<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 30/01/15 09:49, Jan Janssen wrote:<br>
</div>
<blockquote cite="mid:loom.20150130T104202-99@post.gmane.org"
type="cite"><br>
<pre wrap="">
But really: why not use automounting logic in fstab?:
/dev/mapper/data /home/myuser/data ext4 noauto,x-systemd.automount 0 0
No need to manually trigger a mount. And you can even use "noauto" in
crypttab so that the encrypted device is only opened once the mount point is
accessed the first time.</pre>
</blockquote>
Thanks Jan. as it happens, I've just been trying automount as a
solution before I read your answer ;)<br>
<br>
But it leads me on to another question, if that's ok...<br>
<br>
I've set up an encrypted volume configured in crypttab/fstab with
key/header on a path that is automounted.<br>
That path is on a encrypted removable usb "keyring" that's inserted
at boot and everything works: the keyring is unlocked (passphrase
requested) and mounted and then the other volumes are unlocked using
their key/header on the keyring and mounted.<br>
<br>
However, after boot I want to pull out the keyring (it's only needed
for the key/header during systemd-cryptsetup).<br>
But when I do this, the encrypted volume is unmounted and I don't
want this to happen.<br>
<br>
Here's what I have in crypttab:<br>
<br>
<pre><code># <name> <device> <password> <options>
keyring PARTLABEL=keyring none noauto
abc /dev/lvm/abc /root/keyring/abc.key header=/root/keyring/abc.hdr
xyz /dev/lvm/xyz /root/keyring/xyz.key header=/root/keyring/xyz.hdr</code></pre>
<br>
and fstab:<br>
<br>
<pre><code> <file system> <dir> <type> <options>
/dev/mapper/keyring /root/keyring ext4 ro,noauto,x-systemd.automount
/dev/mapper/abc /srv/abc ext4
/dev/mapper/xyz /srv/xyz ext4</code></pre>
<br>
I don't want to lose abc and xyz when I pull out keyring.<br>
<br>
I think it might be due to the
"RequiresMountsFor=/root/keyring/abc.key" entries that systemd
generates in the cryptsetup unit.<br>
I have tried using a drop-in to cancel that option:<br>
<br>
[Unit]<br>
RequiresMountsFor=<br>
<br>
but that didn't affect the setting, as I verified with<br>
<br>
$ systemctl daemon-reload<br>
$ systemctl show systemd-cryptsetup\@abc --property
RequiresMountsFor<br>
RequiresMountsFor=/root/keyring/abc.key<br>
<br>
Do you know if/how I can achieve this functionality?<br>
<br>
Much appreciated,<br>
John<br>
<br>
<br>
</body>
</html>