Re: [systemd-devel] systemd headers missing and compiling failed
On 05/13/2014 04:44 AM, winew...@qq.com wrote: hi all, i tried to compile some source code on archlinux (v 2014.05.01), but i got an error: (header missing ?) fatal error:*systemd/sd-event.h*: No such file or directory #include systemd/sd-event.h ^ compilation terminated. I get this when I try to compile some single binaries to patch and replace. Is this what you're doing? My workaround is to just run make for a few seconds, ctrl-c, and then make binary =) I'm sure there's a real fix, but this has worked for me so far. then i downloaded unpacked systemd-212.tar.gz, and copy the headers in systemd-212/src/systemd/ to archlinux:/usr/include/systemd/ and make again, but i got more errors, such as: (implementation missing ?) undefined reference to `*sd_event_source_unref*' so i tried to compile the newest systemd myself, but i suffered errors again! [root@zarch systemd-212]# make make --no-print-directory all-recursive Making all in . CCLD libgudev-1.0.la /usr/bin/ld.gold: *error*: .libs/libgudev-1.0.ver:2:1: syntax error, unexpected LOCAL, expecting STRING or QUOTED_STRING or EXTERN /usr/bin/ld.gold: fatal *error*: unable to parse version script file .libs/libgudev-1.0.ver collect2: error: ld returned 1 exit status Makefile:7671: recipe for target 'libgudev-1.0.la' failed make[2]: *** [libgudev-1.0.la] Error 1 Makefile:14502: recipe for target 'all-recursive' failed make[1]: *** [all-recursive] Error 1 Makefile:7445: recipe for target 'all' failed make: *** [all] Error 2 *by the way*, there is no guide for newbie in README or website, so i just do it as tradition -- step1 ./configure and step2 make (error occurred in step2.) can anybody help ? thanks! Hurry Zeng @ China winew...@qq.com signature.asc Description: OpenPGP digital signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Cache passphrase for cryptsetup?
On 04/19/2014 02:49 PM, Nikolaus Rath wrote: Hello, I have several LUKS encrypted volumes that use the same passphrase. Before switching to systemd, I have used the decrypt_keyctl keyscript to cache the passphrase, so that I have to enter it only once. As far as I can tell, the systemd cryptsetup generator is ignoring the keyscript option in /etc/crypttab when creating units. Is there another way to achieve passphrase caching with systemd? Thanks, -Nikolaus No, 'keyscript' is not (currently) supported. IMHO, you're not reducing your security any by e.g. unlocking /root and storing keys for the other volumes there. If you did this, you might want to use a separate keyslot for the task with a longer key that you don't/can't remember, just for kicks. However, you could probably cook up some units that take your password, write it to /run and then point all of your volumes their. And of course, the third option would be to submit a patch. The src/cryptsetup stuff is pretty straightforward. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] cryptsetup: copy value, not key for (rd.)luks.key
--- Semi-shameless bump, but new email address would be preferred src/cryptsetup/cryptsetup-generator.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c index 75d56dd..f4eeb2a 100644 --- a/src/cryptsetup/cryptsetup-generator.c +++ b/src/cryptsetup/cryptsetup-generator.c @@ -287,7 +287,7 @@ static int parse_proc_cmdline_item(const char *key, const char *value) { } else if (STR_IN_SET(key, luks.key, rd.luks.key) value) { free(arg_keyfile); -arg_keyfile = strdup(key); +arg_keyfile = strdup(value); if (!arg_keyfile) return log_oom(); -- 1.9.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] cryptsetup: copy value, not key for (rd.)luks.key
From: Matthew Monaco matthew.mon...@0x01b.net --- Really? No one has used this? src/cryptsetup/cryptsetup-generator.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c index 75d56dd..f4eeb2a 100644 --- a/src/cryptsetup/cryptsetup-generator.c +++ b/src/cryptsetup/cryptsetup-generator.c @@ -287,7 +287,7 @@ static int parse_proc_cmdline_item(const char *key, const char *value) { } else if (STR_IN_SET(key, luks.key, rd.luks.key) value) { free(arg_keyfile); -arg_keyfile = strdup(key); +arg_keyfile = strdup(value); if (!arg_keyfile) return log_oom(); -- 1.9.1 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd-networkd and After=network.target
