From a7e885587949b6793ccf389505f3c436315fa653 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 19 Dec 2019 17:38:55 +0100 Subject: units: introduce blockdev@.target for properly ordering mounts/swaps against cryptsetup Let's hook it into both cryptsetup-generator and gpt-auto-generator with a shared implementation in generator.c Fixes: #8472 --- src/gpt-auto-generator/gpt-auto-generator.c | 63 +++++++++++++---------------- 1 file changed, 28 insertions(+), 35 deletions(-) (limited to 'src/gpt-auto-generator') diff --git a/src/gpt-auto-generator/gpt-auto-generator.c b/src/gpt-auto-generator/gpt-auto-generator.c index e03cdbd5c0..2067eeaf89 100644 --- a/src/gpt-auto-generator/gpt-auto-generator.c +++ b/src/gpt-auto-generator/gpt-auto-generator.c @@ -105,9 +105,8 @@ static int open_parent_block_device(dev_t devnum, int *ret_fd) { } static int add_cryptsetup(const char *id, const char *what, bool rw, bool require, char **device) { - _cleanup_free_ char *e = NULL, *n = NULL, *d = NULL, *id_escaped = NULL, *what_escaped = NULL; + _cleanup_free_ char *e = NULL, *n = NULL, *d = NULL; _cleanup_fclose_ FILE *f = NULL; - const char *p; int r; assert(id); @@ -125,44 +124,28 @@ static int add_cryptsetup(const char *id, const char *what, bool rw, bool requir if (r < 0) return log_error_errno(r, "Failed to generate unit name: %m"); - id_escaped = specifier_escape(id); - if (!id_escaped) - return log_oom(); - - what_escaped = specifier_escape(what); - if (!what_escaped) - return log_oom(); + r = generator_open_unit_file(arg_dest, NULL, n, &f); + if (r < 0) + return r; - p = prefix_roota(arg_dest, n); - f = fopen(p, "wxe"); - if (!f) - return log_error_errno(errno, "Failed to create unit file %s: %m", p); + r = generator_write_cryptsetup_unit_section(f, NULL); + if (r < 0) + return r; fprintf(f, - "# Automatically generated by systemd-gpt-auto-generator\n\n" - "[Unit]\n" - "Description=Cryptography Setup for %%I\n" - "Documentation=man:systemd-gpt-auto-generator(8) man:systemd-cryptsetup@.service(8)\n" - "DefaultDependencies=no\n" - "Conflicts=umount.target\n" - "BindsTo=dev-mapper-%%i.device %s\n" "Before=umount.target cryptsetup.target\n" - "After=%s\n" - "IgnoreOnIsolate=true\n" - "[Service]\n" - "Type=oneshot\n" - "RemainAfterExit=yes\n" - "TimeoutSec=0\n" /* the binary handles timeouts anyway */ - "KeyringMode=shared\n" /* make sure we can share cached keys among instances */ - "ExecStart=" SYSTEMD_CRYPTSETUP_PATH " attach '%s' '%s' '' '%s'\n" - "ExecStop=" SYSTEMD_CRYPTSETUP_PATH " detach '%s'\n", - d, d, - id_escaped, what_escaped, rw ? "" : "read-only", - id_escaped); + "Conflicts=umount.target\n" + "BindsTo=%s\n" + "After=%s\n", + d, d); + + r = generator_write_cryptsetup_service_section(f, id, what, NULL, rw ? NULL : "read-only"); + if (r < 0) + return r; r = fflush_and_check(f); if (r < 0) - return log_error_errno(r, "Failed to write file %s: %m", p); + return log_error_errno(r, "Failed to write file %s: %m", n); r = generator_add_symlink(arg_dest, d, "wants", n); if (r < 0) @@ -227,7 +210,6 @@ static int add_mount( log_debug("Adding %s: %s fstype=%s", where, what, fstype ?: "(any)"); if (streq_ptr(fstype, "crypto_LUKS")) { - r = add_cryptsetup(id, what, rw, true, &crypto_what); if (r < 0) return r; @@ -262,6 +244,10 @@ static int add_mount( if (r < 0) return r; + r = generator_write_blockdev_dependency(f, what); + if (r < 0) + return r; + fprintf(f, "\n" "[Mount]\n" @@ -370,7 +356,14 @@ static int add_swap(const char *path) { "# Automatically generated by systemd-gpt-auto-generator\n\n" "[Unit]\n" "Description=Swap Partition\n" - "Documentation=man:systemd-gpt-auto-generator(8)\n\n" + "Documentation=man:systemd-gpt-auto-generator(8)\n"); + + r = generator_write_blockdev_dependency(f, path); + if (r < 0) + return r; + + fprintf(f, + "\n" "[Swap]\n" "What=%s\n", path); -- cgit v1.2.3