picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cryptsetup: support tmp= file system argument 

Let's catch up with Debian a bit more.

This also changes the default from ext2 to ext4.

Fixes: #952
This commit is contained in:
Lennart Poettering 2020-05-19 17:48:50 +02:00
parent 92a08691c2
commit 53ac130b51
3 changed files with 31 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
man/crypttab.xml
View File

@ -393,18 +393,17 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><option>tmp</option></term> <term><option>tmp=</option></term>
<listitem><para>The encrypted block device will be prepared <listitem><para>The encrypted block device will be prepared for using it as
for using it as <filename>/tmp</filename>; it will be <filename>/tmp/</filename>; it will be formatted using <citerefentry
formatted using project='man-pages'><refentrytitle>mkfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>. Takes
<citerefentry project='man-pages'><refentrytitle>mke2fs</refentrytitle><manvolnum>8</manvolnum></citerefentry>. a file system type as argument, such as <literal>ext4</literal>, <literal>xfs</literal> or
This option implies <option>plain</option>.</para> <literal>btrfs</literal>. If no argument is specified defaults to <literal>ext4</literal>. This
option implies <option>plain</option>.</para>
<para>WARNING: Using the <option>tmp</option> option will <para>WARNING: Using the <option>tmp</option> option will destroy the contents of the named partition
destroy the contents of the named partition during every boot, during every boot, so make sure the underlying block device is specified correctly.</para></listitem>
so make sure the underlying block device is specified
correctly.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>

27
src/cryptsetup/cryptsetup-generator.c
View File

@ -237,18 +237,18 @@ static int create_disk(
_cleanup_free_ char *n = NULL, *d = NULL, *u = NULL, *e = NULL, _cleanup_free_ char *n = NULL, *d = NULL, *u = NULL, *e = NULL,
*keydev_mount = NULL, *keyfile_timeout_value = NULL, *keydev_mount = NULL, *keyfile_timeout_value = NULL,
*filtered = NULL, *u_escaped = NULL, *name_escaped = NULL, *header_path = NULL, *password_buffer = NULL; *filtered = NULL, *u_escaped = NULL, *name_escaped = NULL, *header_path = NULL, *password_buffer = NULL,
*tmp_fstype = NULL;
_cleanup_fclose_ FILE *f = NULL; _cleanup_fclose_ FILE *f = NULL;
const char *dmname; const char *dmname;
bool noauto, nofail, tmp, swap, netdev, attach_in_initrd; bool noauto, nofail, swap, netdev, attach_in_initrd;
int r, detached_header, keyfile_can_timeout; int r, detached_header, keyfile_can_timeout, tmp;
assert(name); assert(name);
assert(device); assert(device);
noauto = fstab_test_yes_no_option(options, "noauto\0" "auto\0"); noauto = fstab_test_yes_no_option(options, "noauto\0" "auto\0");
nofail = fstab_test_yes_no_option(options, "nofail\0" "fail\0"); nofail = fstab_test_yes_no_option(options, "nofail\0" "fail\0");
tmp = fstab_test_option(options, "tmp\0");
swap = fstab_test_option(options, "swap\0"); swap = fstab_test_option(options, "swap\0");
netdev = fstab_test_option(options, "_netdev\0"); netdev = fstab_test_option(options, "_netdev\0");
attach_in_initrd = fstab_test_option(options, "x-initrd.attach\0"); attach_in_initrd = fstab_test_option(options, "x-initrd.attach\0");
@ -261,6 +261,10 @@ static int create_disk(
if (detached_header < 0) if (detached_header < 0)
return log_error_errno(detached_header, "Failed to parse header= option value: %m"); return log_error_errno(detached_header, "Failed to parse header= option value: %m");
tmp = fstab_filter_options(options, "tmp\0", NULL, &tmp_fstype, NULL);
if (tmp < 0)
return log_error_errno(tmp, "Failed to parse tmp= option value: %m");
if (tmp && swap) if (tmp && swap)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Device '%s' cannot be both 'tmp' and 'swap'. Ignoring.", "Device '%s' cannot be both 'tmp' and 'swap'. Ignoring.",
@ -371,10 +375,19 @@ static int create_disk(
if (r < 0) if (r < 0)
return r; return r;
if (tmp) if (tmp) {
_cleanup_free_ char *tmp_fstype_escaped = NULL;
if (tmp_fstype) {
tmp_fstype_escaped = specifier_escape(tmp_fstype);
if (!tmp_fstype_escaped)
return log_oom();
}
fprintf(f, fprintf(f,
"ExecStartPost=" ROOTLIBEXECDIR "/systemd-makefs ext2 '/dev/mapper/%s'\n", "ExecStartPost=" ROOTLIBEXECDIR "/systemd-makefs '%s' '/dev/mapper/%s'\n",
name_escaped); tmp_fstype_escaped ?: "ext4", name_escaped);
}
if (swap) if (swap)
fprintf(f, fprintf(f,

4
src/cryptsetup/cryptsetup.c
View File

@ -78,7 +78,6 @@ STATIC_DESTRUCTOR_REGISTER(arg_pkcs11_uri, freep);
loud loud
quiet quiet
keyscript= keyscript=
tmp= (the version without argument is supported)
initramfs initramfs
*/ */
@ -232,7 +231,8 @@ static int parse_one_option(const char *option) {
} else if (STR_IN_SET(option, "tcrypt-veracrypt", "veracrypt")) { } else if (STR_IN_SET(option, "tcrypt-veracrypt", "veracrypt")) {
arg_type = CRYPT_TCRYPT; arg_type = CRYPT_TCRYPT;
arg_tcrypt_veracrypt = true; arg_tcrypt_veracrypt = true;
} else if (STR_IN_SET(option, "plain", "swap", "tmp")) } else if (STR_IN_SET(option, "plain", "swap", "tmp") ||
startswith(option, "tmp="))
arg_type = CRYPT_PLAIN; arg_type = CRYPT_PLAIN;
else if ((val = startswith(option, "timeout="))) { else if ((val = startswith(option, "timeout="))) {