On 04/02/2014 03:41 AM, Ivan Shapovalov wrote: Hello all, I've noticed that systemd-networkd.service (ordered Before=network.target) finishes its startup before the connection is established/failed. Because of this, some networking daemons ordered After=network.target (like openvpn) are prone to failures when they attempt to connect at startup. Is this intended, or is this a bug, or have I overlooked some piece of configuration? Thanks, -- Ivan Shapovalov / intelfx / For OpenVPN specifically, I *think* this is a bug (which I've poked at a little). OpenVPN should be able to handle the networking coming and going as it's running, but for some reason it can't resolve the remote address if it wasn't able to at first start, even though it attempts to resolve it at each connection attempt. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [RFC PATCH] networkd: add 'search' to resolv.conf
From: Matthew Monaco matthew.mon...@0x01b.net --- man/systemd.network.xml | 6 ++ src/network/networkd-manager.c | 3 +++ src/network/networkd-network-gperf.gperf | 1 + src/network/networkd-network.c | 1 + src/network/networkd.h | 1 + 5 files changed, 12 insertions(+) diff --git a/man/systemd.network.xml b/man/systemd.network.xml index f3b3b31..c2dd145 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -229,6 +229,12 @@ /listitem /varlistentry varlistentry + termvarnameDNSSearch=/varname/term +listitem +paraA space separated list of search domains./para +/listitem +/varlistentry +varlistentry termvarnameBridge=/varname/term listitem paraThe name of the bridge to add the link to./para diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c index b2cb0fa..893b997 100644 --- a/src/network/networkd-manager.c +++ b/src/network/networkd-manager.c @@ -447,6 +447,9 @@ int manager_update_resolv_conf(Manager *m) { append_dns(f, address-in_addr.in, address-family, count); } + +if (link-network-dns_search) +fprintf(f, search %s\n, link-network-dns_search); } } diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf index 6ba890f..6929cb6 100644 --- a/src/network/networkd-network-gperf.gperf +++ b/src/network/networkd-network-gperf.gperf @@ -34,6 +34,7 @@ Network.IPv4LL, config_parse_bool, 0, Network.Address, config_parse_address, 0, 0 Network.Gateway, config_parse_gateway, 0, 0 Network.DNS, config_parse_dns, 0, offsetof(Network, dns) +Network.DNSSearch, config_parse_string,0, offsetof(Network, dns_search) Address.Address, config_parse_address, 0, 0 Address.Broadcast, config_parse_broadcast, 0, 0 Address.Label, config_parse_label, 0, 0 diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c index 47fab4e..057f86a 100644 --- a/src/network/networkd-network.c +++ b/src/network/networkd-network.c @@ -159,6 +159,7 @@ void network_free(Network *network) { address_free(address); set_free(network-dns); +free(network-dns_search); hashmap_free(network-vlans); diff --git a/src/network/networkd.h b/src/network/networkd.h index 8144031..912ae90 100644 --- a/src/network/networkd.h +++ b/src/network/networkd.h @@ -136,6 +136,7 @@ struct Network { Hashmap *routes_by_section; Set *dns; +char *dns_search; LIST_FIELDS(Network, networks); }; -- 1.9.1 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] pam_systemd: Ignore vtnr when seat != seat0
From: Matthew Monaco matthew.mon...@0x01b.net logind considers it an error for a seat other than seat0 to have a non-zero vtnr for CreateSession --- This is what I've been using for the past 3 weeks. src/login/pam-module.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/src/login/pam-module.c b/src/login/pam-module.c index 7400734..18dd4e2 100644 --- a/src/login/pam-module.c +++ b/src/login/pam-module.c @@ -321,6 +321,12 @@ _public_ PAM_EXTERN int pam_sm_open_session( get_seat_from_display(display, NULL, vtnr); } +if (seat !streq(seat, seat0)) { +pam_syslog(handle, LOG_DEBUG, + Ignoring vtnr %d for %s which is not seat0, vtnr, seat); +vtnr = 0; +} + if (!type) type = !isempty(display) ? x11 : !isempty(tty) ? tty : unspecified; -- 1.8.5.3 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Multiseat session creation fail, VT number not 0
