6c5496c492
For encrypted block devices that we need to unlock from the initramfs, we currently rely on dracut shipping `cryptsetup.target`. This works, but doesn't cover the case where the encrypted block device requires networking (i.e. the `remote-cryptsetup.target` version). That target however is traditionally dynamically enabled. Instead, let's rework things here by adding a `initrd-cryptsetup.target` specifically for initramfs encrypted block device setup. This plays the role of both `cryptsetup.target` and `remote-cryptsetup.target` in the initramfs. Then, adapt `systemd-cryptsetup-generator` to hook all generated services to this new unit when running from the initrd. This is analogous to `systemd-fstab-generator` hooking all mounts to `initrd-fs.target`, regardless of whether they're network-backed or not. |
||
---|---|---|
.. | ||
cryptsetup-generator.c | ||
cryptsetup-keyfile.c | ||
cryptsetup-keyfile.h | ||
cryptsetup-pkcs11.c | ||
cryptsetup-pkcs11.h | ||
cryptsetup.c |