parent | Merge pull request #24221 from yuwata/dhcp-client-cleanups (diff) | |
download | systemd-7aa0b0121e2eef5d4caa676e746faed99d9ab097.tar.xz systemd-7aa0b0121e2eef5d4caa676e746faed99d9ab097.zip |
cryptsetup: support keyfile-timeout for using a device as the key file
Closes https://github.com/systemd/systemd/issues/21993
Diffstat (limited to '')
-rw-r--r-- | src/cryptsetup/cryptsetup-generator.c | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c index 8f5ad67f48..07903f1044 100644 --- a/src/cryptsetup/cryptsetup-generator.c +++ b/src/cryptsetup/cryptsetup-generator.c @@ -227,9 +227,11 @@ static int generate_device_umount(const char *name, return 0; } -static int print_dependencies(FILE *f, const char* device_path) { +static int print_dependencies(FILE *f, const char* device_path, const char* timeout_value, bool canfail) { int r; + assert(!canfail || timeout_value); + if (STR_IN_SET(device_path, "-", "none")) /* None, nothing to do */ return 0; @@ -259,9 +261,16 @@ static int print_dependencies(FILE *f, const char* device_path) { if (r < 0) return log_error_errno(r, "Failed to generate unit name: %m"); - fprintf(f, - "After=%1$s\n" - "Requires=%1$s\n", unit); + fprintf(f, "After=%1$s\n", unit); + if (canfail) { + fprintf(f, "Wants=%1$s\n", unit); + r = write_drop_in_format(arg_dest, unit, 90, "device-timeout", + "# Automatically generated by systemd-cryptsetup-generator \n\n" + "[Unit]\nJobRunningTimeoutSec=%s", timeout_value); + if (r < 0) + return log_error_errno(r, "Failed to write device drop-in: %m"); + } else + fprintf(f, "Requires=%1$s\n", unit); } else { /* Regular file, add mount dependency */ _cleanup_free_ char *escaped_path = specifier_escape(device_path); @@ -463,14 +472,18 @@ static int create_disk( netdev ? "remote-cryptsetup.target" : "cryptsetup.target"); if (key_file && !keydev) { - r = print_dependencies(f, key_file); + r = print_dependencies(f, key_file, + keyfile_timeout_value, + /* canfail= */ keyfile_can_timeout > 0); if (r < 0) return r; } /* Check if a header option was specified */ if (detached_header > 0 && !headerdev) { - r = print_dependencies(f, header_path); + r = print_dependencies(f, header_path, + NULL, + /* canfail= */ false); /* header is always necessary */ if (r < 0) return r; } |