I was having trouble getting a session on seat1 with v208, so I moved to git which has a nicer error message than EINVAL: pam_systemd(lightdm:session): Asking logind to create session: uid=1000 pid=637 service=lightdm type=x11 class=user seat=seat1 vtnr=2 tty= display=:1 remote=no remote_user= remote_host= pam_systemd(lightdm:session): Failed to create session: Seat has no VTs but VT number not 0 I'm using lightdm 1.8.5. My X servers are /usr/sbin/X :0 -config xorg-seat0.conf -seat seat0 -auth /run/lightdm/root/:0 -nolisten tcp vt1 -novtswitch /usr/sbin/X -sharevts :1 -config xorg-seat1.conf -seat seat1 -auth /run/lightdm/root/:1 -nolisten tcp vt2 -novtswitch (I have no problems with seat0). This same setup used to work with systemd ~v205, but I have used multiseat in a while do to a move. So, I don't understand where the failure is. Is lightdm starting X on the wrong vt? Why is vt2/tty2 not allowed for a second seat? ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Multiseat session creation fail, VT number not 0
On 01/03/2014 07:51 AM, David Herrmann wrote: Hi On Fri, Jan 3, 2014 at 3:24 PM, Matthew Monaco m...@0x01b.net wrote: I was having trouble getting a session on seat1 with v208, so I moved to git which has a nicer error message than EINVAL: pam_systemd(lightdm:session): Asking logind to create session: uid=1000 pid=637 service=lightdm type=x11 class=user seat=seat1 vtnr=2 tty= display=:1 remote=no remote_user= remote_host= Yeah, that vtnr=2 line is wrong. You really shouldn't set any VTNR if seat!=seat0. I think the correct fix would be to set vtnr=0 in get_seat_from_display() in pam-module.c if we're not on seat0. Well, I just added if (seat !streq(seat, seat0)) { pam_syslog(handle, LOG_WARNING, Ignoring vtnr %d for %s which is not seat0, vtnr, seat); vtrn = 0; } because in my case vtnr was coming from pam_getenv(XDG_VTNR), and get_seat_from_display() isn't called. But thank you, my system is a bit more usable now =) ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] dbus user services using the session bus
On 04/03/2013 08:22 AM, Will Stephenson wrote: I'm joining the flock of desktop people investigating using systemd to start a desktop session. So far I've checked out user-session-units and have created some more granular unit files that will do a native systemd start rather than u-s-u's wrapper around the upstream start script. I'm stuck now, because I want to start a service with Type=dbus that puts a service on the session bus, however, I can't see a way to specify the bus in the unit file. I don't want to use dbus activation here to start the service as that invokes the chicken-egg problem that the service in question (kdeinit) job is to start all the processes that will be calling it via dbus later. Long term I would like to do away with this and perform this task via systemd too, but Type=dbus on the session bus seems like a valid use case that should work. I see there's a way to get the dbus session bus address into systemd because of the patch to fix this in user-session-units; would the right approach be to add a BusInstance= field to service and use the provided session bus address when watching for Type=dbus services that depend on user/dbus.service? Any info greatly appreciated Will ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel Here are my user session units. I have a few dbus activated examples https://github.com/mmonaco/systemd-user-session I have one target for an i3 session and another for an openbox/cairo-dock session. I can freely switch between them without losing my active windows. I'll be testing gnome-3.8 soon so I'll be adding something that uses gnome-session. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] isolate and socket activation
I noticed that when isolating a target that requires a unit.socket, the unit.service which the socket activates will be stopped. Is this intentional? I expected the service to be left alone (even in the weaker case that the socket wasn't already active). ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH v3] pam_systemd: new option for the session class
