summaryrefslogtreecommitdiff
path: root/src/cryptsetup/cryptsetup-generator.c
AgeCommit message (Collapse)Author
2014-06-30cryptsetup: allow x-systemd.device-timeoutZbigniew Jędrzejewski-Szmek
https://bugs.freedesktop.org/show_bug.cgi?id=54210
2014-06-23cryptsetup: don't add unit dependency on /dev/null devices when it is listed ↵Lennart Poettering
as password file As special magic, don't create device dependencies for /dev/null. Of course, there might be similar devices we might want to include, but given that none of them really make sense to specify as password source there's really no point in checking for anything else here. https://bugs.freedesktop.org/show_bug.cgi?id=75816
2014-06-19stop complaining about unknown kernel cmdline optionsLennart Poettering
Also stop warning about unknown kernel cmdline options in the various tools, not just in PID 1
2014-06-18cryptsetup: introduce new cryptsetup-pre.traget unit so that services can ↵Lennart Poettering
make sure they are started before and stopped after any LUKS setup https://bugzilla.redhat.com/show_bug.cgi?id=1097938
2014-04-19cryptsetup: copy value, not key for (rd.)luks.keyMatthew Monaco
2014-03-06generators: add Documentation= fields that point to the generator man pagesLennart Poettering
2014-03-06util: move more intellegince into parse_proc_cmdline()Lennart Poettering
Already split variable assignments before invoking the callback. And drop "rd." settings if we are not in an initrd.
2014-03-06cryptsetup: some fixesLennart Poettering
2014-02-17Extract looping over /proc/cmdline into a shared functionZbigniew Jędrzejewski-Szmek
In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-08cryptsetup-generator: auto add deps for device as passwordDave Reisner
If the password is a device file, we can add Requires/After dependencies on the device rather than requiring the user to do so.
2013-11-06util: unify reading of /proc/cmdlineLennart Poettering
Instead of individually checking for containers in each user do this once in a new call proc_cmdline() that read the file only if we are not in a container.
2013-09-29set IgnoreOnIsolate=true for systemd-cryptsetup@.serviceAndrey Borzenkov
When crypttab contains noauto, cryptsetup service does not have any explicit dependencies. If service is started later manually (directly or via mount dependency) it will be stopped on isolate. mount units already have IgnoreOnIsolate set by default. Set it by default for cryptsetup units as well.
2013-09-23Fix obsolete references to systemd-random-seed-load.serviceEelco Dolstra
This service was merged with systemd-random-seed-save.service in c35b956d34bbb8bb208e49e45de2c103ca11911c.
2013-09-13cryptsetup-generator: allow specifying options in /proc/cmdlineTom Gundersen
The main usecase for this is to make it possible to use cryptsetup in the initrd without it having to include a host-specific /etc/crypttab. Tested-by: Thomas Bächler <thomas@archlinux.org>
2013-09-13cryptsetup-generator: don't create tmp+swap unitsTom Gundersen
2013-05-03cryptsetup: downgrade world-writable warning againLennart Poettering
This semi-reverts 8973790ee6f62132b1b57de15c4edaef2c097004.
2013-04-30cryptsetup: warn if /etc/crypttab is world-readableLennart Poettering
2013-04-24Standarize on one spelling of symlink error messageZbigniew Jędrzejewski-Szmek
It's polite to print the name of the link that wasn't created, and it makes little sense to print the target.
2013-04-19crypt-setup-generator: correctly check return of strdupLukas Nykryn
2013-04-18move _cleanup_ attribute in front of the typeHarald Hoyer
http://lists.freedesktop.org/archives/systemd-devel/2013-April/010510.html
2013-04-18cryptsetup-generator: add support for rd.luks.key=Harald Hoyer
Also clarify rd.luks.uuid and luks.uuid in the manual. https://bugzilla.redhat.com/show_bug.cgi?id=905683
2013-04-04cryptsetup-generator: add JobTimeoutSec=0 for the decrypted crypt devicesHarald Hoyer
The password query for a crypto device currently times out after 90s, which is too short to grab a cup of coffee when a machine boots up. The resulting decrypted device /dev/mapper/luks-<uuid> might not be a mountpoint (but part of a LVM PV or raid array) and therefore the timeout cannot be controlled by the settings in /etc/fstab. For this reason this device should not carry its own timeout. Also the encrypted device /dev/disk/by-*/* already has a timeout and additionally the timeout for the password query is set in /etc/crypttab. This patch disables the timeout of the resulting decrypted devices by creating <device-unit>.d/50-job-timeout-sec-0.conf files with "JobTimeoutSec=0".
2013-04-01cryptsetup: add RequiresMountsFor for keyfileThomas Weißschuh
This ensures that the keyfile is available during the opening of the encrypted device. Also dropped the explicit ordering Before=local-fs.target, as the containers are ordered implicitly by their content.
