From 9542239eaf481decca6c254dffb3f2b4e716545e Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 18 Jun 2014 00:07:56 +0200 Subject: [PATCH] cryptsetup: introduce new cryptsetup-pre.traget unit so that services can make sure they are started before and stopped after any LUKS setup https://bugzilla.redhat.com/show_bug.cgi?id=1097938 --- Makefile.am | 3 ++- man/systemd.special.xml | 22 ++++++++++++++++++++++ src/cryptsetup/cryptsetup-generator.c | 2 +- units/cryptsetup-pre.target | 11 +++++++++++ 4 files changed, 36 insertions(+), 2 deletions(-) create mode 100644 units/cryptsetup-pre.target diff --git a/Makefile.am b/Makefile.am index e428141da2..dea0633a95 100644 --- a/Makefile.am +++ b/Makefile.am @@ -3933,7 +3933,8 @@ systemgenerator_PROGRAMS += \ systemd-cryptsetup-generator dist_systemunit_DATA += \ - units/cryptsetup.target + units/cryptsetup.target \ + units/cryptsetup-pre.target systemd_cryptsetup_SOURCES = \ src/cryptsetup/cryptsetup.c diff --git a/man/systemd.special.xml b/man/systemd.special.xml index cda6edd42b..f29cc23c2f 100644 --- a/man/systemd.special.xml +++ b/man/systemd.special.xml @@ -52,6 +52,7 @@ bluetooth.target, ctrl-alt-del.target, cryptsetup.target, + cryptsetup-pre.target, dbus.service, dbus.socket, default.target, @@ -840,6 +841,27 @@ transaction. + + cryptsetup-pre.target + + This passive target unit + may be pulled in by services + that want to run before any + encrypted block device is set + up. All encrypted block + devices are set up after this + target has been reached. Since + the shutdown order is + implicitly the reverse + start-up order between units + this target is particularly + useful to ensure that a + service is shut down only + after all encrypted block + devices are fully + stopped. + + local-fs-pre.target diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c index f4eeb2ad93..dfdca1e47b 100644 --- a/src/cryptsetup/cryptsetup-generator.c +++ b/src/cryptsetup/cryptsetup-generator.c @@ -127,7 +127,7 @@ static int create_disk( "Conflicts=umount.target\n" "BindsTo=dev-mapper-%i.device\n" "IgnoreOnIsolate=true\n" - "After=systemd-readahead-collect.service systemd-readahead-replay.service\n", + "After=systemd-readahead-collect.service systemd-readahead-replay.service cryptsetup-pre.target\n", f); if (!nofail) diff --git a/units/cryptsetup-pre.target b/units/cryptsetup-pre.target new file mode 100644 index 0000000000..65353419fc --- /dev/null +++ b/units/cryptsetup-pre.target @@ -0,0 +1,11 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Encrypted Volumes (Pre) +Documentation=man:systemd.special(7) +RefuseManualStart=yes