From: Matthew Monaco matthew.mon...@0x01b.net --- man/pam_systemd.xml| 9 + src/login/pam-module.c | 12 ++-- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml index 2d2f191..600bfd7 100644 --- a/man/pam_systemd.xml +++ b/man/pam_systemd.xml @@ -194,6 +194,15 @@ /varlistentry varlistentry +termoptionclass=/option/term + +listitemparaTakes a string +argument which sets the session class. +The XDG_SESSION_CLASS environmental variable +takes precedence./para/listitem +/varlistentry + +varlistentry termoptiondebug=/option/term listitemparaTakes a boolean diff --git a/src/login/pam-module.c b/src/login/pam-module.c index e6764a1..ad56551 100644 --- a/src/login/pam-module.c +++ b/src/login/pam-module.c @@ -49,6 +49,7 @@ static int parse_argv(pam_handle_t *handle, bool *kill_processes, char ***kill_only_users, char ***kill_exclude_users, + char **class, bool *debug) { unsigned i; @@ -135,6 +136,11 @@ static int parse_argv(pam_handle_t *handle, *kill_exclude_users = l; } +} else if (startswith(argv[i], class=)) { + +if (class) + *class = argv[i] + 6; + } else if (startswith(argv[i], debug=)) { if ((k = parse_boolean(argv[i] + 6)) 0) { pam_syslog(handle, LOG_ERR, Failed to parse debug= argument.); @@ -322,7 +328,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( struct passwd *pw; bool kill_processes = false, debug = false; -const char *username, *id, *object_path, *runtime_path, *service = NULL, *tty = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, *seat = NULL, *type = NULL, *class, *cvtnr = NULL; +const char *username, *id, *object_path, *runtime_path, *service = NULL, *tty = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, *seat = NULL, *type = NULL, *class = NULL, *class_pam = NULL, *cvtnr = NULL; char **controllers = NULL, **reset_controllers = NULL, **kill_only_users = NULL, **kill_exclude_users = NULL; DBusError error; uint32_t uid, pid; @@ -349,7 +355,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( argc, argv, controllers, reset_controllers, kill_processes, kill_only_users, kill_exclude_users, - debug) 0) { + class_pam, debug) 0) { r = PAM_SESSION_ERR; goto finish; } @@ -485,6 +491,8 @@ _public_ PAM_EXTERN int pam_sm_open_session( if (isempty(class)) class = getenv(XDG_SESSION_CLASS); if (isempty(class)) +class = class_pam; +if (isempty(class)) class = user; remote = !isempty(remote_host) -- 1.8.0.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH v2] pam_systemd: new option for the session class
From: Matthew Monaco matthew.mon...@0x01b.net --- man/pam_systemd.xml| 9 + src/login/pam-module.c | 12 ++-- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml index 2d2f191..5cf14b2 100644 --- a/man/pam_systemd.xml +++ b/man/pam_systemd.xml @@ -194,6 +194,15 @@ /varlistentry varlistentry +termoptionclass=/option/term + +listitemparaTakes a string +argument which sets the session class. +The XDG_SESSION_CLASS environmental variable +takes precedent./para/listitem +/varlistentry + +varlistentry termoptiondebug=/option/term listitemparaTakes a boolean diff --git a/src/login/pam-module.c b/src/login/pam-module.c index 08a9328..1d8d16d 100644 --- a/src/login/pam-module.c +++ b/src/login/pam-module.c @@ -49,6 +49,7 @@ static int parse_argv(pam_handle_t *handle, bool *kill_processes, char ***kill_only_users, char ***kill_exclude_users, + char **class, bool *debug) { unsigned i; @@ -135,6 +136,11 @@ static int parse_argv(pam_handle_t *handle, *kill_exclude_users = l; } +} else if (startswith(argv[i], class=)) { + +if (class) + *class = argv[i] + 6; + } else if (startswith(argv[i], debug=)) { if ((k = parse_boolean(argv[i] + 6)) 0) { pam_syslog(handle, LOG_ERR, Failed to parse debug= argument.); @@ -322,7 +328,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( struct passwd *pw; bool kill_processes = false, debug = false; -const char *username, *id, *object_path, *runtime_path, *service = NULL, *tty = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, *seat = NULL, *type, *class, *cvtnr = NULL; +const char *username, *id, *object_path, *runtime_path, *service = NULL, *tty = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, *seat = NULL, *type, *class = NULL, *class_pam = NULL, *cvtnr = NULL; char **controllers = NULL, **reset_controllers = NULL, **kill_only_users = NULL, **kill_exclude_users = NULL; DBusError error; uint32_t uid, pid; @@ -349,7 +355,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( argc, argv, controllers, reset_controllers, kill_processes, kill_only_users, kill_exclude_users, - debug) 0) { + class_pam, debug) 0) { r = PAM_SESSION_ERR; goto finish; } @@ -476,6 +482,8 @@ _public_ PAM_EXTERN int pam_sm_open_session( if (isempty(class)) class = getenv(XDG_SESSION_CLASS); if (isempty(class)) +class = class_pam; +if (isempty(class)) class = user; remote = !isempty(remote_host) -- 1.8.0.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] pam_systemd: new option for the session class