2013-04-01cryptsetup: RequiresMountsFor if source is a fileThomas Weißschuh
Fixes: https://bugzilla.novell.com/show_bug.cgi?id=730496 https://bugs.freedesktop.org/show_bug.cgi?id=60821
2013-03-25cryptsetup-generator: let's be a bit more efficient with strv_extend()Lennart Poettering
2013-03-25cryptsetup-generator: add a missing OOM checkLennart Poettering
2013-03-13cryptsetup-generator: use _cleanup_ where possibleHarald Hoyer
2013-03-01cryptsetup-generator: fix the kernel command line strategy for luks.uuidHarald Hoyer
If rd.luks.uuid or luks.uuid is specified on the kernel command, only generate units for these UUIDs. Additionally use the information in /etc/crypttab unless rd.luks.crypttab=0 or luks.crypttab=0 is specified.
2013-02-14added some missing include for a5c32cff1f56afe6f0c6c70d91a88a7a8238b2d7Harald Hoyer
2012-11-23cryptsetup-generator: state file name in error messagesMichal Schmidt
2012-11-23cryptsetup-generator: use log_oom() everywhereMichal Schmidt
2012-08-08fix a couple of issues found with llvm-analyzeLennart Poettering
2012-07-26log.h: new log_oom() -> int -ENOMEM, use itShawn Landden
also a number of minor fixups and bug fixes: spelling, oom errors that didn't print errors, not properly forwarding error codes, few more consistency issues, et cetera
2012-07-25use "Out of memory." consistantly (or with "\n")Shawn Landden
glibc/glib both use "out of memory" consistantly so maybe we should consider that instead of this. Eliminates one string out of a number of binaries. Also fixes extra newline in udev/scsi_id
2012-07-13unit: rename BindTo= to BindsTo=Lennart Poettering
all other dependencies are in 3rd person. Change BindTo= accordingly to BindsTo=. Of course, the dependency is widely used, hence we parse the old name too for compatibility.
2012-07-13util: rename join() to strjoin()Lennart Poettering
This is to match strappend() and the other string related functions.
2012-06-27man: add reference to crypttab(5) from cryptsetup unitsLennart Poettering
2012-06-27man: document systemd-cryptsetupLennart Poettering
2012-06-25cryptsetup: fix escaping when generating cryptsetup unitsLennart Poettering
2012-06-25units: rename cryptsetup@.service to systemd-cryptsetup@.serviceLennart Poettering
It's also our own code, hence should have the prefix.
2012-06-22cryptsetup: allow configuration of LUKS disks via the kernel cmdlineLennart Poettering
This generalizes a bit of the functionality already available in dracut.
2012-05-31mkdir: append _label to all mkdir() calls that explicitly set the selinux ↵Kay Sievers
context
2012-05-23manager: rework generator logicLennart Poettering
Previously generated units were always placed at the end of the search path. With this change there will be three unit dirs instead of one, to place generated entries at the beginning, in the middle and at the end of the search path: beginning: for units that need to override all configuration, regardless of user or vendor. Example use: system-update-generator uses this to temporarily redirect default.target. middle: for units that need to override vendor configuration, but not vendor configuration. Example use: /etc/fstab should override vendor supplied configuration (think /tmp), but should not override native user configuration. end: does not override anything but is available as well. Possible usage might be to convert D-Bus bus service files to native units but allowing vendor supplied native units to win.
2012-05-22units: remove service sysv_path variable and replace it by generic unit_pathLennart Poettering
UnitPath= is also writable via native units and may be used by generators to clarify from which file a unit is generated. This patch also hooks up the cryptsetup and fstab generators to set UnitPath= accordingly.
2012-05-22log: make sure generators never log into the journal to avoid activation ↵Lennart Poettering
deadlocks This makes all generators log to kmsg by default.
2012-05-22mount: replace PID1 internal fstab parser with generatorLennart Poettering
Bit by bit we should remove non-unit parsing from PID 1 and move into generators, to clean up our code base a bit and clearly separate parsers.
2012-05-21cryptsetup: a few simplificationsLennart Poettering
2012-04-12relicense to LGPLv2.1 (with exceptions)Lennart Poettering
We finally got the OK from all contributors with non-trivial commits to relicense systemd from GPL2+ to LGPL2.1+. Some udev bits continue to be GPL2+ for now, but we are looking into relicensing them too, to allow free copy/paste of all code within systemd. The bits that used to be MIT continue to be MIT. The big benefit of the relicensing is that closed source code may now link against libsystemd-login.so and friends.
2012-04-10rename basic.la to shared.la and put selinux deps in shared-selinx.laKay Sievers
Only 34 of 74 tools need libselinux linked, and libselinux is a pain with its unconditional library constructor.
2012-01-12core: switch all log targets to go directly to the journal, instead via syslogLennart Poettering