From 92e64e9ae93fa96e23bc07e95e223e92e03ea238 Mon Sep 17 00:00:00 2001 From: Lennart Poettering <lennart@poettering.net> Date: Thu, 23 Mar 2023 13:59:45 +0100 Subject: [PATCH] core: suppress various defaults deps for credentials mounts The per-unit credentials mounts might show up for any kind of service, including very very early ones. Hence let's not order them after local-fs-pre.target, because otherwise we might trigger cyclic deps of services that want to plug before that but still use credentials. --- src/core/mount.c | 51 ++++++++++++++++++++++++++++++++++++------------ 1 file changed, 38 insertions(+), 13 deletions(-) diff --git a/src/core/mount.c b/src/core/mount.c index f25188681d7..007d865fee6 100644 --- a/src/core/mount.c +++ b/src/core/mount.c @@ -473,6 +473,22 @@ static bool mount_is_extrinsic(Unit *u) { return false; } +static bool mount_is_credentials(Mount *m) { + const char *e; + + assert(m); + + /* Returns true if this is a credentials mount. We don't want automatic dependencies on credential + * mounts, since they are managed by us for even the earliest services, and we never want anything to + * be ordered before them hence. */ + + e = path_startswith(m->where, UNIT(m)->manager->prefix[EXEC_DIRECTORY_RUNTIME]); + if (!e) + return false; + + return !isempty(path_startswith(e, "credentials")); +} + static int mount_add_default_ordering_dependencies(Mount *m, MountParameters *p, UnitDependencyMask mask) { const char *after, *before, *e; int r; @@ -495,7 +511,10 @@ static int mount_add_default_ordering_dependencies(Mount *m, MountParameters *p, after = SPECIAL_LOCAL_FS_PRE_TARGET; before = SPECIAL_INITRD_USR_FS_TARGET; - } else if (mount_is_network(p)) { + } else if (mount_is_credentials(m)) + after = before = NULL; + + else if (mount_is_network(p)) { after = SPECIAL_REMOTE_FS_PRE_TARGET; before = SPECIAL_REMOTE_FS_TARGET; @@ -504,18 +523,32 @@ static int mount_add_default_ordering_dependencies(Mount *m, MountParameters *p, before = SPECIAL_LOCAL_FS_TARGET; } - if (!mount_is_nofail(m)) { + if (before && !mount_is_nofail(m)) { r = unit_add_dependency_by_name(UNIT(m), UNIT_BEFORE, before, /* add_reference= */ true, mask); if (r < 0) return r; } - r = unit_add_dependency_by_name(UNIT(m), UNIT_AFTER, after, /* add_reference= */ true, mask); + if (after) { + r = unit_add_dependency_by_name(UNIT(m), UNIT_AFTER, after, /* add_reference= */ true, mask); + if (r < 0) + return r; + } + + r = unit_add_two_dependencies_by_name(UNIT(m), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_UMOUNT_TARGET, + /* add_reference= */ true, mask); if (r < 0) return r; - return unit_add_two_dependencies_by_name(UNIT(m), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_UMOUNT_TARGET, - /* add_reference= */ true, mask); + /* If this is a tmpfs mount then we have to unmount it before we try to deactivate swaps */ + if (streq_ptr(p->fstype, "tmpfs") && !mount_is_credentials(m)) { + r = unit_add_dependency_by_name(UNIT(m), UNIT_AFTER, SPECIAL_SWAP_TARGET, + /* add_reference= */ true, mask); + if (r < 0) + return r; + } + + return 0; } static int mount_add_default_dependencies(Mount *m) { @@ -567,14 +600,6 @@ static int mount_add_default_dependencies(Mount *m) { return r; } - /* If this is a tmpfs mount then we have to unmount it before we try to deactivate swaps */ - if (streq_ptr(p->fstype, "tmpfs")) { - r = unit_add_dependency_by_name(UNIT(m), UNIT_AFTER, SPECIAL_SWAP_TARGET, - /* add_reference= */ true, mask); - if (r < 0) - return r; - } - return exec_context_add_default_dependencies(UNIT(m), &m->exec_context); }