From: Matthew Monaco matthew.mon...@0x01b.net --- I don't see any reason why every DM (LightDM for me) needs code to support this. It looks to me like its safe to just point to the data in argv, let me know if it isn't. man/pam_systemd.xml| 9 + src/login/pam-module.c | 14 +++--- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml index 2d2f191..07f0da9 100644 --- a/man/pam_systemd.xml +++ b/man/pam_systemd.xml @@ -194,6 +194,15 @@ /varlistentry varlistentry +termoptionclass=/option/term + +listitemparaTakes a string +argument which sets the session class. +This takes precedent over the XDG_SESSION_CLASS +environmental variable./para/listitem +/varlistentry + +varlistentry termoptiondebug=/option/term listitemparaTakes a boolean diff --git a/src/login/pam-module.c b/src/login/pam-module.c index 08a9328..9294d47 100644 --- a/src/login/pam-module.c +++ b/src/login/pam-module.c @@ -49,6 +49,7 @@ static int parse_argv(pam_handle_t *handle, bool *kill_processes, char ***kill_only_users, char ***kill_exclude_users, + char **class, bool *debug) { unsigned i; @@ -135,6 +136,12 @@ static int parse_argv(pam_handle_t *handle, *kill_exclude_users = l; } +} else if (startswith(argv[i], class=)) { + +if (class) { + *class = argv[i] + 6; +} + } else if (startswith(argv[i], debug=)) { if ((k = parse_boolean(argv[i] + 6)) 0) { pam_syslog(handle, LOG_ERR, Failed to parse debug= argument.); @@ -322,7 +329,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( struct passwd *pw; bool kill_processes = false, debug = false; -const char *username, *id, *object_path, *runtime_path, *service = NULL, *tty = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, *seat = NULL, *type, *class, *cvtnr = NULL; +const char *username, *id, *object_path, *runtime_path, *service = NULL, *tty = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, *seat = NULL, *type, *class = NULL, *cvtnr = NULL; char **controllers = NULL, **reset_controllers = NULL, **kill_only_users = NULL, **kill_exclude_users = NULL; DBusError error; uint32_t uid, pid; @@ -349,7 +356,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( argc, argv, controllers, reset_controllers, kill_processes, kill_only_users, kill_exclude_users, - debug) 0) { + class, debug) 0) { r = PAM_SESSION_ERR; goto finish; } @@ -472,7 +479,8 @@ _public_ PAM_EXTERN int pam_sm_open_session( type = !isempty(display) ? x11 : !isempty(tty) ? tty : unspecified; -class = pam_getenv(handle, XDG_SESSION_CLASS); +if (isempty(class)) +class = pam_getenv(handle, XDG_SESSION_CLASS); if (isempty(class)) class = getenv(XDG_SESSION_CLASS); if (isempty(class)) -- 1.8.0.1 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] WISHLIST: systemd git-like CLI/ui/command interface
On 11/23/2012 02:27 AM, Henrik Grindal Bakken wrote: Colin Guthrie gm...@colin.guthr.ie writes: I don't think this really applies here. The day-to-day commands are really systemctl, journalctl and loginctl (although the last one is likely not often used). I think it's a bit annoying that systemctl is a) so long, and b) tab-completes poorly 'sc'? I think this is easy to personalize, and doesn't need to be done upstream at this point. I have sd = systemctl --system ud = systemctl --user log = journalctl loginctl hasn't bothered me yet. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Questions on setting up a Truecrypt volume management service
On 10/15/2012 04:42 AM, Jakob Hetzelein wrote: Dear list, since there don't seem to be many people around worrying about the interaction between *Truecrypt and systemd*, I recently encountered the problem of incorporating the mounting of my home directory neatly into systemd's start up process. Since I use Arch, I mainly found information on the respective¹ forums². Although this helped quite a lot, there are still some questions open and I wanted to ask for some assistance here: Which way would you recommend to use to mount an encrypted filesystem in the boot process using systemd? 1. Instinctively, I'd go for *fstab*, but that didn't work out. The fstab way described in the Arch wiki³ works with sysv, but not with systemd: I presume this is due to StandarInput not being given to tty in the mount scripts. Is that possible somehow? When using truecrypt, it is paramount to be able to enter the password/keyfiles while mounting the volume, thus StandardInput=tty(-force) might be necessary at some pount in the .mount mechanism, but I don't know where. 