mirror of
https://github.com/systemd/systemd.git
synced 2024-12-23 21:35:11 +03:00
gpt-auto-generator: support LUKS encrypted root partitions
Previously, we supported GPT auto-discovery for /home and /srv, but not for the root partition. Add that, too. Fixes: #859
This commit is contained in:
parent
e02c04c045
commit
01af8c019a
@ -88,7 +88,4 @@ ENV{DEVTYPE}=="partition", ENV{ID_WWN_WITH_EXTENSION}=="?*", SYMLINK+="disk/by-i
|
||||
ENV{ID_PART_ENTRY_UUID}=="?*", SYMLINK+="disk/by-partuuid/$env{ID_PART_ENTRY_UUID}"
|
||||
ENV{ID_PART_ENTRY_SCHEME}=="gpt", ENV{ID_PART_ENTRY_NAME}=="?*", SYMLINK+="disk/by-partlabel/$env{ID_PART_ENTRY_NAME}"
|
||||
|
||||
# add symlink to GPT root disk
|
||||
ENV{ID_PART_ENTRY_SCHEME}=="gpt", ENV{ID_PART_GPT_AUTO_ROOT}=="1", SYMLINK+="gpt-auto-root"
|
||||
|
||||
LABEL="persistent_storage_end"
|
||||
|
@ -17,6 +17,11 @@ SUBSYSTEM=="block", ACTION=="add", ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}=="1", E
|
||||
# we are probably still calling mke2fs or mkswap on it.
|
||||
SUBSYSTEM=="block", ENV{DM_UUID}=="CRYPT-*", ENV{ID_PART_TABLE_TYPE}=="", ENV{ID_FS_USAGE}=="", ENV{SYSTEMD_READY}="0"
|
||||
|
||||
# add symlink to GPT root disk
|
||||
SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}!="crypto_LUKS", SYMLINK+="gpt-auto-root"
|
||||
SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}=="crypto_LUKS", SYMLINK+="gpt-auto-root-luks"
|
||||
SUBSYSTEM=="block", ENV{DM_UUID}=="CRYPT-*", ENV{DM_NAME}=="root", SYMLINK+="gpt-auto-root"
|
||||
|
||||
# Ignore raid devices that are not yet assembled and started
|
||||
SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", TEST!="md/array_state", ENV{SYSTEMD_READY}="0"
|
||||
SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", ATTR{md/array_state}=="|clear|inactive", ENV{SYSTEMD_READY}="0"
|
||||
|
@ -54,7 +54,7 @@ static bool arg_enabled = true;
|
||||
static bool arg_root_enabled = true;
|
||||
static bool arg_root_rw = false;
|
||||
|
||||
static int add_cryptsetup(const char *id, const char *what, bool rw, char **device) {
|
||||
static int add_cryptsetup(const char *id, const char *what, bool rw, bool require, char **device) {
|
||||
_cleanup_free_ char *e = NULL, *n = NULL, *p = NULL, *d = NULL, *to = NULL;
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
char *from, *ret;
|
||||
@ -62,7 +62,6 @@ static int add_cryptsetup(const char *id, const char *what, bool rw, char **devi
|
||||
|
||||
assert(id);
|
||||
assert(what);
|
||||
assert(device);
|
||||
|
||||
r = unit_name_from_path(what, ".device", &d);
|
||||
if (r < 0)
|
||||
@ -119,7 +118,9 @@ static int add_cryptsetup(const char *id, const char *what, bool rw, char **devi
|
||||
if (symlink(from, to) < 0)
|
||||
return log_error_errno(errno, "Failed to create symlink %s: %m", to);
|
||||
|
||||
if (require) {
|
||||
free(to);
|
||||
|
||||
to = strjoin(arg_dest, "/cryptsetup.target.requires/", n);
|
||||
if (!to)
|
||||
return log_oom();
|
||||
@ -136,6 +137,7 @@ static int add_cryptsetup(const char *id, const char *what, bool rw, char **devi
|
||||
mkdir_parents_label(to, 0755);
|
||||
if (symlink(from, to) < 0)
|
||||
return log_error_errno(errno, "Failed to create symlink %s: %m", to);
|
||||
}
|
||||
|
||||
free(p);
|
||||
p = strjoin(arg_dest, "/dev-mapper-", e, ".device.d/50-job-timeout-sec-0.conf");
|
||||
@ -155,6 +157,7 @@ static int add_cryptsetup(const char *id, const char *what, bool rw, char **devi
|
||||
if (!ret)
|
||||
return log_oom();
|
||||
|
||||
if (device)
|
||||
*device = ret;
|
||||
return 0;
|
||||
}
|
||||
@ -182,7 +185,7 @@ static int add_mount(
|
||||
|
||||
if (streq_ptr(fstype, "crypto_LUKS")) {
|
||||
|
||||
r = add_cryptsetup(id, what, rw, &crypto_what);
|
||||
r = add_cryptsetup(id, what, rw, true, &crypto_what);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
@ -938,6 +941,16 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
|
||||
return 0;
|
||||
}
|
||||
|
||||
#ifdef ENABLE_EFI
|
||||
static int add_root_cryptsetup(void) {
|
||||
|
||||
/* If a device /dev/gpt-auto-root-luks appears, then make it pull in systemd-cryptsetup-root.service, which
|
||||
* sets it up, and causes /dev/gpt-auto-root to appear which is all we are looking for. */
|
||||
|
||||
return add_cryptsetup("root", "/dev/gpt-auto-root-luks", true, false, NULL);
|
||||
}
|
||||
#endif
|
||||
|
||||
static int add_root_mount(void) {
|
||||
|
||||
#ifdef ENABLE_EFI
|
||||
@ -963,6 +976,10 @@ static int add_root_mount(void) {
|
||||
r = generator_write_initrd_root_device_deps(arg_dest, "/dev/gpt-auto-root");
|
||||
if (r < 0)
|
||||
return 0;
|
||||
|
||||
r = add_root_cryptsetup();
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
||||
return add_mount(
|
||||
|
Loading…
Reference in New Issue
Block a user