summaryrefslogtreecommitdiffstats
path: root/src/cryptsetup/cryptsetup-generator.c
diff options
context:
space:
mode:
authorChih-Hsuan Yen <yan12125@gmail.com>2022-08-04 18:45:33 +0200
committerLuca Boccassi <luca.boccassi@gmail.com>2022-08-08 18:03:28 +0200
commit7aa0b0121e2eef5d4caa676e746faed99d9ab097 (patch)
tree50c65700ac5a6a4d32ab10f31b56110bc38ca9c7 /src/cryptsetup/cryptsetup-generator.c
parentMerge pull request #24221 from yuwata/dhcp-client-cleanups (diff)
downloadsystemd-7aa0b0121e2eef5d4caa676e746faed99d9ab097.tar.xz
systemd-7aa0b0121e2eef5d4caa676e746faed99d9ab097.zip
cryptsetup: support keyfile-timeout for using a device as the key file
Closes https://github.com/systemd/systemd/issues/21993
Diffstat (limited to '')
-rw-r--r--src/cryptsetup/cryptsetup-generator.c25
1 files changed, 19 insertions, 6 deletions
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
index 8f5ad67f48..07903f1044 100644
--- a/src/cryptsetup/cryptsetup-generator.c
+++ b/src/cryptsetup/cryptsetup-generator.c
@@ -227,9 +227,11 @@ static int generate_device_umount(const char *name,
return 0;
}
-static int print_dependencies(FILE *f, const char* device_path) {
+static int print_dependencies(FILE *f, const char* device_path, const char* timeout_value, bool canfail) {
int r;
+ assert(!canfail || timeout_value);
+
if (STR_IN_SET(device_path, "-", "none"))
/* None, nothing to do */
return 0;
@@ -259,9 +261,16 @@ static int print_dependencies(FILE *f, const char* device_path) {
if (r < 0)
return log_error_errno(r, "Failed to generate unit name: %m");
- fprintf(f,
- "After=%1$s\n"
- "Requires=%1$s\n", unit);
+ fprintf(f, "After=%1$s\n", unit);
+ if (canfail) {
+ fprintf(f, "Wants=%1$s\n", unit);
+ r = write_drop_in_format(arg_dest, unit, 90, "device-timeout",
+ "# Automatically generated by systemd-cryptsetup-generator \n\n"
+ "[Unit]\nJobRunningTimeoutSec=%s", timeout_value);
+ if (r < 0)
+ return log_error_errno(r, "Failed to write device drop-in: %m");
+ } else
+ fprintf(f, "Requires=%1$s\n", unit);
} else {
/* Regular file, add mount dependency */
_cleanup_free_ char *escaped_path = specifier_escape(device_path);
@@ -463,14 +472,18 @@ static int create_disk(
netdev ? "remote-cryptsetup.target" : "cryptsetup.target");
if (key_file && !keydev) {
- r = print_dependencies(f, key_file);
+ r = print_dependencies(f, key_file,
+ keyfile_timeout_value,
+ /* canfail= */ keyfile_can_timeout > 0);
if (r < 0)
return r;
}
/* Check if a header option was specified */
if (detached_header > 0 && !headerdev) {
- r = print_dependencies(f, header_path);
+ r = print_dependencies(f, header_path,
+ NULL,
+ /* canfail= */ false); /* header is always necessary */
if (r < 0)
return r;
}