2. The other way I'm using so far is by using a *truecrypt.service*. I put my ideas into the arch wiki⁴ but think it's worth to reproduce them here: [Unit] Description=Truecrypt volume manager ConditionPathExists=!/home/MOUNTPOUNT #Before=mpd.service [Service] Type=oneshot StandardInput=tty-force ExecStart=/usr/bin/truecrypt -t /dev/sdXY /home/ RemainAfterExit=yes ExecStop=/usr/bin/truecrypt -t -d TimeOutSec=5 [Install] WantedBy=multi-user.target Mounting works fine, about the unmounting I'm not so sure but according to the logs it should be ok, too (there's not much in them except for a few echos I put in the beginning and end of ExecStop (separated by ;) But here, my questions are: a) Do you consider this a sound service? b) Should I change _WantedBy_ to _local-fs.target_ or any other target? c) Should I insert an _After_ line? d) As you can see, I use mpd and thus have included a _Before=mpd.service_ line in order to let mpd wait for this service to finish loading. I think that is fine and should also determine the shutdown process to proceed in the reverse order, right? ¹ https://bbs.archlinux.org/viewtopic.php?id=142289 ² https://bbs.archlinux.org/viewtopic.php?id=149269 ³ https://wiki.archlinux.org/index.php/Truecrypt#Mount_volumes_via_fstab ⁴ https://wiki.archlinux.org/index.php/Systemd/Services#truecrypt_volume_manager Best wishes and thanks for your help in advance, Jakob You might have more success if you treat truecrypt more like cryptsetup in that it only handles mapping a block device to /dev/mapper/*. You can do this with the --filesystem=none option. Then you can have a truecrypt@.service which looks a lot like the systemd-cryptsetup@.service. The mounting from /dev/mapper/truecrypt* can then be placed in /etc/fstab as normal. One odd thing to note though is that truecrypt fails if the loop.ko module isn't loaded (maybe only when using a file-based container). It isn't loaded on demand as it can/should be. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] XDM and systemd --user
On 09/28/2012 05:54 AM, Peter Lemenkov wrote: Hello All! 2012/9/28 Peeters Simon peeters.si...@gmail.com: Second question - I've lost all /etc/profile stuff which was set up somehow in the depths of Xorg-related script's swamp. I'd like to run it (as well as some other shell scripts) and borrow its envvars (at least for some applications) - is it possible? systemd currently does not parse /etc/profile (and never will?) you can work around by creating a shell script like this: cat EOF /bin/systemd-session #!/bin/bash -l exec /usr/bin/systemd --user $@ EOF and point your xdm-config to /bin/systemd-session (this lets bash start a 'login' shell, thus parsing /etc/profile. and exec's systemd afterwards) Thanks! Works like a charm. LightDM here, but I'm doing this with the Xsession script itself. ---8--- #!/bin/bash info() { printf Xsession: $*\n 2 } info hello! info running from -- $0 info sourcing profiles: for file in /etc/profile $HOME/.profile /etc/xprofile $HOME/.xprofile; do if [[ -f $file ]]; then info \t$file source $file fi done export DBUS_SESSION_BUS_ADDRESS=unix:path=$XDG_RUNTIME_DIR/dbus/user_bus_socket info exported DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS info goodbye! starting systemd exec systemd --user info error running systemd ---8--- This is actually $HOME/.Xsession. I have a more general system-wide /etc/lightdm/Xsession, for users not on systemd --user yet. The first thing it does is check for $HOME/.Xsession and exec it if available. Everything is done through systemd units except launching gnome-keyring-daemon which is done through pam and Xorg which is already launched by the display manager. Here's my /etc/pam.d/lightdm ---8--- #%PAM-1.0 auth requisite pam_nologin.so auth required pam_env.so auth required pam_unix.so auth optional pam_gnome_keyring.so account required pam_unix.so password required pam_unix.so session required pam_limits.so session required pam_unix.so session required pam_loginuid.so session required pam_systemd.so session optional pam_gnome_keyring.so auto_start ---8--- ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] XDM and systemd --user
