picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #15853 from poettering/tmp-argument 

support the Debian-style tmp= argument in crypttab
This commit is contained in:
Lennart Poettering 2020-05-27 14:51:50 +02:00 committed by GitHub
parent ffbb0fb9cb 53ac130b51
commit 518a9bd689
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 41 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
man/crypttab.xml
View File

@ -393,18 +393,17 @@
</varlistentry>
<varlistentry>
<term><option>tmp</option></term>
<term><option>tmp=</option></term>
<listitem><para>The encrypted block device will be prepared
for using it as <filename>/tmp</filename>; it will be
formatted using
<citerefentry project='man-pages'><refentrytitle>mke2fs</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
This option implies <option>plain</option>.</para>
<listitem><para>The encrypted block device will be prepared for using it as
<filename>/tmp/</filename>; it will be formatted using <citerefentry
project='man-pages'><refentrytitle>mkfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>. Takes
a file system type as argument, such as <literal>ext4</literal>, <literal>xfs</literal> or
<literal>btrfs</literal>. If no argument is specified defaults to <literal>ext4</literal>. This
option implies <option>plain</option>.</para>
<para>WARNING: Using the <option>tmp</option> option will
destroy the contents of the named partition during every boot,
so make sure the underlying block device is specified
correctly.</para></listitem>
<para>WARNING: Using the <option>tmp</option> option will destroy the contents of the named partition
during every boot, so make sure the underlying block device is specified correctly.</para></listitem>
</varlistentry>
<varlistentry>

27
src/cryptsetup/cryptsetup-generator.c
View File

@ -237,18 +237,18 @@ static int create_disk(
_cleanup_free_ char *n = NULL, *d = NULL, *u = NULL, *e = NULL,
*keydev_mount = NULL, *keyfile_timeout_value = NULL,
*filtered = NULL, *u_escaped = NULL, *name_escaped = NULL, *header_path = NULL, *password_buffer = NULL;
*filtered = NULL, *u_escaped = NULL, *name_escaped = NULL, *header_path = NULL, *password_buffer = NULL,
*tmp_fstype = NULL;
_cleanup_fclose_ FILE *f = NULL;
const char *dmname;
bool noauto, nofail, tmp, swap, netdev, attach_in_initrd;
int r, detached_header, keyfile_can_timeout;
bool noauto, nofail, swap, netdev, attach_in_initrd;
int r, detached_header, keyfile_can_timeout, tmp;
assert(name);
assert(device);
noauto = fstab_test_yes_no_option(options, "noauto\0" "auto\0");
nofail = fstab_test_yes_no_option(options, "nofail\0" "fail\0");
tmp = fstab_test_option(options, "tmp\0");
swap = fstab_test_option(options, "swap\0");
netdev = fstab_test_option(options, "_netdev\0");
attach_in_initrd = fstab_test_option(options, "x-initrd.attach\0");
@ -261,6 +261,10 @@ static int create_disk(
if (detached_header < 0)
return log_error_errno(detached_header, "Failed to parse header= option value: %m");
tmp = fstab_filter_options(options, "tmp\0", NULL, &tmp_fstype, NULL);
if (tmp < 0)
return log_error_errno(tmp, "Failed to parse tmp= option value: %m");
if (tmp && swap)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Device '%s' cannot be both 'tmp' and 'swap'. Ignoring.",
@ -371,10 +375,19 @@ static int create_disk(
if (r < 0)
return r;
if (tmp)
if (tmp) {
_cleanup_free_ char *tmp_fstype_escaped = NULL;
if (tmp_fstype) {
tmp_fstype_escaped = specifier_escape(tmp_fstype);
if (!tmp_fstype_escaped)
return log_oom();
}
fprintf(f,
"ExecStartPost=" ROOTLIBEXECDIR "/systemd-makefs ext2 '/dev/mapper/%s'\n",
name_escaped);
"ExecStartPost=" ROOTLIBEXECDIR "/systemd-makefs '%s' '/dev/mapper/%s'\n",
tmp_fstype_escaped ?: "ext4", name_escaped);
}
if (swap)
fprintf(f,

4
src/cryptsetup/cryptsetup.c
View File

@ -78,7 +78,6 @@ STATIC_DESTRUCTOR_REGISTER(arg_pkcs11_uri, freep);
loud
quiet
keyscript=
tmp= (the version without argument is supported)
initramfs
*/
@ -232,7 +231,8 @@ static int parse_one_option(const char *option) {
} else if (STR_IN_SET(option, "tcrypt-veracrypt", "veracrypt")) {
arg_type = CRYPT_TCRYPT;
arg_tcrypt_veracrypt = true;
} else if (STR_IN_SET(option, "plain", "swap", "tmp"))
} else if (STR_IN_SET(option, "plain", "swap", "tmp") ||
startswith(option, "tmp="))
arg_type = CRYPT_PLAIN;
else if ((val = startswith(option, "timeout="))) {

20
src/shared/fstab-util.c
View File

@ -80,7 +80,7 @@ int fstab_is_mount_point(const char *mount) {
}
int fstab_filter_options(const char *opts, const char *names,
const char **namefound, char **value, char **filtered) {
const char **ret_namefound, char **ret_value, char **ret_filtered) {
const char *name, *n = NULL, *x;
_cleanup_strv_free_ char **stor = NULL;
_cleanup_free_ char *v = NULL, **strv = NULL;
@ -92,7 +92,7 @@ int fstab_filter_options(const char *opts, const char *names,
/* If !value and !filtered, this function is not allowed to fail. */
if (!filtered) {
if (!ret_filtered) {
const char *word, *state;
size_t l;
@ -108,7 +108,7 @@ int fstab_filter_options(const char *opts, const char *names,
x = word + strlen(name);
if (IN_SET(*x, '\0', '=', ',')) {
n = name;
if (value) {
if (ret_value) {
free(v);
if (IN_SET(*x, '\0', ','))
v = NULL;
@ -145,7 +145,7 @@ int fstab_filter_options(const char *opts, const char *names,
found:
/* Keep the last occurrence found */
n = name;
if (value) {
if (ret_value) {
free(v);
if (*x == '\0')
v = NULL;
@ -162,19 +162,19 @@ int fstab_filter_options(const char *opts, const char *names,
}
answer:
if (namefound)
*namefound = n;
if (filtered) {
if (ret_namefound)
*ret_namefound = n;
if (ret_filtered) {
char *f;
f = strv_join(strv, ",");
if (!f)
return -ENOMEM;
*filtered = f;
*ret_filtered = f;
}
if (value)
*value = TAKE_PTR(v);
if (ret_value)
*ret_value = TAKE_PTR(v);
return !!n;
}