Age | Commit message (Collapse) | Author |
|
https://bugs.freedesktop.org/show_bug.cgi?id=54210
|
|
as password file
As special magic, don't create device dependencies for /dev/null. Of
course, there might be similar devices we might want to include, but
given that none of them really make sense to specify as password source
there's really no point in checking for anything else here.
https://bugs.freedesktop.org/show_bug.cgi?id=75816
|
|
Also stop warning about unknown kernel cmdline options in the various
tools, not just in PID 1
|
|
make sure they are started before and stopped after any LUKS setup
https://bugzilla.redhat.com/show_bug.cgi?id=1097938
|
|
|
|
|
|
Already split variable assignments before invoking the callback. And
drop "rd." settings if we are not in an initrd.
|
|
|
|
In cryptsetup-generator automatic cleanup had to be replaced
with manual cleanup, and the code gets a bit longer. But existing
code had the issue that it returned negative values from main(),
which was wrong, so should be reworked anyway.
|
|
If the password is a device file, we can add Requires/After dependencies
on the device rather than requiring the user to do so.
|
|
Instead of individually checking for containers in each user do this
once in a new call proc_cmdline() that read the file only if we are not
in a container.
|
|
When crypttab contains noauto, cryptsetup service does not have any
explicit dependencies. If service is started later manually (directly or via
mount dependency) it will be stopped on isolate.
mount units already have IgnoreOnIsolate set by default. Set it by
default for cryptsetup units as well.
|
|
This service was merged with systemd-random-seed-save.service in
c35b956d34bbb8bb208e49e45de2c103ca11911c.
|
|
The main usecase for this is to make it possible to use cryptsetup in
the initrd without it having to include a host-specific /etc/crypttab.
Tested-by: Thomas Bächler <thomas@archlinux.org>
|
|
|
|
This semi-reverts 8973790ee6f62132b1b57de15c4edaef2c097004.
|
|
|
|
It's polite to print the name of the link that wasn't created,
and it makes little sense to print the target.
|
|
|
|
http://lists.freedesktop.org/archives/systemd-devel/2013-April/010510.html
|
|
Also clarify rd.luks.uuid and luks.uuid in the manual.
https://bugzilla.redhat.com/show_bug.cgi?id=905683
|
|
The password query for a crypto device currently times out after 90s,
which is too short to grab a cup of coffee when a machine boots up.
The resulting decrypted device /dev/mapper/luks-<uuid> might not
be a mountpoint (but part of a LVM PV or raid array)
and therefore the timeout cannot be controlled by the settings
in /etc/fstab. For this reason this device should not carry its own timeout.
Also the encrypted device /dev/disk/by-*/* already has a timeout and
additionally the timeout for the password query is set in /etc/crypttab.
This patch disables the timeout of the resulting decrypted devices by creating
<device-unit>.d/50-job-timeout-sec-0.conf files with "JobTimeoutSec=0".
|
|
This ensures that the keyfile is available during the opening of the encrypted
device.
Also dropped the explicit ordering Before=local-fs.target, as the containers
are ordered implicitly by their content.
|
|
Fixes: https://bugzilla.novell.com/show_bug.cgi?id=730496
https://bugs.freedesktop.org/show_bug.cgi?id=60821
|
|
|
|
|
|
|
|
If rd.luks.uuid or luks.uuid is specified on the kernel command, only
generate units for these UUIDs. Additionally use the information in
/etc/crypttab unless rd.luks.crypttab=0 or luks.crypttab=0 is specified.
|
|
|
|
|
|
|
|
|
|
also a number of minor fixups and bug fixes: spelling, oom errors
that didn't print errors, not properly forwarding error codes,
few more consistency issues, et cetera
|
|
glibc/glib both use "out of memory" consistantly so maybe we should
consider that instead of this.
Eliminates one string out of a number of binaries. Also fixes extra newline
in udev/scsi_id
|
|
all other dependencies are in 3rd person. Change BindTo= accordingly to
BindsTo=.
Of course, the dependency is widely used, hence we parse the old name
too for compatibility.
|
|
This is to match strappend() and the other string related functions.
|
|
|
|
|
|
|
|
It's also our own code, hence should have the prefix.
|
|
This generalizes a bit of the functionality already available in dracut.
|
|
context
|
|
Previously generated units were always placed at the end of the search
path. With this change there will be three unit dirs instead of one, to
place generated entries at the beginning, in the middle and at the end
of the search path:
beginning: for units that need to override all configuration, regardless
of user or vendor. Example use: system-update-generator uses this to
temporarily redirect default.target.
middle: for units that need to override vendor configuration, but not
vendor configuration. Example use: /etc/fstab should override vendor
supplied configuration (think /tmp), but should not override native user
configuration.
end: does not override anything but is available as well. Possible usage
might be to convert D-Bus bus service files to native units but allowing
vendor supplied native units to win.
|
|
UnitPath= is also writable via native units and may be used by generators
to clarify from which file a unit is generated. This patch also hooks up
the cryptsetup and fstab generators to set UnitPath= accordingly.
|
|
deadlocks
This makes all generators log to kmsg by default.
|
|
Bit by bit we should remove non-unit parsing from PID 1 and move into
generators, to clean up our code base a bit and clearly separate
parsers.
|
|
|
|
We finally got the OK from all contributors with non-trivial commits to
relicense systemd from GPL2+ to LGPL2.1+.
Some udev bits continue to be GPL2+ for now, but we are looking into
relicensing them too, to allow free copy/paste of all code within
systemd.
The bits that used to be MIT continue to be MIT.
The big benefit of the relicensing is that closed source code may now
link against libsystemd-login.so and friends.
|
|
Only 34 of 74 tools need libselinux linked, and libselinux is a pain
with its unconditional library constructor.
|
|
|