On 09/28/2012 01:09 PM, Kok, Auke-jan H wrote: On Fri, Sep 28, 2012 at 11:58 AM, Mantas Mikulėnas graw...@gmail.com wrote: On Fri, Sep 28, 2012 at 9:47 PM, Kok, Auke-jan H auke-jan.h@intel.com wrote: On Fri, Sep 28, 2012 at 4:23 AM, Peeters Simon peeters.si...@gmail.com wrote: 2012/9/28 Peter Lemenkov lemen...@gmail.com: Hello All! Hello First question - is this a correct way to run systemd --user? I saw a user@.service script but it does requires root permission to run. this is afaik a correct way as long as a single user does not have multiple sessions. Second question - I've lost all /etc/profile stuff which was set up somehow in the depths of Xorg-related script's swamp. I'd like to run it (as well as some other shell scripts) and borrow its envvars (at least for some applications) - is it possible? systemd currently does not parse /etc/profile (and never will?) it shouldn't - you can't just parse it - you have to basically eval it in a full shell, and this is frankly out of fashion. Unfortunately, all other options (EnvironmentFile and pam_env) are just too limited – none of them support even plain nesting of variables (as in PATH=$HOME/bin:$PATH or XDG_CONFIG_HOME=$HOME/.config). I try to keep my ~/.environ clean of shell logic (http://git.io/S0M_Sg), but I still cannot see myself giving up `MAKEFLAGS=-j$(nproc)` or `source ~/.environ-$HOSTNAME`... Not to mention that many packages install /etc/profile.d/ scriptlets to set envvars the program depends on (JAVA_HOME, MOZ_PLUGIN_PATH, and even LANG – which has to be set from profile because getty@.service unsets it.) Two comments: 1) people should fix 'make' to just allow `-j` without an argument (seriously, dude ;^) ) 2) You can already do many of these things, and I've sent various patches to address the problem. The following should already work: user@.service: ... [Service] Environment=XDG_CONFIG_HOME=%h/.config Environment=SSH_AUTH_SOCKET=%t/ssh_auth_socket and even %H should now properly expand to $HOSTNAME, I just saw a patch fly in this week. I'm thinking that the settings you want to set should be read/executed when you open a terminal, but there's no need to set MAKEFLAGS for gnome-session... This is outdated and we should work on fixing this, instead of giving up and going back to the VW transporter and sniffing glue ;^) So, come help trying to resolve these issues with me! Auke I don't know if all of the profile config should be out of fashion, but it would at least help if EnvironmentFile supported unsetting vars. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] cryptsetup: add keyfile-offset= support
On 07/09/2012 10:51 AM, Lennart Poettering wrote: On Fri, 29.06.12 13:40, Tom Gundersen (t...@jklm.no) wrote: This is useful if your keyfile is a block device, and you want to use a specific part of it, such as an area between the MBR and the first partition. This feature is documented in the Arch wiki[0], and has been supported by the Arch initscripts, so would be nice to get this into systemd. Hmm, I am not opposed to merge this, but before I do: I am a bit puzzled what the usecase for this is -- why would you store the key like this? Kinda defeats the purpose of encryption, no? Lennart It's no different than storing your key as a file (on a USB key) except there's a little added obfuscation. Also, it's simpler (imo); you don't have to wait for a FS to be mounted when unlocking your dm-crypt device. signature.asc Description: OpenPGP digital signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] cryptsetup: support discards (TRIM)
From: Matthew Monaco matthew.mon...@0x01b.net --- src/cryptsetup/cryptsetup.c |6 ++ 1 file changed, 6 insertions(+) diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index 6d4e965..b26fcca 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -41,6 +41,7 @@ static char *opt_hash = NULL; static unsigned opt_tries = 0; static bool opt_readonly = false; static bool opt_verify = false; +static bool opt_discards = false; static usec_t opt_timeout = DEFAULT_TIMEOUT_USEC; /* Options Debian's crypttab knows we don't: @@ -98,6 +99,8 @@ static int parse_one_option(const char *option) { opt_readonly = true; else if (streq(option, verify)) opt_verify = true; +else if (streq(option, allow-discards)) +opt_discards = true; else if (streq(option, luks)) opt_type = CRYPT_LUKS1; else if (streq(option, plain) || @@ -314,6 +317,9 @@ int main(int argc, char *argv[]) { if (opt_readonly) flags |= CRYPT_ACTIVATE_READONLY; +if (opt_discards) +flags |= CRYPT_ACTIVATE_ALLOW_DISCARDS; + if (opt_timeout 0) until = now(CLOCK_MONOTONIC) + opt_timeout; else -- 1.7.10.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel